问题描述
当我尝试SSH到在GCP的Compute Engine上创建的VM时,这就是抛出该错误的问题:
ERROR: (gcloud.compute.ssh) User [[email protected]] does not have permission to access user [[email protected]:importSshPublicKey] (or it may not exist): Insufficient IAM permissions. The instance belongs to an external organization. You must be granted the roles/compute.osloginExternalUser IAM role on the external organization to configure POSIX account @R_193_4045@ion.
我尝试了几件事,包括更改了角色,您可以在此处查看:IAM Roles that I have
我还尝试通过运行以下命令来add-iam-policy-binding:
gcloud compute instances add-iam-policy-binding [email protected] --role=roles/compute.osloginExternalUser --zone europe-west1-b。但这导致了这个问题:
ERROR: (gcloud.compute.instances.add-iam-policy-binding) argument --zone: INSTANCE must be specified.
Usage: gcloud compute instances add-iam-policy-binding (INSTANCE : --zone=ZONE) --member=MEMBER --role=ROLE [optional flags]
optional flags may be --help | --zone
For detailed @R_193_4045@ion on this command and its flags,run:
gcloud compute instances add-iam-policy-binding --help
This也没有被证明非常有用,this resource here.
也没有任何帮助将不胜感激。如果需要,我可以添加更多相关信息。谢谢!
解决方法
要将具有实例和区域的用户[email protected]的角色compute.osLoginExternalUser的IAM策略绑定到实例和区域,请运行以下命令。
gcloud beta计算实例add-iam-policy-binding your-instance --zone = ZONE --member ='user:[email protected]'--role ='roles / compute.osLoginExternalUser'
有关信息,请关注文章here。