Create Google Cloud Bindings
Last updated
Last updated
1. Log in to the Google Cloud Console
• Go to .
2. Navigate to IAM & Admin
• In the left-hand menu, select IAM & Admin > Roles.
3. Create a New Role
• Click + CREATE ROLE at the top of the page.
• Fill in the following details:
• Title: Enter a name like CustomComputeRole.
• ID: A unique identifier for the role (e.g., custom_compute_role).
• Description: Add a description, such as “Role to list, describe, start, and stop VM instances.”
4. Add Permissions
• Click + Add Permissions and add the following permissions:
• compute.instances.get (to describe instances).
• compute.instances.list (to list instances).
• compute.instances.start (to start instances).
• compute.instances.stop (to stop instances).
• Click ADD PERMISSIONS to save.
5. Save the Role
• Click CREATE to finalize the custom role.
1. Navigate to IAM
• Go to IAM & Admin > IAM.
2. Grant the Custom Role
• Click + GRANT ACCESS.
• Enter the email address or service account of the entity you want to assign the role to.
• Select the custom role (CustomComputeRole) from the dropdown.
• Click SAVE.
To allow the project cloudplans to connect from outside its project, you need to create an IAM binding for external access.
1. Determine the Service Account or Identity
• Ensure you have the service account email or identity from the cloudsscheduler project that needs access.
2. Navigate to IAM Policy Binding
• In the IAM & Admin > IAM section, select the project where the VMs reside.
3. Add a Binding
• Click Edit Principal or Add Principal.
• In the New Principals field, enter the service account or external identity of the cloudplans project (1000620131311-compute@developer.gserviceaccount.com).
• Select the custom role (CustomComputeRole) you created earlier.
4. Save the Binding
• Click SAVE to apply the changes.