Invalidate Google cloud CDN cache fails over permissions

Question

I use YAML build files along with Coogle cloud build to deploy my front-end app as a static site, after every deployment I want to invalidate the CDN cache, hence I have added this snippet to my build YAML file

  - name: "gcr.io/cloud-builders/gcloud"
    args:
      [
        "compute",
        "url-maps",
        "invalidate-cdn-cache",
        "load-balancer",
        "--path",
        "/*",
        "--async",
      ]

The default service account email is assigned the Load Balancer Admin & Compute Admin role. I can successfully invalidate the CDN cache manually using gcloud CLI

gcloud compute url-maps invalidate-cdn-cache load-balancer --async --path='/*'

however, whenever I try to deploy the app using cloud build, I get a permission error as follows:

- Required 'compute.urlMaps.invalidateCache' permission for 'projects/Project-Name/global/urlMaps/load-balancer'

I have tried looking up the issue and assigning the right permissions but still getting the same error. I would appreciate any help in resolving this matter to get the build successfully invalidate the cache for me so I don't have to do it manually

You must add an IAM role with that permission to the Cloud Build service account. Tip: if you must invalidate the CDN, you are not implementing CI/CD correctly. Caching happens in many locations and not only at the CDN. — John Hanley, Jul 17 '23 at 23:30

Invalidate Google cloud CDN cache fails over permissions

0 Answers0