I’m trying to upload files from a VM instance to a Google Cloud Storage bucket using the gcloud storage cp command. I’ve attached a service account to the VM with Storage Admin access, but I’m encountering an access denied error.
gcloud storage cp temp_files/test.txt gs://test-us-east/test.txt
Error message:
Copying file://temp_files/test.txt to gs://test-us-east/test.txt
ERROR: User [vm-instances-sa@gcpplatform.iam.gserviceaccount.com] does not have permission to access b instance [test-us-east] (or it may not exist): Access denied.
Completed files 0/1 | 0B
I’ve verified that the service account has the necessary permissions to create objects in the bucket using the Policy Analyzer. Despite temporarily granting Owner access, the issue persists.
I also checked the permissions tab under my bucket, and it shows my service account with storage admin permissions. Additionally, I reviewed the access scope for my VM, and it allows access to all APIs.
So removing all permissions from the service account and granting only storage admin access, along with full API access for Cloud Scope, ultimately worked. I stopped the current VM and restarted it, and now the gcloud cp command is functioning properly.