0
votes

In Google Cloud Platform the DataProc API is enabled. I am using the same key I use to access GCS and Big query to create a new cluster per this example. I get a Request had insufficient authentication scopes error on the following line.

 Operation createOperation =
            service.Projects.Regions.Clusters.Create(newCluster, project, dataprocGlobalRegion).Execute();

My complete code:

public static class DataProcClient
  {
    public static void Test()
    {
      string project = ConfigurationManager.AppSettings["Google.ProjectName"]; ;
      string dataprocGlobalRegion = "global";
      string zone = "us-east1-b";
      string machineType = "n1-standard-4";
      string clusterName = "sample-cluster";
      int numWorkers = 2;

        String serviceAccountEmail= ConfigurationManager.AppSettings["Google.ServiceAccountEmail"];
        String certificateFile = ConfigurationManager.AppSettings["KeyDirectory"] + ConfigurationManager.AppSettings["Google.CertificateFile"];
        X509Certificate2 certificate = new X509Certificate2(certificateFile, "notasecret", X509KeyStorageFlags.Exportable);

        ServiceAccountCredential credential = new ServiceAccountCredential(
                new ServiceAccountCredential.Initializer(serviceAccountEmail)
                {
                  Scopes = new[] { StorageService.Scope.DevstorageFullControl }
                }.FromCertificate(certificate));

        DataprocService service = new DataprocService(
            new BaseClientService.Initializer()
            {
              HttpClientInitializer = credential,
              ApplicationName = "Dataproc Sample",
            });

        // Create a new cluster:
        Cluster newCluster = new Cluster
        {
          ClusterName = clusterName,
          Config = new ClusterConfig
          {
            GceClusterConfig = new GceClusterConfig
            {
              ZoneUri = String.Format(
                  "https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}",
                  project, zone),
            },
            MasterConfig = new InstanceGroupConfig
            {
              NumInstances = 1,
              MachineTypeUri = String.Format(
                  "https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2}",
                  project, zone, machineType),
            },
            WorkerConfig = new InstanceGroupConfig
            {
              NumInstances = numWorkers,
              MachineTypeUri = String.Format(
                  "https://www.googleapis.com/compute/v1/projects/{0}/zones/{1}/machineTypes/{2}",
                  project, zone, machineType),
            },
          },
        };

        Operation createOperation =
            service.Projects.Regions.Clusters.Create(newCluster, project, dataprocGlobalRegion).Execute();
        // Poll the operation:
        while (!IsDone(createOperation))
        {
          Console.WriteLine("Polling operation {0}", createOperation.Name);
          createOperation =
              service.Projects.Regions.Operations.Get(createOperation.Name).Execute();
          Thread.Sleep(1000);
        }
    }
    static bool IsDone(Operation op)
    {
      return op.Done ?? false;
    }
  }
1

1 Answers

1
votes

When creating your ServiceAccountCredential, change:

new[] { StorageService.Scope.DevstorageFullControl }

to:

new[] { DataprocService.Scope.CloudPlatform }