These roles grant the ability to create, overwrite, and delete storage buckets.
Users need to specify a storage bucket when enrolling a resource for auditing.
resourcemanager.organizations.setIamPolicy
This additional permission is required to enroll an organization.
resourcemanager.folders.setIamPolicy
This additional permission is required to enroll a folder.
This role grants the ability to create, read, update, delete, view, and
list custom compliance frameworks (Preview). This role can only be assigned at the organizational level.
This role grants the ability to view and list custom compliance frameworks (Preview).
This role is required to run audits against custom compliance frameworks (Preview). This role
can only be assigned at the organizational level.
For more information about granting roles, see the
IAM documentation.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-05 UTC."],[[["This page outlines the necessary IAM roles and permissions for using Audit Manager and custom compliance frameworks."],["Administrators require the Audit Manager Admin, Storage Admin, or Storage Legacy Bucket Owner roles, along with additional permissions for organizations and folders."],["Auditors need the Audit Manager Auditor and Storage Legacy Object Reader roles to run audits and view reports."],["Framework administrators require the Audit Manager Custom Compliance Framework Admin role to manage custom compliance frameworks."],["Framework viewers require the Audit Manager Custom Compliance Framework Viewer role to view custom compliance frameworks, which is also required to run audits on them."]]],[]]
