gRPC 7 PERMISSION_DENIED vs 11 OUT_OF_RANGE
Both gRPC 7 (PERMISSION_DENIED) and 11 (OUT_OF_RANGE) belong to the gRPC Status Codes category. 7 indicates that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead. Meanwhile, 11 means that the operation was attempted past the valid range. For example, seeking or reading past the end of a file.
Descripción
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
Cuándo lo verás
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
Cómo solucionarlo
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
Descripción
The operation was attempted past the valid range. For example, seeking or reading past the end of a file.
Cuándo lo verás
A pagination offset exceeded the available data, or an iterator moved past the end of a collection. Unlike INVALID_ARGUMENT, this depends on the current state of the data.
Cómo solucionarlo
Check the valid range before making the request. For pagination, use the total count or next-page token to avoid requesting beyond the last page.
Diferencias clave
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
gRPC 11: The operation was attempted past the valid range. For example, seeking or reading past the end of a file.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
You encounter 11 when a pagination offset exceeded the available data, or an iterator moved past the end of a collection. Unlike INVALID_ARGUMENT, this depends on the current state of the data.
Cuándo usar cada uno
For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side. For 11 (OUT_OF_RANGE): Check the valid range before making the request. For pagination, use the total count or next-page token to avoid requesting beyond the last page.