Cloud Identity and Access Management (Cloud IAM) offers the ability to create customized IAM roles. You can create custom IAM roles and assign the role one or more permissions. Then, you can grant the new role to your collaborators. Use custom roles to create an access control model that maps directly to your needs, alongside the available predefined roles offered by Google.
To learn which permissions are required for each method, see the Compute Engine API reference documentation:
This document does not describe how to create a custom role. For in-depth information about custom roles and step-by-step instructions for creating a custom role, see Creating and managing custom roles.
Before you begin
- Read the Cloud IAM documentation.
GCP Console permission
To use the Google Cloud Platform Console to access Compute Engine resources, you must have a role that contains the following permission on the project: