I trying to create a deployment package on GCP with a customized VM Image. I do follow docs but as soon as I trigger the deployment, validation failed with the following error:
"domain": "global",
"message": "Required 'compute.images.useReadOnly' permission for 'projects/r-public/global/images/my-image'",
"reason": "forbidden"
The problem is that the GCP console create for every trigger a new service account which has the permission issue. What could be the valid solution here.
Seems to be you need to grant all authenticated Compute Engine users the Compute Image User role (roles/compute.imageUser) to a custom image.
To make images public, use the gcloud compute images add-iam-policy-binding command:
gcloud compute images add-iam-policy-binding IMAGE_NAME
--member='allAuthenticatedUsers'
--role='roles/compute.imageUser'
Replace IMAGE_NAME with the name of the resource—for example, my_image.
For more information on custom images access follow this link.