Creating a Custom Role in GCP

Complete the following steps to create a custom role in GCP: 

1. Go to GCP Console & search for IAM & Admin and click Roles.

Open

Open

2. Click on Create Role.

3. Create Custom Role for Storage Buckets.

   1. Add title for the role and click Add Permission.
      
      

   2. Search for Storage Admin. Select the checkbox and click OK.
      
      

   3. Search for buckets in the filter and select two required permissions:

      • storage.buckets.list

      • Storage.buckets.getIamPolicy

   4. Click Add.

   5. Click Create.
      
      

   6. Role would have been created now.

4. Create Custom Role for internal ranges.

   1. Add title for the role and click Add Permission.

   2. Search for Storage Admin and click the checkbox and click OK.
      
      

   3. Search for networkconnectivity in the filter and select 13 needed permissions:
      
      

      • networkconnectivity.internalRanges.create

      • networkconnectivity.internalRanges.delete

      • networkconnectivity.internalRanges.get

      • Networkconnectivity.internalRanges.getIamPolicy

      • networkconnectivity.internalRanges.list

      • networkconnectivity.internalRanges.setIamPolicy

      • networkconnectivity.internalRanges.update

      • networkconnectivity.locations.get

      • networkconnectivity.locations.list

      • networkconnectivity.operations.cancel

      • networkconnectivity.operations.delete

      • networkconnectivity.operations.get

      • networkconnectivity.operations.list

5. Click Create

The role is created.