获取公钥时出现 Google Cloud KMS 错误
[英]Google Cloud KMS error when getting public key
问题描述
I'm following this Google tutorial to access my KMS public key value in Nodejs app, apparently I have an error due to missing permissions (because I can read the value from the console gcloud kms keys versions get-public-key).
我正在按照这个Google 教程在 Nodejs 应用程序中访问我的 KMS 公钥值,显然由于缺少权限而出现错误(因为我可以从控制台 gcloud kms 密钥版本 get-public-key 读取值)。 The error:错误:
Error: Could not load the default credentials. Browse to https://cloud.google.com/docs/authentication/getting-started for more information.
at GoogleAuth.getApplicationDefaultAsync
I created a service account with the required permissions (to read), how can I instantiate a KMS client with it?我创建了一个具有所需权限(读取)的服务帐户,如何使用它实例化 KMS 客户端? (const client = new KeyManagementServiceClient();) (const 客户端 = 新 KeyManagementServiceClient();)
Thanks谢谢
EDIT 1: I can get the key when I set an env var with the location of the SA: export GOOGLE_APPLICATION_CREDENTIALS="/home/user/Downloads/service-account-file.json"编辑 1:当我使用 SA 的位置设置环境变量时,我可以获得密钥:export GOOGLE_APPLICATION_CREDENTIALS="/home/user/Downloads/service-account-file.json"
How can I use the file itself (service-account-file.json) instead of env var?如何使用文件本身 (service-account-file.json) 而不是 env var?
1 个解决方案
解决方案1
0 2022-09-20 14:29:03
I believe it should be as simple as我相信它应该像
const client = new KeyManagementServiceClient({
keyFilename: '/path/to/keyfile.json'
});
Sorry this isn't totally clear: this isn't documented with a sample anywhere as far as I can tell, and the keyFilename property comes from three levels up the inheritance hierarchy of ClientOptions .抱歉,这并不完全清楚:据我所知,这在任何地方都没有记录,并且keyFilename属性来自ClientOptions的 inheritance 层次结构的三个层次。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.