Quota permissions

The predefined IAM role for permissions is named Quota Administrator. This role can be assigned at the project, folder, and organization levels.

  • If granted at the project level, the user will have permission to perform project-level operations.
  • If granted at the folder level, the user will have permission to perform project-level operations for all projects in that folder.
  • If granted at the organization level, the user will have permission to perform organization level operations. Because IAM permissions are inherited from the top level, this user will also be granted project and folder level permissions.

Users who are part of the Project Owners role can assign the Quota Administrator role to other users at the project level. Users in the Organization Owner role can assign the Quota Administrator role at the organization level.

Permissions for viewing project quota

To view your project quota in the Google Cloud console or to access your project quota programmatically, you must have the following Identity and Access Management (IAM) permissions:

To learn which roles include these permissions by default, see the IAM permissions reference.

Permissions for changing project quota

To change your quota at the project level, folder level, or organization level, you must have the following IAM permission:

This permission is included by default for the following roles: Owner, Editor, Quota Administrator, and Service Usage Admin.

Permissions for viewing quota increase requests

To view quota increase requests in the Google Cloud console, you must have the following IAM permissions:

Permissions for creating an alert policy for a quota

To set up quota alerts, you must have the following permission:

  • monitoring.alertPolicies.create