No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi, I'm trying to create a custom role with the end result the ability to admin storage and service accounts, however it falls over :
`permissions=[`
                `"iam.serviceAccountAdmin",`
                `"storage.objectAdmin",`
            `],`
with:
`googleapi: Error 400: Permission storage.objectAdmin is not valid., badRequest`
What am I doing wrong?

<@U01Q800RM17> I checked the GCP docs. You are passing role names in a snippet mentioning `permissions` . In the link below you see the mapping of roles to permissions.
<https://cloud.google.com/iam/docs/understanding-roles>
If, in your code, you have to pass permissions, you have to use the values from the right-side column in the linked page.

thanks <@UK4HNFLCB> I'm not sure how I missed that!

No problem. Being able to help feels good. :wink: