(Terraform,GCP)创建服务帐户时出错:googleapi:错误 403:需要 iam.serviceAccounts.create 权限才能在
(Terraform, GCP) Error creating service account: googleapi: Error 403: Permission iam.serviceAccounts.create is required to perform this operation on
在 GCP 上,我正在尝试使用此 Terraform 创建 服务帐户代码如下:
provider "google" {
credentials = file("myCredentials.json")
project = "myproject-173831"
region = "asia-northeast1"
}
resource "google_service_account" "service_account" {
display_name = "My Service Account"
account_id = "my-service-account"
}
但我收到以下错误:
Error creating service account: googleapi: Error 403: Permission
iam.serviceAccounts.create is required to perform this operation on
project projects/myproject-173831., forbidden
所以现在,我正在尝试添加一个角色来解决上面的这个错误,但是角色太多无法选择:
我需要选择什么角色?
您需要选择角色“创建服务帐户”来创建服务帐户:
此外,您可以选择角色“删除服务帐户”来删除服务帐户:
否则,您将无法删除服务帐户,您将收到以下错误消息:
Error 403: Permission iam.serviceAccounts.delete is required to
perform this operation on service account
projects/myproject-173831/serviceAccounts/my-service-account@myproject-173831.iam.gserviceaccount.com.,
forbidden
最后,如果您想创建和删除具有一个角色的服务帐户,您可以选择更抽象的角色“服务帐户管理员”[=32] =]:
在 GCP 上,我正在尝试使用此 Terraform 创建 服务帐户代码如下:
provider "google" {
credentials = file("myCredentials.json")
project = "myproject-173831"
region = "asia-northeast1"
}
resource "google_service_account" "service_account" {
display_name = "My Service Account"
account_id = "my-service-account"
}
但我收到以下错误:
Error creating service account: googleapi: Error 403: Permission iam.serviceAccounts.create is required to perform this operation on project projects/myproject-173831., forbidden
所以现在,我正在尝试添加一个角色来解决上面的这个错误,但是角色太多无法选择:
我需要选择什么角色?
您需要选择角色“创建服务帐户”来创建服务帐户:
此外,您可以选择角色“删除服务帐户”来删除服务帐户:
否则,您将无法删除服务帐户,您将收到以下错误消息:
Error 403: Permission iam.serviceAccounts.delete is required to perform this operation on service account projects/myproject-173831/serviceAccounts/my-service-account@myproject-173831.iam.gserviceaccount.com., forbidden
最后,如果您想创建和删除具有一个角色的服务帐户,您可以选择更抽象的角色“服务帐户管理员”[=32] =]: