The Advisory Notifications service uses Security and Privacy Advisory notifications to inform you of critical security and privacy events.
Who receives Security and Privacy Advisory notifications
Advisory Notifications integrates with Essential Contacts to identify which users should receive notifications. Essential Contacts lets you control who receives notifications by providing a list of contacts. Make sure that your organization-level essential contacts are up to date. For more information, see Managing contacts for notifications.
If Essential Contacts hasn't been configured, Advisory Notifications sends notifications to the default contacts, which are determined by Identity and Access Management roles. Advisory Notifications determines which, if any, users have been granted a highly privileged role in the following descending order:
- Organization Administrator (
roles/resourcemanager.organizationAdmin) - Project Owner (
roles/owneron a project) - Billing Account Administrator (
roles/billing.admin)
If one or more users have been granted the Organization Administrator role, only they are contacted. If no users have been granted the Organization Administrator role, then Advisory Notifications moves on to the next role in the hierarchy and determine if one or more users have been granted the Project Owner basic role on any project owned by the organization. If any are found, only they are contacted. Finally, if no users have been granted the Organization Administrator or Project Owner role, Advisory Notifications contacts any users who have been granted the Billing Account Administrator role on any billing account owned by the organization.
What's next
- Learn about Sensitive Actions notifications.
- Learn how to view notifications.