anyone can help me ... iwas trying publish a image on gcp using cloud run and create a noauthIamPolicy after to let access the endpoint... i create the json key and set the rules for iam at iam polices tab... when i run pulumi local it was normal but when i try the cicd integration i get that error

Diagnostics:

gcp:cloudrun:IamPolicy (noauthIamPolicy):

anyone know how to solve it?

@quiet-plastic-34312 this indicates the service account or other credentials you're using in the CI pipeline don't have permission to create an IAM policy. update your service account

its the one that have the key associated right? i put all the roles Cloud Run Service Agent Cloud Run Service Agent Editor Security Admin Security Reviewer Service Account Admin Service Account User and still get the error... have any way to check the key roles?

yes, but the error is coming because you need to add IAM modify permissions, not just for cloud run this support is outside the scope of Pulumi. the 403 error definitely indicates you don't have the correct permissions, if it works locally, I would engage with Google Cloud support

gona do that ... ty