Contents x
    Project access - GCP and SaaSify
    • 12 Mar 2024
    • 2 Minutes to read
    • Print
    Contents

    Project access - GCP and SaaSify

    • Updated on 12 Mar 2024
    • 2 Minutes to read
    • Print
    Article summary

    Project access to GCP

    After you create your project for the marketplace, grant the following roles to the appropriate service accounts on this project:

    1. Go to https://console.cloud.google.com/iam-admin/iam

    2. Select the project name from the project list on the top left side and then click on IAM.

    3. Grant the Project Editor and Service Management Administrator roles to the principal cloud-commerce-marketplace-onboarding@twosync-src.google.com

      1. Click on Grant Access. It will allow us to Add principals and Assign roles to the principals.

      2. Enter the New principals as cloud-commerce-marketplace-onboarding@twosync-src.google.com under Add principals.

      3. Under Assign roles, click on the Select a role dropdown.

      4. In the Select a role dropdown, select the Project section and then Editor role.

      5. Click on Add Another Role

      6. In the Select a role dropdown, select the Service Management section and Service Management Administrator role.

      7. Click on Save.

    4. Grant the Service Management Administrator and Service Controller roles to the principal cloud-commerce-procurement@system.gserviceaccount.com.

      1. Click on Grant Access.

      2. Enter the New principals cloud-commerce-procurement@system.gserviceaccount.com under Add principals.

      3. Under Assign roles, click on Select a role dropdown.

      4. In the Select a Role dropdown, select Service Management section and Service Management Administrator role

      5. Click on Add Another Role

      6. In the Select a role dropdown, select the Service Management section and Service Controller role

      7. Click on Save.

    5. Grant the Config Editor (roles/servicemanagement.configEditor) role to the principal cloud-commerce-producer@system.gserviceaccount.com

      1. Click on Grant Access.

      2. Add the New principals as cloud-commerce-producer@system.gserviceaccount.com

      3. Click on Select a Role

      4. In the Select a role dropdown, select the Service Management section and Service Config Editor role

      5. Click on Save.

    6. Grant the Commerce Producer Viewer role (roles/commerceproducer.viewer) to the service account cloud-commerce-saastester@system.gserviceaccount.com

      1. Click on Grant Access again.

      2. Add the New principals as cloud-commerce-saastester@system.gserviceaccount.com

      3. Click on Select a Role

      4. In the Select a role dropdown, select the Cloud Marketplace section and Commerce Producer Viewer role

      5. Click on Save.

    Project access to SaaSify

    Contributor access is required for SaaSify to access the newly created project for Marketplace. It allows SaaSify team to access all necessary services to build, test, publish, and manage your listing in the GCP Console.

    1. Navigate to IAM in GCP Console

    2. Make sure the <partnercompanyname>-public project is selected.

    3. Grant the Project Owner role to saasify-gcp-svc@spektrasystems.com

      Note: GCP has not defined the granular permissions needed to completely manage a marketplace listing. This basic role ensures Spektra Systems will have all the permissions necessary to complete our integrations.

      1. Click on Grant Access.

      2. Add the New principals as saasify-gcp-svc@spektrasystems.com

      3. Click on Select a role

      4. In the Select a role dropdown, select the Project section and Owner role

      5. Click on Save.

    Review the permissions assigned to principals

    After completing the above steps, review whether all required roles are assigned to the below principals in the GCP Console IAM section.

    What's Next