Review the permissions required to deploy resources and the permissions granted during the terraform process.
Trend Micro recommends accessing the project using a sign in
that has the Owner role. Ensure your account and role meet the
following requirements to be able to successfully deploy Trend Vision One cloud
security resources to your project.
-
The associated Google account must be a valid billing account.
-
The user role must have access to the following Google Cloud services and features:
-
Cloud Shell
-
Service Account
-
Workload Identity Pool
-
Workload Identity Pool Provider
-
IAM
-
Tag Key
-
Tag Value
-
Enable GCP API
-
The terraform process assigns certain permissions to itself to establish the connection
with Cloud Accounts and Trend Vision One cloud security services. These permissions include
enabling the Cloud Accounts app and security services to obtain temporary credentials
and
perform tasks within your Google Cloud environment.