在跨帐户和Project Google Cloud IAM中列出ServiceAccount

问题描述

我想进行跨帐户和跨项目访问。在这种情况下，我在项目中创建了一个服务帐户（accessor@myproject.iam.gserviceaccount.com），并要求其他用户将我的服务帐户插入其名为SecurityProjecter的IAM项目GuestProject中。

这是我的代码：

Iam iam = initIam();
List<ServiceAccount> lists = listServiceAccounts(iam);


public static Iam initIam() throws IOException,GeneralSecurityException {


        Map<String,String> m = ImmutableMap.<String,String>builder().put("user-agent","my custom useragent").build();
        HeaderProvider headerProvider = FixedHeaderProvider.create(m);

        InputStream resourceAsStream = GCPIAM.class.getClassLoader().getResourceAsStream("credential.json");
        GoogleCredential credential = GoogleCredential.fromStream(resourceAsStream);

        HttpRequestInitializer init = new HttpRequestInitializer() {
            @Override
            public void initialize(HttpRequest request) throws IOException {
                request.setHeaders(new HttpHeaders().setUserAgent("test"));
            }
        };

        httpTransport = GoogleNetHttpTransport.newTrustedTransport();

        if (credential.createScopedRequired()) {
            List<String> scopes = new ArrayList<>();
            // Enable full Cloud Platform scope.
            scopes.add(IamScopes.CLOUD_PLATFORM);
            credential = credential.createScoped(scopes);
        }


        // Create IAM API object associated with the authenticated transport.
        return new Iam.Builder(httpTransport,JSON_FACTORY,credential).setApplicationName("stuffs").build();
    }

public static List<ServiceAccount> listServiceAccounts(Iam iam)throws IOException{

        Iam.Projects.ServiceAccounts.List request = iam.projects().serviceAccounts().list("projects/" + "GuestProject");
        List<ServiceAccount> serviceAccounts = new ArrayList<>();
        ListServiceAccountsResponse response;
        do {
            response = request.execute();
            if (response.getAccounts() == null) {
                continue;
            }
            for (ServiceAccount serviceAccount : response.getAccounts()) {
                // TODO: Change code below to process each `serviceAccount` resource:
//              System.out.println(serviceAccount);
                serviceAccounts.add(serviceAccount);
            }
            request.setPageToken(response.getNextPageToken());
        } while (response.getNextPageToken() != null);

        return serviceAccounts;
    }

但是，当我运行命令时，出现了如下错误：

Exception in thread "main" com.google.api.client.googleapis.json.GoogleJsonResponseException: 400 Bad Request
{
  "code" : 400,"errors" : [ {
    "domain" : "global","message" : "GuestProject does not match [a-z\\d][a-z\\d\\-]*.","reason" : "badRequest"
  } ],"status" : "INVALID_ARGUMENT"
}

我的代码有什么问题吗？

解决方法

暂无找到可以解决该程序问题的有效方法，小编努力寻找整理中！

如果你已经找到好的解决方法，欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@）

google-cloud-iam google-cloud-platform java java

在跨帐户和Project Google Cloud IAM中列出ServiceAccount

问题描述

解决方法

相关问答