This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Unable to migrate a specific standalone project to a new Org out of 20+ projects

Posted 2 weeks ago
dheerajpanyam
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

We have a use case to migrate 20+ standalone GCP projects (with no special resources like shared VPC  etc so very basic resources are present in the project ) to migrate to a new Org node. Interestingly 19 projects migrated without any error and 1 specific project failed with attached error although all  projects have same permissions and migrated by same user.The user who is doing the migration has owner permissions and also predefined  IAM project mover role. The permission "resourcemanager.projects.update"  that is shown in error below is part of the Project Mover predefined IAM role as mentioned in this link.

 

resource_manager_error.png

6 2 117
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
JanR
Staff
Reply posted on --/--/---- --:-- AM

Hi @dheerajpanyam,

There are a few things that you can try to troubleshoot:

There might be organization policies that can override individual project permissions that are in place within the destination organization that restrict project migration. 

  • You can check for organization policies using the gcloud org policies list command and look for policies related to constraints/resourcemanager.allowedExportDestinations which define allowed destinations for project migration.

It could be just a temporary glitch to the user's permissions.

  • Try re-running the migration after a short wait or logging out and back into the Google Cloud Console.

There might be a Project-Specific IAM Policy:

  • Try to compare the IAM policies of the failing project with a successfully migrated project using the gcloud projects get-iam-policy <project ID>  command. Look for any discrepancies that may affect the migration.

For further investigation please contact Google support.

Posted on --/--/---- --:-- AM
dheerajpanyam
Silver 2
Silver 2
In response to JanR
Reply posted on --/--/---- --:-- AM

@JanR As i mentioned clearly these are standalone projects meaning they are not associated with any Org. And the resources inside them are pretty basic - GCE, Firebase and the like no edge case scenarios like shared VPC or others.  As for temporary glitch i have tried this operation atleast 10 times in the past 4 days but same result. There are also some GCP Console UI bugs that i noticed. Org seems to be greyed out in the "migrate projects" option and when i toggle between Orgs it comes back as active.  I have contacted Google Support and they are yet to come up with a solution. GCP has become like GWS starting to throw surprises 🙂 . GWS = Google Workspace