上传到 GCP 存储桶的 Firebase 功能拒绝访问
Firebase Function to Upload to GCP storage bucket Access Denied
我正在上一门关于 firebase 函数的课程,下面的函数将上传到 firebase 存储的图像复制到 GCP 存储桶。
教师的一切正常,但我收到错误:
uploadToVCMBucket
Error: fbpipeline-9876@appspot.gserviceaccount.com does not have storage.objects.create access to the Google Cloud Storage object. at new ApiError (/workspace/node_modules/@google-cloud/common/build/src/util.js:73:15)
讲师没有提到设置权限以获取对 GCP 存储桶的访问权限。我们是否需要执行任何步骤来授予 google 复制到 GCP 存储的功能?
遵循的步骤:
- 设置 Firestore、realtimedb 和存储
- 使用 react-firebase-file-uploader 将图像上传到 firebase 存储。
- 在 GCP 中创建了一个存储桶,如下面的屏幕截图所示
- 将以下函数部署到 firebase 函数以将图像从 firebase 存储复制到 GCP 存储桶
//Project setup
//Automl information
const project_name = 'ml-imageclassifier'
const project_region = 'us-central1'
const dataset_id = 'ICN10548w25656579083008'
const bucket_prefix = 'animals'
const labels = ['dog', 'cat', 'other']
const model_name = `${bucket_prefix}_${new Date().getTime()}`
const num_labels = labels.length;
const img_threshold = 10;
//Dependencies
const fs = require('fs')
const functions = require("firebase-functions");
const firebase = require('firebase-admin');
const { Storage } = require('@google-cloud/storage');
const automl = require('@google-cloud/automl')
const cors = require('cors')({origin: true});
firebase.initializeApp();
const database = firebase.database();
const firestore = firebase.firestore();
const storage = new Storage();
//helper function that taken in a path of the last image
function writeToDB (path) {
console.log(path)
database.ref(path).transaction(function(labelCount) {
return labelCount + 1
})
}
//whenever a image is uploaded to the storage bucket trigger the below to copy the image to GCP storage
exports.uploadToVCMBucket = functions.storage.object().onFinalize(event => {
const file = storage.bucket(event.bucket).file(event.name)
const newLocation = `gs://${project_name}-vcm/${event.name}`
return file.copy(newLocation)
.then((err, copiedFile, resp) => {
return event.name.substring(0, event.name.lastIndexOf('/'))
}).then((label) => {
return writeToDB(label)
});
})
要将创建者对象授予您的服务帐户,您可以在云中使用以下命令shell:
gsutil iam ch serviceaccount:YOURSERVICEACCOUNT:objectCreator gs://YOURBUCKET
要检查命令是否有效,您可以使用以下命令检查服务帐户是否具有正确的角色:
gsutil iam get gs://YOUTBUCKET
我正在上一门关于 firebase 函数的课程,下面的函数将上传到 firebase 存储的图像复制到 GCP 存储桶。
教师的一切正常,但我收到错误:
uploadToVCMBucket Error: fbpipeline-9876@appspot.gserviceaccount.com does not have storage.objects.create access to the Google Cloud Storage object. at new ApiError (/workspace/node_modules/@google-cloud/common/build/src/util.js:73:15)
讲师没有提到设置权限以获取对 GCP 存储桶的访问权限。我们是否需要执行任何步骤来授予 google 复制到 GCP 存储的功能?
遵循的步骤:
- 设置 Firestore、realtimedb 和存储
- 使用 react-firebase-file-uploader 将图像上传到 firebase 存储。
- 在 GCP 中创建了一个存储桶,如下面的屏幕截图所示
- 将以下函数部署到 firebase 函数以将图像从 firebase 存储复制到 GCP 存储桶
//Project setup
//Automl information
const project_name = 'ml-imageclassifier'
const project_region = 'us-central1'
const dataset_id = 'ICN10548w25656579083008'
const bucket_prefix = 'animals'
const labels = ['dog', 'cat', 'other']
const model_name = `${bucket_prefix}_${new Date().getTime()}`
const num_labels = labels.length;
const img_threshold = 10;
//Dependencies
const fs = require('fs')
const functions = require("firebase-functions");
const firebase = require('firebase-admin');
const { Storage } = require('@google-cloud/storage');
const automl = require('@google-cloud/automl')
const cors = require('cors')({origin: true});
firebase.initializeApp();
const database = firebase.database();
const firestore = firebase.firestore();
const storage = new Storage();
//helper function that taken in a path of the last image
function writeToDB (path) {
console.log(path)
database.ref(path).transaction(function(labelCount) {
return labelCount + 1
})
}
//whenever a image is uploaded to the storage bucket trigger the below to copy the image to GCP storage
exports.uploadToVCMBucket = functions.storage.object().onFinalize(event => {
const file = storage.bucket(event.bucket).file(event.name)
const newLocation = `gs://${project_name}-vcm/${event.name}`
return file.copy(newLocation)
.then((err, copiedFile, resp) => {
return event.name.substring(0, event.name.lastIndexOf('/'))
}).then((label) => {
return writeToDB(label)
});
})
要将创建者对象授予您的服务帐户,您可以在云中使用以下命令shell:
gsutil iam ch serviceaccount:YOURSERVICEACCOUNT:objectCreator gs://YOURBUCKET
要检查命令是否有效,您可以使用以下命令检查服务帐户是否具有正确的角色:
gsutil iam get gs://YOUTBUCKET