Unable to push images in GCR - “Caller does not have permission 'storage.buckets.create'.” #55
Comments
|
Assuming you're using gcloud and not a JSON key or environment-based auth, The auth attribute value in the config file is probably leftover from doing a {
"auths": {},
"credHelpers": {
"asia.gcr.io": "gcr",
"eu.gcr.io": "gcr",
"gcr.io": "gcr",
"us.gcr.io": "gcr"
}
}It may be that you just need to clear that secret in the auths entry. |
|
I hit the similar issue while i was trying to upload the docker image to GCR from container optimized OS, i ran the following sequence of command,
It failed with following error, I tried giving every possible permission to my service account through IAM role but it would fail with same error. After reading this issue i did the following changes,
Voila, it worked like a charm! |
I'm using Standalone Docker credential helper authentication option to push docker images in GCR from local machine. Ran following command locally which created config.json file at following path - C:\Users\sunny.goel.docker
docker-credential-gcr configure-docker
Then I issued following command to get the credential for us.gcr.io region and noticed that secret returned in output doesn't match with auth attribute value for us.gcr.io region in config.json file. Shouldn't it match ideally ?
echo "https://us.gcr.io" | docker-credential-gcr get
Moreover, where can we find the caller information to assign the required roles (storage admin) ? I do see a number of service accounts but am not sure which one is used to create storage buckets ?
The text was updated successfully, but these errors were encountered: