Cloud Pub/Sub - Able to delete topic, but unable to create subscription
910 views
Skip to first unread message
Michael Zhuge
Aug 15, 2020, 4:15:30 PM8/15/20
to Google Cloud Pub/Sub Discussions
Hi, I created a service account, and used the following CLI command to grant owner access of my-topic.
https://cloud.google.com/sdk/gcloud/reference/pubsub/topics/add-iam-policy-binding
However, when I try to create a new subscription through my command line, with the following command:
https://cloud.google.com/sdk/gcloud/reference/pubsub/topics/add-iam-policy-binding
However, when I try to create a new subscription through my command line, with the following command:
gcloud pubsub subscriptions create MY_SUBSCRIPTION_NAME --topic=TOPIC_NAME
I receive the following error:
ERROR: Failed to create subscription [projects/MY_PROJECT_NAME/subscriptions/MY_SUBSCRIPTION_NAME]: User not authorized to perform this action.
ERROR: (gcloud.pubsub.subscriptions.create) Failed to create the following: [MY_SUBSCRIPTION_NAME].
However, when I tried to delete the topic through the command line
gcloud pubsub topics delete TOPIC_NAME
It worked fine. So my access level should be enough and correct.
I guess it might be a bug?
I also upgraded SDK to the latest:
Google Cloud SDK 305.0.0
alpha 2020.08.07
bq 2.0.58
core 2020.08.07
gsutil 4.52
Anyone can help? thanks
Abdel (Cloud Platform Support)
Aug 16, 2020, 11:32:25 AM8/16/20
to Google Cloud Pub/Sub Discussions
Hey Michael, It looks like you've have configured IAM Topic permissions correctly, however, you haven't yet configured the correct IAM permissions to delete the Subscription. It's very important to note that Topics and Subscriptions are 2 different Cloud resources.
Solution: Run "gcloud pubsub subscriptions add-iam-policy-binding" with roles/pubsub.editor* and you should be good to go.
* which contains the needed subscriptions.delete permission
Reply all
Reply to author
Forward
0 new messages