If you do not have the roles specified in GCP Compliance and Audit Log Integration - Run app.py Python Script, ask your GCP administrator to complete the steps in this section.
After creating custom role(s) or identifying a set of existing roles with the required permissions listed above, your must grant the GCP user that will run the script these roles for the setup project as described in the following procedure.
- Log in to the GCP Console and click located in the top left corner.
- Select IAM & admin > IAM.
- Click the down arrow in the top menu bar. The Select from dialog appears.
- From the Select from the drop-down, select an organization that contains your GCP setup project. The setup project is where the resource deployment will occur.
- Select the ALL tab.
- In the Select from panel, locate and double-click the setup project.
- Click Add. Note that you must have permission to add members to the project for the ADD button to be active.
- In the New members field, enter the email address of the GCP user that will run the script.
- Click the Select a role field.
- In the Type to filter field, enter a role with the required permissions.
- For any additional roles that contain more of the required permissions repeat the following step: Enter the role and click + ADD ANOTHER ROLE.
- Click SAVE.