Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [google-iam]

38 questions
0
votes
0 answers

GCP- Alert for adding new user or service account to a project

I want to create an alert in my project in GCP that lets me know when a new user or service account is added to the project. I understand I need to use Logs Explorer and run a query but I am not sure what query to run. Thanks!
Nicholas Ziccardi
  • 1
  • 1
0
votes
1 answer

Compute Engine: Restricting SSH usernames

I want to use OS Login with GCP because we use IAM for scoping access to all other resources within GCP (storage buckets, SQL, Redis, etc.). I understand how to restrict users from accessing machines using service accounts and roles. But, I don't…
fuzzybear3965
  • 111
  • 6
0
votes
1 answer

Unable to access GCS Object with storage.objects.get

I have a bucket with uniform permissions (no object level ACLs) and my account has the Owner role on the project which should give full access to all resources. I have even tried adding Storage Admin / Storage Object Admin / Legacy Object Owner…
jtbry
  • 11
  • 1
0
votes
1 answer

Can GCDS (Google Cloud Directory Sync) trigger a cloud function?

I would like to run a Google Cloud function that renames the posixAccounts -> {username,homeDirectory} in Google Directory . I am hoping that it's possible to have the function triggered after a successful run of GCDS. Is this possible? Is there a…
GuyMatz
  • 101
0
votes
1 answer

fine-grained access for GCP OSLogin / osAdminLogin?

Is it possible to control which users/groups get which sudo privileges? Or is it an all-or-nothing proposition?
GuyMatz
  • 101
0
votes
0 answers

Deploying a GCP cloud function: terraform throws error but via gcloud function deploy it works

I'm trying to deploy a cloud function via terraform: + resource "google_cloudfunctions_function" "scc-function" { + available_memory_mb = 256 + description = "scc notification handler" + entry_point …
HenkeZ
  • 1
0
votes
1 answer

IAP with Google Identity Platform throws "Failed to fetch the discovery document from issuer"

I have activated Identity Aware Proxy on a GCP Load Balancer and configured it to authenticate the users against my OIDC Identity Provider (Auth0) through Google Identity Platform with a default login page hosted on Cloud Run. When I browse my…
MariusPontmercy
  • 677
  • 4
  • 15
0
votes
0 answers

Is there a way to migrate google cloud git repo into another new cloud project?

I'm working with source cloud (google cloud) repositories and I have a google cloud project that contains 4 cloud repositories. I want to split those repos each into a new cloud project. Is there a way to do that without clone the repo locally and…
Jumana Saad
  • 1
0
votes
0 answers

Google cloud function - Unable to deploy

I have lots of cloud function deployed and working fine. (I am the project owner) Now I am not able to deploy any function and keep on getting this error - ERROR: gcloud crashed (ConnectionError): ('Connection aborted.', OSError("(10054,…
Rajesh bhardwaj
  • 1
0
votes
1 answer

Google Cloud Project with No Owner

We have a Google Cloud project on my team and the owner has since left the organization. We still have access to the project because someone on my team in an editor but editors cannot give others access. She is leaving the team and we are trying to…
Rachel S.
  • 1
0
votes
1 answer

GCP deployment to create storage bucket fails on missing storage.buckets.get access

I want to create a cloud storage bucket programatically using deployment manager, but the deployment fails with the following error: ERROR: (gcloud.deployment-manager.deployments.create) Error in Operation…
Carlos Rodriguez
  • 103
  • 2
0
votes
2 answers

GCP Owner and Administrator roles for organization

I am assigned "Owner" role on the whole GCP organization, yet I cannot access organization IAM or billing accounts. I've tried running a query on principal, I can see my account as a member of "roles/owner" role, but still nothing. Is it a bug or is…
Victor
  • 1
  • 1
  • 1
0
votes
1 answer

Velero installation failing from a VM host in GCP

I am trying to install velero on a GKE Cluster from a GCP Compute Engine Host using below steps https://github.com/vmware-tanzu/velero-plugin-for-gcp I am installing velero from the VM host using below command velero install --provider gcp…
Zama Ques
  • 443
  • 1
  • 8
  • 24
0
votes
1 answer

how do i list all the perms of a pre defined role?

I see this crap in lots of google docs: They are doing a terrible job with documentation here. I want to create a custom role. custom roles dont support adding predefined roles and dont support wildcard permissions. I NEED to know ALL the perms of…
red888
  • 4,069
  • 16
  • 58
  • 104
0
votes
1 answer

Google Cloud IAM Instance granular access

Is there any way on Google Cloud IAM roles setup to give access/visibility to some VM Instances of the project and not to the whole of them? Ideally just to the ones that the user creates and not to the rest. As far as I tried roles apply to all of…
Imnl
  • 103
  • 3
1
2
3