2nd Generation export permission?

[Brian Wawok]

I have a simple cron that runs as me, project owner, to do a daily cloud sql backup to nearline storage.

Very simple command like:

 gcloud sql instances export my-database gs://my-nearline-bucket/`date +\%Y/\%m/\%d/\%H-\%M`-backup.gz

Worked in 1st gen.. but now after moving to 2nd gen I see:

gs://my-nearline-bucket/2015/12/23/00-04-backup.gz Access denied (permission issue?)

What magic am I missing to allow the project owner permission to run gcloud sql instances export  ?

Thanks!

[Brian Wawok]

And from the command line my error is like:

-ERROR: (gcloud.sql.instances.export) ERROR_RDBMS

It is not a bucket permission issue because I can write to it just fine (for example from 1st gen export)

[Razvan Musaloiu-E.]

Each 2n generation instance is using an individual service account (you can see in the Developers Console or retrieve by using 'gcloud sql instances describe'). You need to give appropriate access to the bucket to that service account in order for the export/import to work.

Just for completeness, the import/export in 1st generation instances are using the caller credentials.

-- Razvan ME

--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-d...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/b5fadcf7-37eb-49b2-8f71-9cc10fe3cfc3%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Brian Wawok]

*eat my hat on bucket permissions.

Yup this worked perfect, thank you very much for the help.

Brian