I'm trying to call the budget API using a service account and a key file but I get this error:
PERMISSION_DENIED: The caller does not have permission
async function listBillingAccounts() {
const [account] = await client.getBillingAccount({ name: `billingAccounts/${BILLING_ACCOUNT_ID}` });
console.info({ account });
}
listBillingAccounts();
gcloud config set project my-project-id
| Key | Value |
|---|---|
| GOOGLE_APPLICATION_CREDENTIALS | path\to\gcp-credentials.json |
| GCP_PROJECT | my-project-id |
When I go to https://console.cloud.google.com/iam-admin/iam?project=my-project-id, it shows the service account in the table:
| Member | Name | Role | Inheritance |
|---|---|---|---|
| owner-75@my-project-id.iam.gserviceaccount.com | owner | Owner | my-project-id |
I don't know what to do next.
The owner role of a project does not grant you the necessary permissions to view billing account information.
According to the API documentation when they describe the getBillingAccount operation:
Gets information about a billing account. The current authenticated user must be a viewer of the billing account.
You can grant the viewer of the billing account permission at the organization or billing account level. Please, see the relevant docs.