I have GO application and tried to deploy it to the google app engine with google command line sdk from a local machine with a custom service account.

I create a custom service account with roles:

• App Engine Admin
• Cloud Build Service Account
• Cloud Build Service
• Agent Serverless VPC Access User

And authorized locally with this account:

gcloud auth activate-service-account [email protected] --key-file=key.json

Also, I configure the service account in my app.yaml:

service_account: [email protected]

But when i try to deploy

gcloud app deploy -v 1   

I get the error:

Beginning deployment of service [default]...
╔════════════════════════════════════════════════════════════╗
╠═ Uploading 0 files to Google Cloud Storage                ═╣
╚════════════════════════════════════════════════════════════╝
File upload done.
ERROR: (gcloud.app.deploy) PERMISSION_DENIED: Operation is not allowed. The "vpcaccess.connectors.use" permission is required.

I can not understand why vpcaccess.connectors.use permission still required even I have Serverless VPC Access User role? I found the role on this google docs page

Maybe someone has met with a similar difficulty? Please help me)

UPD even i give Owner role i steel have the error

CodePudding user response：

Ok i fix this error by removing vpc_access_connector: configuration from app.yaml

UPD But if you need to configure vpc_access_connector you need to add Serverless VPC Access User and Compute Viewer IAM roles and all must work fine.