gRPC 5 NOT_FOUND vs 7 PERMISSION_DENIED
Both gRPC 5 (NOT_FOUND) and 7 (PERMISSION_DENIED) belong to the gRPC Status Codes category. 5 indicates that some requested entity was not found. For example, a file or directory that the RPC was supposed to operate on does not exist. Meanwhile, 7 means that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
描述
Some requested entity was not found. For example, a file or directory that the RPC was supposed to operate on does not exist.
何时出现
The resource referenced in the request doesn't exist — such as looking up a user by ID that has been deleted or never created.
如何修复
Verify the resource identifier is correct. Ensure the resource was created before accessing it, or handle the not-found case gracefully in your client.
描述
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
何时出现
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
如何修复
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
主要区别
gRPC 5: Some requested entity was not found. For example, a file or directory that the RPC was supposed to operate on does not exist.
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
You encounter 5 when the resource referenced in the request doesn't exist — such as looking up a user by ID that has been deleted or never created.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
何时使用哪个
For 5 (NOT_FOUND): Verify the resource identifier is correct. Ensure the resource was created before accessing it, or handle the not-found case gracefully in your client. For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.