Manage IAM Access Policies

How to manage IAM Access Policies

You can create, edit, and delete IAM access policies using the Cloud Console.

Create an access policy

To view the Access Policies section in the Cloud Console, you need at least the IAM Viewer role.

1. In the Cloud Console, navigate to the Access Policies page.
2. Click the Create Policy button at the top right corner of the page.
3. In the policy editor, enter a name for the policy.
4. Enter a description for the policy.
5. Add one or more rules to the policy. For each rule, enter a principal and a role to assign that role to the principal.
6. When you're done, click Save Policy.

Edit an access policy

1. In the Cloud Console, navigate to the Access Policies page.
2. Search for the policy you want to edit. To view policy details, expand the carat next to the policy name.
3. Click the vertical dot menu (three dots) next to the policy you want to edit, and select Edit.
4. You can update the policy name and description, and add, edit, or delete rules in the policy.
   • To edit a rule, click the card for the rule you want to edit, adjust the principals and roles, and click outside the card to save your changes to the rule.
   • To add a rule, click the Add Rule button at the bottom of the policy editor, and enter the principals and roles for the new rule.
   • To delete a rule, click the card for the rule you want to delete, and click the Delete button at the bottom of the card.
5. When you're done, click Save Policy.

Similarly, you can delete a policy by clicking the vertical dot menu (three dots) next to the policy you want to delete, and selecting Delete.