我正在使用Google Java SDK來創建和管理服務帳戶。一般來說,它的效果很好。但是,我試圖將'bigquery.jobUser'角色添加到新創建的ServiceAccount中,但API一直告訴我該角色對我的資源無效。使用Java SDK爲ServiceAccount提供bigquery.jobUser角色,「不支持」?
我在這個領域找不到很多關於Java SDK的文檔,所以我明確地做了一些錯誤的事情,可能是在指定我的資源。
希望有人可以眼球,看看是否有東西跳出來?我一直在這幾天,我覺得像我「米SOOOOO接近....
// assume successful service account creation:
serviceAccount = create.execute();
// now set the IAM policy for bigquery.user for this service account.
String[] serviceAccountsArray = new String[] {"serviceAccount:" + serviceAccount.getEmail()};
String targetRole = "roles/bigquery.jobUser";
LinkedList<Binding> bindings = new LinkedList<>();
Binding targetBinding = new Binding();
targetBinding.setRole(targetRole);
bindings.add(targetBinding);
targetBinding.setMembers(Arrays.asList(serviceAccountsArray));
Policy policy = new Policy();
policy.setBindings(bindings);
SetIamPolicyRequest setIamPolicyRequest = new SetIamPolicyRequest();
setIamPolicyRequest.setPolicy(policy);
Iam.Projects.ServiceAccounts.SetIamPolicy setIamPolicy = iam.
projects()
.serviceAccounts()
.setIamPolicy("projects/" + bigQueryProjectId + "/serviceAccounts/" + serviceAccount.getEmail(), setIamPolicyRequest);
Policy newPolicy = setIamPolicy.execute();
不幸的是,我總是得到以下異常:
com.google.api.client.googleapis.json.GoogleJsonResponseException:
400 Bad Request
{
"code" : 400,
"errors" : [ {
"domain" : "global",
"message" : "Role roles/bigquery.jobUser is not supported for this resource.",
"reason" : "badRequest"
} ],
"message" : "Role roles/bigquery.jobUser is not supported for this resource.",
"status" : "INVALID_ARGUMENT"
}
它是否適用於其他預定義角色? https://cloud.google.com/bigquery/docs/access-control#bigquery.user –
感謝您的閱讀...不幸的是,我已經嘗試了在該文檔中定義的每個角色/ bigquery。*角色。我覺得我必須從根本上誤解使用Java SDK將角色添加到服務帳戶的正確方法,但是如果能夠找到此操作的任何文檔或代碼示例,我會感到厭煩。 – SantaCruzDeveloper