stackoom
  简体   繁体   中英

How to add permissions to a project in GCP?

 原文  2021-10-05 08:20:17       google-cloud-platform/ terraform-provider-gcp

Question

I'm trying to set up a GCP billing alert using Terraform. The docs say :

Your account must have the serviceusage.services.use permission on the billing_project you defined.

The Google docs also say to set this permission on the project but don't say how.

How can I add that permission to my project (either via the console or ideally Terraform) to allow myself to create billing alerts?

My provider currently looks like this:

provider "google-beta" {
  alias                 = "billing"
  billing_project       = "me-${var.env}"
  project               = "me-${var.env}"
  region                = "europe-west1"
  zone                  = "europe-west1-d"
  user_project_override = true
}

1 answers

solution1
 0  2021-10-05 11:56:14

Cloud budgets can only be created and managed by users with a Billing Account Administrator role, or a custom role with appropriate budget management permissions. This means that project owners without the Billing Account Admin role cannot create budgets for their respective projects.

To create a budget for your Cloud Billing account, you need a role that includes the following permissions on the Cloud Billing account:

To gain these permissions, ask your administrator to grant you one of the following Cloud Billing IAM roles on your Cloud Billing account:

  • Billing Account Administrator
  • Billing Account Costs Manager

Steps to add or remove Cloud Billing permissions:

1.Sign in to the Google Cloud Console.

  • Open the Cloud Console Navigation menu and then select Billing .

  • If you have more than one Cloud Billing account, do one of the following:

    • To manage Cloud Billing for the current project, select Go to linked billing account.
    • To locate a different Cloud Billing account, select Manage billing accounts and then choose the account that you want to manage.

  1. In the Billing navigation menu, click Account management .

  2. Use the Permissions panel to edit permissions for the selected Cloud Billing account. If the panel isn't already visible, click SHOW INFO PANEL to open it.

The Permissions panel is organized by role, along with the number of principals that have each role. For example, in your permissions panel, you might see - Billing Account Administrator (2 principals) - Billing Account User (6 principals) - Billing Account Viewer (10 principals)

You can grant multiple roles to the same principal.

To view the list of principals that have a role, click the role name to expand (or collapse) the list of principals.

Refer to the links to update Cloud Billing permissions and creating budget alerts.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to add my project to multiple GCP resource locations? GCP - how to add a Google account as an IAM principal to a project can't add 'allUsers' to GCP project GCP Bucket Permissions by Prefix How to granting permissions to randomly create service account on GCP? How to list all permissions granted to a specific principal on GCP? GCP: how to transfer a model to another project Get list of assets/resource for a given project in GCP without any organization level permissions How to disable the multi tenant feature for a GCP project? How To Create A Central Auth Project In GCP/Firebase?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM