GCP IAM Permissions
Last updated
Was this helpful?
Last updated
Was this helpful?
The services
list allows you to specify which Google Cloud APIs should be accessible in the sandbox. See for more information. The roles
list allows you to specify which Google Cloud IAM roles should be granted to the projects Service and User account. A full list of all the Google Cloud IAM roles can be found here .
Only enable a service if it is required for your track to function. You can test this by removing the service and checking whether the track still works.
You should add compute.googleapis.com
to the services
list and roles/compute.admin
to the roles
list if your track requires virtual machines outside of the standard sandbox virtual machines.
If your track needs a GKE cluster, you will also want to add the Kubernetes Engine API container.googleapis.com
to the services
list and roles/container.admin
to the roles
list.
To set these services:
To add virtual machines to your GCP project, enter the following in the Services field:
And click Add.
Then enter the following in the Roles field:
And click Add. To add a GKE cluster to your GCP project, enter the following in the Assigned Roles field:
And click Add.
Then enter the following in the Roles field:
And click Add.