Stack Overflow
Stack Overflow

Questions tagged [google-cloud-iam]

Cloud Identity and Access Management (Cloud IAM) enables you to create and manage permissions for Google Cloud Platform resources. Cloud IAM unifies access control for Cloud Platform services into a single system and presents a consistent set of operations.

671 questions
0
votes
2 answers

Google Cloud Kubernetes cluster can not connect to nodes or delete?

I am using using google cloud Kubernetes service it was working until accidently i delete the service account of kubernetes service account. I have created the kubernetes service account. I can not connect to nodes delete or delete my cluster. Seems…
Fahad Abid
  • 1,012
  • 9
  • 20
0
votes
1 answer

Firebase console IAM role for Firebase Analytics

How do we set up a role for Firebase console user that allows the user to create funnels and audiences (Project Editor role) for analytics data, while restricting access to BigQuery and Cloud Storage resources?
Mark Kang
  • 161
  • 11
0
votes
0 answers

BigQuery API jobs oauth and Google account change

I have a problem with BigQuery and I wonder if any of you already had to struggle with something similar. A gmail address was accidentally associated with the Google account based on a corporative email address becoming the one that appears as the…
Raúl Galve
  • 11
0
votes
2 answers

Google App Engine access cross project resources

I am trying to build rest API's which can do cross-project management of resources. Basically trying to build a centralized app which can manage resource in other projects. Web interface and REST API to view and manage other project resources.…
pythonhmmm
  • 833
  • 1
  • 18
  • 38
0
votes
2 answers

Issue Deleting Google Compute Account through API using Python

I was able to piece together a Python script to interact with the Google API Library using information from here and here. The code below is working and I'm able to list all accounts within a particular Project. See below: Code: import os from…
Eric P
  • 151
  • 2
  • 6
0
votes
1 answer

Unable to grant datastore permissions in Google Cloud Console

When managing roles in Google Cloud IAM, all datastore.* permissions (such as datastore.entities.{create, list, get}) show up as greyed out with a yellow exclamation badge with a tool tip explaining "cannot assign permission." I'm assuming this is…
Trey
  • 11,032
  • 1
  • 23
  • 21
0
votes
1 answer

Service account can create PubSub subscriptions but can't read from them

I've created a service account I intend to use in our development environment, and since its credentials are checked into source control, I want to lock down its access to the bare minimum. When spinning up new hosts, our app creates a new PubSub…
Brentonium
  • 1
  • 1
0
votes
1 answer

Provide Access to view "Enabled APIs & Services" dashboard

I am not able to find any way to grant access to view the "Enabled APIs & Services" dashboard page. My co-worker does not have access but I can't find any roles or documentation that suggest what access is needed to view this page. See attached…
reese0106
  • 2,011
  • 2
  • 16
  • 46
0
votes
0 answers

How to implement IoT with GCP: What are the limits of both cloud projects and service accounts per project? To what number can they be increased?

In short: What are the limits of both cloud projects and service accounts per project? How can they be increased? Is the architecture a good idea at all? I am developing an IoT application with tens of thousands of planned devices in the field,…
a13x6au3r
  • 1
  • 1
-1
votes
0 answers

Sign Service Account Keys by CA

I have services running on GCP where the service needs to authenticate itself (as a client) to another non GCP server. This server provides X.509 certificate based authentication. The only requirement is that the client certificate is signed by a…
Raman
  • 548
  • 1
  • 7
  • 17
-1
votes
1 answer

Why this legacy SA has access to resources

I am failing to understand why a particular Google Cloud service account has access to resources in a specific namespace inside GKE. There seem to be no evidence it should have access. Alternatively, it could be me who's misinterpreting IAM / RBAC…
oldhomemovie
  • 14,621
  • 13
  • 64
  • 99
-1
votes
2 answers

How to Authorised all projects in GCP with single GCP SA for terraform

want to create infra in GCP using terraform whenever any new project create in ORG. I want to create only one Service Account and using that SA want to create infra for any future projects as well, I want to automate it using bitbucket…
Bhumiraj Parmar
  • 1
  • 1
-1
votes
2 answers

How to give access to "VM Instances" to the intern? with @gmail.com email address (GCP)

I got an developer intern. I need him to access GCP paid VM Instance I created so he can start developing. He should have root access through sudo, and preferably his own username linux account so we can see his files when he clones repo's,installs…
Lucas S.
  • 77
  • 6
-1
votes
1 answer

Error creating BackendService: googleapi: Error 403: Required 'compute.backendServices.create' permission for 'projects/myproject-137813/global/backen

On GCP, I'm trying to create a Backend Service with this Terraform code below: resource "google_compute_backend_service" "default" { name = "backend-service" backend { group =…
Super Kai - Kazuya Ito
  • 22,221
  • 10
  • 124
  • 129
-1
votes
1 answer

Using secret manager across multiple client organizations

Let's say I have an application that is used by two companies. These companies have database (and other) connections that will be stored in Secret Manager: Company: General Motors Resource: Oracle Database Credentials Resource: SSH Key…
David542
  • 104,438
  • 178
  • 489
  • 842
1 2 3
44
45