Hi, I'm trying to create a custom role with the end result the ability to admin storage and service accounts, however it falls over :

permissions=[

"iam.serviceAccountAdmin",

"storage.objectAdmin",

],

with:

googleapi: Error 400: Permission storage.objectAdmin is not valid., badRequest

What am I doing wrong?

can you share the whole code?

@helpful-van-82564 I checked the GCP docs. You are passing role names in a snippet mentioning

permissions

. In the link below you see the mapping of roles to permissions. https://cloud.google.com/iam/docs/understanding-roles If, in your code, you have to pass permissions, you have to use the values from the right-side column in the linked page.

thanks @limited-rainbow-51650 I'm not sure how I missed that!

No problem. Being able to help feels good. 😉