This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Shared VPC Query

Posted on 09-08-2022 07:37 AM
learningcloud44
New Member
Reply posted on --/--/---- --:-- AM

I have created shared VPC with user in host project, created three subnets and attached service project. I have given subnet level permission only for 2 subnets to service project ( for the user ). But in service project i can see all three subnets. User has organisation administrator, owner permissions which are inherited from organisation. Is this the reason why user can see all subnets in service project?

0 1 184
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
grobledo
Staff
Reply posted on --/--/---- --:-- AM

Yes, both roles (Organization Administrator and Owner) allow you to get and list all the resources in the Organization/Project and are conflicting with the permissions given by the Service Project Admin. You need to revoke these roles first, but be very careful when revoking permissions to users as you can lose access to GCP resources inadvertently.

0 Likes
Top Labels in this Space
Top Solution Authors
View all