This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

INVALID_ARGUMENT about <type>:<value>

Posted on 03-10-2025 05:12 PM
project-6b87f
New Member
Reply posted on --/--/---- --:-- AM

I'm looking to migrate to Artifact Registry, but when I run a command

 

gcloud projects add-iam-policy-binding my-first-project-6b87f --member='serviceAccount:service-434105066879@gcp-sa-artifactregistry.iam.gserviceaccount.com' --role='roles/storage.objectViewer'

 

 I get

 

ERROR: Policy modification failed. For a binding with condition, run "gcloud alpha iam policies lint-condition" to identify issues in condition.
ERROR: (gcloud.projects.add-iam-policy-binding) INVALID_ARGUMENT: Policy members must be of the form "<type>:<value>".
- '@type': type.googleapis.com/google.rpc.BadRequest
  fieldViolations:
  - description: Policy members must be prefixed of the form '<type>:<value>', where
      <type> is 'domain', 'group', 'serviceAccount', or 'user'.
    field: policy.bindings.member
- '@type': type.googleapis.com/google.rpc.ErrorInfo
  domain: cloudresourcemanager.googleapis.com
  reason: PROJECT_SET_IAM_DISALLOWED_MEMBER_TYPE
- '@type': type.googleapis.com/google.rpc.ResourceInfo
  resourceName: projects/my-first-project-6b87f

 

What's wrong? The type is serviceAccount.

0 1 519
Topic Labels
0 Likes
Reply
1 REPLY 1