I am trying to import a bucket containing a Firestore database export into antoher Firebase project. I have been following this guide on how to do this.
When running the gcloud firestore import, I run into the following issue:
ERROR: (gcloud.firestore.import) PERMISSION_DENIED: Service account does not have access to Google Cloud Storage file: /bucket/EXPORT_PREFIX.overall_export_metadata. See https://cloud.google.com/datastore/docs/export-import-entities#permissions for a list of permissions needed. Error details: [email protected] does not have storage.buckets.get access to the Google Cloud Storage bucket.
I did however use the following command to grant access to the bucket:
gsutil iam ch serviceAccount:[email protected]:admin gs://bucket_name
This did not give me any error whatsoever, so I assume it ran as expected. I triple checked and believe I was working in the correct projects while using these commands.
I think that perhaps the import command is ran with another service account than [email protected]:admin, but am unsure about this or on how to ensure the correct service account is being used.
Any help on resolving this would be highly appreciated! :)
The error message appears to include the Service Account in question:
Error details:
[email protected]
does not have storage.buckets.get access to the Google Cloud Storage bucket.
I think you need to:
gsutil iam ch \
serviceAccount:[service-XXX]@gcp-sa-firestore.iam.gserviceaccount.com:objectViewer \
gs://[bucket-name]
Replacing [service-XXX] and [bucket-name]