Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Error while creating service account in GCP via SDK

Tags:

google-cloud-platform

service-accounts

I have been using Google's SDKs to perform API calls such as creating a service account, creating service account keys, get the storage buckets, etc.. Recently I'm unable to create a service account due to the below error.

Request:

curl --location --request POST 'https://iam.googleapis.com/v1/projects/myproject/serviceAccounts' \
--header 'Authorization: Bearer <<token>>' \
--header 'Accept-Encoding: gzip' \
--header 'User-Agent: my test Google-API-Java-Client'

   c.g.a.c.g.j.GoogleJsonResponseException: 404 Not Found
   {
     "code" : 404,
     "errors" : [ {
     "domain" : "global",
     "message" : "Not found; Gaia id not found for email [email protected]",
    "reason" : "notFound"
  } ],
  "message" : "Not found; Gaia id not found for email [email protected]",
  "status" : "NOT_FOUND"
}

Why would I require Gaia id while creating service account? Where can I find this id? Any help is appreciated!!

like image 799
Raul Avatar asked Oct 18 '25 15:10

Raul

2 Answers

Did you ever remove the service account '[email protected]' which should be the default service account for IAM API, you can recover it within the 30days after the deletion. or just disable it and re-enable it , will recreate the default service account for you. Let me know if it resolved the issue.

like image 189
Shawn Di Wu Avatar answered Oct 22 '25 04:10

Shawn Di Wu

It seems that your request needs to have a body

The request body contains data with the following structure:

{
  "accountId": string,
  "serviceAccount": {
    object (ServiceAccount)
  }
}

And it is missing in your command.

You can obtain more information in this documentation.

In your case it should be something like:

curl --request POST \
  'https://iam.googleapis.com/v1/projects/my-little-project/serviceAccounts?key=[YOUR_API_KEY]' \
  --header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{"accountId":"sa-test","serviceAccount":{"description":"sa-description-test","displayName":"sa-display-testonly"}}' \
  --compressed

You can test this API directly in the following link

enter image description here

Also, I have found a similar error, in this stackoverflow case according to this answer this error could be generated if the APIs are not enabled.

like image 41
Jose Luis Delgadillo Avatar answered Oct 22 '25 05:10

Jose Luis Delgadillo
Sign in to Comment

Related questions

Is there a way to find all files/objects in a Google Cloud Storage Bucket larger than a certain size?
Deleting all the associate persistent disks when deleting cluster
How to identify AudioEncoding and SampleRateHertz of an audio file
Always Running Python Script on Google Cloud
How can I rename a subnet in gcp?
Google Cloud Run: Could not find specified network to attach to app
Kubernetes not claiming persistent volume - "failed due to PersistentVolumeClaim is not bound: "task-pv-claim", which is unexpected."
GCP API for getting list of labels
Delete an entire collection through Cloud Functions
Google AI Platform training - wait for the job to finish
How can I disable logging of Google App Engine Health Checks: /_ah/vm_health
Why is this Workload Identity Pool not being created?
SSL/TLS certificate for internal HTTPS load balancer GCP
When connecting to Google Cloud Spanner Emulator with jdbc, credentials that should not be needed are required
How to securely call a Google Cloud Run service from Java Script?
Get a list of firestore documents from array of id's
Is there a list of restricted words for the Google Cloud project ID?
Restore Bucket on Google Cloud Storage

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!