工作流服务帐户不接受有效的服务帐户 ID
Valid service account id not being accepted for workflow service account
我正在尝试使用 https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/workflows_workflow terraform 资源部署工作流,但失败并出现错误:
Error: Error creating Workflow: googleapi: Error 400: request contains errors
Details:
[
{
"@type": "type.googleapis.com/google.rpc.BadRequest",
"fieldViolations": [
{
"description": "The referenced service account is not user-managed, please verify the correctness of the service account name",
"field": "workflow.service_account"
}
]
}
]
我可以从 运行 terraform plan 中看出这是我的工作流程的定义:
+ resource "google_workflows_workflow" "my_first_workflow" {
+ create_time = (known after apply)
+ description = "Magic"
+ id = (known after apply)
+ name = "myworkflow"
+ name_prefix = (known after apply)
+ project = "myproject"
+ region = "europe-west4"
+ revision_id = (known after apply)
+ service_account = "projects/myproject/serviceAccounts/service-account"
+ source_contents = <<-EOT
- postCallBigqueryStoredProcedure:
call: http.post
args:
url: https://bigquery.googleapis.com/bigquery/v2/projects/myproject/jobs
body: {
"configuration": {
"query": {
"query": "call mydataset.mystoredprocedure()"
}
}
}
EOT
+ state = (known after apply)
+ update_time = (known after apply)
}
错误消息抱怨服务帐户,但我确定此处命名的服务帐户:projects/myproject/serviceAccounts/service-account 有效且存在,所以我一无所知至于为什么我会收到此错误。谷歌搜索错误消息没有找到任何有用的信息。
有谁知道可能是什么问题?
您提到服务帐户有效且存在。当您引用它时,您是否包括完整的帐户名称,包括“@”后的详细信息,即。 7**********-compute@developer.gserviceaccount.com?
我能够通过使用不正确的名称或没有完整电子邮件地址的服务帐户名称来复制此行为。
您必须使用服务帐户的完整电子邮件地址。这是正确格式的示例。我目前正在使用 Terraform v0.14.7:
service_account = "projects/project_id/serviceAccounts/7**********-compute@developer.gserviceaccount.com"
我正在尝试使用 https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/workflows_workflow terraform 资源部署工作流,但失败并出现错误:
Error: Error creating Workflow: googleapi: Error 400: request contains errors
Details:
[
{
"@type": "type.googleapis.com/google.rpc.BadRequest",
"fieldViolations": [
{
"description": "The referenced service account is not user-managed, please verify the correctness of the service account name",
"field": "workflow.service_account"
}
]
}
]
我可以从 运行 terraform plan 中看出这是我的工作流程的定义:
+ resource "google_workflows_workflow" "my_first_workflow" {
+ create_time = (known after apply)
+ description = "Magic"
+ id = (known after apply)
+ name = "myworkflow"
+ name_prefix = (known after apply)
+ project = "myproject"
+ region = "europe-west4"
+ revision_id = (known after apply)
+ service_account = "projects/myproject/serviceAccounts/service-account"
+ source_contents = <<-EOT
- postCallBigqueryStoredProcedure:
call: http.post
args:
url: https://bigquery.googleapis.com/bigquery/v2/projects/myproject/jobs
body: {
"configuration": {
"query": {
"query": "call mydataset.mystoredprocedure()"
}
}
}
EOT
+ state = (known after apply)
+ update_time = (known after apply)
}
错误消息抱怨服务帐户,但我确定此处命名的服务帐户:projects/myproject/serviceAccounts/service-account 有效且存在,所以我一无所知至于为什么我会收到此错误。谷歌搜索错误消息没有找到任何有用的信息。
有谁知道可能是什么问题?
您提到服务帐户有效且存在。当您引用它时,您是否包括完整的帐户名称,包括“@”后的详细信息,即。 7**********-compute@developer.gserviceaccount.com?
我能够通过使用不正确的名称或没有完整电子邮件地址的服务帐户名称来复制此行为。
您必须使用服务帐户的完整电子邮件地址。这是正确格式的示例。我目前正在使用 Terraform v0.14.7:
service_account = "projects/project_id/serviceAccounts/7**********-compute@developer.gserviceaccount.com"