This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

App Engine connection to Serverless VPC connector

Posted on 07-20-2023 11:04 PM
Ch_Varun
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

I have an Frontend Standard App Engine service which needs to be connected to  backend Cloud Run service through the Serverless VPC connector.  The Cloud Run was able to connect Serverless VPC connector as its direct in UI whereas my App Engine was not able to. I have added the VPC connector attribute in the app.yaml file and using the default Service Account which has Editor role (has excess permissions) and also added "Serverless VPC Access User and Compute Viewer permissions for my App Engine service account but during the deployment it shows "compute.globalOperations.get" and "vpcaccess.connectors.use" permissions error.

0 1 844
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Marramirez
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Greetings @Ch_Varun,

Welcome to the Google Cloud Community!

You can do the following troubleshooting options:

  1. When you run Cloud Run there is an automatic creation of a Cloud Run Service Agent account. The Service agent is different from the Service Account. You need to add the "Serverless VPC Access User" role to the Cloud Run Service Agent.
  2. To fix the "vpcaccess.connectors.use" permission error, try removing the "vpc_access_connector" configuration in your app.yaml file. Add the "Serverless VPC Access User" and "Compute viewer" to the service account.

If the above options don't work, you can contact Google Cloud Support to further look into your case. Let me know if it helped, thanks!

0 Likes