This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Unable to Access Organization IAM - Individual Developer Locked Out

Posted 3 weeks ago
QiyuanYe
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi Google Cloud Community,

I'm an individual developer facing a challenging IAM issue and hoping someone here might have insights or suggestions.

My Situation:

  • Account: (PII Removed by Staff) (This is my personal account, not tied to any company).

  • Issue: An Organization resource named qiyuanye0625-org (ID: [PII Removed by Staff]) exists, seemingly associated with my account.

  • Problem: Although I am the sole owner/admin of this account, I cannot manage the IAM permissions for this Organization.

  • Error Message: When trying to access Organization IAM settings, I get a permissions error: resourcemanager.organizations.getIamPolicy.

  • The Catch-22: The error message advises contacting the organization administrator – which should be me! This creates a deadlock where I can't grant myself the needed permissions.

What I Need Help With:

I seem to be locked out of managing my own (unexpected) Organization structure. I'd appreciate any guidance on how to resolve this. Specifically, I'm looking for help to:

  1. Regain Control: Find a way to restore full administrative privileges (like roles/resourcemanager.organizationAdmin including the missing resourcemanager.organizations.getIamPolicy permission) for my user (PII Removed by Staff) over the Organization qiyuanye0625-org (ID: [PII Removed by Staff]).

  2. Investigate Policies: Understand if a Principal Access Boundary Policy (or similar restrictive policy) might be causing this block and how to potentially disable or modify it.

Has anyone encountered a similar situation as an individual developer? Any advice on how to break this administrative deadlock would be greatly appreciated!

Thanks for your time and help.

(Account: (PII Removed by Staff) | Organization ID: [PII Removed by Staff])

QiyuanYe_0-1745525167736 (1).png

0 1 71
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
kensan
Staff
Reply posted on --/--/---- --:-- AM

Hi @QiyuanYe,

Welcome to Google Cloud Community

If your personal account was ever associated with a Google Workspace subscription, Google Cloud automatically creates an Organization resource linked to that Workspace domain. The primary Workspace Super Admin usually gets the Organization Admin role initially. If something went wrong during setup or if Workspace settings were changed, permissions might be misaligned. You might want to revisit the Google Cloud Setup checklist to help you establish the organization and administrator users and access.

If you have further questions, please reach out to our Google Cloud Support.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

0 Likes
Top Labels in this Space
Top Solution Authors
View all