Stay organized with collections
Save and categorize content based on your preferences.
This page describes how to grant Oracle Database@Google Cloud Identity and Access Management (IAM)
permissions to a user or account.
You can grant IAM permissions for an entire Google Cloud project
to a principal on the IAM page of the Google Cloud console.
Principals are users, groups, domains, or service accounts. For more
information on principals, see Principals.
Adding permissions at the project level grants the IAM permissions to
a principal for all the instances, clusters, or databases in the project.
For more information about how IAM works with Oracle Database@Google Cloud,
see IAM overview.
Verify that you can add permissions
Before you attempt to apply project-level permissions, check that you have
sufficient permissions to apply roles to another account. You need either the
Owner or Admin role for the project you're trying to grant permissions for.
To confirm your permissions, complete the following steps:
In the Grant access window, complete the following:
Confirm the Resource name.
In the Add principals section, add the new principal that you'd like
to grant permissions to in the New principals field.
You can add one principal or multiple principals.
In the Assign roles section, select the role you want to grant to
the new principal(s) from the drop-down. For more information on available
roles, see IAM overview.
To grant additional roles, click ADD ANOTHER ROLE.
Click Save to grant roles to your selected principals.
Modify roles of existing principals
To add or remove roles to an existing principal in your project, complete the
following steps:
Find the principal you want to remove in the list and select the checkbox
next to the name. To remove access for multiple principals, select
the checkboxes for all principals you want to remove.
Click REMOVE ACCESS.
In the Remove principal window, click Confirm to remove access for
the selected principals.
What's next
Learn more about how IAM works in the
IAM overview.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[],[],null,["# Apply IAM roles\n\nThis page describes how to grant Oracle Database@Google Cloud Identity and Access Management (IAM)\npermissions to a user or account.\n\nYou can grant IAM permissions for an entire Google Cloud project\nto a principal on the IAM page of the Google Cloud console.\nPrincipals are users, groups, domains, or service accounts. For more\ninformation on principals, see [Principals](/iam/docs/overview#concepts_related_identity).\nAdding permissions at the project level grants the IAM permissions to\na principal for all the instances, clusters, or databases in the project.\n\nFor more information about how IAM works with Oracle Database@Google Cloud,\nsee [IAM overview](/oracle/database/docs/iam-overview).\n\nVerify that you can add permissions\n-----------------------------------\n\nBefore you attempt to apply project-level permissions, check that you have\nsufficient permissions to apply roles to another account. You need either the\n`Owner` or `Admin` role for the project you're trying to grant permissions for.\n\nTo confirm your permissions, complete the following steps:\n\n1. Go to your project's **IAM** page.\n\n [Go to the IAM page](https://console.cloud.google.com/iam-admin/iam)\n2. Select the **View by Principals** option.\n\n3. Find your account in the list. If your account is listed as **Owner** or\n **Admin** in the **Role** column, you have sufficient permissions.\n\nIf you don't have sufficient permissions at the project level, ask the project's\nowner to grant you additional permissions.\n\nGrant roles to new principals\n-----------------------------\n\nTo grant a role to a principal, complete the following steps:\n\n1. Go to your project's **IAM** page.\n\n [Go to the IAM page](https://console.cloud.google.com/iam-admin/iam)\n2. Select the **View by Principals** option.\n\n3. Click **GRANT ACCESS**.\n\n4. In the **Grant access** window, complete the following:\n\n 1. Confirm the **Resource** name.\n\n 2. In the **Add principals** section, add the new principal that you'd like\n to grant permissions to in the **New principals** field.\n You can add one principal or multiple principals.\n\n 3. In the **Assign roles** section, select the role you want to grant to\n the new principal(s) from the drop-down. For more information on available\n roles, see [IAM overview](/oracle/database/docs/iam-overview).\n\n To grant additional roles, click **ADD ANOTHER ROLE**.\n 4. Click **Save** to grant roles to your selected principals.\n\nModify roles of existing principals\n-----------------------------------\n\nTo add or remove roles to an existing principal in your project, complete the\nfollowing steps:\n\n1. Go to your project's **IAM** page.\n\n [Go to the IAM page](https://console.cloud.google.com/iam-admin/iam)\n2. Select the **View by Principals** option.\n\n3. Find the principal you want to update in the list and click **Edit**.\n\n4. In the **Edit access** window, you can either add new roles or delete\n existing roles.\n\n To add a new role, click **Add another role**, then select the role from the\n drop-down.\n\n To delete an existing role, press **Delete** next to the role you want to\n delete.\n5. Click **Save** to update roles.\n\nRemove access for existing principals\n-------------------------------------\n\nTo remove access for an existing principal, complete the following steps:\n\n1. Go to your project's **IAM** page.\n\n [Go to the IAM page](https://console.cloud.google.com/iam-admin/iam)\n2. Select the **View by Principals** option.\n\n3. Find the principal you want to remove in the list and select the checkbox\n next to the name. To remove access for multiple principals, select\n the checkboxes for all principals you want to remove.\n\n4. Click **REMOVE ACCESS**.\n\n5. In the **Remove principal** window, click **Confirm** to remove access for\n the selected principals.\n\nWhat's next\n-----------\n\n- Learn more about how IAM works in the [IAM overview](/oracle/database/docs/iam-overview).\n- [Learn more about Oracle Database@Google Cloud](/oracle/database/docs/overview)."]]
