I'm a newbie in GCP. Actually, I have 2 projects on this list, but just one is visible. How can I find the second?
I am sure to choose the right organization. And the second project is not deleted because my web has been running without any error.
Thank you all.
This is my project list in GCP
Try selecting "No organization" in the dropdown alongside "Select from".
It's confusing but, you can have projects that aren't associated with an organization. It's probable that your other project is thus.
If the project is not listed under "No organization", then another probability is that you used a different Google account (possibly also associated with another organization) to create it.
Note: Because projects are always associated with IAM policies that determine which accounts can access them, it's possible for different projects to be listed under "No organization" for different (Google) accounts.
Related
Almost all of our GCP projects are listed under our main organization. The problem: We keep finding users who have projects that are not under our organization. (I have to assume they created them before linking their work emails with our organization? I can't find how to make a project that isn't part of an org, using my work email.)
Is there any way to show all projects a given user has, regardless of the project's organization membership status?
I tried searching for the answer, but I couldn't find anything definitive in either direction.
I was playing around with terraform to create an infrastructure for a couple of services on GCP. GCP organises all the infra in so called projects. I specified a project_id incrorrectly in terraform files(actually I set project_id to already existing in my GCP, but ptoject name was different). Terraform in plan phase was successful, but after apply it failed. Then I executed terraform destroy, set correct project_id(and name), executed terraform apply again, this time successfully. But when I opened the GCP console I saw that actually 2 projects were created in project list(one with correct name and id and another with some random name: smth like My Project 1234 as name and beaming-light-546562 as id). And now gcloud projects list command shows 3 projects(this random one, correct one and previously existing one).
The problem is that I can't remove that "random" project, neither from gcloud utility nor from gcp console. I get an error
<myuser_mail_address> does not have permission to access projects instance or poject doesn't exist
Also that random project is not linked to my billing account.
How can I remove that "random" project
EDIT
It seems strange that the project with id beaming-light-546562 can't be removed by me(the owner of an account) with reasons that I do not have permissions to do that. Also the name of an id: it is similar to technic docker is using for generating names of running containers. I do not recall that terraform has such a feature. Could it be gcp itself who generates such random names?
I tried to recreate the error i.e, I created a sample project(via console) and deleted the same sample project in cloud shell using this command
gcloud projects delete <project ID> and again tried to delete the same sample project in cloud shell and got this error message:
You can cross verify if the reason listed in the image i.e PROJECT_DELETE_INACTIVE is present in the output of your gcloud projects delete <project ID> command.This means that the project is inactive and the project becomes inactive when it's deleted.
From this document :
The project takes approximately 30-days for complete deletion, At the end of the 30-day period, the project and all its resources are deleted and cannot be recovered.
Edit:
It seems to be a known issue with GCP. Leaving “Google Groups” related to GCP is a fix to this issue. You can track this Public Issue for more information.
You might have been added into a project through a group, so it appears in the project list. However, you have not been granted permission to modify the IAM of that project, so you can't remove the group from the permission list.
As a workaround, you can leave "Google Groups" related to GCP and reload the GCP console webpage so that all your unknown/inaccessible projects will disappear from the projects list. You can find what groups you're a member of, using this Google Groups link.
NOTE : You can leave the groups in order to lose the access, but there could be a situation where your email is added to a single role/permission and you would not be able to remove yourself from the IAM list.
3 new projects suddenly appeared in my Google Cloud. I don't know where they came from, and I can't delete them.
Following the delete instructions: https://cloud.google.com/go/getting-started#delete-the-project
When I select each of the projects to delete, the delete button disables, and shows the float over message:
You need permissions for this action.
Required permission(s): resourcemanager.projects.delete
All my other projects are fine, and I can delete them.
The three new projects that suddenly appeared are:
My Project 64342 brave-watch-314519
My Project 82497 beaming-light-336511
You can see this project you-can-see-this-project
Screenshot:
How do I give myself permission to delete them?
Note 1: I am the only owner/user of this Google Cloud account.
Note 2: I also tried going to IAM -> Roles, but got the error:
Many thanks.
It seems to be a known issue with GCP. Leaving “Google Groups” related to GCP is a fix to this issue. You can track this Public Issue for more information.
You might have been added into a project through a group, so it appears in the project list. However, you have not been granted permission to modify the IAM of that project, so you can't remove the group from the permission list.
As a workaround, you can leave "Google Groups" related to GCP and reload the GCP console webpage so that all your unknown/inaccessible projects will disappear from the projects list. You can find what groups you're a member of, using this Google Groups link.
NOTE : You can leave the groups in order to lose the access, but there could be a situation where your email is added to a single role/permission and you would not be able to remove yourself from the IAM list.
Our organization uses Google Cloud APIs for integrating Maps and other services in a number of websites.
We have often used the same API key, without creating a distinct Google Cloud project (and credentials) for each website/project.
We are trying to better organize our API usage, but we are facing an issue.
While we can consult the reports of our Billing account and see the quota for the unique API project used for every implementation, we cannot see and manage this project (it does not appear in the list) even though it seems to belong to the same organization. (EDIT: I am not sure that the organization id is the same, but the name of the organizazion appears as a prefix to the project name in the billing reports)
This project has been created years ago (and the person that created it appears not to have access to it either), but we need to access it to get a clear understanding of where and how APIs are used.
The connected APIs are still in use and working, so we assume the project exists.
Can someone point out the possible reasons why a project is not shown even though it belongs to an organization for which we have access as administrators?
Thank you in advance
In order to see a project in lists, you need the resourcemanager.projects.list IAM permission on the project and to get it's metadata, the resourcemanager.projects.get permission.
How did you find that it has the same organizationId? If you managed to get the metadata via gcloud projects describe, you are likely missing the list permission.
In any case, if the project is indeed part of the organization, an org admin should be able to use gcloud projects add-iam-policy-binding to add a new owner/editor.
There is a special case with Apps Scripts: Those create a hidden project.
If all fails, reach out to GCP Support. Keep in mind though that they will not be able to help you if the project is not within your organization (eg. created with an unrelated gmail.com account or similar)
I was using Google Apps Script for standard document-bound functions in a personal Google Drive. For debugging and general info-printing out, I was using console.log() calls and looking at the Stackdriver Logging output for that particular project.
I recently copied many of the documents and their associated code projects into a new Team Drive. The new files are completely new (not shared into the Team Drive) and they have a different creator than the originals.
Now when attempting to view the log outputs, Stackdriver Logging gives me this error message:
Failed to load
Tracking Number: XXXXXXXXXXXXXXXXXXX
What's more, the "Select a project" dropdown at the top of the page does not list any of the projects.
I've tried creating a brand new script project in the Team Drive, but that does not appear either. The Stackdriver page is logged into the correct account.
I'm aware of other solutions, such as Logger.log(), but would rather not resort to them unless I can't get Stackdriver to work again.
Edit: I found this question, which includes this sentence:
I have reset the script's Cloud project to be a "real" project (as opposed to the default hidden one).
This sounds important but I have no idea what it means and have been unable to find anything relating to making projects unhidden. Is this my problem?
I have found the solution, though I don't fully understand it.
Google Apps Script projects are associated with a hidden Google Cloud Platform project behind the scenes, which allow them to print to Stackdriver Logging, among other things. Trying to run them out of a Team Drive makes this not work for reasons that are a mystery to me.
Here is the fix:
Manually create a new Google Cloud Platform project.
Associate your scripts with the new project. In the Script Editor, go to Resources > Cloud Platform project. In the dialogue, enter the project number of the project you just created, and then hit Set Project. To find the project number (distinct from the "Project ID"), click on View API Console, and then make sure you have your new project selected at the top of the page.
This needs to be done for each GAS project. Whereas in Drive, separate projects often can't be combined into one since each is bound to a single document, all of your GAS projects can be associated with a single Google Cloud Platform project.