我有一个云函数,其基本代码如下,它试图在 gcs 存储桶中获取 blob。
import base64
import json
import functions_framework
from google.cloud import bigquery
from google.cloud import storage
# Triggered from a message on a Cloud Pub/Sub topic.
@functions_framework.cloud_event
def hello_pubsub(cloud_event):
storage_client = storage.Client()
bucket = storage_client.get_bucket(some_bucket)
blobs = bucket.list_blobs(prefix=file, delimiter='/')
print(blobs)
但是,函数运行后,我收到 403 错误,并显示消息
google.api_core.exceptions.Forbidden: 403 GET https://storage.googleapis.com/storage/v1/b/aRandomBucket?projection=noAcl&prettyPrint=false: [email protected] does not have storage.buckets.get access to the Google Cloud Storage bucket. Permission 'storage.buckets.get' denied on resource (or it may not exist)."
我已向我的云功能服务帐户授予存储管理员和自定义角色,其中包括访问存储的权限,并且我已经向公众开放了存储桶,但我仍然收到 403。
下面是服务帐户详细信息的图像 -storage.buckets.get
角色只有 `storage.buckets.get