Reputation: 301
GCP - IAM policy update failed - Allow unauthenticated invocations
I'm the owner of my organisation, but when I try to make my cloud run services public (security -> Allow unauthenticated invocations), I get this error:
IAM policy update failed
A domain restriction organisation policy is in place. Only principals in allowed domains can be added as principals in the policy. Correct the principal emails and try again.
I don't understand the error, because I am connected as the owner. I created this organisation a few days ago, I immediately had this problem.
I've tried lots of commands and checking IAM rights, but nothing works.
I'm totally stuck,I need your help, please.
I tried update I AM roles via commands, check DNS records (squarespace) & domain. Everything looks good for me. But unfortunately the error persists.
Upvotes: 8
Views: 4781
Answers (1)
Reputation: 301
Steps that solved my problem :
Go to : I AM & Admin > Organization policies > "Domain restricted sharing"
Applies to : Customize (unchanged) Policy enforcement : replace (unchanged) Rules : add a rule > Policy values : Allow All
Upvotes: 11
Related Questions
- cant make firebase cloud function public
- My GCP project doesn't allow the Snowflake service account to connect
- GCP - Pub/Sub Add Principal failed - [email protected]
- GCP IAM - Policy inheritance/precedence
- Unable to deploy GCP Cloud Function after specifying IAM Condition
- what (least) roles assign on a IAM policy to access a public shared calendar
- Setting up DNS record in Ionos hosted domain for SquareSpace