[英]How to link a google cloud vm to an instance schedule?
I want to run my google cloud server everyday on specific times.我想每天在特定时间运行我的谷歌云服务器。 I set up an instance schedule for that but when i try to link my vm to the schedule it gives me the following error:
我为此设置了一个实例计划,但是当我尝试将我的虚拟机链接到计划时,它会给我以下错误:
Compute Engine System service account service-390738840624@compute-system.iam.gserviceaccount.com needs to have [compute.instances.start] permissions applied in order to perform this operation.
Does anyone know how to solve this?有谁知道如何解决这个问题?
The service account service-390738840624@compute-system.iam.gserviceaccount.com does not have a role with the permission compute.instances.start .服务帐户service-390738840624@compute-system.iam.gserviceaccount.com没有具有compute.instances.start权限的角色。
The following IAM roles have the required permission:以下 IAM 角色具有所需的权限:
The following command will add the first role to the service account:以下命令将第一个角色添加到服务帐户:
Replace $PROJECT_ID with your Project ID (not the project name).将 $PROJECT_ID 替换为您的项目 ID(而不是项目名称)。
gcloud projects add-iam-policy-binding $PROJECT_ID \
--member serviceAccount:service-390738840624@compute-system.iam.gserviceaccount.com \
--role roles/compute.instanceAdmin
Your account for which you are running the command, must have the privilege to grant/modify IAM roles on a service account.您为其运行命令的帐户必须有权授予/修改服务帐户上的 IAM 角色。 If you do not have the correct permissions, you will need to ask the Project Owner or Editor to perform this for you.
如果您没有正确的权限,则需要请项目所有者或编辑为您执行此操作。
The CLI answer works but in case you dont use terminal here are the steps directly on the platform: CLI 答案有效,但如果您不使用终端,这里是直接在平台上执行的步骤:
this fixed my issue这解决了我的问题
In order to complete the task, GCP is asking you to give the service account “service-390738840624@compute-system.iam.gserviceaccount.com” access to use “compute.instances.start” but the service account doesn't have the right permissions to execute the task.为了完成任务,GCP 要求您授予服务帐户“service-390738840624@compute-system.iam.gserviceaccount.com”访问权限以使用“compute.instances.start” ,但服务帐户没有执行任务的正确权限。
When you set up an instance to run as a service account, you determine the level of access the service account has by the IAM roles that you grant to the service account.
当您设置一个实例作为服务账户运行时,您可以通过您授予服务账户的 IAM 角色来确定服务账户的访问级别。 If the service account has no IAM roles, then no API methods can be run by the service account on that instance.
如果服务账户没有 IAM 角色,则服务账户无法在该实例上运行任何 API 方法。
To grant, change, and revoke access to a single service account, please refer to this guide .要授予、更改和撤销对单个服务帐户的访问权限,请参阅本指南。
Be aware that to manage access to a service account, you need a role that includes the following permissions:请注意,要管理对服务帐户的访问,您需要一个包含以下权限的角色:
If you want to know which are the permission included in your account, please refer to this guide .如果您想知道您的帐户中包含哪些权限,请参阅本指南。
If you don't have the appropriate access to grant permissions, please refer to your system administrator.如果您没有适当的权限来授予权限,请咨询您的系统管理员。
To know more about compute engine roles and permissions, please follow this link .要了解有关计算引擎角色和权限的更多信息,请点击此链接。
If you wish to know more about services accounts, please follow this link .如果您想了解有关服务帐户的更多信息,请 点击此链接。
To know more about the process of scheduling compute instances with Google Scheduler, please follow this link .要了解有关使用 Google Scheduler 安排计算实例的过程的更多信息,请点击此链接。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.