permission error for uploading images to google cloud storage, but I already gave proper permissions on IAM
Error: reportai-images@even-shuttle-250512.iam.gserviceaccount.com does not have storage.objects.create access to reportai-images/images.jpeg.
at Gaxios.request (/home/jvcabral/Projects/reportai_image_upload/node_modules/gaxios/build/src/gaxios.js:70:23)
at process._tickCallback (internal/process/next_tick.js:68:7)
The IAM member account does not have the permission storage.objects.create
on your project.
To list the IAM member roles assigned to a project execute this command. Replace PROJECT_ID with your Project ID which appears to be even-shuttle-250512
.
gcloud projects get-iam-policy PROJECT_ID > project_roles.txt
Review the file project_roles.txt
for the member and confirm what roles are assigned to the service account:
reportai-images@even-shuttle-250512.iam.gserviceaccount.com
To add a role to the project granting the service account the required permission:
Windows Syntax:
gcloud projects add-iam-policy-binding PROJECT_ID ^
--member=serviceAccount:reportai-images@even-shuttle-250512.iam.gserviceaccount.com ^
--role=roles/storage.admin
Linux/macOS Syntax:
gcloud projects add-iam-policy-binding PROJECT_ID \
--member=serviceAccount:reportai-images@even-shuttle-250512.iam.gserviceaccount.com \
--role=roles/storage.admin
Note that in the previous command I assigned the role Storage Admin. Pick a role that meets your requirements for least privilege. For example roles/storage.legacyBucketWriter
is probably more appropriate.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.