I have a problem on a GCP Project
I Added IAP on the app. I allowed every user on the professional google domain.
I found that IAP was not a good solution. I finally removed IAP from the project. I un-toggled the functionality. And I removed the roles/members.
Now all the project crashes : Cloud Build return that error when I Tried to deploy my services by triggers "ERROR: (gcloud.app.deploy) PERMISSION_DENIED: You do not have permission to act as '[email protected]'" When I launch an http request to a service, the service doesn't create an instance. I have that error "Waiting for network connection open. Subject:"app/invalid" Address:127.0.0.1:8080"
The account "[email protected]" has an owner role.
I already checked the IAM roles it not seems to have one missing, I've checked with other projects, it seems good.
It's not the code of the app cause I tried in my laptop in local and the services works perfectly. I've deployed my services with gcloud command, but the services are unreachable I have errors 500 cause my apps doesn't deploy.
I don't know which role I have to change in IAM to fix all the app.
This error means that Cloud Build service account can't act on behalf of App Engine service account. You can add this permission in Console-> Cloud Build-> settings enabling service account user role. There should have been some change recently that enabled this requirement for App Engine deployments.