Google 项目所有者帐户的 Pub Sub "Permission Denied"
Google Pub Sub "Permission Denied" for project owner account
我一直在尝试使用快速入门指南让 Google Pub/Sub Java 库正常工作。 None 他们中的人按照书面的方式工作,至少对我来说不是。我正在使用 IntelliJ、Maven 框架、OSX、Java 8.
取this example。我遵循了所有步骤:以项目所有者的身份创建了一个服务帐户,安装了 Gcloud SDK,设置了我的 GOOGLE_APPLICATIONS_CREDENTIALS envvar,然后发现命令行中的一切都很正常:我可以创建主题、发布消息,无论我做什么通缉
然后当我尝试 运行 示例代码时:
import com.google.api.gax.rpc.ApiException;
import com.google.cloud.ServiceOptions;
import com.google.cloud.pubsub.v1.TopicAdminClient;
import com.google.pubsub.v1.ProjectTopicName;
public class CreateTopicExample {
/**
* Create a topic.
*
* @param args topicId
* @throws Exception exception thrown if operation is unsuccessful
*/
public static void main(String... args) throws Exception {
// Your Google Cloud Platform project ID
String projectId = ServiceOptions.getDefaultProjectId();
// Your topic ID, eg. "my-topic"
String topicId = args[0];
// Create a new topic
ProjectTopicName topic = ProjectTopicName.of(projectId, topicId);
try (TopicAdminClient topicAdminClient = TopicAdminClient.create()) {
topicAdminClient.createTopic(topic);
} catch (ApiException e) {
// example : code = ALREADY_EXISTS(409) implies topic already exists
System.out.print(e.getStatusCode().getCode());
System.out.print(e.isRetryable());
}
System.out.printf("Topic %s:%s created.\n", topic.getProject(), topic.getTopic());
}
}
它抛出 ApiException PERMISSION_DENIED。完整的堆栈跟踪:
com.google.api.gax.rpc.PermissionDeniedException: io.grpc.StatusRuntimeException: PERMISSION_DENIED: User not authorized to perform this action.
at com.google.api.gax.rpc.ApiExceptionFactory.createException(ApiExceptionFactory.java:55)
at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:72)
at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:60)
at com.google.api.gax.grpc.GrpcExceptionCallable$ExceptionTransformingFuture.onFailure(GrpcExceptionCallable.java:95)
at com.google.api.core.ApiFutures.onFailure(ApiFutures.java:61)
at com.google.common.util.concurrent.Futures.run(Futures.java:1123)
at com.google.common.util.concurrent.MoreExecutors$DirectExecutor.execute(MoreExecutors.java:435)
at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:900)
at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:811)
at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:675)
at io.grpc.stub.ClientCalls$GrpcFuture.setException(ClientCalls.java:492)
at io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:467)
at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:41)
at io.grpc.internal.CensusStatsModule$StatsClientInterceptor.onClose(CensusStatsModule.java:684)
at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:41)
at io.grpc.internal.CensusTracingModule$TracingClientInterceptor.onClose(CensusTracingModule.java:391)
at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:475)
at io.grpc.internal.ClientCallImpl.access0(ClientCallImpl.java:63)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.close(ClientCallImpl.java:557)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.access0(ClientCallImpl.java:478)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImplStreamClosed.runInContext(ClientCallImpl.java:590)
at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37)
at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access1(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: io.grpc.StatusRuntimeException: PERMISSION_DENIED: User not authorized to perform this action.
at io.grpc.Status.asRuntimeException(Status.java:526)
... 19 more
调试器告诉我 projectId 已设置为该服务帐户的正确默认项目,因此服务帐户已连接。而且,正如我所说,我从控制台验证了该服务帐户的权限实际上设置为 Project:Owner。那么...为什么权限被拒绝?
提前感谢您代表我阅读粗糙的堆栈跟踪。
既然你是 运行 gcloud 没问题这一定是 IntelliJ 的问题。您应该检查是否需要通过 shell 启动 IntelliJ(如 this article) or set the GOOGLE_APPLICATIONS_CREDENTIALS variable in IntelliJ as described here.
中所述
我一直在尝试使用快速入门指南让 Google Pub/Sub Java 库正常工作。 None 他们中的人按照书面的方式工作,至少对我来说不是。我正在使用 IntelliJ、Maven 框架、OSX、Java 8.
取this example。我遵循了所有步骤:以项目所有者的身份创建了一个服务帐户,安装了 Gcloud SDK,设置了我的 GOOGLE_APPLICATIONS_CREDENTIALS envvar,然后发现命令行中的一切都很正常:我可以创建主题、发布消息,无论我做什么通缉
然后当我尝试 运行 示例代码时:
import com.google.api.gax.rpc.ApiException;
import com.google.cloud.ServiceOptions;
import com.google.cloud.pubsub.v1.TopicAdminClient;
import com.google.pubsub.v1.ProjectTopicName;
public class CreateTopicExample {
/**
* Create a topic.
*
* @param args topicId
* @throws Exception exception thrown if operation is unsuccessful
*/
public static void main(String... args) throws Exception {
// Your Google Cloud Platform project ID
String projectId = ServiceOptions.getDefaultProjectId();
// Your topic ID, eg. "my-topic"
String topicId = args[0];
// Create a new topic
ProjectTopicName topic = ProjectTopicName.of(projectId, topicId);
try (TopicAdminClient topicAdminClient = TopicAdminClient.create()) {
topicAdminClient.createTopic(topic);
} catch (ApiException e) {
// example : code = ALREADY_EXISTS(409) implies topic already exists
System.out.print(e.getStatusCode().getCode());
System.out.print(e.isRetryable());
}
System.out.printf("Topic %s:%s created.\n", topic.getProject(), topic.getTopic());
}
}
它抛出 ApiException PERMISSION_DENIED。完整的堆栈跟踪:
com.google.api.gax.rpc.PermissionDeniedException: io.grpc.StatusRuntimeException: PERMISSION_DENIED: User not authorized to perform this action.
at com.google.api.gax.rpc.ApiExceptionFactory.createException(ApiExceptionFactory.java:55)
at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:72)
at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:60)
at com.google.api.gax.grpc.GrpcExceptionCallable$ExceptionTransformingFuture.onFailure(GrpcExceptionCallable.java:95)
at com.google.api.core.ApiFutures.onFailure(ApiFutures.java:61)
at com.google.common.util.concurrent.Futures.run(Futures.java:1123)
at com.google.common.util.concurrent.MoreExecutors$DirectExecutor.execute(MoreExecutors.java:435)
at com.google.common.util.concurrent.AbstractFuture.executeListener(AbstractFuture.java:900)
at com.google.common.util.concurrent.AbstractFuture.complete(AbstractFuture.java:811)
at com.google.common.util.concurrent.AbstractFuture.setException(AbstractFuture.java:675)
at io.grpc.stub.ClientCalls$GrpcFuture.setException(ClientCalls.java:492)
at io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:467)
at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:41)
at io.grpc.internal.CensusStatsModule$StatsClientInterceptor.onClose(CensusStatsModule.java:684)
at io.grpc.ForwardingClientCallListener.onClose(ForwardingClientCallListener.java:41)
at io.grpc.internal.CensusTracingModule$TracingClientInterceptor.onClose(CensusTracingModule.java:391)
at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:475)
at io.grpc.internal.ClientCallImpl.access0(ClientCallImpl.java:63)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.close(ClientCallImpl.java:557)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.access0(ClientCallImpl.java:478)
at io.grpc.internal.ClientCallImpl$ClientStreamListenerImplStreamClosed.runInContext(ClientCallImpl.java:590)
at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37)
at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access1(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: io.grpc.StatusRuntimeException: PERMISSION_DENIED: User not authorized to perform this action.
at io.grpc.Status.asRuntimeException(Status.java:526)
... 19 more
调试器告诉我 projectId 已设置为该服务帐户的正确默认项目,因此服务帐户已连接。而且,正如我所说,我从控制台验证了该服务帐户的权限实际上设置为 Project:Owner。那么...为什么权限被拒绝?
提前感谢您代表我阅读粗糙的堆栈跟踪。
既然你是 运行 gcloud 没问题这一定是 IntelliJ 的问题。您应该检查是否需要通过 shell 启动 IntelliJ(如 this article) or set the GOOGLE_APPLICATIONS_CREDENTIALS variable in IntelliJ as described here.
中所述