gRPC
7 PERMISSION_DENIED
The caller does not have permission to execute the specified operation. This is not for unauthenticated callers — use UNAUTHENTICATED instead.
When You See This Code
The authenticated user lacks the required role, scope, or policy to perform this action. Different from UNAUTHENTICATED (code 16), which means no credentials at all.
How to Fix
Verify the caller has the correct IAM role, API scope, or access policy. Check RBAC configuration on the server side.