gRPC 7 PERMISSION_DENIED vs 10 ABORTED
Both gRPC 7 (PERMISSION_DENIED) and 10 (ABORTED) belong to the gRPC Status Codes category. 7 indicates that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead. Meanwhile, 10 means that the operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort.
Описание
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
Когда вы это видите
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
Как исправить
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
Описание
The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort.
Когда вы это видите
A transaction or optimistic concurrency check failed — for example, a read-modify-write cycle detected a conflict with another concurrent operation.
Как исправить
Retry the entire read-modify-write sequence from the beginning. Implement proper optimistic concurrency control with version tokens or ETags.
Ключевые различия
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
gRPC 10: The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
You encounter 10 when a transaction or optimistic concurrency check failed — for example, a read-modify-write cycle detected a conflict with another concurrent operation.
Когда что использовать
For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side. For 10 (ABORTED): Retry the entire read-modify-write sequence from the beginning. Implement proper optimistic concurrency control with version tokens or ETags.