我正在遵循Google的tutorial为我的云功能设置端点。
当我尝试使用URL service_name.a.run.app/function1
从浏览器访问端点时,会得到
Error: Forbidden
Your client does not have permission to get URL /function1GET from this server
作为上述教程的一部分和Google产品经理的answer,我通过授予ESP调用我的功能的权限来保护自己的功能。
gcloud beta functions add-iam-policy-binding function1 --member "serviceaccount:id-compute@developer.gserviceaccount.com" --role "roles/cloudfunctions.invoker" --project "project_id"
我的openapi-functions.yaml
swagger: '2.0'
info:
title: Cloud Endpoints + GCF
description: Sample API on Cloud Endpoints with a Google Cloud Functions backend
version: 1.0.0
host: HOST
x-google-endpoints:
- name: "HOST"
allowCors: "true
schemes:
- https
produces:
- application/json
paths:
/function1:
get:
operationId: function1
x-google-backend:
address: https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/function1GET
responses:
'200':
description: A successful response
schema:
type: string
请注意,我已添加
- name: "HOST"
allowCors: "true'
到我的.yaml
文件,因为我需要从Firebase上托管的静态站点访问终结点。