How to granting permissions to randomly create service account on GCP?
Question
I trying to create a deployment package on GCP with a customized VM Image. I do follow docs but as soon as I trigger the deployment, validation failed with the following error:
"domain": "global",
"message": "Required 'compute.images.useReadOnly' permission for 'projects/r-public/global/images/my-image'",
"reason": "forbidden"
The problem is that the GCP console create for every trigger a new service account which has the permission issue. What could be the valid solution here.
1 answers
solution1
0 2022-09-12 08:22:49
Seems to be you need to grant all authenticated Compute Engine users the Compute Image User role (roles/compute.imageUser) to a custom image.
To make images public, use the gcloud compute images add-iam-policy-binding command: gcloud compute images add-iam-policy-binding IMAGE_NAME
--member='allAuthenticatedUsers'
--role='roles/compute.imageUser'
Replace IMAGE_NAME with the name of the resource—for example, my_image.
For more information on custom images access follow this link .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.