Permissions For Google Cloud SQL Import Using Service Accounts

The cloud SQL instance is running under a Google service account that is not a part of your project. You will need to grant this user permissions on the file in Cloud Storage that you want to import. Here is a handy dandy bash snippet that will do that.

SA_NAME=$(gcloud sql instances describe YOUR_DB_INSTANCE_NAME --project=YOUR_PROJECT_ID --format="value(serviceAccountEmailAddress)")
gsutil acl ch -u ${SA_NAME}:R gs://YOUR_BUCKET_NAME;
gsutil acl ch -u ${SA_NAME}:R gs://${YOUR_BUCKET_NAME}/whateverDirectory/fileToImport.sql;

The first line gets the service account email address. The next line gives this service account read permissions on the bucket. The last line gives the service account read permissions on the file.

Problem is about the permission of database instance service account to write on created bucket. Steps to solve this issue

1) Go to your Cloud SQL Instance and copy service account of instance (Cloud SQL->{instance name}->OVERVIEW->Service account)

2) After copy the service account, go the Cloud Storage Bucket where to want to dump and set desired permission to that account (Storage->{bucket name}->permissions->add member).

Permissions For Google Cloud SQL Import Using Service Accounts

Tags:

Google Cloud Platform

User Permissions

Google Cloud Storage

Google Cloud Sql

Service Accounts

Related

Recent Posts