Google Identity Access and Management (IAM) offers the ability to create customized IAM roles. With this release, you can create custom IAM roles and assign the role one or more permissions. Then, you can grant the newly-created role to users who are part of your project. Use custom roles to create an access control model that maps directly to your needs, alongside the available predefined roles offered by Google.
You can find out which permissions are required for each method in the Compute Engine API reference documentation:
This document does not describe how to create a custom role. You can find in-depth information about custom roles and step-by-step instructions to create custom a role, in Creating and Managing Custom Roles.
Before you begin
- Read the Google Cloud IAM documentation.
Cloud Platform Console permission
To use the Google Cloud Platform Console to access Compute Engine resources, you must grant or be granted the following permission on the project: