You must create a custom role and permissions in GCP.
- Log in to the GCP Console using administrative privileges.
- Select IAM & Admin -> Roles from the navigation menu.
- Click + CREATE ROLE.
- Enter the following values on the Create Role page:
- Enter the Title as Britive Integration Role.
- Enter the ID as BritiveIntegrationRole.
- Click ADD PERMISSIONS to add the following permissions:Permissions
iam.roles.get, iam.roles.list, iam.serviceAccountKeys.create, iam.serviceAccountKeys.delete, iam.serviceAccountKeys.get, iam.serviceAccountKeys.list, iam.serviceAccounts.create, iam.serviceAccounts.delete, iam.serviceAccounts.disable, iam.serviceAccounts.enable, iam.serviceAccounts.get, iam.serviceAccounts.getIamPolicy, iam.serviceAccounts.list, iam.serviceAccounts.setIamPolicy, iam.serviceAccounts.undelete, iam.serviceAccounts.update, orgpolicy.policy.get, resourcemanager.folders.get, resourcemanager.folders.getIamPolicy, resourcemanager.folders.list, resourcemanager.folders.setIamPolicy, resourcemanager.organizations.get, resourcemanager.organizations.getIamPolicy, resourcemanager.organizations.setIamPolicy, resourcemanager.projects.get, resourcemanager.projects.getIamPolicy, resourcemanager.projects.list, resourcemanager.projects.setIamPolicy - The following permissions are required to support BigQuery constraint management. These permissions can be ignored if you are not using this feature. Permissions
bigquery.datasets.update, bigquery.tables.get, bigquery.tables.getIamPolicy, bigquery.tables.setIamPolicy - The following permissions are required to support Apigee environment constraint management. These permissions can be ignored if you are not using this feature.
apigee.environments.get, apigee.environments.getIamPolicy, apigee.environments.setIamPolicy - Click ADD.
- Click CREATE.
For more information about custom roles in GCP, see Creating and managing custom roles.