Creating a project
Creating a project requires the Owner role on the parent organization.
Enter project details
Provide a display name. Optionally specify a custom ID—if omitted, the system generates one automatically.
Project roles
Projects support both general roles and Artifact Store-specific roles. Assign roles based on what each principal needs to do.General roles
| Role | Description |
|---|---|
| Viewer | Read-only access to project resources. |
| Editor | Read and write access to project resources. |
| Owner | Full access including IAM management. |
Artifact Store roles
These roles provide access specifically to Artifact Store repositories without granting broader project permissions.| Role | Description |
|---|---|
| Artifact Store Viewer | Read-only access to all repositories in the project. |
| Artifact Store Editor | Read and write access to all repositories in the project. |
| Artifact Store Owner | Full access to all repositories including permission management. |
Managing project IAM
Control who can access your project and its resources through the IAM page. Navigate to your project and open IAM from the sidebar.
Adding a principal
Enter the principal identifier
Provide the user’s email address or the service account’s identifier.
Select roles
Choose one or more roles to grant. You can assign both general and Artifact Store roles to the same principal.
Removing a principal
From the IAM page, locate the principal and remove their role assignments. This revokes their project-level access but does not affect any organization-level roles they may have.Role inheritance
Permissions flow down from organizations to projects:- An Organization Owner automatically has Owner access to all projects
- An Organization Editor automatically has Editor access to all projects
- An Organization Viewer automatically has Viewer access to all projects
What’s next
With your project configured:- Create service accounts for automated access
- Set up repositories in the Artifact Store