I have a project on Google Cloud called, let's say, "Orange Octangulars" under an organization "Acme corp". As I can see on https://console.cloud.google.com/iam-admin/iam, I have the role "Owner" in "Orange Octangulars". I have also given myself the role "Project IAM Admin" just in case, so I have two roles in "Orange Octangulars". I am trying to allow external IPs for VM instances in "Orange Octangulars". I do so by going to https://console.cloud.google.com/iam-admin/orgpolicies/compute-vmExternalIpAccess (under the project "Orange Octangulars") and I want to press "Manage policy". Unfortunately, that button is greyed out and the error message, when I hover over it, says:
You need permissions for this action. Required permission(s):
Orange Octangulars All of orgpolicy.policies.create, orgpolicy.policies.delete, orgpolicy.policies.update, and orgpolicy.policy.get
What's up with that? I am an owner and a project IAM admin of the project. Why can't I manage this policy or any other policies for the project?
You have mentioned "Orange Octangulars" under an organization called "Acme corp”'. So organizational policy is enabled on this project and this is why you are getting the reported error.
Run the following command:
With the result of the above command,you can take the
organization IDunder the 'parent' field and plug it into this command to get the actual domain name of the organization:Once you have the name of the organization, find out who is the administrator of the organization so that you can give the user the necessary permissions.
As per the error you need permissions
orgpolicy.policies.create, orgpolicy.policies.delete, orgpolicy.policies.update, and orgpolicy.policy.getwhich can be obtained by adding Organization Policy Administrator.Organization Policy Administrator : Provides access to define what restrictions an organization wants to place on the configuration of cloud resources by setting Organization Policies.
Add the permission then try to allow external IPs for VM instances.
For more information you can refer to the official document Creating and managing organization policies.