[英]Getting an error when trying to use set iam policy method in gcp to update cloud storage policy using python?
尝试将加密器解密器角色添加到存储桶服务帐户时出错。 下面是代码..知道缺少什么吗?
storage_client = storage.Client(credentials=credentials)
sa_name = storage_client.get_service_account_email("project name")
print(sa_name)
bucket = storage_client.get_bucket("bucket name")
policy = bucket.get_iam_policy(requested_policy_version=3)
policy.version = 3
policy.bindings.append({
"role": "roles/cloudkms.cryptoKeyEncrypterDecrypter",
"members": {"serviceAccount:{}".format(sa_name)}
})
bucket.set_iam_policy(policy)
**Error:** google.api_core.exceptions.BadRequest: 400 PUT https://storage.googleapis.com/storage/v1/b/bucketname/iam?prettyPrint=false: Role roles/cloudkms.cryptoKeyEncrypterDecrypter is not supported for this resource.
错误消息XYZ is not supported for this resource表示您正在尝试向不使用该权限或不提供该权限的资源(例如 KMS 密钥)授予权限(角色)的确。
在您的问题中,您尝试将权限roles/cloudkms.cryptoKeyEncrypterDecrypter授予 Google Cloud Storage bucket 。 您将逻辑颠倒过来,您将修改 KMS 资源策略,例如密钥而不是存储桶资源策略。 有关绑定到 KMS 资源的更多详细信息,请参阅以下链接:
尝试使用以下python代码从Azure Blob存储下载内容时,出现错误:“重试策略不允许重试”
[英]Getting the error : “Retry policy did not allow for a retry” while trying to download contents from azure blob storage using the below python code
我在哪里可以找到有关 google.cloud.resourcemanager_v3 的方法 set_iam_policy 的更多文档
[英]Where could I find further documentation for the method set_iam_policy of the google.cloud.resourcemanager_v3
GCP 中是否有使用 python 更新存储桶加密的方法?
[英]Is there a method in GCP to update the encryption of a storage bucket using python?
使用 Boto 创建 IAM 策略时出现 MalformedPolicyDocumentException
[英]MalformedPolicyDocumentException while creating IAM policy using Boto
尝试使用推荐器在 GCP 中列出 IdleVM 时出错
[英]Getting an error when trying to list IdleVM's in GCP using recommender
尝试使用 ploty-dash 应用程序连接到 mysql db 时出现错误
[英]when trying to connect to mysql db using ploty-dash app iam getting an error
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.