无法在Google Cloud中创建存储桶

时间:2019-10-18 22:44:34

标签: python google-cloud-platform google-cloud-storage gcloud

我想用Python在Google云中创建存储桶。

我的服务帐户密钥具有以下格式:

{
  "type": "service_account",
  "project_id": "project-15891817892",
  "private_key_id": "89347sdjlf56khk",
  "private_key": "-----BEGIN PRIVATE KEY-----\nabcdefghi==\n-----END PRIVATE KEY-----\n",
  "client_email": "starting-account-dslkfjal983475sd@project-15891817892.iam.gserviceaccount.com",
  "client_id": "729387492879034579812",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/starting-account-dslkfjal983475sd%40project-15891817892.iam.gserviceaccount.com"
}

我添加了以下角色:

Actions Admin
AutoML Admin
Bigtable Administrator
Cloud Data Fusion Admin
Service Account Admin
Owner
Cloud Run Admin
Service Broker Admin
Service Usage Admin
Storage Admin
Storage HMAC Key Admin
Storage Object Admin
Storage Object Creator
Storage Transfer Admi

这是python代码:

from google.cloud import storage
import os
os.environ["GOOGLE_APPLICATION_CREDENTIALS"] = r'C:\project-934875sddklf32.json'
storage_client = storage.Client()
bucket_name = 'data'
bucket = storage_client.create_bucket(bucket_name)

但是,我收到以下错误:

Traceback (most recent call last):
  File "<pyshell#29>", line 1, in <module>
    list_buckets()
  File "C:\gcloud\test.py", line 109, in list_buckets
    for bucket in buckets:
  File "C:\Program Files\Python37\lib\site-packages\google\api_core\page_iterator.py", line 204, in _items_iter
    for page in self._page_iter(increment=False):
  File "C:\Program Files\Python37\lib\site-packages\google\api_core\page_iterator.py", line 235, in _page_iter
    page = self._next_page()
  File "C:\Program Files\Python37\lib\site-packages\google\api_core\page_iterator.py", line 361, in _next_page
    response = self._get_next_page_response()
  File "C:\Program Files\Python37\lib\site-packages\google\api_core\page_iterator.py", line 411, in _get_next_page_response
    method=self._HTTP_METHOD, path=self.path, query_params=params
  File "C:\Program Files\Python37\lib\site-packages\google\cloud\_http.py", line 393, in api_request
    raise exceptions.from_http_response(response)
google.api_core.exceptions.Forbidden: 403 GET https://www.googleapis.com/storage/v1/b?project-89324y9sdhfks&projection=noAcl: starting-account-934875dlkjfls@project-jsdlkjf9ulsj.iam.gserviceaccount.com does not have storage.buckets.list access to project 2093472972.

为什么会出现此错误以及如何解决?

1 个答案:

答案 0 :(得分:1)

查看您的错误消息

  

google.api_core.exceptions.Forbidden:403 GET https://www.googleapis.com/storage/v1/b?project-89324y9sdhfks&projection=noAcl:starting-account-934875dlkjfls@project-jsdlkjf9ulsj.iam.gserviceaccount.com没有对项目2093472972的storage.buckets.list访问权限。

记下项目名称:

  

https://www.googleapis.com/storage/v1/b?project-89324y9sdhfks&

它与您的服务帐户密钥文件不同:project-15891817892

您的问题如下:在您的环境(云外壳(经过测试)或您的计算机)中,您具有gcloud SDK中定义的默认项目。您可以使用以下命令查看它:gcloud config list

您有2种解决方案来解决此问题:

  • 创建客户端时,添加项目名称
storage_client = storage.Client('<your project id>')
  • 运行脚本时,请确保gcloud SDK未定义默认项目,请运行以下命令:
gcloud config unset project

您当前的代码可在空白环境(例如docker容器)中工作,但不适用于具有预定义默认项目的开发环境

更新

在GCP的所有客户中,存储桶名称必须是全局唯一的。 data存储桶名称太常见了。尝试使用命名约定或通过添加projectId作为前缀的独特方法。

相关问题
最新问题