👀 Views: 68 💬 Answers: 1 📅 Created: 2025-07-04

google-cloud gcp cloud-tasks cloud-run Python

I'm currently trying to set up a Cloud Tasks queue in Google Cloud to trigger an HTTP endpoint on my Cloud Run service. However, I keep receiving a `403 Forbidden` behavior when the task is executed, which prevents the request from succeeding. I have confirmed that the endpoint works when called directly and that my service is set to allow unauthenticated invocations. Here’s a snippet of how I’m creating the task: ```python from google.cloud import tasks_v2 from google.protobuf import duration_pb2 client = tasks_v2.CloudTasksClient() project = 'my-project' queue = 'my-queue' location = 'us-central1' url = 'https://<your-cloud-run-url>' # Create the fully qualified queue name. parent = client.queue_path(project, location, queue) # Build the request payload. task = { 'http_request': { 'http_method': tasks_v2.HttpMethod.POST, 'url': url, 'body': b'Hello, World!', 'headers': {'Content-Type': 'application/json'}, } } # Use the client to send the task to the queue. response = client.create_task(parent=parent, task=task) print('Task created: {}'.format(response.name)) ``` I suspect it may be an scenario with permissions for the Cloud Tasks service account, but I have already granted it the `roles/cloudtasks.enqueuer` role on the Cloud Tasks queue. Additionally, I have tried explicitly allowing the Cloud Tasks service account access to invoke my Cloud Run service by adding the `roles/run.invoker` role, but the question continues. When I check the logs for the Cloud Run service, I see entries for the HTTP requests being blocked with a `403` status code. I am also using the Google Cloud SDK version 420.0.0, as I need the latest features. Can someone guide to identify what I might be missing to resolve this scenario? My development environment is Debian. What are your experiences with this?