gRPC 7 PERMISSION_DENIED vs 11 OUT_OF_RANGE
Both gRPC 7 (PERMISSION_DENIED) and 11 (OUT_OF_RANGE) belong to the gRPC Status Codes category. 7 indicates that the caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead. Meanwhile, 11 means that the operation was attempted past the valid range. For example, seeking or reading past the end of a file.
描述
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
何时出现
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
如何修复
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.
描述
The operation was attempted past the valid range. For example, seeking or reading past the end of a file.
何时出现
A pagination offset exceeded the available data, or an iterator moved past the end of a collection. Unlike INVALID_ARGUMENT, this depends on the current state of the data.
如何修复
Check the valid range before making the request. For pagination, use the total count or next-page token to avoid requesting beyond the last page.
主要区别
gRPC 7: The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
gRPC 11: The operation was attempted past the valid range. For example, seeking or reading past the end of a file.
You encounter 7 when the authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
You encounter 11 when a pagination offset exceeded the available data, or an iterator moved past the end of a collection. Unlike INVALID_ARGUMENT, this depends on the current state of the data.
何时使用哪个
For 7 (PERMISSION_DENIED): Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side. For 11 (OUT_OF_RANGE): Check the valid range before making the request. For pagination, use the total count or next-page token to avoid requesting beyond the last page.