Join Log in
Score:0
Thorsten Staerk avatar Server

Org Policies error when creating a Cloud Function

cn flag
Thorsten Staerk

When trying to create a "hello world" Cloud Function, I get the error message:

"The request has violated one or more Org Policies. Please refer to the respective violations for more information."

Now, which org policies have been violated? In the Log Explorer I find the error message like this:

{
insertId: "XXX"
logName: "projects/XXX/logs/cloudaudit.googleapis.com%2Factivity"
protoPayload: {10}
receiveTimestamp: "2021-11-26T11:42:16.735011108Z"
resource: {2}
severity: "ERROR"
timestamp: "2021-11-26T11:42:16.490247Z"
}
126
0 + 0
Zeenath S N avatar
cn flag
Zeenath S N
This means that the Org Policy errors you ran into are due to [VPC Service Controls](https://cloud.google.com/vpc-service-controls/docs/troubleshooting#determine_if_an_error_is_due_to). Can you please review your [VPC Service Controls configuration](https://cloud.google.com/functions/docs/securing/using-vpc-service-controls) to understand why your VPC service controls are prohibiting your createFunction requests?
0
Reply
Score:1
Thorsten Staerk avatar Server
cn flag
Thorsten Staerk

I found the solution to my own issue: After clicking "Create Function", I had to choose "Run time, build, connections and security settings" -> "Connections" and select an option.

No option had been selected there, I guess this was due to my project's network settings.

Now I can deploy :)

0 + 0
Score:0
John Hanley avatar Server
cn flag
John Hanley

Logging will have the detail error.details[x].violations[x].type. The log entry states the constraint in violation.

The following log entry shows a violation for location:

"type": "constraints/gcp.resourceLocations"

Example log entry:

"error": {
  "code": 400,
  "message": "The request has violated one or more Org Policies. Please refer to the respective violations for more information."
  "status": "FAILED_PRECONDITION" 
  "details\": [
    {
      "@type": "type.googleapis.com/google.rpc.PreconditionFailure",
      "violations": [
        {
          "type": "constraints/gcp.resourceLocations",
          "subject": "orgpolicy:projects/<project>",
          "description": "Constraint constraints/gcp.resourceLocations violated for projects/<project> attempting GenerateUploadUrlActionV1 with location set to us-central1. See https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints for more information."
        }
      ]
    }
  ]
}

Org Policy Constraints

0 + 0
Thorsten Staerk avatar
cn flag
Thorsten Staerk
The log entry looks entirely different for me. I look at the Logs Explorer, where do you look?
0
Reply
John Hanley avatar
cn flag
John Hanley
@ThorstenStaerk I provided a **partial** example of the inner section showing the error key. Look in **Cloud Audit Logs** https://cloud.google.com/logging/docs/audit#types
1
Reply
Thorsten Staerk avatar
cn flag
Thorsten Staerk
Thanks for staying with me! However, I still see the same like before. I read the article you pointed me to, then, in Log Explorer I indeed found a log entry with the type "type.googleapis.com/google.cloud.audit.AuditLog". But as before, it only contains one occurrence of "ERROR" which looks like this: severity: "ERROR" timestamp: "2021-12-01T07:02:05.318337Z" so I cannot find the error key
0
Reply
John Hanley avatar
cn flag
John Hanley
@ThorstenStaerk I need to see the entire redacted log entry.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.