I can't access my google cloud compute engine instance using ssh through browser or gcloud. My user account has the required compute.instances.osLogin
permission (in fact it has the Owner
role) and I've set enable-oslogin
to TRUE
.
The error in browser:
You do not have sufficient permissions to SSH into this instance. You need one of compute.instances.setMetadata, compute.projects.setCommonInstanceMetadata or compute.instances.osLogin (with OsLogin enabled) and iam.serviceAccounts.actAs.
The error in gcloud:
ERROR: (gcloud.compute.ssh) User [[email protected]] does not have permission to access user [[email protected]:importSshPublicKey] (or it may not exist): The caller does not have permission
I even have the problem with new created instances too.
Apparently setting enable-oslogin
to TRUE
it prevents SSH login using ssh keys and we can only use service accounts to access the instance.
I deleted the enable-oslogin
meta project-wide and instance-specific both and logging in was fixed in both browser and terminal.
EDIT: GCP support answer:
I am happy that your able to SSH to your instance after disabling the OS log in. However, you want to know what may have caused this error.
Technically, OS Login feature allows you to manage instance access using IAM roles. However, enabling OS Login on instances disables metadata-based SSH key configurations on those instances. Disabling OS Login restores SSH keys that you have configured in project or instance metadata. For more details about enabling OS log in you may link below. https://cloud.google.com/compute/docs/instances/managing-instance-access#enable_oslogin
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With