I’m trying to follow the guidelines setup here:

I created a new project in GCP, I enabled billing, I created a service account and granted it the role of Owner and a different service with the RoleWriter role.

It doesn’t matter which role i try to use, i also have the following

/etc/systemd/system/docker.service.d/docker-service-override.conf

[Service]
Environment="GOOGLE_APPLICATION_CREDENTIALS=/home/samir/management-credentials.json"

sudo systemctl daemon-reload && sudo systemctl restart docker

Now, in order to test this i run the following:

docker run -d --log-driver=gcplogs --log-opt gcp-project=docker-test hello-world
06cbf4242338d3c642dce4db51925da967e6eaf39c56c1d8aff66b53c6302820
docker: Error response from daemon: failed to initialize logging driver: unable to connect or authenticate with Google Cloud Logging: rpc error: code = PermissionDenied desc = The caller does not have permission.

What am I missing ?

I am facing the same error in gcp.

DO NOT set the environment variable GOOGLE_APPLICATION_CREDENTIALS !!! This overrides the ADC flow.

After working with this topic for months, I finally have it figured out. This free public article shows you how to configure Google authentication for production with minimal permissions using the Application Default Credentials (ADC) flow. The article includes working examples for Google Cloud CLI, BigQuery, and a Python script (or other SDK supported languages) running locally, in a local Docker container, or in a VM on Google Cloud. See: GCP Infrastructure & Authentication | by Mark W Kiehl | Oct, 2024 | Medium

Check out my detailed example on configuring production viable Google authentication for a Python script using the Google SDK. This same Python script can be run locally in a Docker container, or on a Google Cloud VM. The free public article is posted at: Containerization using Docker. Follow this step-by-step guide on how… | by Mark W Kiehl | Oct, 2024 | Medium