--- title: "Creating a Custom Role for GCP Organization Application" slug: "custom-role-gcp-org-wif" updated: 2026-06-15T11:15:18Z published: 2026-06-15T11:15:18Z canonical: "docs.britive.com/custom-role-gcp-org-wif" --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.britive.com/llms.txt > Use this file to discover all available pages before exploring further. # Creating a Custom Role for GCP Organization Application You must create a custom role and permissions in GCP. 1. Log in to the GCP Console using administrative privileges. 2. Select **IAM & Admin** -> **Roles** from the navigation menu. 3. Click **+ CREATE ROLE**. 4. Enter the following values on the Create Role page: 1. Enter the **Title** as Britive Integration Role. 2. Enter the **ID** as *BritiveIntegrationRole*. 3. Click **ADD PERMISSIONS** to add the following permissions: ```Permissions iam.roles.get, iam.roles.list, iam.serviceAccountKeys.create, iam.serviceAccountKeys.delete, iam.serviceAccountKeys.get, iam.serviceAccountKeys.list, iam.serviceAccounts.create, iam.serviceAccounts.delete, iam.serviceAccounts.disable, iam.serviceAccounts.enable, iam.serviceAccounts.get, iam.serviceAccounts.getIamPolicy, iam.serviceAccounts.list, iam.serviceAccounts.setIamPolicy, iam.serviceAccounts.undelete, iam.serviceAccounts.update, orgpolicy.policy.get, resourcemanager.folders.get, resourcemanager.folders.getIamPolicy, resourcemanager.folders.list, resourcemanager.folders.setIamPolicy, resourcemanager.organizations.get, resourcemanager.organizations.getIamPolicy, resourcemanager.organizations.setIamPolicy, resourcemanager.projects.get, resourcemanager.projects.getIamPolicy,  resourcemanager.projects.list, resourcemanager.projects.setIamPolicy ``` 4. The following permissions are required to support BigQuery constraint management. These permissions can be ignored if you are not using this feature. ```Permissions bigquery.datasets.update, bigquery.tables.get, bigquery.tables.getIamPolicy, bigquery.tables.setIamPolicy ``` 5. The following permissions are required to support Apigee environment constraint management. These permissions can be ignored if you are not using this feature. ```Permissions apigee.environments.get, apigee.environments.getIamPolicy, apigee.environments.setIamPolicy ``` 6. The following permissions are required to support scanning AI identities. These permissions can be ignored if you are not using this feature. ```Permissions aiplatform.locations.get, aiplatform.locations.list,aiplatform.reasoningEngines.get,aiplatform.reasoningEngines.list ``` 7. Click **ADD**. 5. Click **CREATE**. For more information about custom roles in GCP, see [Creating and managing custom roles](https://cloud.google.com/iam/docs/creating-custom-roles#iam-custom-roles-create-console).