Learn about troubleshooting steps that you might find helpful if you run into problems using Pub/Sub.
Cannot create a topic
Verify that you have the necessary
permissions.
To create a Pub/Sub topic, you need
the Pub/Sub Editor (roles/pubsub.editor
) Identity and Access Management
role on the project. If you don't have this role, contact your administrator.
For more troubleshooting information regarding topics,
see Troubleshooting topics
and Troubleshooting import topics.
Cannot create a subscription
Check that you have done the following:
Verify that you have the necessary permissions. To create a Pub/Sub subscription, you need the Pub/Sub Editor (roles/pubsub.editor) IAM role on the project. If you don't have this role, contact your administrator.
Specified a name for the subscription.
Specified the name of an existing topic to which you want to attach the subscription.
If creating a push subscription, specified
https://
in lower case (nothttp://
orHTTPS://
) as the protocol for your receiving URL in thepushEndpoint
field.
For more troubleshooting information about subscriptions, see Troubleshooting pull subscriptions, Troubleshooting push subscriptions, Troubleshooting BigQuery subscriptions, and Troubleshooting Cloud Storage subscriptions.
403 (Forbidden)
error
If you get this error, do the following:
- Make sure you've enabled the Pub/Sub API in the Google Cloud console.
Make sure that the principal making the request has the required permissions on the relevant Pub/Sub API resources, especially if you are using Pub/Sub API for cross-project communication.
If you're using Dataflow, make sure that both
{PROJECT_NUMBER}@cloudservices.gserviceaccount.com
and the Compute Engine Service account{PROJECT_NUMBER}-compute@developer.gserviceaccount.com
have the required permissions on the relevant Pub/Sub API resource. For more information, see Dataflow Security and Permissions.If you're using App Engine, check your project's Permissions page to see if an App Engine Service Account is listed as a Pub/Sub Editor. If it is not, add your App Engine Service Account as a Pub/Sub Editor. Normally, the App Engine Service Account is of the form
<project-id>@appspot.gserviceaccount.com
.
Using excessive administrative operations
If you find that you're using up too much of your
quota for administrative operations,
you might need to refactor your code. As an illustration, consider
this pseudo-code. In this example, an administrative operation (GET
)
is being used to check for the presence of a subscription before it
attempts to consume its resources. Both GET
and CREATE
are administrator operations:
if !GetSubscription my-sub {
CreateSubscription my-sub
}
Consume from subscription my-sub
A more efficient pattern is to try to consume messages from the subscription (assuming that you can be reasonably sure of the subscription's name). In this optimistic approach, you only get or create the subscription if there is an error. Consider this example:
try {
Consume from subscription my-sub
} catch NotFoundError {
CreateSubscription my-sub
Consume from subscription my-sub
}