部署 Gen2 云时出现权限被拒绝错误 Function
[英]Permission Denied Error while deploying Gen2 Cloud Function
问题描述
We have developed a cloud function based on given requirements and did initial verification with 1st Gen and it went fine.
我们根据给定的要求开发了一个云 function,并用第一代进行了初步验证,结果很好。 But there were few modifications required which required additional processing time.但是需要额外处理时间的修改很少。 Hence we had to switch to --gen2因此我们不得不切换到 --gen2
Below is gcloud function deploy command.下面是 gcloud function 部署命令。
gcloud functions deploy gen2-function \
--entry-point gen2 --runtime python37 --trigger-http --allow-unauthenticated \
--service-account=<> --region=<> --project=<> --timeout=3600s --gen2
This command deploys the function and internally cloud run service successfully, but it fails in the end with below error此命令部署 function 和内部云运行服务成功,但最终失败并出现以下错误
[INFO] A new revision will be deployed serving with 100% traffic.
ERROR: (gcloud.functions.deploy) PERMISSION_DENIED: Permission 'run.services.setIamPolicy' denied on resource 'projects/<project>/locations/<region>/services/gen2-function' (or resource may not exist).
When we checked on cloud run, service name "gen2-function" does exist.当我们检查云运行时,服务名称“gen2-function”确实存在。
Can someone guide on this?有人可以指导吗?
1 个解决方案
解决方案1
1 2022-08-11 06:49:08
The account deploying the function is missing the permission run.services.setIamPolicy .部署 function 的账户缺少run.services.setIamPolicy权限。 That permission is required to specify the command argument --allow-unauthenticated .指定命令参数--allow-unauthenticated需要该权限。
That permission is in the role roles/run.admin .该权限位于角色roles/run.admin中。
Refer to this documentation on how to add a role to the account:有关如何将角色添加到帐户的信息,请参阅此文档:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.