Unify and manage your data

Create a custom IAM role for GCP

Learn how to create an IAM role.

Create a custom role that has the permissions required to access the bucket and get objects. You must have the editor role to do this. For more information, see topic Roles.

To create a custom IAM role:

  1. In the Google Cloud console, select Roles.
  2. In the Roles page, select your organization or project from the drop-down list at the top of the page.
  3. Select the More actions icon at the top of the page.
  4. Select CREATE ROLE.
  5. In the Create Role page, provide the following details for your role:
    1. Title: Enter the role name.
    2. Description: Enter the role description.
    3. Select + ADD PERMISSIONS.
    4. In the Add permissions window, select the storage.buckets.get, storage.objects.get, and storage.objects.list permissions to include in the role by searching for the permission in the Enter property name or value field. The assigned permissions are displayed in the assigned permissions section.
    5. Select the permissions.
    6. Select ADD.
  6. Select CREATE.