gRPC 7 PERMISSION_DENIED vs 8 RESOURCE_EXHAUSTED
Both gRPC 7 (PERMISSION_DENIED) and 8 (RESOURCE_EXHAUSTED) belong to the gRPC Status Codes category. 7 indicates that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead. Meanwhile, 8 means that some resource has been exhausted, perhaps a per-user quota, or the entire file system is out of space.
Description
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
When You See It
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
How to Fix
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
Description
Some resource has been exhausted, perhaps a per-user quota, or the entire file system is out of space.
When You See It
A rate limit was hit, a quota was exceeded, or the server ran out of memory/disk. Common with API rate limiting and resource quotas.
How to Fix
Implement exponential backoff and retry. If quota-related, request a quota increase or optimize your usage pattern to stay within limits.
Key Differences
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
gRPC 8: Some resource has been exhausted, perhaps a per-user quota, or the entire file system is out of space.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
You encounter 8 when a rate limit was hit, a quota was exceeded, or the server ran out of memory/disk. Common with API rate limiting and resource quotas.
When to Use Which
For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side. For 8 (RESOURCE_EXHAUSTED): Implement exponential backoff and retry. If quota-related, request a quota increase or optimize your usage pattern to stay within limits.