'Unable to Create Composer Environment On GCP

I created Composer Environment on GCP development environment with a service account that has the following permissions

  • Composer Administrator
  • Composer Worker
  • Kubernetes Engine Admin
  • Storage Object Admin
  • BigQuery Admin
  • Cloud SQL Admin

I was able to create the environment but If I try with exactly same permissions on production environment I get Custom service accounts need correct permissions for environment creation to succeed. as error after waiting for 50 mins.

I have also tried creating using Gcloud from client machine but that also didn't work out for me. I tried by disabling and re-enable the Composer API and created the environment again which also wasn't helpful. I have looked at following resources

https://groups.google.com/forum/#!topic/cloud-composer-discuss/Jcrh8d2X3uU

https://groups.google.com/forum/#!topic/cloud-composer-discuss/TnMDMq6Y-dU

https://groups.google.com/forum/#!topic/cloud-composer-discuss/A1xU5eTL4fg

GCP Cloud Composer - not able to create environment

Can someone tell me what permissions I need to create the Composer Environment.

airflowgoogle-cloud-composer


Solution 1:[1]

Check the following 2 things in your production environment:

1) Domain Restricted Sharing Organisation Policy is turned off when creating Cloud Composer. You can re-enable this org policy after the composer environment is created.

2) VPC Service Controls is turned off.

Composer doesn't work well if any one of the above is turned ON.

Solution 2:[2]

When you create cloud composer environment , it crate pub/sub topic as well. Please provide pub/sub admin role as well.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 kaxil
Solution 2 Vishal Bulbule

Related Questions

How to import SlackWebHookOperator in Airflow?

ServiceNow integration with Airflow

How to create a empty folder in google storage(bucket) using gsutil command?

Proper way to create dynamic workflows in Airflow

Managing DBT profile file in MWAA

Airflow: Trigger DAG via UI with Parameters/Config

Only works with the CeleryExecutor

airflow kubernetes default setup ERROR: relation "log" does not exist at character 13

MWAA - Airflow - PythonVirtualenvOperator requires virtualenv

How does the mode "reschedule" in Airflow Sensors work?

OAuth authentication in apache airflow (Google Cloud Composer)

Airflow:Docker-Compose:"You are running pip as root Please use user to run pip"

Airflow UI: hide 'Task Instance Details', section 'Task Attributes', attribute 'env'

Airflow 2.0.1: Pod Template Override not working as expected for KubernetesExecutor

Airflow/Luigi for AWS EMR automatic cluster creation and pyspark deployment