0

I have a project in Google Cloud that I'm trying to add an "editor" to (I will remain the sole project owner). I have added this person using their gmail address in the IAM permissions but the project does not show up in their projects list when they log into the GCP console.

I'm using the instructions here: https://cloud.google.com/iam/docs/granting-changing-revoking-access

  1. Open the IAM page in the GCP Console.
  2. Open the IAM page
  3. Click Select a project, choose a project, and click Open.
  4. Click Add.
  5. Enter an email address
  6. Select a role.
  7. Click Save.

Is there something that I'm missing here?

Improve this question
10
  • What kind of editor role are you grating to the user involved?
    – Miguel
    Oct 31, 2019 at 11:31
  • When searching for the project, the user should make sure that they are also searching it in the right organization.
    – Miguel
    Oct 31, 2019 at 11:33
  • I am adding the person as a project editor. We have no organisation or Cloud Identity defined. I couldn't find any information to indicate that either was necessary but I was wondering if that was perhaps a contributing factor?
    – Zac Soden
    Oct 31, 2019 at 22:02
  • Have the user run this command gcloud auth list. Verify that the identity is correct. They run gcloud projects list. If your project does not show up, then you have added them wrong. If it does show up, then go to the Console, IAM, Resource Manager. Also, double-check what identity they are logging in to the Console.
    – John Hanley
    Nov 1, 2019 at 4:56
  • The project shows up in the gcloud projects list listing, but not in Console->IAM->Resource Manager. We also get the same result in reverse if this person tried to add me as an editor in one of their projects.
    – Zac Soden
    Nov 1, 2019 at 5:36

3 Answers 3

Reset to default
1

I have found that at least at the time of this writing if the user does not have access to read all projects in an organization then no projects will show up. If the user has landed in a resource that is accessible to them for a given project then such a project will show up under the proper organization.

Here is how to replicate:

  1. As an admin create a "newProject990055" under an existing organization, select it and navigate to the IAM menu.
  2. Add a user with just the role "Logs Viewer" for "newProject990055".
  3. Login with such a user and try to select project "newProject990055". Expected: User won't see "newProject990055" because the user has no access to list all projects, and "newProject990055" is new, and the user has never visited it before.
  4. With such a user hit https://console.cloud.google.com/logs/query?project=newProject990055. Expected: User will see the logs for the "newProject990055" project and user will be notice that such a project is selected.
  5. Logoff and login back with such a user, click on the dropdown for projects. Expected: User should be able to see project "newProject990055" because even though the user has no access to list all projects, and "newProject990055" is new, the user has already visited it before.
Improve this answer
0

The solution to this problem seems to be patience. After adding a new user it seemed to take a few days before they could access the project correctly. I had noted somewhere in the documentation that there can be delays when adding new permissions but I was surprised how long it took!

Improve this answer
0

I was also facing the same issue, below is my scenario -

  1. I was added as a Editor to project - XYZ.
  2. I was able to login into console and check details.
  3. When I am trying to set project in cloud sdk, I was not able to view the project XYZ in my list.

Solution -

  1. gcloud auth login
  2. gcloud init

it worked for me.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .