Menu
I’ve a question regarding Compute VM and its associated privileges. I have ‘Owner’ privileges at Project level. I created a VM but was not able to assign an external IP address to it. Upon referring to google cloud docs, it appears that I’ll still be able to connect to this VM using VPN or IAP. Upon clicking the SSH link next to the VM, I see that it uses a Cloud-IAP tunnel but the connection fails.
Here is the error message External IP address was not found; defaulting to using IAP tunneling.
ERROR: (gcloud.compute.start-iap-tunnel) Error while connecting [4003: u'failed to connect to backend'].
ssh_exchange_identification: Connection closed by remote host
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
How do I go about connecting to this VM?
Appreciate your help with this
839
To connect to an instance without an external IP address, use the gcloud compute ssh command with the --internal-ip flag. In the Google Cloud console, go to the VM Instances page and find the internal IP address for the instance that you want to connect to. Connect to the instance.
Sign in with your Google user account. IAP Desktop requires this scope to access your Google Cloud projects, and to use IAP TCP forwarding. Click Continue to complete the sign-in. In the Add project dialog, select your Google Cloud projectand click Add project.
This is a permissions issue. You are trying to ssh into your vm thru google's IAP proxy. You don't have permissions to create the tunnel from your computer to the proxy server.
You need have the role "roles/iap.tunnelResourceAccessor" to ssh to your vm:
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
