# 错误：创建资源时出错：google_project_service：googleapi：错误 403：Cloud Resource Manager API 之前未在项目 'my-project' 中使用或已禁用。

- **ID:** `policy/gcp-resource-manager-api-not-enabled`
- **领域:** policy
- **类别:** auth_error
- **验证级别:** ai_generated
- **修复率:** 95%

## 根因

Google Cloud 项目未启用 Cloud Resource Manager API，这是通过 Terraform 或 gcloud 管理项目级资源（如 IAM 策略和服务账户）所必需的。

## 版本兼容性

| 版本 | 状态 | 引入 | 弃用 |
|------|------|------|------|
| Google Cloud SDK 400+ | active | — | — |
| Terraform Google Provider 4.0+ | active | — | — |

## 解决方案

1. ```
   通过 gcloud 启用 Cloud Resource Manager API：gcloud services enable cloudresourcemanager.googleapis.com --project=my-project
   ```
2. ```
   通过 Google Cloud 控制台启用 API：转到 APIs & Services > Library，搜索 'Cloud Resource Manager API'，然后点击启用。
   ```
3. ```
   在 Terraform 中，添加 google_project_service 资源以在创建其他资源之前启用 API：resource "google_project_service" "crm" { project = "my-project" service = "cloudresourcemanager.googleapis.com" }
   ```

## 无效尝试

- **Re-authenticate with gcloud auth login to refresh credentials** — The error is not about authentication but about the API not being enabled; re-login does not enable APIs. (95% 失败率)
- **Use a different service account or user account to run the command** — The API disablement is project-wide; all accounts in the project face the same issue until the API is enabled. (90% 失败率)
- **Set the project ID in gcloud config and retry without enabling the API** — The API must be explicitly enabled; setting the project ID only changes the target project but does not enable the API. (85% 失败率)