I have project OWNER right, but can not remove image from console,
Delete is disabled and there is tag "you do not have pemission to delete this image".
By gcloud everithing works.
I remove buckets - _cloudbuild and artifacts.appspot.com but it was restored after first image build.
How can i resolve this situation?
If everything works correctly using gcloud means that the GCP API is not the issue. Maybe is a glitch in the console.
First ensure that your Cloud Console session corresponds to the user with owner permissions (could be that you've sign up in gcloud with a different account).
If that is correct, I'd file a support request or create an issue tracker case.
This seems like a case that needs to be addressed by the GCP team and StackOverflow is not the best channel to get support for that.
Hope that helps.
According to Google's notice:
Project owners and editors are currently unable to edit tags or delete
images in the Container Registry UI. The workarounds are to either use
the command line or grant the Storage Object Viewer IAM role. A fix is
expected by December 5th.
I'll put the link to the docs, so that other people know what to do until the issue is fixed:
I use this command to delete images while the Console does not work:
gcloud container images delete [HOSTNAME]/[PROJECT-ID]/[IMAGE]:[TAG] --force-delete-tags
Related
I am trying to delete a GCP project.
Now, it used to have a Google Assistant integration (~ 3 years ago) but now I don't need it anymore and I want to delete it.
When I try to delete the project -> it tells me it can't because it's liked to a Dataflow agent. It provides me with a link but when I follow it, there are no agents listed there. I browsed all available regions, but no agents are listed.
I went to Actions from GCP console, but I can't delete the Actions project either (same reason). When I go to my defined action, I am prompted to migrate to Actions Builder (but I get a generic error trying to do that). In any case, if I try to edit my action in Dataflow, it takes me to the same homepage which prompts me to create an agent - as it doesn't list any.
So I'm stumped - I can't delete my project because of an existing Dataflow agent but Dataflow doesn't list any agents in any region.
Can anyone with Dataflow/GCP experience provide any insight into anything I may try ? Thanks!
There are mainly two possible situations for the issue Failing to delete GCP project due to non-existent DialogFlow agent:
The agent has been deleted, but the lien was not deleted.
The agent was not deleted.
You can follow the steps below to solve the issue:
Delete the agents associated with the project and try again to delete the project. If this does not solve the issue then follow step2.
Even though you deleted the agent, the lien used by the agent is not deleted. Run this CLI command gcloud alpha resource-manager liens list to list liens and then run the gcloud alpha resource-manager liens delete LIEN_NAME command then you can try again to delete the project. For more information, you can refer to the google cloud documentation. If this does not solve the issue then follow step3.
Deactivate the Dialogflow API from the GCP console: Open APIs & Services dashboard then click on Dialogflow API then click on Disable API. After disabling the Dialogflow API, try again to delete the project.
I was playing around with terraform to create an infrastructure for a couple of services on GCP. GCP organises all the infra in so called projects. I specified a project_id incrorrectly in terraform files(actually I set project_id to already existing in my GCP, but ptoject name was different). Terraform in plan phase was successful, but after apply it failed. Then I executed terraform destroy, set correct project_id(and name), executed terraform apply again, this time successfully. But when I opened the GCP console I saw that actually 2 projects were created in project list(one with correct name and id and another with some random name: smth like My Project 1234 as name and beaming-light-546562 as id). And now gcloud projects list command shows 3 projects(this random one, correct one and previously existing one).
The problem is that I can't remove that "random" project, neither from gcloud utility nor from gcp console. I get an error
<myuser_mail_address> does not have permission to access projects instance or poject doesn't exist
Also that random project is not linked to my billing account.
How can I remove that "random" project
EDIT
It seems strange that the project with id beaming-light-546562 can't be removed by me(the owner of an account) with reasons that I do not have permissions to do that. Also the name of an id: it is similar to technic docker is using for generating names of running containers. I do not recall that terraform has such a feature. Could it be gcp itself who generates such random names?
I tried to recreate the error i.e, I created a sample project(via console) and deleted the same sample project in cloud shell using this command
gcloud projects delete <project ID> and again tried to delete the same sample project in cloud shell and got this error message:
You can cross verify if the reason listed in the image i.e PROJECT_DELETE_INACTIVE is present in the output of your gcloud projects delete <project ID> command.This means that the project is inactive and the project becomes inactive when it's deleted.
From this document :
The project takes approximately 30-days for complete deletion, At the end of the 30-day period, the project and all its resources are deleted and cannot be recovered.
Edit:
It seems to be a known issue with GCP. Leaving “Google Groups” related to GCP is a fix to this issue. You can track this Public Issue for more information.
You might have been added into a project through a group, so it appears in the project list. However, you have not been granted permission to modify the IAM of that project, so you can't remove the group from the permission list.
As a workaround, you can leave "Google Groups" related to GCP and reload the GCP console webpage so that all your unknown/inaccessible projects will disappear from the projects list. You can find what groups you're a member of, using this Google Groups link.
NOTE : You can leave the groups in order to lose the access, but there could be a situation where your email is added to a single role/permission and you would not be able to remove yourself from the IAM list.
3 new projects suddenly appeared in my Google Cloud. I don't know where they came from, and I can't delete them.
Following the delete instructions: https://cloud.google.com/go/getting-started#delete-the-project
When I select each of the projects to delete, the delete button disables, and shows the float over message:
You need permissions for this action.
Required permission(s): resourcemanager.projects.delete
All my other projects are fine, and I can delete them.
The three new projects that suddenly appeared are:
My Project 64342 brave-watch-314519
My Project 82497 beaming-light-336511
You can see this project you-can-see-this-project
Screenshot:
How do I give myself permission to delete them?
Note 1: I am the only owner/user of this Google Cloud account.
Note 2: I also tried going to IAM -> Roles, but got the error:
Many thanks.
It seems to be a known issue with GCP. Leaving “Google Groups” related to GCP is a fix to this issue. You can track this Public Issue for more information.
You might have been added into a project through a group, so it appears in the project list. However, you have not been granted permission to modify the IAM of that project, so you can't remove the group from the permission list.
As a workaround, you can leave "Google Groups" related to GCP and reload the GCP console webpage so that all your unknown/inaccessible projects will disappear from the projects list. You can find what groups you're a member of, using this Google Groups link.
NOTE : You can leave the groups in order to lose the access, but there could be a situation where your email is added to a single role/permission and you would not be able to remove yourself from the IAM list.
I am doing a tutorial on Google Certified Associate Cloud Engineer 2020, which used to be on Udemy and now is on Cloud Guru. I am watching a video on GCS: Google Cloud Storage.
At one point tutor, while using GCP User Interface, is renaming a file. In the window Rename Object, a great feature shows gsutil equivalent.
This gsutil equivalent is not showing on my GCP User Interface. Is there any option to turn this on, or is this a feature that no longer exists?
I have tried to look at different options in User Interface, but I cannot find the option I am looking for. I have tried to Google this, but most things that come up are more related to gsutil itself rather than User Interface.
Related to your question if you have to activate something to be able to get this feature, the answer is that you don’t have to activate anything as there is no way to activate it because this is a feature from the GCP UI interface that has been changed since the video that you used as a reference was released.
If you want to get the same gsutil command you would be able if you click on move option instead of using rename. This will open another window where you would find the same gsutil command as you found in the image that you shared.
The reason why the same command is present in the move option as it was in the rename is because in the end a rename the same as a move, which is in fact a 2-step process: a copy and a delete, as can be seen in the steps to rename using the REST API as described in the docs.
In the case that you want this feature to be again available on the GCP UI you can always open a Feature Request in the Issue Tracker asking for it.
Rename feature is also available in GCP Console Just Chek following screenshots
Check This :
https://i.stack.imgur.com/b8pyW.png
I am having real difficulty setting up ray auto-scaling on google cloud compute. I can get it to work on AWS no problem, but I keep running into the following error when running ray up:
googleapiclient.errors.HttpError: https://cloudresourcemanager.googleapis.com/v1/projects?alt=json returned "Service accounts cannot create projects without a parent.">
My project is part of an organization, so I don't understand where this is coming from, or why it would need to create a project in the first place. I have entered my project id in the yaml file like I normally do for AWS.
Thank you very much. I appreciate any help I can get!!
The error message referring to service account, together with the fact that the project already exists, suggests that the googlecloudapiclient used by Ray Autoscaler is authenticated for a service account that doesn't have access to the project.
If this is true, then here's what I believe happens. Typically, when running Ray GCP Autoscaler, it will first check if the project with the given id exists. In your case, this request returns "not found" because there's no project with the given id associated with the service account. Now, because the project did not exist, Ray will automatically try to create one for you. Typically, if we created a new GCP project with a user account (i.e. non-service account), the newly created project would be associated with the user account's default organization. Service accounts, however, must specify a parent organization explicitly when creating a new project. If we look at the ray.autoscaler.config._create_project function, we see that the arguments passed to the projects.create method omit the 'parent' argument, which explains why you see the error.
To verify if this is true (and hopefully fix the problem), you could change the account used for authenticating with the googlecloudapiclient. I believe that the credentials used for the googlecloudapiclient requests are the same as used by the Google Cloud SDK, so you should be able to configure the accounts using the gcloud auth login command.
I think the Ray Autoscaler could be improved by either allowing user to explicitly specify the parent organization when creating a new project, or at least by providing a more elaborate error message for this particular case.
I hope this fixes your problem. If it doesn't, and you believe that that it's a problem with the Autoscaler, don't hesitate to open an issue or feature request to the Ray Issues page!