This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

custom roles required access for accessing VM instances across organization

Posted on 05-04-2023 11:15 PM
gcloudLearning
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I need to create a role for viewing all the vm instances in an organization(including projects , folder).

also I need the access in order to install the patches or os config agent(if not installed) in all the vms , taking the vm machine backup and restoring it. creating/listing storage bucket and objects.

Please suggest me minimum roles for the operation .

and will it be fine to create a group --> add members and then assign the roles in organization level to achieve this

0 1 130
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Willbin
Staff
Reply posted on --/--/---- --:-- AM

Hello @gcloudLearning,

Welcome to Google Cloud Community!

There are basic and predefined roles that you can apply. 
Full control of Compute Engine instances, instance groups, disks, snapshots and images, you may use Compute Instance Admin (v1) role.

roles/compute.instanceAdmin.v1

Please note this is only at an instance level and the user cannot create new instances.

For other roles like Backup and DR admin you may use IAM basic and predefined roles.

I hope this helps.

 

0 Likes