问题
I'm trying to use google cloud storage java library in scala to list items in a bucket
val credential = new GoogleCredential.Builder()
.setTransport(GoogleNetHttpTransport.newTrustedTransport())
.setJsonFactory(JacksonFactory.getDefaultInstance())
.setServiceAccountId("xxx@developer.gserviceaccount.com")
.setServiceAccountScopes(Collections.singleton(StorageScopes.DEVSTORAGE_READ_ONLY))
.setServiceAccountPrivateKeyFromP12File(new File("file.p12"))
.build()
val storage = new Storage.Builder(
GoogleNetHttpTransport.newTrustedTransport(),
JacksonFactory.getDefaultInstance(),
credential)
.setHttpRequestInitializer(credential)
.setApplicationName("app")
.build()
storage.objects.list("bucket").execute
however I got
com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "Forbidden",
"reason" : "forbidden"
} ],
"message" : "Forbidden"
}
my email account have the access to the bucket, I can access it using gsutil by creating a project in my account as well. I've created xxx@developer.gserviceaccount.com in a project in my account as well, any idea that how can I set the permission?
回答1:
Just been coming up against the same issue, and think we've found the solution. To fix it, the owner of the Google Play Developer Console that we were trying to access had to add our service account email address to the Google Play Console permissions list, and give the service account Financial Reports privileges.
回答2:
If you're doing this from a Google Compute Engine instance, make sure you start up that instance with permissions enabled for service accounts... see https://cloud.google.com/compute/docs/authentication#using
If you don't start the instance up with a service account, it won't have permissions to use one.
来源:https://stackoverflow.com/questions/25768735/access-google-cloud-storage-using-java-library-gets-403-forbidden