GCPcloud~30 mins

Custom roles creation in GCP - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Custom roles creation

📖 Scenario: You are managing access control in a Google Cloud Platform (GCP) project. You want to create a custom role to grant specific permissions to a team member without giving full predefined roles.

🎯 Goal: Create a custom role in GCP with a specific set of permissions using a JSON configuration file.

📋 What You'll Learn

Create a JSON object representing the custom role with exact fields

Add a title and description for the custom role

Specify the exact permissions list for the role

Include the stage of the role as 'GA' (General Availability)

💡 Why This Matters

🌍 Real World

Custom roles help organizations give precise access to team members, improving security by limiting permissions to only what is needed.

💼 Career

Understanding custom roles is essential for cloud administrators and security engineers managing access control in GCP environments.

Progress0 / 4 steps

Create the base JSON structure for the custom role

Create a JSON object called custom_role with the keys title, description, and includedPermissions. Set title to "Custom Viewer", description to "Can view resources", and includedPermissions to an empty list [].

GCP

{
  "title": "Custom Viewer",
  "description": "Can view resources",
  "includedPermissions": []
}
# Your code here

Need a hint?

Start by defining the main keys and their exact values as strings and an empty list for permissions.

Add permissions to the custom role

Add the following permissions to the includedPermissions list in custom_role: "storage.buckets.get", "storage.objects.list", and "compute.instances.get".

GCP

{
  "title": "Custom Viewer",
  "description": "Can view resources",
  "includedPermissions": [
    
  ]
}
# Your code here

Need a hint?

List the permissions exactly as strings inside the includedPermissions array.

Add the role stage to the custom role

Add the key stage with the value "GA" to the custom_role JSON object.

GCP

{
  "title": "Custom Viewer",
  "description": "Can view resources",
  "includedPermissions": [
    "storage.buckets.get",
    "storage.objects.list",
    "compute.instances.get"
  ],
  
}
# Your code here

Need a hint?

Add the stage key at the same level as title and description.

Complete the custom role JSON for deployment

The custom role JSON object is now complete and ready for deployment. Ensure it has the title, description, includedPermissions, and stage at the top level.

GCP

{
  
}
# Your code here

Need a hint?

This JSON format matches the GCP custom role definition for use with `gcloud iam roles create`.