gcp docker push - permission denied

The default service account that a GCP VM use has been granted storage.buckets.* and storage.objects.* roles yet I get the error that storage.buckets.create permission isn't setup.

denied: Token exchange failed for project 'test-307504'. Caller does not have permission 'storage.buckets.create'. To configure permissions, follow instructions at: https://cloud.google.com/container-registry/docs/access-control

The default service account is [email protected] and I've created roles related to storage and assigned to the IAM service account and I ran the command gcloud auth configure-docker. But still I'm unable to push docker images to the GCR repository.

Is there something else I should be doing after assigning the roles to refresh on the VM?


Apart from permissions, check for the access scope at the VM level.
While you are at, read up on Using the Compute Engine Default Service Account and Best Practices too.