我有启用了 Anthos 的谷歌云控制台试用帐户。配置 Anthos 配置管理时,我收到 accessdeniedexception。
命令运行:gsutil cp gs://config-management-release/released/latest/config-management-operator.yaml config-management-operator.yaml
异常:AccessDeniedException:403 account-dv@fabric-275411.iam.gserviceaccount.com 没有 storage.objects.list 对 config-management-release 的访问权限。
服务帐户具有所需的权限。但仍然抛出异常。如何解决这个问题?通过创建具有不同名称的服务帐户来尝试。
以下是与 serviceaccount 关联的角色:
roles/composer.environmentAndStorageObjectAdmin
roles/compute.admin
roles/compute.loadBalancerAdmin
roles/compute.networkAdmin
roles/compute.securityAdmin
roles/container.admin
roles/container.clusterAdmin
roles/container.clusterViewer
roles/editor
roles/gkehub.admin
roles/gkehub.connect
roles/gkehub.viewer
roles/iam.securityAdmin
roles/iam.serviceAccountAdmin
roles/iam.serviceAccountKeyAdmin
roles/iam.serviceAccountTokenCreator
roles/iam.serviceAccountUser
roles/logging.admin
roles/logging.configWriter
roles/logging.viewer
roles/monitoring.admin
roles/owner
roles/redis.admin
roles/resourcemanager.projectIamAdmin
roles/servicenetworking.networksAdmin
roles/stackdriver.accounts.editor
roles/storage.admin
roles/storage.objectAdmin
roles/storage.objectViewer
roles/viewer