I can't store in cloud storage , I get acces denied when I try to export data from vm to my cloud storage
I cretaed a vm in compute engine, and I opened jupyter-notebook, I can read file in my bucket but can't save other. I created the bucket and the vm myself, so I guess I am an ownner?
import pandas as pd
df = pd.read("gs://my-bucket/my_file_v1.csv")
#some code in here
df.to_csv("gs://my-bucket/my_file_2.csv") #I get this error OSError: Forbidden: https://storage.googleapis.com/upload/storage/v1/b/pacific_peche/o Access denied.
I tried to change the IAM policy, the bucket is in not public
and I dded me as principal and I give it the permission needed: Cloud storage viewer
Cloud storage admin ...
It's a common mistake. When you create a Compute Engine, with default parameters, the console propose to use the default compute engine service account as identity of your Compute engine
The legacy behavior is when you use the default compute engine service account the subsequent scope applies. If you click on "set access for each API" you will see the default scope set on your service account: Cloud Storage is in read only mode
Therefore, your error
To solve that, 2 solutions.
Firstly stop the Compute Engine and edit it.
- Either add/change the missing scopes to access the APIs
- (Prefered) don't use the default compute engine service account, and use a user managed service account with only the permission that you want on it. When you use a user managed service account, scopes does not apply. In addition, the default service account has the editor role by default which is too broad.
- Error 400: invalid_scope with Postman and Google OAuth2
- Firebase Firestore REST Request - Query and Filter
- `IAM_PERMISSION_DENIED` on a deployed service on GCP, but no errors on localhost
- Pyspark on GCP Dataproc - Partial reading of data for gzip encoded Cloud Storage files
- Error 400 invalid JSON Payload Unknown name generationConfig on an AI API Curl command
- Restricting usage for an Android key for a Google API
- Google Cloud Function The request was aborted because there was no available instance
- How to properly create URL Masking for Cloud Functions to create a NEG?
- Deploying an Angular app on Google Cloud with minimal costs
- Cloud Run For Anthos With Terraform
- Flagging a row in new column based on conditions on previous and current rows
- Cant access Firebase Admin SDK via Node.js on my VPS, but I can on my local machine
- TypeError: __call__() missing 1 required positional argument: 'context' error when deploying on GCP
- Why GCP loadbalancer frontend has only two ports enabled?
- New Google place api using google OAuth, ask failed to refresh token
- Is it possible to display context of the search result in gcp logging
- Is there float32 precision on Google TPU?
- BigQuery : is it possible to iterate over an array?
- oauth 2 parameters can only have a single value: scope
- Correct use of gcloud --sort-by combined with --limit
- Is PIVOT Operator supported in Big Query Materialized view?
- App attestation failed with Firebase App check in release on Android
- Why doesn't the offline cloud firestore documentation have code for offline query indexes for flutter?
- _CHANGE_TYPE not working when streaming Google Big Query rows from Pub/Sub
- Migrating from legacy Google FCM to HTTP v1 for push notifications
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- Can we update a field due to its value without reading it in firebase?
- Use process.env variables inside next.config.js
- What is the best practice for decoding Firestore documents in a listener for Swift 5?
- How to install Google Cloud SDK app-engine-python on Debian 12?