Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.

GCFUSE error: iam.serviceAccounts.getAccessToken

I am trying to fuse remote storage to a local directory and I keep getting permission issues. I even switch from a service account to a user(owner of the project and tried setting all the permissions, and still get a permission error. Please help

gcsfuse my-bucket /path/to/mount/point

{"timestamp":{"seconds":1728766133,"nanos":838915633},"severity":"INFO","message":"Start gcsfuse/2.5.0 (Go version go1.23.0) for app \"\" using mount point: /path/to/mount/point/\n"}
{"timestamp":{"seconds":1728766133,"nanos":838936160},"severity":"INFO","message":"GCSFuse config","config":{"AppName":"","CacheDir":"","Debug":{"ExitOnInvariantViolation":false,"Fuse":false,"Gcs":false,"LogMutex":false},"EnableHns":true,"FileCache":{"CacheFileForRangeRead":false,"DownloadChunkSizeMb":50,"EnableCrc":false,"EnableODirect":false,"EnableParallelDownloads":false,"MaxParallelDownloads":48,"MaxSizeMb":-1,"ParallelDownloadsPerFile":16,"WriteBufferSize":4194304},"FileSystem":{"DirMode":"755","DisableParallelDirops":false,"FileMode":"644","FuseOptions":[],"Gid":-1,"IgnoreInterrupts":true,"KernelListCacheTtlSecs":0,"RenameDirLimit":0,"TempDir":"","Uid":-1},"Foreground":false,"GcsAuth":{"AnonymousAccess":false,"KeyFile":"","ReuseTokenFromUrl":true,"TokenUrl":""},"GcsConnection":{"BillingProject":"","ClientProtocol":"http1","CustomEndpoint":"","ExperimentalEnableJsonRead":false,"GrpcConnPoolSize":1,"HttpClientTimeout":0,"LimitBytesPerSec":-1,"LimitOpsPerSec":-1,"MaxConnsPerHost":0,"MaxIdleConnsPerHost":100,"SequentialReadSizeMb":200},"GcsRetries":{"MaxRetryAttempts":0,"MaxRetrySleep":30000000000,"Multiplier":2},"ImplicitDirs":false,"List":{"EnableEmptyManagedFolders":false},"Logging":{"FilePath":"","Format":"json","LogRotate":{"BackupFileCount":10,"Compress":true,"MaxFileSizeMb":512},"Severity":"INFO"},"MetadataCache":{"DeprecatedStatCacheCapacity":20460,"DeprecatedStatCacheTtl":60000000000,"DeprecatedTypeCacheTtl":60000000000,"EnableNonexistentTypeCache":false,"ExperimentalMetadataPrefetchOnMount":"disabled","StatCacheMaxSizeMb":32,"TtlSecs":60,"TypeCacheMaxSizeMb":4},"Metrics":{"PrometheusPort":0,"StackdriverExportInterval":0},"Monitoring":{"ExperimentalOpentelemetryCollectorAddress":"","ExperimentalTracingMode":"","ExperimentalTracingSamplingRatio":0},"OnlyDir":"","Write":{"CreateEmptyFile":false}}}
Error: daemonize.Run: readFromProcess: sub-process: Error while mounting gcsfuse: mountWithArgs: mountWithStorageHandle: fs.NewServer: create file system: SetUpBucket: error in iterating through objects: Get "https://storage.googleapis.com/storage/v1/b/my-bucket/o?alt=json&delimiter=&endOffset=&includeFolder...": oauth2/google: status code 403: {
"error": {
"code": 403,
"message": "Permission 'iam.serviceAccounts.getAccessToken' denied on resource (or it may not exist).",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "IAM_PERMISSION_DENIED",
"domain": "iam.googleapis.com",
"metadata": {
"permission": "iam.serviceAccounts.getAccessToken"
}
}
]
}
}

{"timestamp":{"seconds":1728766134,"nanos":285285083},"severity":"INFO","message":"2024/10/12 13:48:54.285254 Error occurred during command execution: daemonize.Run: readFromProcess: sub-process: Error while mounting gcsfuse: mountWithArgs: mountWithStorageHandle: fs.NewServer: create file system: SetUpBucket: error in iterating through objects: Get \"https://storage.googleapis.com/storage/v1/b/my-bucket/o?alt=json&delimiter=&endOffset=&includeFolder...": oauth2/google: status code 403: {\n \"error\": {\n \"code\": 403,\n \"message\": \"Permission 'iam.serviceAccounts.getAccessToken' denied on resource (or it may not exist).\",\n \"status\": \"PERMISSION_DENIED\",\n \"details\": [\n {\n \"@type\": \"type.googleapis.com/google.rpc.ErrorInfo\",\n \"reason\": \"IAM_PERMISSION_DENIED\",\n \"domain\": \"iam.googleapis.com\",\n \"metadata\": {\n \"permission\": \"iam.serviceAccounts.getAccessToken\"\n }\n }\n ]\n }\n}"}

0 0 36
0 REPLIES 0