Missing edit permissions on a cluster on GCP

This is a Google Cloud specific problem.
I returned from vacation and noticed I can no longer manage workloads or cluster due to this error:
“Missing edit permissions on account”

I am a sole person with access to this account (owner role) and yet I see this issue.
The troubleshooting guide suggests checking system service account role, looks like it’s set up correctly (why would it not if I haven’t edited it).
If it’s not set up correctly it suggests turning off/on the Kubernetes API on GCP, but when you press on “disable” there’s a scary-looking prompt that your Kubernetes resources are going to be deleted, so obviously I can’t do that.
Upon trying to connect to it I get

gcloud container clusters get-credentials cluster-1 --zone us-west1-b --project PROJECT_ID
Fetching cluster endpoint and auth data.
WARNING: cluster cluster-1 is not running. The kubernetes API may not be available.

In the logs I found a record (the last one) that is 4 days old:

“Readiness probe failed: Get net/http: request canceled (Client.Timeout exceeded while awaiting headers)”

Any ideas?
Thanks in advance.

Cluster information:

Kubernetes version: 1.14.10-gke.50
Cloud being used: Google Cloud

The issue is solved,
I had to upgrade node versions in the pool.
What a misleading error message.
Hopefully, this helps someone.

1 Like


I’m having the same issue, but I can’t upgrade the node versions nor create a new pool:

ERROR: (gcloud.container.node-pools.create) ResponseError: code=400, message=Cluster is currently being created, deleted, updated or repaired and cannot be updated.

How did you achieve it?


In my case, I opened the node pool and next to “Node version” there was an “upgrade” button.
If it’s not working for you, then I have no idea how to help with that :frowning:

@therusskiy thanks, this is what I see in the node pool:

Is that what you did to upgrade the version of the node pool?

@DanielVigueras yes

Thanks, I’ll try it!