服务帐户身份验证问题

时间:2017-12-02 20:39:27

标签: google-cloud-platform google-cloud-storage

尝试在存储桶中列出或存储对象时,我使用Google的PHP SDK收到403错误(所有操作都是真的)。​​

Google\Cloud\Core\Exception\ServiceException: {
  "error": {
    "errors": [ {
      "domain": "global",
      "reason": "forbidden",
      "message": "my-service-account@example-project-id.iam.gserviceaccount.com does not have storage.objects.list access to storage."
    } ],
    "code": 403,
    "message": "my-service-account@example-project-id.iam.gserviceaccount.com does not have storage.objects.list access to storage."
  }
}

我已经设置了一个服务帐户,为其赋予了StorageObjectAdmin角色,该角色包含以下权限:

resourcemanager.projects.get
resourcemanager.projects.list
storage.objects.create
storage.objects.delete
storage.objects.get
storage.objects.getIamPolicy
storage.objects.list
storage.objects.setIamPolicy
storage.objects.update

我已下载服务帐户的JSON密钥文件,并在创建PHP客户端时使用。不过,当我对任何操作发出请求时,我都会收到403 Forbidden错误。

我应该在哪里解决这个问题?

0 个答案:

没有答案