通过使用 GCP 计算服务器上的 GCE 元数据服务器的服务帐户使用驱动器 API
[英]Use Drive API through a service account using GCE Metadata server at GCP Compute server
问题描述
Have been successfully accessing files through the Drive API using a service account with access to those Drive files, by using the regular authentication with the.json credentials.
已通过使用具有访问这些驱动器文件的服务帐户的服务帐户通过驱动器 API 成功访问文件,通过使用具有.json 凭据的常规身份验证。
Now, we want to remove the usage of.json credentials and rely on the GCE Metadata server, as per described here https://github.com/googleapis/google-api-nodejs-client#:~:text=When%20running%20in%20GCP%2C%20service%20authorize%20is%20automatically%20provided%20via%20the%20GCE%20Metadata%20server .现在,我们要删除 .json 凭据的使用并依赖 GCE 元数据服务器,如此处所述https://github.com/googleapis/google-api-nodejs-client#:~:text=When%20running %20in%20GCP%2C%20service%20authorize%20is%20automatically%20provided%20via%20the%20GCE%20Metadata%20server 。 But I keep getting an Insufficient Permission: Request had insufficient authentication scopes.但我不断得到一个Insufficient Permission: Request had insufficient authentication scopes. error, even though I'm setting the scopes the same way I was doing with the.json credentials, where the requests were successful.错误,即使我设置范围的方式与使用 .json 凭据的方式相同,其中请求成功。
Is it possible to access the Drive API using GCE Metadata tokens?是否可以使用 GCE 元数据令牌访问驱动器 API?
1 个解决方案
解决方案1
1 2021-11-29 06:12:53
To access Drive, 2 conditions must be met:要访问云端硬盘,必须满足 2 个条件:
- The service account must be granted access to Drive必须向服务帐号授予对云端硬盘的访问权限
- The VM must have been created with
--scopes https://www.googleapis.com/auth/drive必须使用--scopes https://www.googleapis.com/auth/drive创建 VM
I suspect you've missed (2).我怀疑你错过了(2)。 Note that Allow full access to all Cloud APIs doesn't include Drive since Drive isn't a Google Cloud API.请注意,允许完全访问所有 Cloud API不包括 Drive,因为 Drive 不是 Google Cloud API。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.