1

In a fresh new GCP project I have created a Dataproc cluster, and a user with a "Dataproc Viewer" role given to them (among otehrs). This user can now successfully execute gcloud dataproc clusters list and it displays the list of clusters.

However, an error is displayed when same user navigates to the "Dataproc" -> "Clusters" page in the cloud console. The error message doesn't mention if some access permissions are missing, but it looks more like an "internal error", and there is "Retry" button, but retrying doesn't help. Other users, with Editor role, can see the list of the clusters in the cloud console alright.

The question is: what other permissions need to be added to the user, in addition to those from the "Dataproc Viewer" role, in order for them to be able to see the list of clusters in the cloud console?

P.S. The issue number displayed in the cloud console is: c7749207192439385

Improve this question

1 Answer 1

Reset to default
1

The roles/dataproc.viewer iam role allows only viewing of the cluster. It works with gcloud or API calls, but on the GCP cloud console the browser does more than listing clusters behind the scene. It lists the compute instances behind the cluster and shows monitoring charts as well.

You will need to grant two additional roles for a cloud console view - roles/compute.viewer and roles/monitoring.viewer.

More details - https://cloud.google.com/dataproc/docs/concepts/iam/iam

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.