Is there any possibility to add permissions at GCP organizational folder level #585
-
|
Is there any possibility to add permissions at GCP folder level or even at organizational level (rare requirement)? |
Beta Was this translation helpful? Give feedback.
Answered by
jpassing
Sep 16, 2024
Replies: 1 comment
-
|
Not in the current version, but the feature is already implemented and will be part of the JIT Groups 2.1 release which is due in a few days. WIth that version, you'll be able to configure role bindings for folders and organiations in the privileges:
iam:
- resource: organizations/123
role: roles/resourcemanager.organizationViewer
description: "View basic details about the organization"
- resource: folders/12345
role: roles/compute.viewer
description: "View all Compute resources in folder 12345"
- resource: folders/12345
role: roles/compute.admin
condition: "resource.name.contains('/zones/asia-southeast1-a/')"
description: "Administrate Compute resources in folder 12345 for zone asia-southeast1-a" |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
dhamkannan
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Not in the current version, but the feature is already implemented and will be part of the JIT Groups 2.1 release which is due in a few days.
WIth that version, you'll be able to configure role bindings for folders and organiations in the
privilegessection, for example: