Creating an IAM role
This role is intended to be used at the organization level so that it can be easily shared between projects.
If the collector is intended to only monitor a single project then the role can be added at the project level.
Create a new role.
Choose the organization from the project selector.
Navigate to IAM & Admin > Roles.
Choose CREATE ROLE.
Specify title and description.
After completing the above steps, continue with the following.
Select General Availability.
Click Add Permissions.
In the Filter permission by role field to find and add the following permissions.
compute.instances.list
compute.machineTypes.get
compute.snapshots.list
compute.zones.list
resourcemanager.projects
.get resourcemanager.projects.list
storage.buckets.list
storage.objects.list
Note:
IAM administrative access required to assign the permissions.