GCP Permissions
To enable CloudYali to access and analyze your Google Cloud resources, you must grant specific permissions to the service account or user that will be used for integration.
Required GCP Permissions
Below is a list of the main permissions needed for CloudYali functionality:
| Permission | Scope | Description |
|---|---|---|
| bigquery.datasets.create | Project | Create BigQuery datasets for billing export and recommendations. |
| bigquery.tables.create | Project | Create tables in BigQuery datasets. |
| bigquery.tables.get | Project | Read tables in BigQuery datasets. |
| bigquery.jobs.create | Project | Run queries on BigQuery datasets. |
| bigquery.dataViewer | Project | View data in BigQuery datasets. |
| recommender.resources.export | Organization | Allows you to export recommendations to BigQuery. (Required at the organization level corresponding to the export setup) |
Note: These permissions should be assigned to the service account used by CloudYali for GCP integration. Some permissions may require organization-level roles.
Related Documentation
- GCP Cost Management Onboarding
- GCP Cost Recommendations
- Understanding Permissions and Security Overview
For AWS permissions, see AWS Permissions.