Access Problems with Google Cloud VM

What is the problem you are having with rclone?

Owner access is granted in Google Cloud IAM, but rclone gives permission errors.

Run the command 'rclone version' and share the full output of the command.

rclone version                                                                                                                                                               
rclone v1.67.0
- os/version: darwin 13.6.7 (64 bit)
- os/kernel: 22.6.0 (arm64)
- os/type: darwin
- os/arch: arm64 (ARMv8 compatible)
- go/version: go1.20.2
- go/linking: dynamic
- go/tags: cmount

Which cloud storage system are you using? (eg Google Drive)

Google Cloud

The storage itself is a boot drive on a GC Virtual Machine. Not sure if that matters for authorization purposes.

The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone lsd google-salamander:

Please run 'rclone config redacted' and share the full output. If you get command not found, please make sure to update rclone.

[gc-salamander]
type = google cloud storage
project_number = XXX
object_acl = bucketOwnerFullControl
bucket_acl = publicRead
token = XXX

A log from the command that you were trying to run with the -vv flag

2024/08/26 11:59:10 ERROR : : error listing: googleapi: Error 403: alex@XXX.org does not have storage.buckets.list access to the Google Cloud project. Permission 'storage.buckets.list' denied on resource (or it may not exist)., forbidden
2024/08/26 11:59:10 Failed to lsd with 2 errors: last error was: googleapi: Error 403: alex@XXXX.org does not have storage.buckets.list access to the Google Cloud project. Permission 'storage.buckets.list' denied on resource (or it may not exist)., forbidden

Here's a screenshot from GC showing that I have granted read/write permissions to buckets. Are additional permissions needed? Or did this not work because it's VM-based storage rather than a true cloud bucket?

I also put a random number as the project number in the rclone config. Should it have been something more specific?

doubt it will help but might try --gcs-no-check-bucket

did you add that permission to the iam user?

I still get the same error when using --gcs-no-check-bucket

Here's the screen shot for the permissions granted to the IAM user alex@XXXX.org . This should cover all reading and writing of items in buckets. Thus my confusion.

See specifically [here](IAM roles for Cloud Storage  |  Google Cloud. Having Storage Admin permission grants permission to all storage.buckets.* roles.

ok, but that error is from gcs, not rclone.

as a test, try to access a bucket, not the root of all buckets?

and what other tools have you tested, besides rclone?

Got it.

I'm still new to GCS, so I'm not sure where exactly my files might be located within the root directory. The area I'm trying to access is not a true bucket, but is the boot disk of a VM instance. Does that make a difference, or does that give you a clue in how to access it?

I have accessed the storage via the GCS ssh-in-browser, but I haven't tried other methods because I need to transfer files from a Dropbox that's already connected to rclone. I figured rclone would be the easiest.

Well, this solved my problem, but did not resolve my issues connecting to GCS.

Instead of connecting to GCS remotely so that I could run something like:

rclone copy dropbox-remote:/folder/file1 gc-salamander:

I just installed rclone on the GCS VM and then connected my dropbox-remote to that VM. That allows me to transfer files from Dropbox to the GCS VM.

yeah, that is the best way.

with most object storage providers, cannot upload files to root, need to specify a bucket.
i guess that is not the case with gcs, or you have not fully explained your setup.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.