I am new to google cloud storage and I try to set up a function that downloads a blob once a day. At the moment I am working in my Jupyter Notebook but finally, the code will run in an Azure Function. I am struggling with setting up the client that connects me to the bucket. I have a service account credential JSON which enables me to connect to google.
Locally I have found a solution:
from google.cloud import storage
client = storage.Client.from_service_account_json('<PATH_TO_SERVICE_ACCOUNT_JSON>')
The problem is that I do not have a path where I store my JSON in the cloud but I store it in the key vault. I came up with the following solution:
from google.cloud import storage
import json
from google.oauth2 import service_account
string_key = get_key_from_key_vault()
service_account_info = json.loads(string_key)
google_credentials = service_account.Credentials.from_service_account_info(
service_account_info
)
scoped_credentials = google_credentials.with_scopes(
['https://www.googleapis.com/auth/cloud-platform.read-only'])
print(type(scoped_credentials))
client = storage.Client(credentials = scoped_credentials)
I am not totally sure if I need the scoped_credentials = ...part but I only have read permissions on the bucket. (if I skip the part the error stays the same)
When I go for this solution I get the following error:
DefaultCredentialsError: Could not automatically determine credentials. Please set
GOOGLE_APPLICATION_CREDENTIALS or explicitly create credentials and re-run the application. For
more information, please see https://cloud.google.com/docs/authentication/getting-started
I do not have a clue what I am doing wrong because I think that I already set the credentials explicitly.
Best P
after some more tests i found out that I missed to add project = None.
If you add it an use the following command to create the client it works:
client = storage.Client(project = None, credentials = scoped_credentials)
Thanks for your help and food for thought :-)