I had mistakenly deleted a default "service account" for my project - {project_id}-[email protected] Now whenever I try to create a cluster on Data proc I get the following error:
The resource '{project_id}[email protected]' of type 'serviceAccount' was not found.
Is there an easy way to resolve this issue - without losing any data for the project.
To clarify to anyone else who encounters this issue, this error is caused by actually deleting the service account, and not simply from removing it from the list of "project editors" under the IAM and Admin options; to anyone who only removed the account from the project editor list, you can simply add it back using the normal "Add Member".
Generally the service account gets created at the time the Compute Engine API is enabled, so at the moment it works to fix this issue simply by disabling and then re-enabling the Compute Engine API through the API Manager.
This could cause problems if you already have existing Compute Engine VMs running which you depend on for your production capabilities, but if you deleted the service account, then those VMs are likely somewhat broken anyways.
Find Google Compute Engine API there and click on "disable", and make sure to click the Disable button on the confirmation prompt instead of the Cancel button.
When re-enabling the Compute Engine API, you may encounter the following error:
Update failed with following error(s) for project settings: -- Backend Provisioning Error: {compute_component FAILED_PRECONDITION: The service is currently being deactivated and deactivation must complete before activation can occur.};
but if you wait a couple minutes and try again, it should work (I waited about 3 minutes before trying again, but the required wait may vary). Likewise, at first after re-enabling the Compute API and immediately trying to create a new Dataproc cluster, you may hit:
Failed to load networks
Access Not Configured. Compute Engine API has not been used in project <project-number> before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/compute_component/overview?project=<project-number> then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
But as it mentions, again waiting a couple minutes lets the settings propagate and it should load fine again.
Once the Compute Engine API is re-enabled sufficiently that Dataproc's Create Cluster page works on the cloud console, you can also verify again under IAM and Admin that the default compute service account exists again and that it has been auto-added as a Project editor as well.