Google Cloud Platform - 将“无组织”的 firebase 项目移至“组织”时出错

Question

We initially worked with Google to setup a POC firebase account for us to test out. We ended up continuing with this project and turning it into our production project. Later on down the road, we are now trying to migrate this project to our enterprise organization within GCP so we can configure the correct billing.

However every time we try to migrate the project we get a permissions error.

ERROR: (gcloud.alpha.projects.move) User [email] does not have permission to access projects instance [PROJECT_ID] (or it may not exist): The caller does not have permission

Steps we've taken so far (basically followed this ):

1. We've added the user who is migrating the project into the target organization- giving him the 'Project Creator' role

2. In the source organization ("No Organization"), we added the same user and gave him the role "Project Mover"

3. Then in the GCP cloud console, we used this command:

   gcloud alpha projects move PROJECT_ID --organization ORGANIZATION_ID

4. We then select y to confirm our change and then get the permissions issue again

We've verified that the user has all of the correct permissions across projects, so we're really unsure how to proceed with this migration right now. We've also given the user the roles Organization Policy Administrator and Owner within IAM with no luck.

If anyone has experienced a similar issue, any guidance would be very appreciated!

Thanks!

Answer 1

The user must be a project owner of the project being moved - Project Mover is not enough. The user must also be a Project Creator at the Organization level - adding this role at the project level will not work.

If you are using Folders in the organization, the user will also need either the Folder Admin or Folder Mover role at the Organization level.