No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

The current permissions listed for the owner role even include `pubsub.topics.create`.

Authentication is handled via `gcloud auth activate-service-account` in a container (new container for each execution)

error: Error creating Topic: googleapi: Error 403: Request had insufficient authentication scopes.

To answer your first question - no, not aware of any specific configuration needed.

Is the API enabled for that particular project?

Yep. It works on my machine, just not in our CI

I am wondering if it has anything to do with default application credentials.

I’m not aware if Pulumi tries to use those first or something, or uses it for pubsub

I’ll create a ticket for this because it’s extremely problematic for us.

<https://github.com/pulumi/pulumi-gcp/issues/292>

Thanks. I'll follow up internally on this.

Appreciate it. We’re making heavy use of pub/sub these days and we have to always deploy any changes manually otherwise our CI process fails. My guess is the gcloud sdk relies upon a differen authentication scheme or something for pub/sub.