可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效，请关闭广告屏蔽插件后再试):

问题:

I'm trying to populate a mysql db with a csv that i have in cloud storage

I'm using the API Explorer to execute the request with the following request body:

{
  "importContext": {
    "csvImportOptions": {
      "columns": [
        "col1",
        "col2",
        "col3"
      ],
      "table": "table_name"
    },
    "database": "db_name",
    "fileType": "CSV",
    "kind": "sql#importContext",
    "uri": "gs://some_bucket/somecsv.csv"
  }
}

When i hit the execute button i receive a 200 response with the following body

{
 "kind": "sql#operation",
 "selfLink": "https://www.googleapis.com/sql/v1beta4/projects/somelink",
 "targetProject": "some-project",
 "targetId": "some-tarjet",
 "targetLink": "https://www.googleapis.com/sql/v1beta4/projects/somelink",
 "name": "some-name",
 "operationType": "IMPORT",
 "status": "PENDING",
 "user": "myuser@mydomain.com",
 "insertTime": "somedate",
 "importContext": {
  ...
 }
}

But if i go to the detail instance page in the google console i see this message:

gs://link-to-csv: Access denied for account oosyrcl32gnzypxg4uhqw54uab@somename.iam.gserviceaccount.com (permission issue?)

I'm authenticated with the same account that created the bucket in cloud storage where the csv is and this also happens using the python sdk.

回答1:

You are trying to do an import from your bucket to your Cloud SQL instance, but, said import is going to be made by a service account, one in particular, which can be seen in the “Service account” section while seeing the details of your Cloud SQL instance.

It might be that the CloudSQL service account does not have appropriate permissions to access the Cloud Storage bucket with the data to import.

In order to create a successful import between SQL instance and Storage buckets, proper permissions should be set first. You should give to the service account "oosyrcl32gnzypxg4uhqw54uab@speckle-umbrella-27.iam.gserviceaccount.com" the Storage Object Viewer role.

回答2:

Go to: https://console.cloud.google.com/iam-admin/iam
Click Add, to add a new member.
Paste the gserviceaccount.com email address that was presented in the error message into the New Members field.
Add 2 roles:
1. Cloud SQL Viewer
2. Storage Object Admin
Click Save.