CODEWITHSUNDEEP
google-cloud-platform
Ami Hollander
Ami Hollander

Reputation: 2535

Service Account does not exists on GCP

While trying for the first time to use Google Kubernetes Cloud solution, and according to the tutorial... I am trying to create new cluster.

But after pressing Create i receive 

The request contains invalid arguments: "EXTERNAL: service account 
"****@developer.gserviceaccount.com" does not exist.". Error code: "7"

in a red circle near the Kubernetes cluster name.

After some investigations it's looks like the default service account which google generated for my account.

I've looked over the create cluster options, but there isn't any option to change the service account.

Do I need to change Google Compute Engine default service account? how i can do it?

How I can overcome this issue?

Thank you

Upvotes: 8

Views: 13926

Answers (4)

jenish jain
jenish jain

Reputation: 11

I tried enabling disabling the compute engine api but it didn't helped me. instead since i had recently deleted it , i was able to find the service account Id from the logs and undelete it from the cloud console.

Steps to follow:

  • open the log explorer and search for DeleteServiceAccount in last 30 days as restoration of SA deleted older than 30 days is not supported.

  • then pick the SA ID from the last numeric chars in the logs against key resourceNamesample log image

  • the run

    gcloud beta iam service-accounts undelete {SERVICE_ACCOUNT_UNIQUE_ID}

in your cloud console to recover your SA.

refer this document for more details : https://blog.economize.cloud/recover-google-app-engine-default-service-account/#:~:text=If%20the%20service%20account%20has,to%20create%20a%20new%20project.

Upvotes: 1

beingmanish
beingmanish

Reputation: 1112

Looks like you either do not have any default service account or have more than one. Simply go to the "Service Accounts" section "IAM & Admin" and select the app engine default service account, and provide this as an argument while creating cluster from gcloud or gshell as below:

gcloud container clusters create my-cluster --zone=us-west1-b --machine-type=n1-standard-1 --disk-size=100 [email protected]

Upvotes: 2

Ami Hollander
Ami Hollander

Reputation: 2535

Default Compute Engine Service Account is essential for functions related to Compute Engine and is being generated automatically. Kubernetes Engine utilizes Compute Engine VM Instances as Nodes used for the cluster. GKE uses the Compute Engine Service Account to authorize the creation of these nodes.

In order to regenerate default service there are two options:

  1. Regenerate by Disabling and Re-enabling the Google Compute Engine API. In the "API's & Services" dashboard. If for some reason performing this option encountering errors when disabling the API, then try option 2.
  2. run command gcloud services enable compute.googleapis.com in Cloud SDK or Cloud Shell which is in the header of the page.

Upvotes: 6

Kouji Kawasaki
Kouji Kawasaki

Reputation: 183

To initialize GKE, go to the GCP Console. Wait for the "Kubernetes Engine is getting ready. This may take a minute or more" message to disappear.

Please open the page and wait for a while

Upvotes: 0

Related Questions