I am trying to deploy a data ingestion pipeline in Google Cloud Functions.
When I trigger the URL, I get the following error:
Error: Forbidden Your client does not have permission to get URL /entry-point from this server.
I don't understand when am I getting this error because my function's service account has the cloudfunctions.invoker role and I am the owner of the project. I even granted the cloudfunctions.invoker to my user account but it still not working.
I have managed to make it work by giving the cloudfunctions.invoker to allUser, but I would prefer not doing it for safety reasons.
Does someone have an idea of why it doesn't work?
Following the suggestion from @DazWilkin in the comment, I tried the following command in my terminal and it worked.
https://zone-project-name.cloudfunctions.net/entry-point -H "Authorization: bearer $(gcloud auth print-identity-token)"
I still don't manage to trigger make it work using the console trigger, but it is fine because my goal is to trigger the function with a request made by Cloud Scheduler.