This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Unable to retry cloud build with private pool

Posted on 07-04-2023 01:27 AM
sean-conkie
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I have a Cloud Build trigger using a worker pool.  The worker pool is in a shared project.

Service account for the trigger has Cloud Build Service Account permission in my project and Cloud Build WorkerPool User permission in the shared project.

The trigger runs, but when trying to retry or rebuild a build I get an error saying "permission denied on worker pool project".  Looking at the IAM reference doc I can't find any other permissions to add so am unsure what permission is missing?

0 1 1,070
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
anjelisa
Staff
Reply posted on --/--/---- --:-- AM

Hi @sean-conkie,

Welcome to Google Cloud Community!

Please refer to this documentation [https://cloud.google.com/build/docs/iam-roles-permissions#predefined_roles] to see the different workerpool roles and permissions. Cloud Build WorkerPool User gives you cloudbuild.workerpools.use permission which can let you run builds in the private pool, make sure that the service account used has this role. 

The trigger project service account should only need the WorkerPool User in the worker pool project, try to remove the Cloud Build Service Account role from it and see if it will solve the problem. Refer to this link.

If this didn't solve the problem, I'd suggest to contact Google Support as they can provide more specific guidance based on your configuration and setup.

0 Likes
Top Solution Authors
View all