Permission error with newest version: 'iam.serviceAccounts.signBlob' denied on resource #171
Comments
|
I have same issue with 4.10.2 |
|
Same here |
|
This helped me out: https://stackoverflow.com/questions/75071759/google-cloud-storage-permission-denied Maybe not the plugin, but gcp is the problem... |
I think it also relates to release version of 4.10.1 Because this release supports gcs signed url If my guess is correct, enable publicFiles options will be change the situation (If you don't want to use |
|
Is that possible we don't use signed url on public files? or maybe we can config whether we want to use signed URL or not? |
This also helped fix things for me! Specifically adding the "Service Account Token Creator" role to our service account. Also just wanted to show off my config block in case it helps anyone else!
|
Yes that's possible. if you set
https://github.com/strapi-community/strapi-provider-upload-google-cloud-storage#expires
We can choose to use signed URL or not by publicFiles option. |
|
This should just be documented on the new version, but it is not something that this plugin can change. The new version of the You either have to use a key file, which allows signing the blobs locally, or grant the role "Service Account Token Creator" ( |
Hi,
just updated to the latest version of strapi and this plugin.
All services are hosted in gcp.
After updating I received this error, when trying to fetch content with images (stored in gcs) included:
After rolling it back to the former used version (4.5.6) it all runs fine again. Even with the latest strapi version.
Best regards,
Hendrik
The text was updated successfully, but these errors were encountered: