Reputation: 39
How to stop running my terraform commands with a service account
gcloud auth list
Credentialed Accounts ACTIVE ACCOUNT
* [email protected]
To set the active account, run:
$ gcloud config set account `ACCOUNT
The credentials used here are correct and make sense, but when I run it HOPING it to be that user account, the error is saying that this service account does not have permissions needed in this environment. Which makes total sense! but! I can't figure out how to stop terraform from running as this service account and not as my own active user account.
Error: Error loading state: Failed to open state file at gs://dxxxxdefault.tfstate: googleapi: got HTTP response code 403 with body:
AccessDeniedAccess [email protected] does not have storage.objects.get access to the Google Cloud Storage object.
Upvotes: 1
Views: 924
Answers (1)
Reputation: 782
The error message said that your service account [email protected] cannot access terraform state on Google Cloud Storage, you just need to add storage.objects.get permission to the service account to fix the error.
If you don't want Terraform to use this service account, you can remove impersonation settings in Terraform and environment variable GOOGLE_APPLICATION_CREDENTIALS.
Upvotes: 1
Related Questions
- How to stop GCP vm instances using terraform
- GCP "omnipotent" Service Account to create multiple services through Terraform
- Add existing Service account to terraform Google compute instance
- How To Grant GCP Organization Level Permissions to Service Account via Command Line
- Terraform google_project_iam_binding deletes GCP compute engine default service account from IAM principals
- Cannot stop a GCP VM using terraform
- Managing core infrastructure with terraform using service account in Google Cloud
- GCP project quota issue with service account
- How to properly create gcp service-account with roles in terraform
- Deleting unneeded service accounts from gcloud permission denied to owner