在使用Google Cloud Dataproc创建群集时,请求的身份验证范围不足[403]

时间:2016-03-03 00:22:09

标签: c# google-bigquery google-cloud-platform google-cloud-dataproc

在Google Cloud Platform中启用了DataProc API。我使用的是用于访问GCS和Big查询的相同密钥,以便按this example创建新的群集。我在下一行收到Request had insufficient authentication scopes错误。

 Operation createOperation =
            service.Projects.Regions.Clusters.Create(newCluster, project, dataprocGlobalRegion).Execute();

我的完整代码:

public static class DataProcClient
  {
    public static void Test()
    {
      string project = ConfigurationManager.AppSettings["Google.ProjectName"]; ;
      string dataprocGlobalRegion = "global";
      string zone = "us-east1-b";
      string machineType = "n1-standard-4";
      string clusterName = "sample-cluster";
      int numWorkers = 2;

        String serviceAccountEmail= ConfigurationManager.AppSettings["Google.ServiceAccountEmail"];
        String certificateFile = ConfigurationManager.AppSettings["KeyDirectory"] + ConfigurationManager.AppSettings["Google.CertificateFile"];
        X509Certificate2 certificate = new X509Certificate2(certificateFile, "notasecret", X509KeyStorageFlags.Exportable);

        ServiceAccountCredential credential = new ServiceAccountCredential(
                new ServiceAccountCredential.Initializer(serviceAccountEmail)
                {
                  Scopes = new[] { StorageService.Scope.DevstorageFullControl }
                }.FromCertificate(certificate));

        DataprocService service = new DataprocService(
            new BaseClientService.Initializer()
            {
              HttpClientInitializer = credential,
              ApplicationName = "Dataproc Sample",
            });

        // Create a new cluster:
        Cluster newCluster = new Cluster
        {
          ClusterName = clusterName,
          Config = new ClusterConfig
          {
            GceClusterConfig = new GceClusterConfig
            {
              ZoneUri = String.Format(
                  "https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}",
                  project, zone),
            },
            MasterConfig = new InstanceGroupConfig
            {
              NumInstances = 1,
              MachineTypeUri = String.Format(
                  "https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2}",
                  project, zone, machineType),
            },
            WorkerConfig = new InstanceGroupConfig
            {
              NumInstances = numWorkers,
              MachineTypeUri = String.Format(
                  "https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2}",
                  project, zone, machineType),
            },
          },
        };

        Operation createOperation =
            service.Projects.Regions.Clusters.Create(newCluster, project, dataprocGlobalRegion).Execute();
        // Poll the operation:
        while (!IsDone(createOperation))
        {
          Console.WriteLine("Polling operation {0}", createOperation.Name);
          createOperation =
              service.Projects.Regions.Operations.Get(createOperation.Name).Execute();
          Thread.Sleep(1000);
        }
    }
    static bool IsDone(Operation op)
    {
      return op.Done ?? false;
    }
  }

1 个答案:

答案 0 :(得分:1)

创建ServiceAccountCredential时,请更改:

new[] { StorageService.Scope.DevstorageFullControl }

为:

new[] { DataprocService.Scope.CloudPlatform }
相关问题
最新问题