ThePloki ThePloki - 18 days ago 5
Python Question

GAE Python Resource Manager API Error "The caller does not have permission"

My goal is to programmatically create appengine projects and then deploy an app from source control.

I WAS trying to use code I found here: http://google-cloud-python.readthedocs.io/en/latest/resource-manager-api.html

>>> from google.cloud import resource_manager
>>> client = resource_manager.Client()

>>> # List all projects you have access to
>>> for project in client.list_projects():
... print(project)

>>> # Create a new project
>>> new_project = client.new_project('your-project-id-here',
... name='My new project')
>>> new_project.create()


Which produces the error: "The caller does not have permission". But then I realized it is in Alpha (invitation only) which probably explains the error (way to be confusing, Google!).

I also found this page that has different code (Click on Python Client Library), but I don't know how to use it:
https://cloud.google.com/resource-manager/docs/creating-project

Code:

...

operation = crm.projects().create(
body={
'project_id': flags.projectId,
'name': 'my project'
}).execute()

...


I'm guessing the "rm" in "crm" stands for resource manager, so is this what I'm looking for or is it something unrelated?

Maybe my goal is just not possible yet without an Alpha invitation.

EDIT



Created a new question here with updated code:



GAE (Python) REST to Cloud Resource Manager - Permission denied

Answer

That libraries documentation is misleading and also incorrect. It is misleading in telling you that your authentication is handled by using the gcloud commands. That might work fine for local development or for situations where your run that command ON the actual server running the code, but that is not the case on App Engine. It is incorrect in that Cloud Resource Manager is not in alpha, but rather is generally available for everyone.

You need to set up OAuth client ID credentials in the Cloud Platform Console, and then set up an OAuth login flow where the end user can grant your application access to creating projects on the user's behalf.

Start with the App Engine Admin API documentation for creating applications programmatically.

Comments