Permission Details
Recommender Permissions
recommender.usageCommitmentRecommendations.updateDescription: Allows updating recommendations related to usage commitments in GCP, such as Compute Engine committed use contracts.
Advantages: This permission allows updating usage commitment recommendations. It helps optimize costs by committing to resource usage at lower rates based on analyzed usage patterns.
recommender.computeAddressIdleResourceRecommendations.updateDescription: Allows updating recommendations related to idle Compute Engine addresses, helping to identify and address unused static IP addresses.
Advantages: This permission helps you receive and apply recommendations for unused static IP addresses, allowing you to manage and release unnecessary static IP addresses, thus reducing costs.
recommender.computeDiskIdleResourceRecommendations.updateDescription: Allows updating recommendations related to idle Compute Engine disks, assisting in identifying and managing unused persistent disks.
Advantages: This permission helps you optimize storage costs by receiving and applying recommendations for unused persistent disks, effectively managing storage resources.
recommender.computeImageIdleResourceRecommendations.updateDescription: Allows updating recommendations related to idle Compute Engine images, aiding in the identification and handling of unused custom images.
Advantages: This permission helps optimize the management of custom VM images by receiving and applying recommendations for unused images, freeing up unnecessary storage space.
recommender.computeInstanceGroupManagerMachineTypeRecommendations.updateDescription: Allows updating recommendations for Compute Engine instance group manager machine types, which helps in optimizing the types of virtual machine instances used in managed instance groups.
Advantages: This permission allows you to receive and apply recommendations for the machine types used by instance group managers, optimizing the virtual machine types used in managed instance groups, enhancing efficiency, and saving costs.
recommender.computeInstanceIdleResourceRecommendations.updateDescription: Allows updating recommendations for idle Compute Engine instances, assisting in the identification and management of virtual machines that are not in use.
Advantages: This permission helps identify and manage idle virtual machines, enabling cost optimization by shutting down or removing unnecessary VMs.
recommender.computeInstanceMachineTypeRecommendations.updateDescription: Allows updating recommendations for Compute Engine instance machine types, helping in optimizing the types of virtual machines used based on usage patterns.
Advantages: This permission allows you to receive and apply recommendations for VM machine types, optimizing performance and costs based on actual usage needs.
recommender.iamPolicyRecommendations.updateDescription: Allows updating IAM policy recommendations, which can help in optimizing and securing Identity and Access Management policies by suggesting changes.
Advantages: This permission allows you to receive and apply IAM policy recommendations, optimizing and enhancing security by suggesting necessary changes to existing IAM policies.
Cloud Asset Permissions
cloudasset.assets.exportResourceDescription: Allows exporting asset information, such as resource metadata, IAM policies, and relationships, to a specified output destination like Cloud Storage.
Advantages: This permission allows you to export resource data, such as resource metadata and IAM policies, from GCP to external destinations. It's crucial for resource analysis, management, and compliance with storage and reporting requirements.
Billing Account Permissions (Only need if you connect projects with Organization)
billing.accounts.getDescription: Allows reading information about billing accounts, such as account details and settings.
Advantages: This helps you understand your spending, set budgets, and optimize costs.
billing.resourceAssociations.listDescription: Allows listing associations between billing accounts and resources (like projects) that are linked to the billing account.
Advantages: This is essential for tracking where your expenses are coming from, ensuring projects are properly allocated to the correct billing accounts, and managing financial resources effectively.
Resource Manager Permissions (Only need if you connect projects with Organization)
resourcemanager.folders.getDescription: Allows reading metadata of folders in the resource hierarchy, such as the folder's name and ID.
Advantages: This helps you manage and organize resources within your project, set policies, and control access to different resource groups effectively.
resourcemanager.folders.listDescription: Allows listing all folders in the resource hierarchy visible to the user.
Advantages: This allows you to navigate and manage your organizational structure, making it easier to implement access controls and organizational policies across different departments or teams.
resourcemanager.organizations.getDescription: Allows reading metadata of organizations, such as the organization's name and ID.
Advantages: This is crucial for managing your organization’s resources, setting organizational-wide policies, and ensuring compliance with governance standards.
resourcemanager.projects.listDescription: Allows listing all projects within the resource hierarchy visible to the user.
Advantages: This provides an overview of all projects, helping you manage them, monitor their status, and ensure they align with organizational goals and compliance requirements.
resourcemanager.projects.getDescription: Allows reading metadata of projects, such as the project's name, ID, and settings.
Advantages: This helps in managing project configurations, auditing resource usage, and ensuring projects adhere to organizational standards.
Last updated