Can't add Storage Admin role to GCP service account
I am looking at the IAM Service Accounts tab in the GCP control panel. I am editing a Service Account. I click "Grant Access," enter the email of the service account I am creating and attempt to add Storage Admin.
However, there is no such option in the list.
Also, a seemingly equivalent attempt to do this via the CLI fails:
gcloud projects add-iam-policy-binding my-project-id \
--member='serviceAccount:[email protected]' \
--role='projects/my-project-id/roles/storage.admin'
ERROR: Policy modification failed. For a binding with condition, run "gcloud alpha iam policies lint-condition" to identify issues in condition.
ERROR: (gcloud.projects.add-iam-policy-binding) INVALID_ARGUMENT: Role (projects/my-project-id/roles/storage.admin) does not exist in the resource's hierarchy.
Clearly, I am failing to understand something about how a service account is supposed to get granted a role.
Once you already created the service account you can go to IAM Page to add the Storage Admin Role.
- Go to IAM Page
- Click Add
- Enter New Principals (Enter Service Account you created)
- Select Desired Role. (In your Case Storage Admin).
- Save
In case you still want to add role using Creating Service Account Pane, Don't search with Storage instead scroll down to All Roles > Hover Cloud Storage > Select Storage Admin.
You can also do what John Hanley mentioned using the Cloud Shell.
- Firebase Firestore: Accessing Never-Retrieved Data Offline
- Google recaptcha enterprise: Your default credentials were not found
- Firebase Admin SDK cant upload to storage bucket folder
- Accessing Firestore via Cloud Function
- Problem with executing asynchronous Cloud Function
- do you need to create a separate collection/document for reading an aggregated document with firebase cloud function
- httpsCallable is not a function when calling a Firebase function
- Google Cloud Eventarc: Receive events via Pub/Sub directly
- Android Studio's project gradle file changed?
- How to listen to button triggers using Firebase
- gcloud auth login throwing error: gcloud crashed (ConnectionError): HTTPSConnectionPool(host='oauth2.googleapis.com', port=443): Max retries exceeded
- Google Cloud Build Error: build step 0 "gcr.io/cloud-builders/docker" failed: step exited with non-zero status: 1
- Terraform - GCP - Import project IAM member
- Choosing fields to return with Places API (new) client library
- Deploy to Update version of Gmail App Script Extension
- Getting random "User not found in file /etc/passwd" error on Cloud Run Job
- Change time format in GCP Logs Explorer
- Deploying to Cloud Run with a custom service account failed with iam.serviceaccounts.actAs error
- Deploying a pelican site to Google Cloud Run with Dockerfile not working
- Is there a good explanation of resource labels versus metric labels?
- Why do I set the resource type when writing the metric but not when creating a descriptor?
- google-github-actions/get-gke-credentials failed with: required "container.clusters.get" permission(s)
- GA4 Data Not Retained for More Than 60 Days Despite BigQuery Table Expiration Set to 'Never
- How to list all enabled API services for Google Cloud Platform project
- Google Cloud calendar API connection error
- Downloading a folder from cloud storage in GitHub action and move it inside a docker container is not working
- How to fix CloudRun error 'The request was aborted because there was no available instance'
- Google Cloud Build with Dockerfile and copy files
- Firebase CLI console: Cannot find module @google-cloud/tasks
- Does Cloud SQL have a query console or is CLI the only option?