This message originated from Cribl Community Slack.
Click here to view the original link.
Hi,
I am using Google pub/sub source in Cribl stream with Manual Authentication(with Service account creds in Json format) I am getting Permission denied error but the same creds are working when tested with python code from my local.
Below is the sample screenshot what values(not the actual values though) I have provided for my source
I have tried couple of other ways to troubleshoot but getting same error. Verified that the Service account and subscription are from same project and have the required access
Below are the errors that I am seeing
message: Error listing subscription permissions
err:
message: 7 PERMISSION_DENIED: User not authorized to perform this action.
I do have a question that Is there a requirement on GCP side that we should allow list Worker group IP? (Not mentioned in the docs)
I have referred this doc here: Google Cloud Pub/Sub Source | Cribl Docs
Links for this message:
image.png
Solved
Cribl Stream Google Pub/Sub Source Failing With: 7 PERMISSION_DENIED Error
Best answer by Stefan Laschitzki
If you have IP allow/deny listing configured, you obviously need to allowlist worker IPs as otherwise they'll not be allowed to talk to PubSub. However, this rather looks like an IAM issue.
Can you please confirm that the credentials have the proper permissions? https://docs.cribl.io/stream/sources-google_pubsub/#google-cloud-roles-and-permissions
Sign up
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.