PERMISSION_DENIED:调用者没有权限
PERMISSION_DENIED: The caller does not have permission
我正在尝试使用服务帐户和密钥文件调用预算 API,但出现此错误:
PERMISSION_DENIED: The caller does not have permission
我的代码
async function listBillingAccounts() {
const [account] = await client.getBillingAccount({ name: `billingAccounts/${BILLING_ACCOUNT_ID}` });
console.info({ account });
}
listBillingAccounts();
我的 CLI 设置
gcloud config set project my-project-id
Their Docs中提到的环境变量:
Key
Value
GOOGLE_APPLICATION_CREDENTIALS
path\to\gcp-credentials.json
GCP_PROJECT
my-project-id
服务帐户设置
当我转到 https://console.cloud.google.com/iam-admin/iam?project=my-project-id 时,它会在 table 中显示服务帐户:
Member
Name
Role
Inheritance
owner-75@my-project-id.iam.gserviceaccount.com
owner
Owner
my-project-id
我不知道下一步该做什么。
项目的 owner 角色未授予您查看结算帐户信息的必要权限。
根据API documentation他们描述getBillingAccount操作时:
Gets information about a billing account. The current authenticated user must be a viewer of the billing account.
您可以在组织或计费帐户级别授予计费帐户查看者权限。请参阅相关 docs.
我正在尝试使用服务帐户和密钥文件调用预算 API,但出现此错误:
PERMISSION_DENIED: The caller does not have permission
我的代码
async function listBillingAccounts() {
const [account] = await client.getBillingAccount({ name: `billingAccounts/${BILLING_ACCOUNT_ID}` });
console.info({ account });
}
listBillingAccounts();
我的 CLI 设置
gcloud config set project my-project-id
Their Docs中提到的环境变量:
| Key | Value |
|---|---|
| GOOGLE_APPLICATION_CREDENTIALS | path\to\gcp-credentials.json |
| GCP_PROJECT | my-project-id |
服务帐户设置
当我转到 https://console.cloud.google.com/iam-admin/iam?project=my-project-id 时,它会在 table 中显示服务帐户:
| Member | Name | Role | Inheritance |
|---|---|---|---|
| owner-75@my-project-id.iam.gserviceaccount.com | owner | Owner | my-project-id |
我不知道下一步该做什么。
项目的 owner 角色未授予您查看结算帐户信息的必要权限。
根据API documentation他们描述getBillingAccount操作时:
Gets information about a billing account. The current authenticated user must be a viewer of the billing account.
您可以在组织或计费帐户级别授予计费帐户查看者权限。请参阅相关 docs.