Skip to content

UDCA permission check

Jump to bottom
Yuriy Lesyuk edited this page May 18, 2020 · 1 revision

The Use Case: Verify udca sa 'from scratch'.

export PROJECT=amer-cs-hybrid-demo6

export AHR_HOME=~/apigee-hybrid/ahr source $AHR_HOME/bin/ahr-env

$ ahr-sa-ctl config udca apigee-udca Service Account: [email protected] ROLE roles/apigee.analyticsAgent GCP Project Permission: { "permissions": [ "apigee.environments.getDataLocation" ] } Apigee Hybrid Org/Env Permission: { "permissions": [ "apigee.environments.getDataLocation" ] }

TODO: Look at ahr-sa-ctl key....

$ ahr-sa-ctl key udca service-accounts/amer-cs-hybrid-demo6-apigee-udca.json Service Account: [email protected] ROLE roles/apigee.analyticsAgent GCP Project Permission: { "permissions": [ "apigee.environments.getDataLocation" ] } Apigee Hybrid Org/Env Permission: { "error": { "code": 400, "message": "Invalid JSON payload received. Unknown name "permissions" at 'environment': Cannot find field.", "status": "INVALID_ARGUMENT", "details": [ { "@type": "type.googleapis.com/google.rpc.BadRequest", "fieldViolations": [ { "field": "environment", "description": "Invalid JSON payload received. Unknown name "permissions" at 'environment': Cannot find field." } ] } ] } } yuriyl@cloudshell:~/apigee-hybrid/joel-amer-demo6 (amer-cs-hybrid-demo6)$

Feedback

AHR Logo AHR-*-CTL

AHR: User Guide

Scenarios

Archive

Ingress and TLS

DevPortal

Troubleshooting Flows

Clone this wiki locally