Vertex AI Notebook Instance cannot boot

ArvidEriksson · 10-26-2023 07:51 AM

Hi,

I am having an issue where a Vertex AI Notebook Instance which is hosted on europe-central2-b cannot start. It was working fine two weeks ago but when starting again (stopped due to automatic shutdown after idle) it refuses to start. It gets stuck on Provisioning / Initializing and then stops again. During this process the only error sent has the status message: "Required 'Current principal doesn't have permission to mutate this resource!' permission for 'instance-2023xxxx-xxxxxx'" where x is numbers.

Why is this? All members including the compute@developer.gserviceaccount.com has the Owner role which should give all permissions?

Robina

IAM policies can be complex, and the most restrictive permission often takes precedence if there are no conflicting policies that might be denied permission. Use the IAM Policy Troubleshooter in the Google Cloud Console to analyze the policies applied to a resource. Although you mentioned that compute@developer.gserviceaccount.com has the Owner role, make sure that the permissions at the resource level (in this case, the Notebook Instance) are correctly set. Check the Notebook Instance's IAM settings and verify that the gservice account has the required roles/permissions specifically for Notebook Instances. While the Owner role is quite powerful, it might not cover all necessary permissions. It's good practice to use predefined roles, like "roles/notebooks.admin," for managing Notebook Instances. The Owner's role might not always include granular permissions required for certain operations.