In GCP, any user is able to create a project. An organisation may end up having a lot of projects in its hierarchy.
How to we disable all the users from being able to create projects, and only allow a few authorized to do so?
google-cloud-platform
In GCP, any user is able to create a project. An organisation may end up having a lot of projects in its hierarchy.
How to we disable all the users from being able to create projects, and only allow a few authorized to do so?
Best Answer
Permissions are inherited from the top, in this case from the organization:
In Using Resource Hierarchy for Access Control there's a gem at the very bottom:
Specifically, the role you want to disinherit is roles/resourcemanager.projectCreator: