ERROR:
(gcloud.asset.analyze-iam-policy) RESOURCE_EXHAUSTED: Resource has been exhausted (e.g. check quota).
On GCP console the number of requests sent per day is under 40 (forty) in any day of the past week and the quota limit is 200 (two hundred), so I’m not understanding why I am getting the “check quota” instruction.
See image below where “AnalyzeIamPolicy Requests per day” only used “22%” of the daily limit:
I also tried to edit the quota of “Cloud Asset API > AnalyzeIamPolicy Requests per day” and GCP console says “Click ‘apply for higher quota’ for requests above 200.” and nothing happens even after clicking on “SUBMIT REQUEST” button.
I’m on GCP basic tier and when I tried to create a support ticket I see error “You don’t have permission to file tech-related support cases for”.
How to ask for help from GCP support team while in basic tier?
The “RESOURCE_EXHAUSTED” error you are experiencing indicates that your recent requests have exceeded the established quota limits for your current tier in Security Command Center. This error occurs when the system detects that you have sent an excessive number of requests within a short time frame or have exhausted the available resources.
Currently, you are operating within the free tier (basic tier), which limits the number of policy analysis queries to 20 per organization per day. As you have already consumed 22% of this limit, further queries will trigger the error.
To resolve this issue and continue your operations without encountering this limitation, we recommend upgrading to the Premium service by Activating Security Command Center for an organization. This upgrade provides access to higher quotas and enables you to contact the GCP Cloud support team for potential quota increases.
For further reference on available Google Cloud services and limitations for the free tier, please review the following documentation:
We support AWS, Azure, DigitalOcean and now we want to support GCP.
Many of those users are more familiar with AWS, Azure or DigitalOcean than GCP.
They are mainly working in small and mid-sized business that will start on GCP using the free tier and upgrade overtime as they need more resources.
When this issue happens?
Before provisioning a GCP resource (network, subnet, virtual machine instance, …) we run **gcloud asset analyze-iam-policy** to check if the service account has permissions to perform this action, and if not, we communicate that clearly to the end users so we can guide them on how to update their GCP service account permissions before provision a certain resource type.
Questions
As you have already consumed 22% of this limit, further queries will trigger the error.
If there is a quota/limit, shouldn’t GCP users be allowed to use 100% of that limit?
If I only used 22% of that limit, I am still within the allowed threshold, therefore the request should not fail.
Isn’t that a bug on GCP side, since 22% usage is not equal to 100% of the available limits?
Is there any other way to check for user permissions that would work for user accounts under the free tier, considering that many new users we bring to GCP will start with the free tier?
