7

SOLVED: In Google cloud platform I need to create a new project to create a new oauth credential for an app.

But it will not let me create any more projects under my organisation. It says I do not have permission to create projects in this location. I only have 2 projects currently and there is only 1 org. No I cannot use an exisitng project since I need to setup a different oauth consent screen.

I am the admin, with owner permissions, so there is nobody else I can contact.

I have a g suite account, so I am wondering if this is the cause. More and more Google services seem to be breaking for g suite users and only work on free gmail accounts.

snake
  • 732
  • 1
  • 6
  • 11
  • what permissions did you assign to your account at the ORG level? This may seem odd, but you need to grant yourself permission. – John Hanley Sep 28 '19 at 03:23
  • I have the following roles. Support Account Administrator Organisation Role Administrator Owner – snake Sep 29 '19 at 22:02
  • Where do you have those permissions? Your problem is simple, you do not have the permissions that you think, therefore be detailed in your answers. The permissions that you need are either at the Org or Folder level, but your question has no details. – John Hanley Sep 29 '19 at 22:10
  • 1
    Those permissions are at ORG level and I quoted them directly from the permissions page. screenshot: https://nimb.ws/9uECXO If you want more details then simply be more detailed in your responses and tell me what details you want and where to get them, I am not a mind reader nor am I an expert in google cloud, thus why I am posting here. – snake Sep 30 '19 at 23:13

1 Answers1

12

You need the permission resourcemanager.projects.create. This permission is defined in the role roles/resourcemanager.projectCreator aka "Project Creator.

Add this role at the Organization level.

John Hanley
  • 74,467
  • 6
  • 95
  • 159
  • 1
    thanks, it is working now. They obviously must have changed this since I last created a project, as I never had to do this before, and I have existing projects. – snake Oct 03 '19 at 23:09
  • @snake Did you convert your existing projects into an organization? Also, close this question. – John Hanley Oct 03 '19 at 23:21
  • no I haven't changed anything. I haven't needed to create a new project for a long time, the last time I did so was at least a year ago, if not longer. So this must be a new permission requirement they have added since then. – snake Oct 05 '19 at 02:20
  • @snake - How did you get your projects into an organization? You had to do that at some point. That is why you did not need this permission before. If you do not have an organization, you have this permission. Once you create an organization, roles become more granular. – John Hanley Oct 05 '19 at 02:25
  • @snake - Since my answer helped you, can you select the answer and close this question? – John Hanley Oct 05 '19 at 02:25
  • If I choose to close the question, then none of the options apply. duplicate of... off topic unclear what you're asking too broad primarily opinion-based – snake Oct 06 '19 at 20:37
  • @snake - By close I mean select an answer and not to delete the question. The "close" button is to block a question from being answered. – John Hanley Oct 06 '19 at 22:39
  • What is meant by "at the organization level" - how do I access this - what configuration is responsible for this? – Chris Stryczynski Feb 18 '21 at 11:32
  • @ChrisStryczynski - Google support the concept of an organization and folders to organize multiple projects in a hierarchy of projects under central management. Create a new question if you need more information. – John Hanley Feb 18 '21 at 16:29
  • I'm like what the original post said: "They obviously must have changed this since I last created a project, as I never had to do this before, and I have existing projects." I've been creating projects all the time -- the most recent being just a day ago. But today, I'm suddenly getting the same error. And granting the suggested role also solved my problem. While the solution is reasonable, I don't understand why I didn't need to do that before (up till just yesterday). – Vincent Yin Jun 28 '23 at 14:56
  • @VincentYin - security and authorization are evolving services everywhere. New permissions are defined, roles are redefined, new services are created, etc. Technology and services seldom stay static. – John Hanley Jun 28 '23 at 18:30