如何将 GCP IAM 角色添加到服务帐号
[英]How to add GCP IAM roles to Service Account
问题描述
I am trying to create a docker swarm node on a VM instance on GCP using docker-machine .
我正在尝试使用docker-machine在 GCP 上的 VM 实例上创建一个 docker swarm 节点。
docker-machine create swarm-node -d google --google-machine-type e2-standard-2 --google-zone europe-north1-a --google-project myproject-name
I use a GCP Service Account in localhost docker-machine CLI.我在 localhost docker-machine CLI 中使用 GCP 服务帐户。
export GOOGLE_APPLICATION_CREDENTIALS="/home/my-name-here/.gcp/path-to-my-service-account-keyfile.json"
But I got this error:但我收到了这个错误:
Error with pre-create check: "Project with ID \"myproject-name\" not found. googleapi: Error 403: Required 'compute.projects.get' permission for 'projects/myproject-name', forbidden"
How can I add compute.projects.get GCP IAM access to the GCP Service Account?如何将compute.projects.get GCP IAM 访问权限添加到 GCP 服务帐户?
1 个解决方案
解决方案1
2 2020-08-28 13:39:41
Finally I figured out, as explained at: https://cloud.google.com/iam/docs/granting-changing-revoking-access最后我想通了,如解释: https : //cloud.google.com/iam/docs/granting-changed-revoking-access
- In the Cloud Console, go to the IAM page在 Cloud Console 中,转到 IAM 页面
- Click Add.单击添加。
- Enter the service-account email address (displayed in service-account dashboard).输入服务帐户电子邮件地址(显示在服务帐户仪表板中)。
- Select a role, in this case
Compute Admin选择一个角色,在本例中为Compute Admin - Click Save.单击保存。
Et voilà等等
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.