Allow firewall rules for a GCP instance (port:8080) from CLI

Question

Is there anyway to allow the ports from CLI?
I have an instance in GCP and I have installed a service which by default runs on Port:8080. I know there is an option to change the firewall rules to allow ports from the GCP dashboard but I'm wondering if there is any way to allow the required ports from the CLI
In my case I'm using Git Bash rather than the native GCP Cloud Console
I have seen the documentation to allow ports from command line GCP Firewall-rules-from CLI but this is throwing a ERROR since I'm using the Git Bash.
Here is the error log:

[mygcp@foo~]$ gcloud compute firewall-rules create FooService --allow=tcp:8080 --description="Allow incoming traffic on TCP port 8080" --direction=INGRESS
Creating firewall...failed.
ERROR: (gcloud.compute.firewall-rules.create) Could not fetch resource:
 - Request had insufficient authentication scopes.

[mygcp@foo~]$ gcloud compute firewall-rules list
ERROR: (gcloud.compute.firewall-rules.list) Some requests did not succeed:
 - Request had insufficient authentication scopes.

Is there any option to allow required ports directly from the Git Bash CLI?

Answer 1

By default, the Compute Engine uses the default service account + scopes to handle the permissions.

The default scopes limit the API access even if your default compute engine service account has the editor role (by the way, a too wide role, never use it!).

---

To solve your issue, 2 solutions:

• Use a custom service account on your Compute Engine

• Add the required scopes to your current compute engine with the default compute engine service account used on it.

In both cases, you must stop the VM to update that security configuration.