node does not have storage.objects.create
Question
permission error for uploading images to google cloud storage, but I already gave proper permissions on IAM
Error: reportai-images@even-shuttle-250512.iam.gserviceaccount.com does not have storage.objects.create access to reportai-images/images.jpeg.
at Gaxios.request (/home/jvcabral/Projects/reportai_image_upload/node_modules/gaxios/build/src/gaxios.js:70:23)
at process._tickCallback (internal/process/next_tick.js:68:7)
1 answers
solution1
0 ACCPTED 2019-09-26 17:33:59
The IAM member account does not have the permission storage.objects.create on your project.
To list the IAM member roles assigned to a project execute this command. Replace PROJECT_ID with your Project ID which appears to be even-shuttle-250512 .
gcloud projects get-iam-policy PROJECT_ID > project_roles.txt
Review the file project_roles.txt for the member and confirm what roles are assigned to the service account:
reportai-images@even-shuttle-250512.iam.gserviceaccount.com
To add a role to the project granting the service account the required permission:
Windows Syntax:
gcloud projects add-iam-policy-binding PROJECT_ID ^
--member=serviceAccount:reportai-images@even-shuttle-250512.iam.gserviceaccount.com ^
--role=roles/storage.admin
Linux/macOS Syntax:
gcloud projects add-iam-policy-binding PROJECT_ID \
--member=serviceAccount:reportai-images@even-shuttle-250512.iam.gserviceaccount.com \
--role=roles/storage.admin
Note that in the previous command I assigned the role Storage Admin. Pick a role that meets your requirements for least privilege. For example roles/storage.legacyBucketWriter is probably more appropriate.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.