Viewing Advisory Notifications

Learn how to configure users for Advisory Notifications and view notifications by using the Google Cloud console.

Before you begin

Ensure that you have the required roles

To view advisory notifications in the Google Cloud console, each user must be granted a role that contains the following Identity and Access Management permissions. These permissions are included in the Advisory Notifications Viewer (roles/advisorynotifications.viewer) IAM role.

  • advisorynotifications.notifications.get
  • advisorynotifications.notifications.list
  • resourcemanager.organizations.get

    Make sure that you have the following role or roles on the organization: Advisory Notifications Viewer

    Check for the roles

    1. In the console, go to the IAM page.

      Go to IAM
    2. Select the organization.
    3. Find the row that has your email address in the Principal column.

      If your email address isn't in that column, then you do not have any roles.

    4. In the Role column for the row with your email address, check whether the list of roles includes the required roles.

    Grant the roles

    1. In the console, go to the IAM page.

      Go to IAM
    2. Select the organization.
    3. Click Add.
    4. In the New principals field, enter your email address.
    5. In the Select a role list, select a role.
    6. To grant additional roles, click Add another role and add each additional role.
    7. Click Save.

Permission assistance in the Google Cloud console

It's possible for a user to receive notification emails from Advisory Notifications but also be unable to view them in the Google Cloud console. If you observe this, it can be because users don't have sufficient permissions as described in the previous section.

To help users receive access, Advisory Notifications provides recipients of each notification email a two-week voucher to request permissions from a highly privileged grantor by using the following instructions:

  1. Click View notification details in the Advisory Notifications email you received.
  2. Optional: If you don't have the required permissions to view the notification, click Request access to gain those permissions. Clicking this button automatically contacts one of your highly-privileged organization administrators and informs them that they need to grant you the required permissions.
  3. After the administrator has granted you the required permissions, you can view the current notification and will be able to view future notifications.

Viewing Notifications

After Advisory Notifications has been enabled for your organization and all desired users have been granted permissions to receive notifications, authorized users can view the notifications in the Google Cloud console.

  1. In the Google Cloud console, select Security from the left navigation menu, and then select Advisory Notifications. Alternatively, click the following link:


    Go to Advisory Notifications

  2. From the list of notifications, click on the notification title to see more information. Note that unread notifications appear in bold.

  3. From the Notification details page, you can see the title, date/time, description, and possibly one or more file attachments associated with the notification. Note that you currently can't delete a notification or change its status from read to unread.

Providing feedback

During this Preview launch, we appreciate any additional feedback about the new Advisory Notifications experience. Please submit your feedback using this form.

Clean up

No additional steps are required to avoid incurring charges to your account.

What's next