The virtual appliance import tool uses Cloud Build. Enable the Cloud Build service in your project, and grant the Cloud Build service account permissions to create and manage compute resources.
To set up the Cloud Build service using gcloud command-line tool, complete the following steps:
-
Enable Cloud Build.
gcloud services enable cloudbuild.googleapis.com
The import tool also uses the default Compute Engine service account. By default, the Compute Engine service account has the Cloud IAM project editor role. If this role is removed, the import process might fail.
-
Add the compute.admin role to the service account for the Cloud Build API.
gcloud projects add-iam-policy-binding [PROJECT_ID] \
--member serviceAccount:[PROJECT_NUM]@cloudbuild.gserviceaccount.com \
--role roles/compute.admin
-
Add the iam.serviceAccountUser role to the service account for the Cloud Build API.
gcloud projects add-iam-policy-binding [PROJECT_ID] \
--member serviceAccount:[PROJECT_NUM]@cloudbuild.gserviceaccount.com \
--role roles/iam.serviceAccountUser
-
Add the iam.serviceAccountTokenCreator role to the service account for the Cloud Build API.
gcloud projects add-iam-policy-binding [PROJECT_ID] \
--member serviceAccount:[PROJECT_NUM]@cloudbuild.gserviceaccount.com \
--role roles/iam.serviceAccountTokenCreator
where:
Hope it helps!!
If you need to know more about Google Cloud, We recommend joining GCP Certification course today.
Thanks!
