google-cloud-platform - Whoami doesn't change in GCP after I run gcloud auth login

问题描述

I am learning GCP and have the following question in regarding copying object into a bucket.

In Cloudshell I ran gsutil cp earthquakes.* gs://welynx-test1 and errored out:

Copying file://earthquakes.csv [Content-Type=text/csv]...
AccessDeniedException: 403 Insufficient Permission 

I am logged in via SSH already so I checked the identity with whoami

xenonxie@instance-1:~/training-data-analyst/CPB100/lab2b$ whoami
xenonxie

And then I proceeded with editing the bucket's permission:

I added an email address to the Storage Admin member.

I then run gcloud auth login, and was prompted a link and clicking on the link takes me to browser where I log in with an email address, and then I will get a verification code to paste back to SSH window, and then became logged in as that email user:

You are now logged in as [xenonxie @ gmail.com]. Your current project is [rock-perception-263016]. You can change this setting by running: $ gcloud config set project PROJECT_ID

Question1: What I don't understand is: I still see the same whoami as below:

xenonxie@instance-1:~/training-data-analyst/CPB100/lab2b$ whoami
xenonxie

Because I added the email in bucket permission as Storage Admin, I am able to save object into that bucket.

Question2:

I believe it is not needed to be Storage Admin, all I want is to write an object into that bucket. What is the best practice to do that?

Thank you very much.

标签： google-cloud-platformgoogle-cloud-storagebucket