I had a simple Google Cloud Storage Account (for the last 5 years) that I had a small online backup service offering for my clients.
About a month or so ago I began getting messages about my "Trial" was expiring ... I ignored it mostly since I had not setup a trial anything. Then about a couple of weeks ago, my backup service quite working with the message I had no cloud account.
I went back and found the emails and clicked and "Upgraded" the account (which again I have no idea why since I have been paying Google Cloud Storage for years) and the backup began to work again.
But now when I go to look at the Project it states I have no permission for anything. I had access until this garbage happened ... of course there is absolutely no way to get support from Google.
I have tried to see how to give me admin access again, but there does not seem to be any way to do this ...
BTW ... I am the only login
Help please
about a year ago, some requirements were changed with GCP and storage. as such, you will need to ensure you have an attached billing account and manager access on the accounts that you are using to back up with. Typically these are service accounts with service credentials.
You can find the IAM roles here: https://console.cloud.google.com/iam-admin/iam
you will have to ensure you are in the correct project, then select the user that you are using to authorize with the backup service (or potentially create one).
Then you will want to edit the roles this account has with any of the following, or their subset permissions:
Storage Admin
Storage Transfer
Storage Object Admin
I also highly recommend getting a Google/Firebase technician to look at your GCP project, you can contact them through support here as they can debug if there are any backend issues. Just clarify that your project may not be a Firebase project. They are often more helpful than typical Google Support.
https://firebase.google.com/support/troubleshooter/contact
Update:
If for some reason your account was hijacked or migrated to an account you don't have access to when you should. contacting GCP support is your best option, they are able to restore access, roll back changes, and otherwise assist with any potential lockouts you have.
Related
I am attempting to add the "Amazon Web Services" Application to Google Workspaces.
I have been assigned the super admin role, in the admin dashboard. So, to the best of my knowledge, I should have permissions to add an application. But I keep getting the error message "Can't add Amazon Web Services. Please try again.". Which unfortunately is not particularly helpful in trying to understand what the problem is. I have tried different browsers, signing out/in etc. all to no avail.
However I must be missing something as the organisation owner is able to add the application with no issues, does anyone have any idea what could be preventing me from doing this?
Just to add, I have confirmed that I have the same roles attached as the organisation owner.
If your account has been assigned the role recently it is expected as it usually takes up to 24hrs for a role to fully propagate. After that you should be able to add it with no issues.
That is documented here
Hello and thanks in advance for you help.
I bought a domain through GCloud Domains, but it was tied to a deleted project.
The deletion is already completed, so the project can not be restored.
How can I retrieve the domain that I bought to use it in another project?
You should contact Cloud Support:
https://cloud.google.com/support-hub
I'm confident your situation was considered when domain registration was added to Cloud DNS.
Since you've bought the domain and, I assume, for a year, it remains yours. It's unclear how the registration persists but, I assume, an account was required during registration and this has possibly been sent recovery details.
Update
Aha! Recovery is covered in the troubleshooting:
https://cloud.google.com/domains/docs/troubleshooting#you_deleted_a_project_and_lost_access_to_your_domain
I asked this question on the github community support forum, but I'll ask this here too since no reply there...
I am trying to setup a Github App to give some scripts limited Admin rights to some repos in an Organisation. The Organisation is (I believe) under an Enterprise account - we are using this currently instead of having an Enterprise server. I have created the App, transferred it to the Organisation, and one of the Organisation Admins (which I an not) has set me as the manager. So far so good. However, although I can see the App in the Organisation Settings, there is no “Install App” button. Also trying to use it in scripting gives 401 (A JSON web token could not be decoded) errors trying to get hold of a “PAT” for the app - even though the Admin has installed it into the app.
There is obviously something wrong but I’m at a loss. Does anybody know of some extra logs that can be looked at or have a suggestion on how to approach this. We’ve tried deleting the app and retrying - no different. I should say this is the third app I’ve created for transferring into the organisation this way - so far it has just worked.
We raised a support ticket on this so got a formal answer. I thought it might be useful to replicate the key part of the answer here. Essentially the issue is the fact this App has Admin rights. I am an Administrator on some of the repos, and am "App Manager" for this App, but I am not an Owner of the Organisation.
I quote:
"""GitHub App permission requests [control] access to a number of organization REST API endpoints... As these endpoints are outside the individual repository scope, only the organization owner can approve requests to add or change them. If this wasn't the case, App Managers who aren't organization owners would be able to grant an application the ability to view organization members and teams - which is private organization information that can otherwise only be granted by organization owners via inviting new organization members."""
Basically that is it. The original idea was to allow a central place to set some things that only an Administrator could set in a repo - c.f. branch rules. Seems that this can't be done as is with an App - the system just isn't flexible enough.
The alternative, which I know works, is to use the PAT of a user with Admin rights. That just feels less secure.
I'm trying to host files on a Google Cloud Bucket. I've used the service before, but now it's acting up on me with a new bucket for a different client.
For some reason, when I click the "Share Publicly" checkbox, it instantly unchecks itself and refuses to share the file.
Can anyone tell me how to fix this?
Update: After more experimentation, I've found that my client's account completely refuses to allow sharing for some unexplained reason. He's entered his billing information and is still on Trial time, but I don't know if that has anything to do with the issue. I've tried creating other buckets and modifying permissions with GSUTIL but no luck.
I'm at the early days of looking into IdentityServer v3 and IdentityManager, as I'm certain those guys are more clued up than I, but I cannot see how to configure the IdentityManager.
If we're deploying IdentityManager to a client, all the client want to do is "standard admin type stuff", such as
create users
unlock accounts (e.g. after 3 failed login attempts)
suspend accounts (not paid your bill, tut tut...)
delete users
..rather than amend claims, roles and suchlike (presumably these would be hidden from the Administrators).
What am I missing?
Or, is the IdentityManager supposed to be used by the implementation team installing the thing, and then the business administrators who deal with the topics listed above actually don't use IdentityManager at all, but a separate admin site we have to write? As far as I can make out all the pages, htm letc is within the nuget package so cannot be amended by me.
If it makes any difference, we're trying to create a public facing website that can be logged into, but the users are only created by the company, whose admin site to create & administer the users is IP restricted / not public facing.
Identity Manager is aimed at developers and internal administrators for testing and initial configuration purposes, as opposed to end users.
Check out https://vimeo.com/125426951 by the repo's author. I think it's explicitly stated at around the 1 minute mark. It's mentioned on the Github issue tracker quite frequently too.
Also, it's not that extensible yet, so you won't be able to brand it or remove sections (such as your requirement of no claims).