【发布时间】:2021-11-04 01:09:52
【问题描述】:
我正在尝试获取 GCP SQL 实例的最后 5 分钟 CPU 利用率,但出现以下错误。请帮我解决它。我使用的服务帐号对监控具有完全读取权限。
我的脚本:
from google.cloud import monitoring_v3
from google.cloud.monitoring_v3 import query
credential_file = "/home/user/my-first-project.json"
GCP_SCOPES = [
'https://www.googleapis.com/auth/sqlservice.admin',
"https://www.googleapis.com/auth/logging.read",
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/monitoring",
"https://www.googleapis.com/auth/monitoring.read"
]
gcp_credential = service_account.Credentials.from_service_account_file(credential_file,scopes=GCP_SCOPES)
client = monitoring_v3.MetricServiceClient(credentials=gcp_credential)
project_name = f"projects/my-first-project"
cpu_query = query.Query(client,
project=project_name,
metric_type='cloudsql.googleapis.com/database/cpu/utilization',
minutes=5)
next(cpu_query.iter())
错误:
File "$PATH\grpc_helpers.py", line 75, in error_remapped_callable
six.raise_from(exceptions.from_grpc_error(exc), exc)
File "<string>", line 3, in raise_from
google.api_core.exceptions.PermissionDenied: 403 Permission monitoring.timeSeries.list denied (or the resource may not exist).
【问题讨论】:
-
您的服务帐户(与
my-first-project.json关联)似乎没有所需的权限。尝试将roles/monitoring.viewer添加到服务帐户。 -
@enocom 我问了云管理团队,他们说这个服务帐户已经拥有这个角色/权限。
标签: python google-cloud-platform google-cloud-sql stackdriver google-cloud-stackdriver