google cloud platform - GCP Secret Manager Access "Invalid Grant" error 503 with Python 3.11

link管理

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

骑白马的葡萄 · 旺吾智能锁怎么样-智和家· 2 月前 ·

高兴的丝瓜 · 探秘小红帽回家GitHub项目：开源代码及应 ...· 4 月前 ·

知识渊博的橡皮擦 · 蓝灯加速器最新版好用吗？蓝灯加速器lante ...· 4 月前 ·

小胡子的熊猫 · java.io.FileNotFoundEx ...· 5 月前 ·

曾经爱过的西装 · 全球高考小说有肉的部分未删减txt完整+番外 ...· 9 月前 ·

Stack Exchange network consists of 183 Q&A communities including Stack Overflow , the largest, most trusted online community for developers to learn, share their knowledge, and build their careers. Visit Stack Exchange

Server Fault is a question and answer site for system and network administrators. It only takes a minute to sign up.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams

really losing it here. I wrote a simple piece of code just to be able to access secrets, and every time I run it it simply throws the following error:

google.api_core.exceptions.RetryError: Deadline of 60.0s exceeded while calling target function, last exception: 503 Getting metadata from plugin failed with error: ('invalid_grant: Bad Request', {'error': 'invalid_grant', 'error_description': 'Bad Request'})
Below is my code:
from google.cloud import secretmanager
def secretFinder(projectid, secretid, version):
    client = secretmanager.SecretManagerServiceClient()
    name = f"projects/{projectid}/secrets/{secretid}/versions/{version}"
    response = client.access_secret_version(name=name)
    return response.payload.data.decode('UTF-8')
secretFinder("my_project", "test", "latest")
My CLI is auth'd with my service account, which contains the following roles associated with it -
Owner
Secret Manager Admin
Secret Manager Secret Accessor
I confirmed only my account is auth'd by running 
gcloud auth list
Next, I ensured I set the correct project by running
gcloud config set project PROJECT_ID
Where project id is "my_project". I did not use the project #, but instead the actual project ID as directed. 
Ironically, if I run the following via cli I actually get my secret:
gcloud secrets versions access --secret=test latest
I truly don't know what to do at this point and any help would be greatly appreciated.
Thanks in advance!
Run gcloud auth application-default login and try again.
If that does not work, move this question to Stack Overflow. Add details on the environment you are running the code on.
Note: the CLI gcloud uses different credentials than your code. Your code is using ADC (Application Default Credentials), which is why you must authenticate using application-default command option.
Your other option is to modify your code and specify the service account as a parameter to SecretManagerServiceClient().

Stack Exchange Network