googleapi: Error 403: [email protected] does not have storage.objects.get access to the Google Cloud Storage object
I stay trying my project based on this: https://github.com/GoogleCloudPlatform/iot-smart-home-cloud
My issue is:
cloudfunctions.googleapis.com google.cloud.functions.v1.CloudFunctionsService.UpdateFunction projects/casaminha-2e0ca/locations/us-central1/functions/syncOnRemove [email protected] Build failed: could not resolve source: googleapi: Error 403: [email protected] does not have storage.objects.get access to the Google Cloud Storage object., forbidden com.google.net.rpc3.client.RpcClientException: APPLICATION_ERROR;google.devtools.cloudbuild.v1/ArgoAdminV1.CreateBuild;could not resolve source: googleapi: Error 403: [email protected] does not have storage.objects.get access to the Google Cloud Storage object., forbidden;AppErrorCode=3;StartTimeMs=999999999999540;unknown;ResFormat=AUTOMATIC;ServerTimeSec=0.999999999999999;LogBytes=256;Non-
I deleted in 27/jul/2021 cloud build or cloud run (I don't use cloud run in my project) I deleted in GCP console. I thought that was what was giving credential error in my action project on google. Then I started to receive the current error.
I remember that the service account I deleted was associated with google controller only (there was a question mark there)
I think the gcf command will rebuild this. But not sure if this is correct. And I also don't know how to use gcf-sources-<PROJECT_NUMBER>-
I stay trying actions on google, using firestore and GCP.
commands:
firebase --project casaminha-2e0ca functions:config:set cloudiot.region=us-central1
firebase --project casaminha-2e0ca functions:config:set smarthome.id=567617xxxxxxxxxxxxxx9r9upjxxxxxxx0t.apps.googleusercontent.com smarthome.secret=D99999999999
firebase --project casaminha-2e0ca functions:config:set smarthome.key="99999999"
firebase deploy --project casaminha-2e0ca
THis is my project in github:https://github.com/neuberfran/firebasefunction
This is my issueTracker: https://issuetracker.google.com/issues/194942955?pli=1
Can you help
Solution 1:
When you are using the Cloud Function the Cloud Build API must be enabled in order to deploy your Cloud Function, it's well documented in the tutorial(Before you begin). The Cloud Build Service Account will automatically generate when you enable the Cloud Build service in your Google Cloud project and it looks like:
[PROJECT-ID]@cloudbuild.gserviceaccount.com
Regarding this:
I deleted in 27/jul/2021 cloud build or cloud run (I don't use cloud run in my project) I deleted in GCP console
Please note, deleting Service Account:
When you delete a service account, applications will no longer have access to Google Cloud resources through that service account.
And based on your issue tracker, it seems the solution is to recover your deleted Service Account. The deleted Service account can recover within 30 days. To undelete or recover, you must find the the numeric ID or ACCOUNT_ID for the deleted service account that you can get in Cloud Logging/Log Explorer, here is the tutorial.
Once you have obtained the numeric ID or the ACCOUNT_ID, run the following in your CLI or Cloud Shell or Cloud SDK:
gcloud beta iam service-accounts undelete ACCOUNT_ID
output:
restoredAccount:
email: SA_NAME@PROJECT_ID.iam.gserviceaccount.com
etag: BwWWE7zpApg=
name: projects/PROJECT_ID/serviceAccounts/SA_NAME@PROJECT_ID.iam.gserviceaccount.com
oauth2ClientId: '123456789012345678901'
projectId: PROJECT_ID
uniqueId: 'ACCOUNT_ID'