I am using an app engine application written in python2.7 to collect monitoring metrics from different projects. I am running this from cloud shell The app engine application is deployed in projectA and it is able to collect the metrics from projectA through the below call
service = build('monitoring', 'v3', cache_discovery=True)
project_name = 'projects/{project_id}'.format(
project_id=project_id
)
metrics = service.projects().metricDescriptors().list(
name=project_name,
pageSize=config.PAGE_SIZE,
pageToken=next_page_token
).execute()
This call is written in a loop, Now i need to collect ProjectB metrics, I have owner access to ProjectB. When ProjectB is passed as parameter to project_id I am getting this below error:
logMessage: "Error: <HttpError 403 when requesting https://monitoring.googleapis.com/v3/projects/ProjectB/metricDescriptors?pageToken=&alt=json&pageSize=500 returned "Permission monitoring.metricDescriptors.list denied (or the resource may not exist).">"
severity: "ERROR"
sourceLocation: {
file: "/base/data/home/apps/s~ProjectA/list-metrics:20200706t123743.427891295940019389/main.py"
functionName: "post"
line: "665"
}
time: "2020-07-06T16:10:43.724399Z"
I am not sure what should be done to make this work? I am very new to google cloud and its apis and also new to app engine,python2.7 kindly help, Thanks
I have solved this in this way by adding the default service account of the app engine to the monitoring.viewer role for ProjectB and now I am able to get the metrics from ProjectB also