Cannot deploy on Google Compute Engine with Required 'compute.zones.list' permission error

[davidleeplaysmart]

OS / Environment

OSX

Summary of the problem

Cannot deploy on Google Compute Engine with Required 'compute.zones.list' permission error

Steps to reproduce the behavior

Tried to deploy on Google Compute Engine, I already use the admin role to deploy but still get the same error.

The way of deployment (cloud or local)

Google Compute Engine

Expected behavior

Deploy success

Actual behavior

Failed with following log

Full log

fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Unexpected response: ({u'domain': u'global', u'message': u"Required 'compute.zones.list' permission for 'projects/vpnxxxx'", u'reason': u'forbidden'}). Detail: Traceback (most recent call last):\n File "/var/folders/d0/dws_zcmn05n4n15d42xk6wpr0000gn/T/ansible_O4d3NI/ansible_modlib.zip/ansible/module_utils/gcp.py", line 105, in gcp_connect\n project=project_id)\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/compute/drivers/gce.py", line 1801, in init\n self.zone_list = self.ex_list_zones()\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/compute/drivers/gce.py", line 2755, in ex_list_zones\n response = self.connection.request(request, method='GET').object\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/compute/drivers/gce.py", line 121, in request\n response = super(GCEConnection, self).request(*args, **kwargs)\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/common/google.py", line 808, in request\n *args, **kwargs)\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/common/base.py", line 637, in request\n response = responseCls(**kwargs)\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/common/base.py", line 159, in init\n self.object = self.parse_body()\n File "/Users/leedavid/workspace/algo-master/env/lib/python2.7/site-packages/libcloud/common/google.py", line 296, in parse_body\n raise GoogleBaseError(message, self.status, code)\nGoogleBaseError: {u'domain': u'global', u'message': u"Required 'compute.zones.list' permission for 'projects/vpnxxxx'", u'reason': u'forbidden'}\n"}

[atbe]

I'm having the same issue.

Running algo with commit ID = fee009688ecd2f3b02518f828ee472e15e56f26b

I've tried lots of different permissions. I think this is an issue with my configuration being incorrect because of the changes GCM has been making for resource permissions.

If anyone has been able to get around this issue please report back here, I would really appreciate it. Thanks.

[RandomDSdevel]

     I've seen this as well. I even opened an issue with a Google Cloud Platform support representative about it to see if they might be able to figure out what Algo is doing wrong in this area of its Ansible script since nobody in the Gitter chat room was responding when I asked for help troubleshooting it. Now that I know that this issue exists here on GitHub, I'll let them know about it by the time I hear back from them.

---

Edit: Representative notified of this issue's existence even though I'm not sure exactly how much help to expect from somebody not involved in this project and responsible for maintaining support for other code.

[pjlaske]

Same issue for me! Also using a Mac - don't know if that matters. A documentation post clarifying service accounts and permissions needed would be much appreciated.

[RandomDSdevel]

Bump @gunph1ld and/or @dguido.

[jackivanov]

Never seen this before. Have anyone tried the solution from here?

[RandomDSdevel]

@gunph1ld: Thanks for pointing that reference out; I'll go through the steps outlined there ASAP.

[RandomDSdevel]

@gunph1ld: Yup, that did the trick! (These steps should be documented as part of resolving #682, shouldn't they?)