Configure access control for Producer Portal users

This page describes the Identity and Access Management (IAM) roles and permissions that you'll need to grant to members of your team who use Producer Portal.

For more information about granting access to roles and resources, see the IAM documentation on Granting, changing, and revoking access to resources. If you don't have the permissions you need to grant roles, contact your organization's administrator and request access.

Access control for managing your Partner Advantage account and your organization

For users to manage your Partner Advantage account and your organization-level settings, grant them one of the following two roles:

Access control for viewing product listings

For users to view in-progress product listings that you create in Producer Portal, grant them the Commerce Producer Viewer role.

Access control for creating and managing product listings

For users to create and manage product listings in Producer Portal, grant them the following roles:

Additional roles for software as a service (SaaS) products

For SaaS products, where you need to create a service account to interact with the Cloud Commerce Consumer Procurement API and report usage to us, grant your users the Service Account Admin role.

Additional roles for virtual machine (VM) and Kubernetes products

For VM or Kubernetes products, grant your users the Compute Storage Admin role.

If you used the VM guided configuration to create your VM product's deployment package, grant your users the following roles for the Cloud Storage bucket where you store your product's deployment package:

Access control for previewing your products in Cloud Marketplace

If you want users to be able to preview your product's listing as your customers see it in Cloud Marketplace, you must grant them the following role:

Access control for creating and managing private offers in Producer Portal

For users to create and manage private offers in the Private offers tab of Producer Portal, grant them the following roles:

Access control for viewing key events for private offers

For users to view the history of an offer that your organization has published, grant them the Commerce Price Management Events Viewer role.

Access control for managing disbursements and payments in Producer Portal

For users to create payment profiles to manage disbursement and payment settings in the Payments tab of Producer Portal, grant them the following roles:

Access control for reselling of your Cloud Marketplace products

If you've allowed resellers to resell your Cloud Marketplace products, you can refer to the following guidelines for granting roles within your Google Cloud organization.

Access control for viewing which resellers are allowed to resell your products

For users to view which resellers are allowed to resell your Cloud Marketplace products, or which resellers have been disallowed from reselling your products, grant them one of the following roles:

Access control for managing which resellers are allowed to resell your products

For users to manage which resellers are allowed to resell your Cloud Marketplace products, grant them the Commerce Business Enablement Configuration Admin (roles/commercebusinessenablement.admin) role.

Access control for viewing reseller discounts in Producer Portal

For users to view resources and configurations related to reseller discounts in Producer Portal, grant them the following roles:

Access control for creating and managing reseller discounts in Producer Portal

For users to create and manage resources and configurations related to reseller discounts in Producer Portal, grant them the following roles:

Access control for managing analytics and reports in Producer Portal

For users to manage analytics, test accounts, sales lead management, and reports for your products in the Analytics, Sales lead management, and Reports tabs of Producer Portal, grant them the following roles: