google-cloud-platformterraformdevopsterraform-provider-gcpgoogle-cloud-iam
(Terraform, GCP) Error 403: Permission denied to list services for consumer container [projects/335478934851]
On GCP, I'm trying to enable "Identity and Access Management (IAM) API" with this Terraform code below:
provider "google" {
credentials = file("myCredentials.json")
project = "myproject-173831"
region = "asia-northeast1"
}
resource "google_project_service" "project" {
service = "iam.googleapis.com"
}
But I got this error:
Error when reading or editing Project Service : Request
List Project Services myproject-173831returned error: Failed to list enabled services for project myproject-173831: googleapi: Error 403: Permission denied to list services for consumer container [projects/335478934851]
Then, I couldn't enable it
So now, I'm trying to add a role to solve this error above but there are too many roles to choose:
What role do I need to choose?
Solution
Choose the role "Quota Administrator":
Then, apply your Terraform code again:
provider "google" {
credentials = file("myCredentials.json")
project = "myproject-173831"
region = "asia-northeast1"
}
resource "google_project_service" "project" {
service = "iam.googleapis.com"
}
Finally, you can enable "Identity and Access Management (IAM) API":
- Bash Indirect expansion doesn't seem to work in cloud build bash scripts?
- How do I list all the top-level folders in given GCS bucket?
- Trigger Google Cloud Build with Google Cloud Scheduler periodically
- Google Cloud Functions - ImportError: cannot import name 'InvalidKeyError' from 'jwt.exceptions'
- GCP - User ... does not have permission to access projects instance
- Google Cloud Compute Engine refusing connections despite firewall rule
- How to I return JSON from a Google Cloud Function
- Making Exact Copy of Server Google Cloud
- How to drop multiple tables in Big query using Wildcards TABLE_DATE_RANGE()?
- firebase, linkWithCredential to add new auth provider to an Account
- .NET Core Blazor Server cannot access to Cloud SQL in Cloud Run
- Google Compute Engine and ADC Application Default Credentials
- Is there a way to connect cloud firestore to realtime database using Cloud functions?
- Pyspark on GCP Dataproc - Partial reading of data for gzip encoded Cloud Storage files
- How to use GitHub immutable values (IDs) in Attribute Conditions?
- Cannot find the id using Firebase Firestore Database - Android kotlin
- _CHANGE_TYPE not working when streaming Google Big Query rows from Pub/Sub
- Realtime database `onValueWritten` event does not trigger in emulator
- Error 400: invalid_scope with Postman and Google OAuth2
- Firebase Firestore REST Request - Query and Filter
- `IAM_PERMISSION_DENIED` on a deployed service on GCP, but no errors on localhost
- Error 400 invalid JSON Payload Unknown name generationConfig on an AI API Curl command
- Restricting usage for an Android key for a Google API
- Google Cloud Function The request was aborted because there was no available instance
- How to properly create URL Masking for Cloud Functions to create a NEG?
- Deploying an Angular app on Google Cloud with minimal costs
- Cloud Run For Anthos With Terraform
- How to delete a key:value pair from Firebase map?
- Flagging a row in new column based on conditions on previous and current rows
- Cant access Firebase Admin SDK via Node.js on my VPS, but I can on my local machine