I am trying to deploy the *standard example NodeJs App* using a service account.
https://github.com/GoogleCloudPlatform/nodejs-docs-samples/tree/master/appengine/hello-world/standard I have created a new *service account* with the roles (as described in the documentation https://cloud.google.com/appengine/docs/standard/nodejs/granting-project-access#deploying_using_iam_roles): - App Engine Admin - Storage Object Admin When deploying with *gcloud app deploy --verbosity=debug* I get the error: Updating service [default]...â ›DEBUG: Operation [apps/MYAPP/operations/ 01c6d8bc-9247-4d1b-924f-c6ec12514fcf] complete. Result: { "metadata": { "target": "apps/MYAPP/services/default/versions/20180726t071855", "method": "google.appengine.v1.Versions.CreateVersion", "user": "MYACCOUNT@ MYAPP.iam.gserviceaccount.com", "insertTime": "2018-07-26T05:18:59.150Z", "endTime": "2018-07-26T05:19:02.609Z", "@type": "type.googleapis.com/google.appengine.v1.OperationMetadataV1" }, "done": true, "name": "apps/MYAPP/operations/01c6d8bc-9247-4d1b-924f-c6ec12514fcf", "error": { "message": "An internal error occurred.", "code": 13 } } Updating service [default]...failed. DEBUG: (gcloud.app.deploy) Error Response: [13] An internal error occurred. *If I add the role Project Owner it is properly working and deploying a new version. *So it does not seem to be a problem with the code itself. So it seems to be a permission problem. Does anybody have any ideas? I hate to do CI/CD with accounts with more permission than they need. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/7ffc02ad-cfbf-4dce-8b53-72e3dff32417%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
