Cloudsploit error when used with GCP user account and application_default_credentials.json
v3rl opened this issue · 1 comments
v3rl commented
Hi,
I ran Cloudsploit for a GCP project. The GCP project team provided me with GCP user account access rather than service account. I might not get a service account for the same.
As per my understanding Cloudsploit does not support running with GCP user account credentials. It can only be run using service account credential file.
Apart from checking the code , I verified by following below steps,
- Ran command "gcloud init" to use a new account
- Ran command "gcloud auth application-default login" to obtain application access credentials
This creates application_default_credentials.json . I provided path of this file in the config_example.js file as below,
google: {
// OPTION 1: If using a credential JSON file, enter the path below
credential_file: '/home/username/.config/gcloud/application_default_credentials.json',
// OPTION 2: If using hard-coded credentials, enter them below
// project: process.env.GOOGLE_PROJECT_ID || 'my-project',
// client_email: process.env.GOOGLE_CLIENT_EMAIL || 'cloudsploit@your-project-name.iam.gserviceaccount.com',
// private_key: process.env.GOOGLE_PRIVATE_KEY || '-----BEGIN PRIVATE KEY-----\nYOUR-PRIVATE-KEY-GOES-HERE\n-----END PRIVATE KEY-----\n'
},
This did not work as expected and yielded below errors.
INFO: Skipping AWS pagination mode
INFO: Determining API calls to make...
INFO: Found 61 API calls to make for google plugins
INFO: Collecting metadata. This may take several minutes...
[ERROR] Unhandled error from Google API: Error: {}
[ERROR] Unhandled error from Google API: Error: {}
[ERROR] Unhandled error from Google API: Error: {}
[ERROR] Unhandled error from Google API: Error: {}
[ERROR] Unhandled error from Google API: Error: {}
[ERROR] Unhandled error from Google API: Error: {}
Is there any way I can run Cloudsploit with GCP user account?