I have a Google Cloud Powershell script for managing snapshots that works flawlessly from my workstation but will not run inside the VM due to permissions errors like this:
PS>TerminatingError(Get-GceDisk): "Google.Apis.Requests.RequestError Insufficient Permission [403] Errors [ Message[Insufficient Permission] Location[ - ] Reason[insufficientPermissions] Domain[global] ] " Get-GceDisk : Google.Apis.Requests.RequestError Insufficient Permission [403] Errors [ Message[Insufficient Permission] Location[ - ] Reason[insufficientPermissions] Domain[global] ]
We have attempted to add my same permissions to the service account without success.
We have attempted to run the script with my Google account from the VM without success.
I think this may possibly have something to do with the Cloud API access scopes, but am having difficulty researching this online.
Can someone point me in the right direction?
Cloud API access scopes was the solution, but changing them requires a new VM. This was easiest to accomplish by drilling into a recent snapshot and clicking 'new instance' from there. When making the new instance, select the appropriate level of Cloud API access. Then it all works fine.