[英]How to recover GCP project service account
I ignorantly deleted the service account to my GCP project rather than the service account to Google Calendar API and Dialogflow service account.我无知地删除了我的 GCP 项目的服务帐户,而不是 Google 日历 API 和 Dialogflow 服务帐户的服务帐户。
I'm now having issues trying to deploy my dialogflow agent through the inline code editor to Cloud Functions.我现在在尝试通过内联代码编辑器将我的对话流代理部署到 Cloud Functions 时遇到问题。 When I check the logs, I get this message:
当我检查日志时,我收到以下消息:
2020-07-30 15:48:40.350 WAT
Dialogflow API
CreateCloudFunction
us-central1
bashorun.emma@gmail.com
userFacingMessage:
Default service account 'northern-timer-231210@appspot.gserviceaccount.com' doesn't exist.
Please recreate this account (for example by disabling and enabling the Cloud Functions API),
or specify a different account.;
com.google.cloud.eventprocessing.manager.api.error.DefaultServiceAccountDoesNotExistException: userFacingMessage:
Default service account 'northern-timer-231210@appspot.gserviceaccount.com' doesn't exist. Please recreate this account (for example by disabling and enabling the Cloud Functions API), or specify a different account.; Code: FAILED_PRECONDITION com.google.apps.framework.request.StatusException: <eye3 title='FAILED_PRECONDITION'/> generic::FAILED_PRECONDITION: userFacingMessage:
Default service account 'northern-timer-231210@appspot.gserviceaccount.com' doesn't exist.
Please recreate this account (for example by disabling and enabling the Cloud Functions API), or specify a different account.; com.google.cloud.eventprocessing.manager.api.error.DefaultServiceAccountDoesNotExistException: userFacingMessage:
Default service account 'northern-timer-231210@appspot.gserviceaccount.com' doesn't exist. Please recreate this account (for example by disabling and enabling the Cloud Functions API), or specify a different account.; Code: FAILED_PRECONDITION
Is it possible to retrieve back the service account or am I getting these errors as a result of a different problem?是否可以取回服务帐户,或者我是否由于其他问题而收到这些错误?
After a service account is deleted, you can recover it between 30 days after its deletion.服务帐号被删除后,您可以在删除后的 30 天内将其恢复。
To do it, you can run the following command from cloud shell:为此,您可以从云 shell 运行以下命令:
gcloud beta iam service-accounts undelete ACCOUNT_ID gcloud beta iam 服务帐户取消删除 ACCOUNT_ID
The account ID can be taken from stackdriver logging with the following filter可以使用以下过滤器从堆栈驱动程序日志记录中获取帐户 ID
resource.type="service_account" resource.labels.email_id="service-account-name" "DeleteServiceAccount" resource.type="service_account" resource.labels.email_id="service-account-name" "DeleteServiceAccount"
Hope this helps to recover your service account.希望这有助于恢复您的服务帐户。
You can undelete service accounts.您可以取消删除服务帐户。 You will need the service account's unique ID.
您将需要服务帐号的唯一 ID。 If you don't have it, you can find it on Google Cloud Logging.
如果您没有,可以在 Google Cloud Logging 上找到它。
You can find Logging
service here on the side menu:您可以在侧边菜单中找到
Logging
服务:
Then you will need to filter by date and type service account
to find the exact moment the service was deleted.然后,您将需要按日期过滤并键入
service account
以查找服务被删除的确切时间。
Then you can either然后你可以
You can run the command line by installing it on your computer ( https://cloud.google.com/sdk/docs/install ).您可以通过在计算机上安装命令行来运行它( https://cloud.google.com/sdk/docs/install )。 Or you can run it online using the
Active Shell
offered by Google Cloud Platform.或者您可以使用 Google Cloud Platform 提供的
Active Shell
在线运行它。
The command you want to run is the following.您要运行的命令如下。
gcloud beta iam service-accounts undelete 12345678901234567890
Using curl
, call the API with the following command.使用
curl
,使用以下命令调用 API。
You will need to change API_KEY
, PROJECT_ID
and SERVICE_ACCOUNT_UID
for real values.您需要将
API_KEY
、 PROJECT_ID
和SERVICE_ACCOUNT_UID
更改为实际值。
curl -X POST \
-H "Authorization: Bearer API_KEY \
-H "Content-Type: application/json; charset=utf-8" \
-d "" \
"https://iam.googleapis.com/v1/projects/PROJECT_ID/serviceAccounts/SERVICE_ACCOUNT_UID:undelete"
You can get the API_KEY from Google Cloud Command Line:您可以从 Google Cloud 命令行获取 API_KEY:
gcloud auth application-default print-access-token
Again you can either have gcloud
installed on your local machine or you can use it online with the Active Shell
.同样,您可以在本地计算机上安装
gcloud
,也可以通过Active Shell
在线使用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.