Back to Details

gcloud-auth-verification

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Handling Authentication Issues

处理认证问题

Common Error Messages

常见错误信息

  1. gcloud/bq CLI: 
    • ERROR: (bq) You do not currently have an active account selected.
    • No credentialed accounts.
    • Configuration error: No account is currently active.
  2. Execution Failures (Python/Notebooks): 
    • google.auth.exceptions.DefaultCredentialsError: Could not automatically determine credentials.
    • Forbidden: 403 Access Denied
      (when it's clearly an auth issue).
  1. gcloud/bq CLI: 
    • ERROR: (bq) You do not currently have an active account selected.
    • No credentialed accounts.
    • Configuration error: No account is currently active.
  2. 执行失败(Python/笔记本): 
    • google.auth.exceptions.DefaultCredentialsError: Could not automatically determine credentials.
    • Forbidden: 403 Access Denied
      (当明确是认证问题时)。

Verification Step

验证步骤

Before asking the user to log in, independently verify the authentication status by running: 
gcloud auth list
* If the output contains 
No credentialed accounts.
, proceed to the Corrective Action steps below. * If an account is listed but the user still receives a 
403 Access Denied
error, the issue is likely IAM permissions (e.g., missing BigQuery roles) on their active account, rather than missing authentication. In this case, investigate the permissions rather than asking them to log in again.
在要求用户登录之前,先独立运行以下命令验证认证状态:
gcloud auth list
  • 如果输出包含
    No credentialed accounts.
    ,请执行下方的纠正措施步骤。
  • 如果列出了账户,但用户仍收到
    403 Access Denied
    错误,问题可能出在其活跃账户的IAM权限(例如缺少BigQuery角色),而非认证缺失。这种情况下,应排查权限问题,而非再次要求用户登录。

Corrective Action

纠正措施

When missing credentials are confirmed, DO NOT attempt to fix the credentials via code or alternative tools. Credentials must be established by the user.
Stop and ask the user to run the following commands in their terminal:
  1. To authenticate the gcloud CLI: 
    gcloud auth login
  2. To set up Application Default Credentials (ADC) (required for BQ CLI AND most libraries/notebooks): 
    gcloud auth application-default login
确认凭证缺失后,请勿尝试通过代码或其他工具修复凭证。凭证必须由用户自行建立。
请暂停操作并要求用户在终端中运行以下命令:
  1. 认证gcloud CLI
    gcloud auth login
  2. 设置Application Default Credentials (ADC)(BQ CLI及大多数库/笔记本均需此操作):
    gcloud auth application-default login

Post-Login Verification

登录后验证

After the user confirms they have logged in, verify with: 
gcloud auth list
Then proceed with the original task.
用户确认登录后,运行以下命令验证:
gcloud auth list
随后继续执行原任务。