Closed adv4000 closed 4 years ago
@adv4000 You don't need to create a default service account. It is used when you install Grafana on a Google VM and the service account will be used from the VM
@avivl I'am using Terraform to provision Google Compute VM and have to create my ServiceAccount for it. My ServiceAccount has enough permission to access BigQuery but Plugin not using attached ServiceAccount, like ignoring it.
The default service account for compute is in the format of PROJECT_NUMBER-compute@developer.gserviceaccount.com
It is not something that you create by yourself
https://cloud.google.com/iam/docs/service-accounts
@avivl In your documentation you have this:
- First of all, you need to create a Service Account that can be used by the GCE virtual machine. See detailed instructions on how to do that here.
- Make sure the GCE virtual machine instance is being run as the service account that you just created. See instructions here.
- Allow access to the BigQuery API scope. See instructions here.
Maybe just replace this with Only Default Service Account will work.
Bug Report
Authentication by GCE Service Account not working
Expected Behavior
Able to authenticate Grafana to BigQuery using Attached GCE Service Account
Actual Behavior
After selection Authentication Type:
GCE Default Service Account
And click on Test getting the following error:Confirmed that Project ID is Correct. My Service Account which I have created has Project Owner permissions, and able to access BigQuery.
If I will generate JSON key for this ServiceAccount and will upload it, authentication type Google JWT File test passing and all working fine.
Steps to Reproduce the Problem
"cloud-platform"
GCE Default Service Account
Specifications