问题描述:

I am tring to use Google Cloud Storage service by google-api-client-php SDK with JSON credential, and applying the example code like:

putenv("GOOGLE_APPLICATION_CREDENTIALS=/path/to/service-account.json");

$client = new Google_Client();

$client->useApplicationDefaultCredentials();

$client->addScope(Google_Service_Storage::DEVSTORAGE_FULL_CONTROL);

$storage = new Google_Service_Storage($client);

$ret = $storage->buckets->listBuckets("project-id");

However, these codes are okay after first few hours I create the credential, but I keep receive 'permission denied' error with same code/credential file few hours later.

PHP Fatal error: Uncaught exception 'Google_Service_Exception' with message '{

"error": {

"errors": [

{

"domain": "global",

"reason": "forbidden",

"message": "Forbidden"

}

],

"code": 403,

"message": "Forbidden"

}

}

I have not idea if this is a code level or service level problem...

网友答案:

Make sure your service account has the right permissions in GCP:

In the console, go to:

Api Manager > Credentials > Manage Service Accounts > Permissions > Add Member

On the pop-up screen, paste your service account's email address and give it "can edit" access. That should do it.

相关阅读:
Top