AccessContextManagerのCloudAPIを叩いた際に以下のエラーが出た
curl -H "Authorization: Bearer "$(gcloud auth print-access-token) "https://accesscontextmanager.googleapis.com/v1/accessPolicies?parent=organizations/12345"
{
"error": {
"code": 403,
"message": "Your application has authenticated using end user credentials from the Google Cloud SDK or Google Cloud Shell which are not supported by the accesscontextmanager.googleapis.com. We recommend configuring the billing/quota_
project setting in gcloud or using a service account through the auth/impersonate_service_account setting. For more information about service accounts and how to use them in your application, see https://cloud.google.com/docs/authenticat
ion/.",
"status": "PERMISSION_DENIED"
}
}
billingの設定が通ってないのか、ヘッダーに X-Goog-User-Project: my-project を入れることで解決
curl -H "X-Goog-User-Project: my-project" -H "Authorization: Bearer "$(gcloud auth print-access-token) "https://accesscontextmanager.googleapis.com/v1/accessPolicies?parent=organizations/12345"