This page explains how to prepare your Identity and Access Management (IAM) permissions to effectively use Cloud DNS within GDC.
GDC offers IAM for granular access to specific GDC resources and prevents unwanted access to other resources. IAM operates on the security principle of least privilege and controls who can access given resources using IAM roles and permissions.
A role is a collection of specific permissions mapped to certain actions on resources and assigned to individual subjects, such as users, groups of users, or service accounts. Therefore, you must have the proper IAM roles and permissions to use managed DNS services in GDC.
The intended audience for this page is platform administrators and application operators responsible for network administration and managing DNS for their organization within GDC.
Get IAM permissions
To create DNS zones and records, you must have the necessary identity and access roles. Ask your Project IAM Admin to grant you the roles:
- Managed DNS Project Viewer (
managed-dns-project-viewer) role: creates and updates DNS zones and records. - Managed DNS Project Admin (
managed-dns-project-admin) role: views existing DNS zones and records.
For more information on these roles, see Role definitions.