I want to get details of Google Cloud Sql instance by using google cloud service account. I have created a service account which is billing enabled. I have successfully did Google Cloud Storage functionality like bucket create, bucket delete and so on by using this service account from java code. But while I tried to get GCS Sql functionality I am getting following error:
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "The client is not authorized to make this request.",
"reason" : "notAuthorized"
} ],
"message" : "The client is not authorized to make this request."
}
Below are my java code snippet:
private SQLAdmin authorizeSqlAdmin() throws Exception {
if (cloudSqlAdmin == null) {
HttpTransport httpTransport = new NetHttpTransport();
JsonFactory jsonFactory = new JacksonFactory();
List<String> scopes = new ArrayList<String>();
scopes.add(SQLAdminScopes.CLOUD_PLATFORM);
scopes.add(SQLAdminScopes.SQLSERVICE_ADMIN);
String propertiesFileName = "/cloudstorage.properties";
Properties cloudStorageProperties = null;
try {
cloudStorageProperties = Utilities.getProperties(propertiesFileName);
} catch (Exception e) {
logger.error(e.getMessage(), e);
return null;
}
Credential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(
cloudStorageProperties.getProperty(ACCOUNT_ID_PROPERTY)
)
.setServiceAccountPrivateKeyFromP12File(
new File(cloudStorageProperties.getProperty(PRIVATE_KEY_PATH_PROPERTY))
)
.setServiceAccountScopes(scopes).build();
cloudSqlAdmin = new SQLAdmin.Builder(httpTransport, jsonFactory, credential)
.setApplicationName(
cloudStorageProperties.getProperty(APPLICATION_NAME_PROPERTY)
)
.build();
}
return cloudSqlAdmin;
}
public DatabaseInstance getInstanceByInstanceId(String projectId, String instanceId) throws Exception {
SQLAdmin cloudSql = authorizeSqlAdmin();
Get get = cloudSql.instances().get(projectId, instanceId);
DatabaseInstance dbInstance = get.execute();
return dbInstance;
}
What am I missing here? Somebody please help me.
NB: I have added that service account as a member in permissions tab and gave this account as CAN EDIT permission
Solved this issue by replacing instance id value.
From GCS console I got the instance id as project-id:instance-name . I putted whole part of project-id:instance-name as instance id and thats why I got the above error
After some trials I found that I need to give instance-name as instanceId in here
Get get = cloudSql.instances().get(projectId, instanceId);
That solved my problem.
Updated answer
if you are on terraform and receive this error, it means that your master instance name is set wrongly. A master should refer to an instance name that already exists in cloud sql( ie, whichever is to be the master of the instance your are creating)
master_instance_name = "${google_sql_database_instance.master.name}"
It would be the same for json setup
"masterInstanceName": "source-instance"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.