niaomingjian
Reputation: 3742
The account for bucket "XXX" has been disabled
Running the following code on my local machine to create a new bucket on google storage , I got an error "StorageException: The account for bucket "my-new-bucket-abc" has been disabled".
String SERVICE_ACCOUNT_JSON_PATH = "C:\\gcpconfig\\My First Project-6f9cff47c4f0.json";
Storage storage =
StorageOptions.newBuilder()
.setCredentials(
ServiceAccountCredentials.fromStream(
new FileInputStream(SERVICE_ACCOUNT_JSON_PATH)))
.build()
.getService();
String bucketName = "my-new-bucket-abc";
// Creates the new bucket
Bucket bucket = storage.create(BucketInfo.of(bucketName));
System.out.printf("Bucket %s created.%n", bucket.getName());
However, I could download the files from google storage by running the following code:
String SERVICE_ACCOUNT_JSON_PATH = "C:\\gcpconfig\\My First Project-6f9cff47c4f0.json";
Storage storage =
StorageOptions.newBuilder()
.setCredentials(
ServiceAccountCredentials.fromStream(
new FileInputStream(SERVICE_ACCOUNT_JSON_PATH)))
.build()
.getService();
BlobId blobId = BlobId.of("nmjcloud_jar_test","addons/simple-bean-1.0.jar");
Blob blob = storage.get(blobId);
Path path = Paths.get("D:\\lib\\simple-bean-1.0.jar");
blob.downloadTo(path);
System.out.printf("Download successfully%n");
The complete error message is as follows:
Exception in thread "main" com.google.cloud.storage.StorageException: The account for bucket "my-new-bucket-abc" has been disabled.
at com.google.cloud.storage.spi.v1.HttpStorageRpc.translate(HttpStorageRpc.java:191)
at com.google.cloud.storage.spi.v1.HttpStorageRpc.create(HttpStorageRpc.java:221)
at com.google.cloud.storage.StorageImpl$2.call(StorageImpl.java:112)
at com.google.cloud.storage.StorageImpl$2.call(StorageImpl.java:109)
at com.google.api.gax.retrying.DirectRetryingExecutor.submit(DirectRetryingExecutor.java:89)
at com.google.cloud.RetryHelper.run(RetryHelper.java:74)
at com.google.cloud.RetryHelper.runWithRetries(RetryHelper.java:51)
at com.google.cloud.storage.StorageImpl.create(StorageImpl.java:108)
at com.example.storage.QuickstartSample.main(QuickstartSample.java:58)
Caused by: com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"location" : "Authorization",
"locationType" : "header",
"message" : "The account for bucket \"my-new-bucket-abc\" has been disabled.",
"reason" : "accountDisabled"
} ],
"message" : "The account for bucket \"my-new-bucket-abc\" has been disabled."
}
at com.google.api.client.googleapis.json.GoogleJsonResponseException.from(GoogleJsonResponseException.java:146)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse(AbstractGoogleClientRequest.java:321)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1065)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:419)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)
at com.google.cloud.storage.spi.v1.HttpStorageRpc.create(HttpStorageRpc.java:219)
... 7 more
Does it mean that the account I used doesn't have permission to create buckets?
When running on GCP VM with service account key, I got the following error:
Caused by: com.google.cloud.storage.StorageException: Insufficient Permission
at com.google.cloud.storage.spi.v1.HttpStorageRpc.translate (HttpStorageRpc.java:191)
at com.google.cloud.storage.spi.v1.HttpStorageRpc.create (HttpStorageRpc.java:221)
at com.google.cloud.storage.StorageImpl$2.call (StorageImpl.java:112)
at com.google.cloud.storage.StorageImpl$2.call (StorageImpl.java:109)
at com.google.api.gax.retrying.DirectRetryingExecutor.submit (DirectRetryingExecutor.java:89)
at com.google.cloud.RetryHelper.run (RetryHelper.java:74)
at com.google.cloud.RetryHelper.runWithRetries (RetryHelper.java:51)
at com.google.cloud.storage.StorageImpl.create (StorageImpl.java:108)
at com.example.storage.QuickstartSample.createBucket (QuickstartSample.java:33)
at com.example.storage.QuickstartSample.main (QuickstartSample.java:18)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:498)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run (ExecJavaMojo.java:282)
at java.lang.Thread.run (Thread.java:748)
Caused by: com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "Insufficient Permission",
"reason" : "insufficientPermissions"
} ],
"message" : "Insufficient Permission"
}
at com.google.api.client.googleapis.json.GoogleJsonResponseException.from (GoogleJsonResponseException.java:146)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError (AbstractGoogleJsonClientRequest.java:113)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError (AbstractGoogleJsonClientRequest.java:40)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse (AbstractGoogleClientRequest.java:321)
at com.google.api.client.http.HttpRequest.execute (HttpRequest.java:1065)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed (AbstractGoogleClientRequest.java:419)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed (AbstractGoogleClientRequest.java:352)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute (AbstractGoogleClientRequest.java:469)
at com.google.cloud.storage.spi.v1.HttpStorageRpc.create (HttpStorageRpc.java:219)
at com.google.cloud.storage.StorageImpl$2.call (StorageImpl.java:112)
at com.google.cloud.storage.StorageImpl$2.call (StorageImpl.java:109)
at com.google.api.gax.retrying.DirectRetryingExecutor.submit (DirectRetryingExecutor.java:89)
at com.google.cloud.RetryHelper.run (RetryHelper.java:74)
at com.google.cloud.RetryHelper.runWithRetries (RetryHelper.java:51)
at com.google.cloud.storage.StorageImpl.create (StorageImpl.java:108)
at com.example.storage.QuickstartSample.createBucket (QuickstartSample.java:33)
at com.example.storage.QuickstartSample.main (QuickstartSample.java:18)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:498)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run (ExecJavaMojo.java:282)
at java.lang.Thread.run (Thread.java:748)
I tried again on GCP VM, and it works now.
Some Settings about my Google Cloud Platform:
1. Billing account:
2. The service account key:
{
"type": "service_account",
"project_id": "ornate-shine-192301",
"private_key_id": "6f9cff47c4f0f8b1263bbf515f7e3318dcc88487",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHvLTQn5i0Aheb\nW9iUkaRpZiGACUrh694JAzckVPEdhDoLaV4ZBapnmYrJBqQIs8RFXRWajtOrjzbY\nKJXWhOdtIim72fB0KVENjTRmq2m+wWf+ks19/eWakzYlXvsry61GT44UfccCOYbU\nioyevhQtJ0mdpa7QtAtjWyFmNXHodLjHHiwhArRYRP4Mel0MkHKi64EZ5aDLEGer\nkjntqnDcni0giCQNcvJw8c9XBB64dDcldSc7ZZ8QGXgBwzqYCt1F7pjK8rg6CFBi\n8ZKmUaRpguG4pB229fuwTWwE++/WEUtmgvGV4iQ6u6Zzeiw8TPKzgYzrF7XmBu38\nzHa+5wkJAgMBAAECggEAOwz7yhf9De72arx/LgFXAcArlE5rAJr6pGB6e3fPZyIS\nBRCsPKqTpBhdUyxu75GyK62m9vBV/QkUtlhdYDQftYCdpQd8UuNqLp76CIaR9073\nv2hIb4DSUl5GaksH5/1J55kakM1UukAmsAycIUxh662LUpvKsLIiEcg9+hk/6XCe\nscbApZ+UEpl9RaxE4dTKO4PdKZkytc7sGbn7VFowEwWNqUcZ6cwIbQEFt6B1Bol1\nI4xgcxnUNRzJjls4OJvN6aQRz2lVPgTdG8hfg20Uhc+Yaj7WbGTPDdOwowREDKrS\nmdBAxm6Io264E5pz/4QWVSLR2SPMQfYxAkpkXhLxtwKBgQDyGSptLWucZFsWyIEG\nUClv8ymY0gGOYuiqiZqYSlCWDJTycHrcMSk9DjHo5XAgXRXtnbwEVhsOUVH/9g7v\nWJGR94smqRuVGpOJQPTniaPY7ewSMob+tDxKHu48XCFScXRUJnjunW0hnX6GwU91\nsBk7wbu/hMJ8UAK+rO8WeB6RvwKBgQDTNNVRgcSCWDdN5FdF1fQFTiKZ5CT+jg3A\nOqQD1FYadGzRB3FiFrpQ9pKLjW86RPQTYpAJ5dX+Vm0qWpzXMpq8IQX7FlZChJO9\nZKa1zbuLD0whWENIjEIqt/nHvXQhdccoFq3aUdRRbye9OZ8kDcUWfPVZE64HJnTt\nkQYYWQaHNwKBgQDF4z4jqam5VuqBz/hu8Z09TbRlntr4yO5HX1zHOI9wZu5k0P4L\n9/8uUekH5mrleVEQPgtOPBe3d08ger8wcuPiPUY3nqjWErgfy8GjdIVCLw/0u+pO\nTYKuT2QKYIA4RFaC5kOZP4LRpEuk2GQb3YpypuPRIzJZrIjh1LdFVYAfPwKBgB/r\nv0XXWAzfKlSiazJJ2NyoZ4Bcw96ZN6jS9BEEGZNb/0pEVrWde8Fa0uE2mhXzb/Qy\nFFT6oLIU++DH2yaHJm3Ci/Xb9WOOSAn62Vtm4a5tvHLZtSmU0TdFoQG4N4ILG/OK\nIfJ6JZ29MANgXxYC4sO4VRiGaen4vPlezs4FPoBXAoGAc/h3ep+m3okykKwqL6ea\noBJJ6xMiSTgvHVb9gNlVeDvRiqT7sc7Y2i/UKF2UceLQTOWssGtg/LiqvEZlMI0s\nU2LuyU2vdT+7Thn3hT1EfBYTOEuGIgXijGA4aLNAx4HsRx2M6HeLE277syJxBNgU\n3DsGix3gso9/jJjt4p5G5II=\n-----END PRIVATE KEY-----\n",
"client_email": "gcsserviceaccountname1@ornate-shine-192301.iam.gserviceaccount.com",
"client_id": "114270155500502944764",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/gcsserviceaccountname1%40ornate-shine-192301.iam.gserviceaccount.com"
}
3. Permissions for project "My First Project" :
4. Google Cloud Storage API Library :
Supplement:
1. I'm able to create buckets either using gsutil command line or GCP console.
2. Java API could download files from GCS.
3. On GCP VM, I could create buckets using Java API with application default credentials.(update20180316)
You are running on a Google Compute Engine virtual machine. The service credentials associated with this virtual machine will automatically be used by Application Default Credentials, so it is not necessary to use this command(
gcloud auth application-default login).
Reference Links:
1. APIs & Reference
2. Cloud Storage Client Libraries
3. Creating Storage Buckets
Upvotes: 3
Views: 1015
Answers (1)
user4785733
Reputation:
Perhaps local environment mistakes, like environment variable names, string quotation marks and so on.
Upvotes: 1
Related Questions
- Can not create bucket "The account for the specified project has been disabled."
- Google Could Storage: error when inserting bucket - 'Error 403: The account for the specified project has been disabled'
- Google Cloud Storage with a service account in Java - 403 Caller does not have storage.objects.list access to bucket
- Creating bucket in Google Cloud Storage fails sometimes
- GCP cloud storage: 403-Forbidden while executing `Storage.BucketAccessControls.List` request
- Cannot give Google CDN service account to Bucket
- com.google.cloud.storage.StorageException: 401 Unauthorized
- 'Error 403: The account for the specified project has been disabled' while accessing google cloud storage API from java
- Google Cloud Storage access denied and MapReduce. Cannot add Service Account into developers list
- Bucket URL access denied