首页 文章

Google App Engine应用无法访问Google Cloud 端存储分区

提问于
浏览
3

无法从Appengine Project访问默认Google Cloud 端存储分区 . 该项目是使用1.9.0之前的App engine SDK版本创建的 . 我已经手动创建了存储桶,根据GCS Documentation,默认情况下,Appengine Projects可以访问该存储桶,但在我的情况下无法访问它 . 这是尝试创建文件的代码段 .

...
GcsService gcsService = GcsServiceFactory.createGcsService();
GcsFilename file = new GcsFilename(getGcsDefaultBucketName(), fileName);
GcsFileOptions.Builder builder = new GcsFileOptions.Builder();
GcsFileOptions options = builder.mimeType(mimeType).build();     
GcsOutputChannel channel = gcsService.createOrReplace(file, options); //erroring in this line
...

在日志中发现错误:

: com.google.appengine.tools.cloudstorage.NonRetriableException: java.lang.RuntimeException: Server replied with 403, verify ACLs are set correctly on the object and bucket: Request: POST https://storage.googleapis.com/1-ebilly.appspot.com/SERVICESTAGEREPORT-DEVICENAME-LYF2-CREATEDDATE-01012017-CREATEDDATE-19022017-.ZIP
: User-Agent: AppEngine-Java-GCS
: Content-Length: 0
: x-goog-resumable: start
: Content-Type: application/zip
: 
: no content: Response: 403 with 212 bytes of content
: X-GUploader-UploadID: AEnB2Upq0Lhtfy5pbt06pVib8J0-L0XiGqW4JpB0G9PL87keY3WV7RCMVLCPeclD-D4UATEddvvwpAG2qeeIxUJx--brKxdQFw
: Content-Type: application/xml; charset=UTF-8
: Content-Length: 212
: Vary: Origin
: <?xml version='1.0' encoding='UTF-8'?><Error><Code>AccessDenied</Code><Message>Access denied.</Message><Details>Caller does not have storage.objects.create access to bucket myprojectID.appspot.com.</Details></Error>
: 
:   at com.google.appengine.tools.cloudstorage.RetryHelper.doRetry(RetryHelper.java:120)
:   at com.google.appengine.tools.cloudstorage.RetryHelper.runWithRetries(RetryHelper.java:166)
:   at com.google.appengine.tools.cloudstorage.RetryHelper.runWithRetries(RetryHelper.java:156)
:   at com.google.appengine.tools.cloudstorage.GcsServiceImpl.createOrReplace(GcsServiceImpl.java:70)

PS:我试图创建一个新的Google Appengine Project并部署了app init . 使用默认GCS存储桶自动创建此项目,相同的代码工作正常,没有任何错误 . 我的旧项目有很多数据库数据,我想保留并继续使用同一个项目而不进行处理 .

请帮助您考虑在旧项目中访问GCS存储桶 .

google-app-engine google-cloud-storage google-cloud-platform

2 回答

  • 0

    通过为appengine项目添加IAM permissin解决了该问题 . 阅读IAM“项目级访问控制”文档并比较旧项目和新项目权限后,知道在旧项目中找不到Appengine项目级别权限 . 添加权限后,相同的代码开始访问默认存储桶 .

    IAM Permissions before fix screenshot

    IAM Permissions after fix screenshot

    回复于
  • 3

    试试这个:-

    GcsService gcsService = GcsServiceFactory.createGcsService(RetryParams.getDefaultInstance());
GcsFileOptions options = new GcsFileOptions.Builder().mimeType(mime).build();
GcsFilename gcsfilename = new GcsFilename(BUCKET_NAME, fileName);
GcsOutputChannel outputChannel = gcsService.createOrReplace(gcsfilename, options);
    回复于

相关问题