Google Cloud authentication with SA account not working for me

arnoldvilleneuve · August 14, 2019, 10:40pm

I am using rclone config to create the configuration but just can't seem to get it to work with SA JSON file. I am running it from a GCP VM so there is no ability to call out to a web browser for authentication with an account so I have to get the SA JSON part working.

arnold@rclonelinux1:~/rclone-v1.48.0-linux-amd64$ rclone listremotes
rcloneone:
arnold@rclonelinux1:~/rclone-v1.48.0-linux-amd64$ rclone ls rcloneone:
2019/08/14 19:31:58 Failed to create file system for "rcloneone:": failed configuring Google Cloud Storage Service Account: error processing credentials: invalid character 'r' looking for beginning of value
arnold@rclonelinux1:~/rclone-v1.48.0-linux-amd64$ rclone ls rcloneone:rclonestore
2019/08/14 19:32:25 Failed to create file system for "rcloneone:rclonestore": failed configuring Google Cloud Storage Service Account: error processing credentials: invalid character 'r' looking for beginning of value
arnold@rclonelinux1:~/rclone-v1.48.0-linux-amd64$

rcloneone]
type = google cloud storage
project_number = 482564684504
service_account_file = /home/arnold/rclone-v1.48.0-linux-amd64/rcloneone.json
service_account_credentials = rclonesa@rcloneone-249818.iam.gserviceaccount.com
object_acl = bucketOwnerFullControl
bucket_acl = private
location = us-central1
storage_class = REGIONAL

ERROR MSG

arnold@rclonelinux1:~/rclone-v1.48.0-linux-amd64$ rclone ls rclone2:
2019/08/14 20:48:46 Failed to create file system for "rclone2:": failed configuring Google Cloud Storage Service Account: error processing credentials: invalid character 'r' looking for beginning of value

arnoldvilleneuve · August 14, 2019, 10:46pm

Think I figured it out.

With the newer versions of rclone you do not need to specify service_account_credentials (email of SA account). Rather you just need to point to the service_account_file location.

I just went back and removed the service_account_credentials email address of the SA account through rclone config and it seems to be working.

thestigma · August 14, 2019, 10:53pm

Yea I don't usually work with service accounts, but I think that may be superflous when you use the SA file. I guess it's because SAs can use either of the authentication methods.

You can define it likethis:
service_account_file=/.config/rclone/service-account.json ...
or like this:
service_account_credentials={"type":"service_account", "project_id": "my-google-pro... ...

either should work

ncw · August 15, 2019, 9:44am

It is possible this isn't clear enough in the docs

I think JSON blob is programmer speak. It should probably also note they are mutually exclusive.

Anyone fancy fixing up drive.go and sending a pull request?

system · November 13, 2019, 9:47am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.