Keep getting permissions error gcloud.container.clusters.get-credentials

This is an old thread, this is how this issue handled today in case using cloud build :

Granting Cloud Build access to GKE

To deploy the application in your Kubernetes cluster, Cloud Build needs the Kubernetes Engine Developer Identity and Access Management Role.

Get Project Number:

PROJECT_NUMBER="$(gcloud projects describe ${PROJECT_ID} --format='get(projectNumber)')"

Add IAM Policy bindings:

gcloud projects add-iam-policy-binding ${PROJECT_NUMBER} \
    --member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com \
    --role=roles/container.developer

More info can be found here.

I believe it's not the CI Service account but the k8s service account used to manage your GKE cluster, where its email should look like this (Somebody must have deleted it):

k8s-service-account@<project-id>.iam.gserviceaccount.com

You can re-create it an give it project owner permissions.

recreate

Keep getting permissions error gcloud.container.clusters.get-credentials

Tags:

Gcloud

Kubernetes

Google Kubernetes Engine

Circleci

Related

Recent Posts