Create a custom IAM role at the project level
Learn how to create a custom role with IAM permissions at the project level.
-
Using the following gcloud command:
gcloud iam roles create reltio.gbq.connector.global --project=<project-id> --title="Reltio GBQ connector Project Level" --permissions=bigquery.jobs.create,bigquery.jobs.get,serviceusage.services.use
-
Using the Google Cloud console.
To create an IAM role using the Google Cloud console:
- In the Google Cloud console, select Roles.
- In the Roles page, select your organization or project from the drop-down list at the top of the page.
- Select the More actions icon at the top of the page.
- Select CREATE ROLE.
- In the Create Role page, provide the following details for your role:
- Select CREATE.
See the following table for a description of the permissions:
Permission | Description |
---|---|
bigquery.jobs.create | Allows the creation of BigQuery jobs, such as loading data into tables. This is used for table or view recreation and compaction operations. |
bigquery.jobs.get | Enables retrieval of information about BigQuery jobs. This is used for table or view recreation and compaction operations. |
serviceusage.services.use | Grants the ability to use services within a project, including consuming quota and billing. This permission is necessary for the service account to use the BigQuery API and other Google Cloud services. |