google-cloud-platformterraformdevopsterraform-provider-gcp
(Terraform, GCP) Error creating GlobalAddress: googleapi: Error 403: Required > 'compute.globalAddresses.create' permission for > 'projects/myproject-
I'm trying to reserve a global static external IP address on GCP with the Terraform code below:
provider "google" {
credentials = file("myCredentials.json")
project = "myproject-638932"
region = "asia-northeast1"
}
resource "google_compute_global_address" "default" {
name = "global-appserver-ip"
}
But I got this error:
Error creating GlobalAddress: googleapi: Error 403: Required 'compute.globalAddresses.create' permission for 'projects/myproject-638932/global/addresses/global-appserver-ip', forbidden
So now, I'm trying to add a role to solve this error above but there are too many roles to choose:
What role do I need to choose?
Solution
Choose the role "Compute Network Admin":
If you want to choose a more specific role, choose the role "Compute Public IP Admin":
Then, you can reserve a global static external IP address:
- google cloud pub sub multiple subscriber for the same message with the same subscription
- CloudFlare 400 Error When Calling OpenAI Completions API on CloudRun
- Deploy a container to Cloud Run after pushing to Artifact Registry automaticlly
- Creating a cloudsql instance in the VPC network of my Project
- Google Cloud platform performance: how many users
- Bash Indirect expansion doesn't seem to work in cloud build bash scripts?
- Some scopres missing from Google Gmail API oAuth Consent Flow
- How do I list all the top-level folders in given GCS bucket?
- Trigger Google Cloud Build with Google Cloud Scheduler periodically
- How can I prevent certain HTML tags from being stored to Firestore with firestore.rules?
- Google Cloud Functions - ImportError: cannot import name 'InvalidKeyError' from 'jwt.exceptions'
- GCP - User ... does not have permission to access projects instance
- curl failing in Google Cloud Build when using a secret
- Google Cloud Compute Engine refusing connections despite firewall rule
- How to I return JSON from a Google Cloud Function
- Making Exact Copy of Server Google Cloud
- How to drop multiple tables in Big query using Wildcards TABLE_DATE_RANGE()?
- firebase, linkWithCredential to add new auth provider to an Account
- .NET Core Blazor Server cannot access to Cloud SQL in Cloud Run
- Google Compute Engine and ADC Application Default Credentials
- Is there a way to connect cloud firestore to realtime database using Cloud functions?
- Pyspark on GCP Dataproc - Partial reading of data for gzip encoded Cloud Storage files
- How to use GitHub immutable values (IDs) in Attribute Conditions?
- Cannot find the id using Firebase Firestore Database - Android kotlin
- _CHANGE_TYPE not working when streaming Google Big Query rows from Pub/Sub
- Realtime database `onValueWritten` event does not trigger in emulator
- Error 400: invalid_scope with Postman and Google OAuth2
- Firebase Firestore REST Request - Query and Filter
- `IAM_PERMISSION_DENIED` on a deployed service on GCP, but no errors on localhost
- Error 400 invalid JSON Payload Unknown name generationConfig on an AI API Curl command