0

Problem: I can't create managed-zones using the google cloud console. What did I do?

  1. Created a service account
  2. Add role DNS Administrator
  3. Created a json key
  4. Executed the command
gcloud auth activate-service-account test235643@developer-dns-test.iam.gserviceaccount.com --key-file=/home/d.reznikov/Downloads/developer-dns-test-5a2088479459.json --project=developer-dns-testing
  1. Executed the command
gcloud dns managed-zones create my_zone --dns-name my.zone.com. --description "My zone!"

I get error

ERROR: (gcloud.dns.managed-zones.create) User [test235643@developer-dns-test.iam.gserviceaccount.com] does not have permission to access project [developer-dns-test] (or it may not exist): Forbidden

Please help, maybe something else needs to be installed in the google cloud settings?

Igor
  • 47
  • 5
  • The error message says you do not have permission in the project **developer-dns-test**. Go back to the IAM console, select the project, and double-check which roles you assigned to the service account. – John Hanley Jul 23 '21 at 09:01
  • thank you very much for the answer, I really did not set the correct role – Igor Aug 04 '21 at 05:17

1 Answers1

0

It looks like the project name is slightly different between the command used to activate the service account and the error message.

Command: gcloud auth activate-service-account test235643@developer-dns-test.iam.gserviceaccount.com --key-file=/home/d.reznikov/Downloads/developer-dns-test-5a2088479459.json --project=developer-dns-testing

Error msg: ERROR: (gcloud.dns.managed-zones.create) User [test235643@developer-dns-test.iam.gserviceaccount.com] does not have permission to access project [developer-dns-test] (or it may not exist): Forbidden

I would double check the project name and re authorize the service account using the correct one. Then retry to create the zone.

mbk88
  • 1
  • 1
  • 3