如何在 GCP 中为项目添加权限?
[英]How to add permissions to a project in GCP?
问题描述
I'm trying to set up a GCP billing alert using Terraform. The docs say :
我正在尝试使用 Terraform 设置 GCP 计费警报。 文档说:
Your account must have the serviceusage.services.use permission on the billing_project you defined.
The Google docs also say to set this permission on the project but don't say how. Google 文档还说要在项目上设置此权限,但没有说明如何设置。
How can I add that permission to my project (either via the console or ideally Terraform) to allow myself to create billing alerts?我如何将该权限添加到我的项目(通过控制台或最好是 Terraform)以允许我自己创建账单提醒?
My provider currently looks like this:我的提供者目前看起来像这样:
provider "google-beta" {
alias = "billing"
billing_project = "me-${var.env}"
project = "me-${var.env}"
region = "europe-west1"
zone = "europe-west1-d"
user_project_override = true
}
1 个解决方案
解决方案1
0 2021-10-05 11:56:14
Cloud budgets can only be created and managed by users with a Billing Account Administrator role, or a custom role with appropriate budget management permissions.云预算只能由具有计费帐户管理员角色或具有适当预算管理权限的自定义角色的用户创建和管理。 This means that project owners without the Billing Account Admin role cannot create budgets for their respective projects.这意味着没有 Billing Account Admin 角色的项目所有者无法为其各自的项目创建预算。
To create a budget for your Cloud Billing account, you need a role that includes the following permissions on the Cloud Billing account:要为您的 Cloud Billing 帐号创建预算,您需要一个对 Cloud Billing 帐号具有以下权限的角色:
- billing.budgets.create to create a new budget. billing.budgets.create创建新预算。
- billing.budgets.get and billing.budgets.list to view all budgets for the Cloud Billing account. billing.budgets.get 和 billing.budgets.list查看 Cloud Billing 帐户的所有预算。
To gain these permissions, ask your administrator to grant you one of the following Cloud Billing IAM roles on your Cloud Billing account:要获得这些权限,请让您的管理员在您的 Cloud Billing 帐户上授予您以下Cloud Billing IAM角色之一:
- Billing Account Administrator计费帐户管理员
- Billing Account Costs Manager计费帐户成本经理
Steps to add or remove Cloud Billing permissions:添加或删除 Cloud Billing 权限的步骤:
1.Sign in to the Google Cloud Console. 1.登录谷歌云控制台。
Open the Cloud Console Navigation menu and then select Billing .
打开 Cloud Console Navigation 菜单,然后打开 select Billing 。If you have more than one Cloud Billing account, do one of the following:
如果您有多个 Cloud Billing 帐号,请执行以下操作之一:- To manage Cloud Billing for the current project, select Go to linked billing account.要管理当前项目的 Cloud Billing,请拨打 select Go 至关联的结算帐号。
- To locate a different Cloud Billing account, select Manage billing accounts and then choose the account that you want to manage.要查找其他 Cloud Billing 帐号,请拨打 select管理结算帐号,然后选择您要管理的帐号。
- To manage Cloud Billing for the current project, select Go to linked billing account.
In the Billing navigation menu, click Account management .
在结算导航菜单中,点击账户管理。Use the Permissions panel to edit permissions for the selected Cloud Billing account.
使用“权限”面板修改所选 Cloud Billing 帐号的权限。 If the panel isn't already visible, click SHOW INFO PANEL to open it.如果面板尚不可见,请单击“显示信息面板”将其打开。
The Permissions panel is organized by role, along with the number of principals that have each role.权限面板按角色以及具有每个角色的委托人数量进行组织。 For example, in your permissions panel, you might see - Billing Account Administrator (2 principals) - Billing Account User (6 principals) - Billing Account Viewer (10 principals)例如,在您的权限面板中,您可能会看到 - 计费账户管理员(2 个委托人) - 计费账户用户(6 个委托人) - 计费账户查看者(10 个委托人)
You can grant multiple roles to the same principal.您可以向同一委托人授予多个角色。
To view the list of principals that have a role, click the role name to expand (or collapse) the list of principals.要查看具有角色的委托人列表,请单击角色名称以展开(或折叠)委托人列表。
Refer to the links to update Cloud Billing permissions and creating budget alerts.请参阅更新 Cloud Billing 权限和 创建预算提醒的链接。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.