Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [google-iam]

40 questions
0
votes
1 answer

New with Organization node and permissions on GCP

I am working with GCP within my university's CS program. My university does have an organizational node which our IT department is not using and has given me permission to use it for my class. I have given my students the following roles: Security…
Cathy Bareiss
  • 1
0
votes
1 answer

prompt user to provide necessary IAM config to GCP resources

I'm brand new to Google Cloud Platform, and we are working on a strategy to provision software for non-technical users. Is it possible to prompt a user with a familiar Oauth-like, one-click request for permissions/privileges that will give our…
g000m
  • 3
  • 2
0
votes
1 answer

Required GCP IAM permissions for accessing/managing Google Maps/Places API

I searched through the roles in the IAM role management and was unable to find roles to access and manage APIs & Service in GCP so that I can give a person access to specific API Services only. How can I achieve that? Cheers & Thanks
cjost
  • 1
0
votes
1 answer

GCP Oslogin error

I have enabled os-login for an instance by setting the metadata value as 'enable-oslogin=TRUE'. Even after setting the IAM roles as Organization admin and Owner of the project the issue persists as shown in the link GCP ssh error. Please guide me to…
Sasirekha
  • 1
  • 2
0
votes
2 answers

Service account does not have storage.buckets.create access

I have created a Service Account for Terraform. Apart of our process is to create some storage buckets and maintain them through Terraform. However, when we run terraform apply we get the following error: google_storage_bucket.state_bucket:…
Andrew Ellis
  • 423
  • 1
  • 5
  • 14
0
votes
1 answer

Log into Google Cloud VM with as specific user using IAM

I created a VM with an Ubuntu 22.04 image and I log in using IAM credentials, not SSH keys, for example: gcloud beta compute ssh --zone myzone vmname --project myproj --tunnel-through-iap My command prompt has the username I want. I just created…
abalter
  • 121
  • 6
0
votes
1 answer

GCP- Alert for adding new user or service account to a project

I want to create an alert in my project in GCP that lets me know when a new user or service account is added to the project. I understand I need to use Logs Explorer and run a query but I am not sure what query to run. Thanks!
Nicholas Ziccardi
  • 1
  • 1
0
votes
1 answer

Compute Engine: Restricting SSH usernames

I want to use OS Login with GCP because we use IAM for scoping access to all other resources within GCP (storage buckets, SQL, Redis, etc.). I understand how to restrict users from accessing machines using service accounts and roles. But, I don't…
fuzzybear3965
  • 111
  • 7
0
votes
1 answer

Can GCDS (Google Cloud Directory Sync) trigger a cloud function?

I would like to run a Google Cloud function that renames the posixAccounts -> {username,homeDirectory} in Google Directory . I am hoping that it's possible to have the function triggered after a successful run of GCDS. Is this possible? Is there a…
GuyMatz
  • 101
0
votes
1 answer

fine-grained access for GCP OSLogin / osAdminLogin?

Is it possible to control which users/groups get which sudo privileges? Or is it an all-or-nothing proposition?
GuyMatz
  • 101
0
votes
1 answer

IAP with Google Identity Platform throws "Failed to fetch the discovery document from issuer"

I have activated Identity Aware Proxy on a GCP Load Balancer and configured it to authenticate the users against my OIDC Identity Provider (Auth0) through Google Identity Platform with a default login page hosted on Cloud Run. When I browse my…
MariusPontmercy
  • 677
  • 4
  • 15
0
votes
0 answers

Google cloud function - Unable to deploy

I have lots of cloud function deployed and working fine. (I am the project owner) Now I am not able to deploy any function and keep on getting this error - ERROR: gcloud crashed (ConnectionError): ('Connection aborted.', OSError("(10054,…
Rajesh bhardwaj
  • 1
0
votes
1 answer

Google Cloud Project with No Owner

We have a Google Cloud project on my team and the owner has since left the organization. We still have access to the project because someone on my team in an editor but editors cannot give others access. She is leaving the team and we are trying to…
Rachel S.
  • 1
0
votes
1 answer

GCP deployment to create storage bucket fails on missing storage.buckets.get access

I want to create a cloud storage bucket programatically using deployment manager, but the deployment fails with the following error: ERROR: (gcloud.deployment-manager.deployments.create) Error in Operation…
Carlos Rodriguez
  • 103
  • 2
0
votes
2 answers

GCP Owner and Administrator roles for organization

I am assigned "Owner" role on the whole GCP organization, yet I cannot access organization IAM or billing accounts. I've tried running a query on principal, I can see my account as a member of "roles/owner" role, but still nothing. Is it a bug or is…
Victor
  • 1
  • 1
  • 1
1
2
3