[英]Why do I require serviceusage.services.use in order to list BigQuery datasets?
I attempted to get a list of BigQuery datasets in a project using this command:我尝试使用以下命令获取项目中的 BigQuery 数据集列表:
gcloud alpha bq datasets list --project my-project
and it failed with error:它失败并出现错误:
ERROR: (gcloud.alpha.bq.datasets.list) User [me@mydomain.com] does not have permission to access projects instance [my-project] (or it may not exist): Caller does not have required permission to use project my-project.错误:(gcloud.alpha.bq.datasets.list)用户[me@mydomain.com]无权访问项目实例[my-project](或它可能不存在):调用者没有使用所需的权限项目我的项目。 Grant the caller the roles/serviceusage.serviceUsageConsumer role, or a custom role with the serviceusage.services.use permission, by visiting https://console.developers.google.com/iam-admin/iam/project?project=my-project and then retry.通过访问https://console.developers.google.com/iam-admin/iam/project?project=my-授予调用者角色/serviceusage.serviceUsageConsumer 角色或具有 serviceusage.services.use 权限的自定义角色项目,然后重试。
I granted myself the role:我授予自己这个角色:
gcloud projects add-iam-policy-binding my-project \
--member=user:me@mydomain.com \
--role=roles/serviceusage.serviceUsageConsumer
and then it worked:然后它起作用了:
➜ gcloud alpha bq datasets list --project my-project
ID LOCATION
msmg-my-project:dataset1 EU
msmg-my-project:dataset2 EU
msmg-my-project:dataset3 EU
What I don't understand is why this is required.我不明白为什么这是必需的。 Why do I require serviceusage.services.use in order to list BigQuery datasets?为什么我需要 serviceusage.services.use 才能列出 BigQuery 数据集?
UPDATE: This is the list of pre-defined roles that were already granted to me@mydomain.com:更新:这是已授予 me@mydomain.com 的预定义角色列表:
Plus one custom role that grants:加上一个自定义角色,授予:
I asked the same question to Google Support and the support technician replied with:我向 Google 支持人员提出了同样的问题,支持技术人员回答说:
when you try to use command-line with command as mentioned in the command “–project” indicates that it first tries to access the project to list the particular resources of that project, which requires roles/serviceusage.serviceUsageConsumer role当你尝试使用命令行时,命令“--project”中提到的命令表示它首先尝试访问项目以列出该项目的特定资源,这需要角色/serviceusage.serviceUsageConsumer 角色
Which I think explains why I am able to see datasets in the UI but not on the command-line我认为这解释了为什么我能够在 UI 中看到数据集,但不能在命令行中看到
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.