Questions tagged [google-iam]
The google-iam tag has no usage guidance.
14
questions with no upvoted or accepted answers
0
votes
0
answers
16
views
How can I get IAM policies for a GCP service account that is Google-provided?
I can ask for the details of a service account with
gcloud iam service-accounts describe <SA-email> --project=<PROJECT>
This will give the description, display name, OAuth client, etc. ...
0
votes
1
answer
181
views
GCP- Alert for adding new user or service account to a project
I want to create an alert in my project in GCP that lets me know when a new user or service account is added to the project. I understand I need to use Logs Explorer and run a query but I am not sure ...
0
votes
1
answer
77
views
Compute Engine: Restricting SSH usernames
I want to use OS Login with GCP because we use IAM for scoping access to all other resources within GCP (storage buckets, SQL, Redis, etc.). I understand how to restrict users from accessing machines ...
0
votes
1
answer
176
views
fine-grained access for GCP OSLogin / osAdminLogin?
Is it possible to control which users/groups get which sudo privileges? Or is it an all-or-nothing proposition?
0
votes
1
answer
316
views
IAP with Google Identity Platform throws "Failed to fetch the discovery document from issuer"
I have activated Identity Aware Proxy on a GCP Load Balancer and configured it to authenticate the users against my OIDC Identity Provider (Auth0) through Google Identity Platform with a default login ...
0
votes
0
answers
180
views
Google cloud function - Unable to deploy
I have lots of cloud function deployed and working fine. (I am the project owner)
Now I am not able to deploy any function and keep on getting this error -
ERROR: gcloud crashed (ConnectionError): ('...
0
votes
1
answer
701
views
Google Cloud Project with No Owner
We have a Google Cloud project on my team and the owner has since left the organization.
We still have access to the project because someone on my team in an editor but editors cannot give others ...
0
votes
1
answer
221
views
how do i list all the perms of a pre defined role?
I see this crap in lots of google docs:
They are doing a terrible job with documentation here.
I want to create a custom role. custom roles dont support adding predefined roles and dont support ...
0
votes
1
answer
187
views
Mapping an IAM role to a Cloud Identity organizational unit
In the GCP IAM console, I can add either the entire organization (the domain of example.com) or individual users to Roles. However, I have the users setup in GSuite/Cloud Identity and organized into ...
0
votes
1
answer
58
views
Can a service account access all APIs?
For an api-key, one can define which APIs can be accessed with that api-key, but for service accounts, you seemingly can't. I thought maybe I could create a new role that only allows access to the ...
0
votes
1
answer
435
views
How do I determine the least privilege permissions for a service account applying Terraform plans?
EDIT: Since I can't "trigger" Recommender to make this calculation, and I can't get at the source dataset, is there an automated way of finding the IAM permissions a service account would need to ...
0
votes
1
answer
36
views
New with Organization node and permissions on GCP
I am working with GCP within my university's CS program. My university does have an organizational node which our IT department is not using and has given me permission to use it for my class. I ...
0
votes
1
answer
393
views
Required GCP IAM permissions for accessing/managing Google Maps/Places API
I searched through the roles in the IAM role management and was unable to find roles to access and manage APIs & Service in GCP so that I can give a person access to specific API Services only.
...
0
votes
1
answer
159
views
GCP Oslogin error
I have enabled os-login for an instance by setting the metadata value as 'enable-oslogin=TRUE'. Even after setting the IAM roles as Organization admin and Owner of the project the issue persists as ...