I've set up a GCP project, with a few Compute Engine VM Instances that will be used off and on at different times of the day.
So that I don't have to stay glued to the console all the time, what is the minimum/least amount of permissions I can grant to a user, so they can start/stop the instances as needed?
They would also need to download the RDP file (these are Windows instances).
From what I can tell, I need:
- compute.instances.start
- compute.instances.stop
- compute.instances.reset
Am I missing anything?
Best Answer
They would at least need the roles/compute.admin permission to be able to accomplish the tasks mentioned above. You can also read more about Compute Engine IAM roles here. The link attached will provide further information in regards to Compute Engine IAM roles.