This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Adding External IP to new Vertex Instance fails

Posted on 01-07-2025 06:49 AM
jpell29
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I have a new Vertex Instance stood up to replace the EOL Notebooks. The new instance was created and is working fine. The issue that I am running into is that when I try to reserve an external IP for it and attach it to that new instance, this is the error I get:
{
"protoPayload": {
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {
"code": 7,
"message": "Required 'Current principal doesn't have permission to mutate this resource!' permission for 'perception-vertex-instance-1'"
},
"authenticationInfo": {
"principalEmail": "jpelligrino@company.com"
},
"requestMetadata": {
"callerIp": "74.98.55.124",
"callerSuppliedUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36,gzip(gfe),gzip(gfe)",
"requestAttributes": {
"time": "2025-01-07T14:34:11.462021Z",
"reason": "8uSywAYQGg5Db2xpc2V1bSBGbG93cw",
"auth": {}
},
"destinationAttributes": {}
},
"serviceName": "compute.googleapis.com",
"methodName": "v1.compute.instances.deleteAccessConfig",
"authorizationInfo": [
{
"resource": "projects/company-eng-per-vertex/zones/us-west1-b/instances/perception-vertex-instance-1",
"permission": "compute.instances.deleteAccessConfig",
"granted": true,
"resourceAttributes": {
"service": "compute",
"name": "projects/company-eng-per-vertex/zones/us-west1-b/instances/perception-vertex-instance-1",
"type": "compute.instances"
},
"permissionType": "ADMIN_WRITE"
}
],
"resourceName": "projects/company-eng-per-vertex/zones/us-west1-b/instances/perception-vertex-instance-1",
"request": {
"@type": "type.googleapis.com/compute.instances.deleteAccessConfig",
"accessConfig": "external-nat",
"networkInterface": "nic0"
},
"response": {
"@type": "type.googleapis.com/error",
"error": {
"errors": [
{
"message": "Required 'Current principal doesn't have permission to mutate this resource!' permission for 'perception-vertex-instance-1'",
"domain": "global",
"reason": "forbidden"
}
],
"code": 403,
"message": "Required 'Current principal doesn't have permission to mutate this resource!' permission for 'perception-vertex-instance-1'"
}
},
"resourceLocation": {
"currentLocations": [
"us-west1-b"
]
}
},
"insertId": "-c6wwpdekipyy",
"resource": {
"type": "gce_instance",
"labels": {
"instance_id": "2215688526347592502",
"project_id": "company-eng-per-vertex",
"zone": "us-west1-b"
}
},
"timestamp": "2025-01-07T14:34:11.341683Z",
"severity": "ERROR",
"labels": {
"compute.googleapis.com/root_trigger_id": "cd67f40d-901f-4b7b-8e39-5f913057b47e"
},
"logName": "projects/company-eng-per-vertex/logs/cloudaudit.googleapis.com%2Factivity",
"receiveTimestamp": "2025-01-07T14:34:11.617643431Z"
}

Have no idea what is going on, and Google appears to be just as confused. All perms appear to be set (checked via Policy Analyzer).

HELP!! lol

0 3 606
Topic Labels
0 Likes
3 REPLIES 3
Top Labels in this Space