Google Cloud Bigtable authentication with Go

Question

I'm trying to insert a simple record as in GoDoc. But this returns,

rpc error: code = 7 desc = "User can't access project: tidy-groove"

When I searched for grpc codes, it says..

PermissionDenied Code = 7

// Unauthenticated indicates the request does not have valid
// authentication credentials for the operation.

I've enabled Big table in my console and created a cluster and a service account and recieved the json. What I'm doing wrong here?

package main

import (
"fmt"
"golang.org/x/net/context"
"golang.org/x/oauth2/google"
"google.golang.org/cloud"
"google.golang.org/cloud/bigtable"
"io/ioutil"
)

func main() {
fmt.Println("Start!")
put()
}

func getClient() *bigtable.Client {
jsonKey, err := ioutil.ReadFile("TestProject-7854ea9op741.json")
if err != nil {
    fmt.Println(err.Error())
}

config, err := google.JWTConfigFromJSON(
    jsonKey,
    bigtable.Scope,
) // or bigtable.AdminScope, etc.

if err != nil {
    fmt.Println(err.Error())
}

ctx := context.Background()
client, err := bigtable.NewClient(ctx, "tidy-groove", "asia-east1-b", "test1-bigtable", cloud.WithTokenSource(config.TokenSource(ctx)))

if err != nil {
    fmt.Println(err.Error())
}

return client
}

func put() {
ctx := context.Background()
client := getClient()
tbl := client.Open("table1")
mut := bigtable.NewMutation()
mut.Set("links", "maps.google.com", bigtable.Now(), []byte("1"))
mut.Set("links", "golang.org", bigtable.Now(), []byte("1"))
err := tbl.Apply(ctx, "com.google.cloud", mut)
if err != nil {
    fmt.Println(err.Error())
}
}

Answer 1

I've solved the problem. It's nothing wrong with the code, but config json itself. So anyone who out there want to authenticate and came here by google search... This code is correct and working perfectly. What I've done wrong is follows.

First I made a service account and got the json. But google warned me that im not an owner of project hence it wont be added to accept list but anyway it let me download the json. Then I deleted that key from console and requested project owner to create a key for me. There he has created another key with the same name I given.. And since he's the owner no error/warning msgs displayed and successfully json file was downloaded.

When I tried with that... my question begun. That's when i posted this question. After that with no solutions. I asked owner to delete that key and create another key but with a different name..

Then it worked! It seems if you try to create a key with non-owner account and then again create with same name ( after deleting original of course ) has no effect. Hope this helps everyone out there :)

Answer 2

Take a look at: helloworld.go or search.go which uses GOOGLE_APPLICATION_CREDENTIALS environment variable.

For most environments, you no longer even need to set GOOGLE_APPLICATION_CREDENTIALS . Google Cloud Platform , Managed VMs or Google App Engine all have the right thing set for you. Your desktop environment will also be correct if you've used gcloud init or it's predecessor gcloud auth login followed by gcloud config set project <projectID> .