Menu
I checked the IAM & admin in the GCP console UI. I have two roles: (Company name) Project Owner and Editor. The member is my company email address.
But when I try to edit(the edit button) other people's roles and permissions, I got below message:
You need permissions for this action. Required permission(s): resourcemanager.projects.setIamPolicy
My (Company name) Project Owner role is granted by the project manager. It seems I only have Editor role permission.
Update
I have an organization like this:
company.com
For project_b, I have the roles described above and meet this issue.
When I check the Over granted permissions(click 1489/1601) of (Company name) Project Owner, I got this:
There is no recommendation available at this time for this binding. However, you do not have permission to view the analysis of the current role definition.
But I can check Over granted permissions for Editor Role. I can only give as much information as I can
418
As mentioned in the comments, Project Owner is not one of the Primitive Roles for projects in GCP. It's most likely that Project Owneris a Custom Role created to provide access to users in your Organization.
The permission resourcemanager.projects.setIamPolicyis only contained in the following Roles:
roles/owner)roles/iam.securityAdmin)roles/resourcemanager.folderAdmin)roles/resourcemanager.organizationAdmin)roles/resourcemanager.projectIamAdmin)You can learn more about which permissions are included with every of these roles in the Cloud IAM Documentation. I would suggest to ask an Organization Administrator to assign the role Project IAM Admin to your user, as this role is very specific to provide permissions to administer Cloud IAM policies on projects only. They could also add the individual roles to the custom Project Owner role, and this would allow anyone in the organization who has the role assigned to manage IAM policied within their projects.
134
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
