0

when I user packer build command I face this error and I gave the service account user but still have same issue googlecompute: * The user does not have access to service account 'service-76109290228@compute-system.iam.gserviceaccount.com'. User: 'farzin-second-testtt-project@farzin-second-testtt-project.iam.gserviceaccount.com'. Ask a project owner to grant you the iam.serviceAccountUser role on the service account

Would you please help me in this regard?

farzin
  • 1
  • 1
  • 3

1 Answers1

0

What command are you running exactly? Is there more than one project involved here? The main thing here is that your user needs serviceAccountUser role on the project where the service account was created/is a resource of.

Nicholas Elkaim
  • 31
  • 2
  • I used packer build command and I added user account user role to service account taht I make in my project and use that jason key from that credentials but still have issue,it is really odd to me – farzin May 16 '20 at 17:15
  • If you want your user to be able to use service accounts the user needs the serviceAccountUser role, it sounds like you gave your service account a role to use user accounts, which is the other way around – Nicholas Elkaim May 19 '20 at 11:56
  • I have added this role to user and go to IAM and there I chose it and add role but it dosent work in this way – farzin May 20 '20 at 12:06
  • From the error you gave it sounds like the user does not have permission to use the service account as a resource. – Nicholas Elkaim May 21 '20 at 18:37
  • where Can I give access? in IAM am i right?I didi it but it doesnt work to service account also this is service accout that created by google itsels not my service account and it is odd – farzin May 21 '20 at 19:15
  • I have enabled and checked all of the mentioned APIs also I go to console and service account and I makeservice account and add both compute admin and comute instance admin beta(v1) and service acoount user and then I aded my user and also I add other permission to one role and add that role to my service account – farzin May 21 '20 at 19:16
  • Then I go to my VB and there I run packer build command andthere I face error that mentione :the service account (which is made by google) and my user (my user do not have permission to access to service account that created by google) and ask owner to give service account access role to user – farzin May 21 '20 at 19:16