Grant users repository access

This page describes how to grant repository-level roles to users and service accounts in the Secure Source Manager web interface.

For information on which roles to grant for a certain use-case, see Repository role management.

Required roles

To get the permissions that you need to grant users repository-level roles, ask your administrator to grant you the following IAM roles:

For more information about granting roles, see Manage access.

You might also be able to get the required permissions through custom roles or other predefined roles.

For information on granting Secure Source Manager roles, see Access control with IAM and Grant users instance access.

Grant users repository-level roles

Users must be granted the Instance Accessor role (roles/securesourcemanager.instanceAccessor) or Instance Repository Creator role (roles.securesourcemanager.instanceRepositoryCreator) before they can be granted repository roles. For information on granting instance roles, see Grant or revoke instance roles with Secure Source Manager API.

You can use the Secure Source Manager API or the Secure Source Manager web interface to grant users and service accounts repository-level roles. To grant groups repository-level roles, you must use the Secure Source Manager API. For more information, see Access control with IAM.

To grant users or service accounts repository-level roles using the web interface:

  1. To access the Secure Source Manager instance through its web interface, copy the following URL into your browser address bar.

    Replace the following:

    • INSTANCE_ID with the instance name.
    • PROJECT_NUMBER with the instance's Google Cloud project number. For information on identifying projects, see Identifying projects.
    • LOCATION with the instance's region. For information on supported locations, see Locations.

  2. From the My repositories page, Select your repository.
  3. Click the Permissions tab.
  4. In the People and permissions section, click Add users.
  5. In the Add principal field, enter the email of the user or service account you want to grant the role to.
  6. In the Assign a role menu, select the role to assign.
  7. Click Save.

To add additional roles click the edit Edit icon and add the roles using the Assign a role menu.

What's next