gcloud compute list networks error: "Some requests did not succeed: - Insufficient Permission"

gcloud list shared networks
gcloud request had insufficient authentication scopes
gcloud list subnets
gcloud config
gcloud compute instances
gcloud compute networks describe
insufficient permission: request had insufficient authentication scopes.
request had insufficient authentication scopes.'', status'' : permission_denied

I have created a project and setup a Windows 2012 VM. I am trying to list the networks in the project. Here are the steps I performed:

Initially, I logged into the VM as per the credentials created when creating the VM. From there, opened the Google Cloud SDK Shell (As Administrator) Next, I set the project name as follows:

C:\windows\system32> gcloud config set project <proj-name>

Then, I tried to list the networks (should only be one - default). Here is the error relating to permission.

C:\windows\system32> gcloud compute networks list
NAME IPV4_RANGE GATEWAY_IPV4
ERROR: (gcloud.compute.networks.list) Some requests did not succeed:
 - Insufficient Permission

This is a problem with the permissions of the credentials of the created Virtual Machine.

To work around, you can use gcloud auth login and log into your Google account via the browser. You may also create a service account in the Cloud Console and load it onto the machine, then activate using gcloud auth activate-service-account.


This issue is easiest to see in the Cloud Console. Navigate to the instance page for this VM; you'll see something like:

Note that "Compute" is set to "Disabled".

To change these permissions when creating a new VM instance in the Cloud Console, expand the "Management, disk, networking, access & security options" view:

Then, navigate to "Access & security" and change the permissions for "Compute":

This will create the new Virtual Machine that has read access to your project's Google Compute Engine settings.


To create a new instance using gcloud, add the following flag to gcloud compute instances create:

--scopes "https://www.googleapis.com/auth/compute.readonly"

You'll need to add any additional permissions you'd like, as well.

gcloud compute networks list | Cloud SDK Documentation, Google Cloud audit, platform, and application logs management. Cloud Monitoring. Infrastructure and application health with rich metrics. Error Reporting​. Groundbreaking solutions. Transformative know-how. Whether your business is early in its journey or well on its way to digital transformation, Google Cloud's solutions and technologies help chart a path to success.


First use gcloud auth login command to authenticate and get credentials for the tool.

gcloud compute networks create, abandon-instances · create · create-instance · delete · delete-instances · describe · get-named-ports · list · list-errors · list-instances · recreate-instances · resize. gcloud config set project my-project1-1529728710719 Updated property [core/project]. gcloud config list --format='text(core.project)' # check that this worked core.project: my-project1-1529728710719 At this point ‘copacetic’ doesn’t have sufficient privileges to view IAM settings. Making the following updates. remove - Compute Network Viewer


As Misha Brukman in this post answered, you don't have to include the url (as this might change) but simply can type the --scopes option "compute -rw" as in:

gcloud compute instances create <vm name> --scopes compute-rw

If you have already created your vm instance, you can simply use the equivalent update command like this:

gcloud compute instances update <vm name> --scopes compute-rw

ERROR: (gcloud.compute.ssh) could not fetch resource: The , Hi All, I am creating project recommendation on google cloud, in that I am setting up Download the ERROR: (gcloud.compute.ssh) could not fetch resource: The resource --image-family=debian-8 --image-project=debian-cloud --network=​default flink-m:tand dpkg --contents (= dpkg-deb --contents) to list their contents​. Trying to list zones (noted in the prerequisites fails: > gcloud compute zones list ERROR: (gcloud.compute.zones.list) The required property [project] is not currently set. You may set it for your current workspace by running: $ gcloud c


I ran into same error when i was trying to execute "gcloud compute zones list" command (When I logged into GCP instance by using "Open in browser window" option).

Below are the steps which I executed to get it resolved.

Step 1 : Log into GCP instance using "View gcloud command option".

Step 2 : Click on "Run in Cloud Shell command"

Step 3 : Execute gcloud specific command . In my case it was "gcloud compute zones list".

Hola!! It works like magic.!!

ERROR: (gcloud.compute.instances.list) timed out This may be due , ERROR: (gcloud.compute.instances.list) timed out This may be due to network connectivity issues. Please check your network settings, and the status of the  ERROR: (gcloud.compute.scp) This may be due to network connectivity issues. Please check your network settings, and the status of the service you are trying to reach.


GCP command-line cheatsheet, A cheatsheet with various commands for the Google Cloud Platform (GCP) gcloud compute networks subnets list --filter="network:my-vpc". gcloud compute instances create --help List instances. There are a number of ways to list your instances using the instances list command. You can create a human-readable, tabular output with the following command: gcloud compute instances list Note: The output from the instances list command might be changed in future releases of gcloud compute.


Delete default network from google cloud, gcloud compute addresses list NAME ADDRESS/RANGE TYPE (Y/n)? Y ERROR: (gcloud.compute.addresses.delete) Could not fetch  ERROR: (gcloud.components.update) Failed to fetch component listing from server. Check your network settings and try again. It also doesn’t work with 119.0.0 etc.


Google Cloud Platform, Google Cloud Platform (GCP) is a cloud computing service by Google that offers 5.3 Cloud DNS; 5.4 Cloud Content Delivery Network (CDN); 5.5 Cloud VPN Role List of permissions compute.instances.delete compute.instances.get compute. Aggregate and display errors for running Cloud services. Add firewall allowing external traffic to the network (port 6443 are used by API server TLS) gcloud compute firewall-rules create k8s-allow-external \ --allow tcp:22,tcp:6443,icmp \ --network k8s \ --source-ranges 0.0.0.0/0 List all firewall rules filtering on a specific network gcloud compute firewall-rules list --filter="network:k8s"