Home > Software engineering >  GRPC Permission denied on Google Pub/Sub [ERROR 7]
GRPC Permission denied on Google Pub/Sub [ERROR 7]

Time:06-24

I would like to publish message to a topic on Google Cloud pubsub. But I get a Error: 7 PERMISSION_DENIED, I'm running on localhost trying to publish to a regular Cloud PubSub.

I instantiate the client and get the topic I want to publish on:

import { Encodings, PubSub } from '@google-cloud/pubsub';
import { readFileSync } from 'fs';

const client = new PubSub({
  credentials: JSON.parse(
    readFileSync(
      '/Users/me/pubsub/publisher/mb-sandbox.json'
    ).toString()
  )
});

const topic = client.topic('dummy_topic');

Where mb-sandbox.json is the credentials for the pubsub authorized service account. I also tried setting & using $GOOGLE_APPLICATION_CREDENTIALS env var.

But this seems to work properly because I can retrieve the correct ID of my gcp project using: client.auth.getProjectId()

When I try to publisher a message (which should respect the schema):

const DUMMY_MSG = {
    type: 'CARD',
    severity: 'INFO',
    user_id: 2000,
    text_content: 'TEST MESSAGE'
 };

const dataBuffer = Buffer.from(JSON.stringify(DUMMY_MSG));

const messageId = await topic.publishMessage({ data: dataBuffer });

I get a Error: 7 PERMISSION_DENIED: User not authorized to perform this action. Which is the 403 equivalent on GRPC if I'm not mistaken.

{
  code: 7,
  details: 'User not authorized to perform this action.',
  metadata: Metadata { internalRepr: Map(0) {}, options: {} },
  note: 'Exception occurred in retry method that was not classified as transient'
}

I followed GCP Nodejs code samples, my service account is definitely recognized & has the permissions to publish on Cloud PubSub.

Any help would be really appreciated.

CodePudding user response:

Sorry, I was stuck on this for a day but I found the way right after posting the question...

Someone already solved it here. I had to specifically add authorization to pubsub publisher service account on the topic I want to send messages to.

CodePudding user response:

It's the error of the service account that you are using please be sure that whatever the service account you are using has got required role to related to pubsub eg->role (pub/sub publisher)

Page link:https//www.codepudding.com/Softwareengineering/453074.html

Prev:What is the best design for a Node application using 'mssql' library that handles many req
Next:Why I'm not able to export this moongose Class?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding