Join Log in
Score:1
Skippy avatar Server

Error: iam.gserviceaccount.com does not have storage.buckets.get access to the Google Cloud Storage bucket.'

ms flag
Skippy

I am trying to connect FTC's fmltc(https://github.com/FIRST-Tech-Challenge/fmltc) with Google Cloud and train the datasets for object recognition. I am able to login to fmltc and immediately I got the the error of: Error: iam.gserviceaccount.com does not have storage.buckets.get access to the Google Cloud Storage bucket.'

I am new to Google Cloud. I googled the error and I am not able to solve the problem. I am also following the instructions of ReadMe.md from https://github.com/FIRST-Tech-Challenge/fmltc carefully.

I searched and found out "storage.buckets.get" is a permission. I could not find which other role can grant this permission since this service account is already "Computer Storage Admin". I don't know if any other role is related to "storage". Appreciate if anyone could give me a hint on this.

Secondly, I tried to create the bucket "XXXXXX.iam.gserviceaccount.com". I got the following:

A bucket name can only use dots (.) to form a valid domain name (e.g., example.com). If you haven't verified that you're authorized to use this domain, you'll have to do so to create this bucket.

The error makes me think I should not do this. Maybe I need to create a kind of Google Cloud Storage bucket that I can assign the permission of storage.buckets.get to. But then I don't know how a random bucket connects to "xxxx.iam.gserviceaccount.com" service account. Really appreciate it if anyone can share advice and opinion on this error.

Thank you!

1528
1 + 0
Score:0
John Hanley avatar Server
cn flag
John Hanley

There are several IAM roles with the permission storage.buckets.get:

  • Storage Legacy Bucket Reader
  • Storage Legacy Bucket Writer
  • Storage Legacy Bucket Owner
  • Storage Admin

IAM roles for Cloud Storage

You mention the role Computer Storage Admin, which does exist. Do you mean Storage Admin?

If you have the correct role and you receive an error about no permission, you have probably specified the wrong bucket name.

You mentioned the error:

Error: iam.gserviceaccount.com does not have storage.buckets.get access to the Google Cloud Storage bucket.

iam.gserviceaccount.com is not a valid service account email address. Double check what you are specifying and the error message.

+ 3
Skippy avatar
ms flag
Skippy
The error starts with: xxxxx.iam.gserviceaccount.com does not have storage.buckets.get access to the Google Cloud Storage bucket. xxxx is a unique team name. I realized the 3 Storage Legacy Bucket xxxxx and Storage Admin are associated with storage.buckets.get. I found these four roles in Cloud Storage/bucket. I add the roles in the main project bucket, the same error still exists. I have couple other buckets, but I don't have the xxxxx.iam.gserviceaccount.com in the bucket. Shall I create a bucket for it and then assign the 4 roles for it?
0
Reply
Skippy avatar
ms flag
Skippy
I can only assign the roles of Storage Legacy Bucket.XXX in Cloud Storage/Buckets. And the error still exists. So I went to IAM & Admin, and I tried to assign "Permissions for project "XXX". Inside the Principal "xxxxx.iam.gserviceaccount.com" I couldn't find any Storage Legacy Bucket.XXX. Therefore I assigned the closest related to Storage role as "Computer Storage Admin". It is confusing and it seems the roles list in "IAM & Admin" is different in "Cloud Storage/Buckets". Appreciate any advise.
0
Reply
John Hanley avatar
cn flag
John Hanley
@Skippy 1) Double check the bucket name 2) Double check which credentials you are using. 3) Show me a screenshot (in your question) of "Computer Storage Admin". That role does not exist.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.