[英]Terraform: “ Error creating Firewall: googleapi: Error 403: Required 'compute.firewalls.create' ”
我坚持使用此脚本在 GCP 中使用 Terraform 部署图像。 这个想法是启动一个 V 实例并为 http 请求打开端口 443 和 80,当我写“Terraform validate”时它显示为正确:
provider "google" {
project = "terraform-packer-xxxxxx"
region = "us-central1"
zone = "us-central1-a"
credentials = "C:/.../path"
}
data "google_compute_image" "test" {
name = "packer-08022021-1"
}
resource "google_compute_instance" "myVM" {
name = "test"
machine_type = "e2-micro"
zone = "us-central1-a"
tags = [ "http-server" ]
boot_disk {
initialize_params {
image = data.google_compute_image.test.self_link
}
}
network_interface {
# A default network is created for all GCP projects
network = "default"
access_config {
}
}
}
resource "google_compute_firewall" "allow-http" {
name = "http-firewall"
network = "default"
allow {
protocol = "all"
ports = ["80"]
}
allow {
protocol = "all"
ports = ["443"]
}
allow {
protocol = "all"
ports = ["22"]
}
source_tags = ["http-server"]
}
# resource "google_compute_network" "default" {
# name = "test-network"
# }
output "ip" {
value = google_compute_instance.myVM.network_interface.0.access_config.0.nat_ip
}
但是当我写“Terraform apply”时,会出现这个错误:
Error: Error creating Firewall: googleapi: Error 403: Required 'compute.firewalls.create' permission for 'projects/terraform-packer-303806/global/firewalls/http-firewall'
More details:
Reason: forbidden, Message: Required 'compute.firewalls.create' permission for 'projects/terraform-packer-303806/global/firewalls/http-firewall'
Reason: forbidden, Message: Required 'compute.networks.updatePolicy' permission for 'projects/terraform-packer-303806/global/networks/default'
我已经仔细检查了我的服务帐户中的权限,并且我有以下内容:计算实例的管理员、服务帐户的用户、网络管理员、防火墙管理员。
我不知道我做错了什么
创建 RegionNetworkEndpointGroup 时出错:googleapi:错误 403:“projects/myproj”需要“compute.regionNetworkEndpointGroups.create”权限
[英]Error creating RegionNetworkEndpointGroup: googleapi: Error 403: Required 'compute.regionNetworkEndpointGroups.create' permission for 'projects/myproj
(GCP,Terraform)创建服务帐户时出错:googleapi:错误 403:需要权限 iam.serviceAccounts.create 才能执行此操作
[英](GCP, Terraform) Error creating service account: googleapi: Error 403: Permission iam.serviceAccounts.create is required to perform this operation on
(GCP)创建 GlobalAddress 时出错:googleapi:错误 403:必需 > 'compute.globalAddresses.create' 权限 > 'projects/myproject-638932/
[英](GCP) Error creating GlobalAddress: googleapi: Error 403: Required > 'compute.globalAddresses.create' permission for > 'projects/myproject-638932/
创建 BackendService 时出错:googleapi:错误 403:“projects/myproject-137813/global/backen”需要“compute.backendServices.create”权限
[英]Error creating BackendService: googleapi: Error 403: Required 'compute.backendServices.create' permission for 'projects/myproject-137813/global/backen
googleapi:错误 403:需要“compute.organizations.enableXpnHost”权限
[英]googleapi: Error 403: Required 'compute.organizations.enableXpnHost' permission
(Terraform,Cloud Run)创建服务时出错:googleapi:错误 403:资源 'namespaces/myproject-173831/ 上的权限 'run.services.create' 被拒绝
[英](Terraform, Cloud Run) Error creating Service: googleapi: Error 403: Permission 'run.services.create' denied on resource 'namespaces/myproject-173831/
Terraform gke 节点池在 googleapi 上获得 403:错误 403:需要“container.clusters.update”
[英]Terraform gke node pool getting 403 on googleapi: Error 403: Required "container.clusters.update"
Terraform:创建 App Engine 应用程序时出错:googleapi:错误 403:调用方没有权限,禁止
[英]Terraform: Error creating App Engine application: googleapi: Error 403: The caller does not have permission, forbidden
创建网络时出错:googleapi:错误 403:资源项目 myProject 的权限被拒绝。 详细信息:[],禁止(Terraform)
[英]Error creating Network: googleapi: Error 403: Permission denied on resource project myProject. Details:[], forbidden (Terraform)
`juju bootstrap google google-controller` 产生 `googleapi: Error 403: Required 'compute.projects.get' permission`
[英]`juju bootstrap google google-controller` yields a `googleapi: Error 403: Required 'compute.projects.get' permission`
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.