GCP credentials, forbidden

boogagiga

Cadet
Joined
Oct 10, 2017
Messages
3
Hi all,

I'm running FreeNAS 11.2-U2.1 on ESXi 6.5, FreeBSD 64-bit. This is not meant for production, merely to have a proof of concept before going out and buying a ton of hardware.

I'm trying to get the FreeNAS box to replicate to a GCP bucket. I created a service account, gave it relevant credentials, and used the JSON key/token to store the credentials in FreeNAS cloud credentials, but FreeNAS keeps coming back with the error message in the attached image.

I've tried assigning specific permissions like the storage.buckets.list permission mentioned in the error message, storage admin, and even project admin credentials, but regardless what I do I get the attached error message which leads me to believe that the true error/issue is either indirectly related or not related at all to a permissions issue within GCP.

What am I doing wrong? Thanks in advance.
 

Attachments

  • Error.PNG
    Error.PNG
    11.8 KB · Views: 529

boogagiga

Cadet
Joined
Oct 10, 2017
Messages
3
I have not been able to resolve this.

It looks like I'm missing some information based off of the forum guidelines, I'm a newbie (first time posting even though I joined a long time ago).

- CPU on the ESXi host: Xeon E5-2620 v 4 (4 vCPUs)
-16 GiB of RAM
- Two virtual disks (10 GiB each) set up as mirror to test sharing, data manipulation, snapshot functionality, and finally replication to the GCP instance

The above attachment is the exact error message that I am still receiving regardless what permissions I apply to the service account, whose JSON was added to the cloud credentials section of FreeNAS.

Do you have any ideas as to what could be going wrong? Firewall, possibly?
 

Apollo

Wizard
Joined
Jun 13, 2013
Messages
1,450
I have not been able to resolve this.

It looks like I'm missing some information based off of the forum guidelines, I'm a newbie (first time posting even though I joined a long time ago).

- CPU on the ESXi host: Xeon E5-2620 v 4 (4 vCPUs)
-16 GiB of RAM
- Two virtual disks (10 GiB each) set up as mirror to test sharing, data manipulation, snapshot functionality, and finally replication to the GCP instance

The above attachment is the exact error message that I am still receiving regardless what permissions I apply to the service account, whose JSON was added to the cloud credentials section of FreeNAS.

Do you have any ideas as to what could be going wrong? Firewall, possibly?
If I were to look at a similar control such as SSH replication, it is possible that even with the proper credential from one side, the credential on the other side must be validated and accepted.
For SSH, the receiving end, or the transmit end will need to store the SSH fingerprint before accepting the connection. Could something like this be at play?
 

boogagiga

Cadet
Joined
Oct 10, 2017
Messages
3
I looked to see if there was anything left to authenticate/validate/etc on GCP's end, but I couldn't find anything. I started reading through GCP's documentation and noticed that you must use user managed keys (as opposed to Google managed keys) if you have any code running externally to GCP. Switched my keys over and it was authenticated immediately. I now have a separate issue with the actual cloud sync task that I will see if I can figure out.

Thank you for the help!
 
Top