# How to Add Users in Google Cloud Platform IAM **Last Updated:** 2026-01-19 ## Finding the "Add User" Button The button to add users in GCP IAM is **not** labeled "Add User" - it's labeled **"+ Zugriffsrechte erteilen"** (German) or **"Grant Access"** (English). ### Step-by-Step Instructions 1. **Navigate to IAM & Admin:** - Go to: https://console.cloud.google.com/iam-admin/iam?project=ordio-256916 - Or: IAM & Admin → IAM in the left sidebar 2. **Look for the Blue Button:** - At the top of the permissions table, you'll see: - **"+ Zugriffsrechte erteilen"** (German) = **"Grant Access"** (English) - This is the button to add users/principals 3. **Click the Button:** - Click **"+ Zugriffsrechte erteilen"** or **"Grant Access"** - A dialog will open: "Zugriff auf 'ordio-256916' gewähren" (Grant access to 'ordio-256916') 4. **Add the User:** - In the **"Neue Hauptkonten"** (New principals) field, enter: - Email address: `user@ordio.com` - Or service account email - Or Google Group email 5. **Select Roles:** - Click **"Rolle auswählen"** (Select role) dropdown - Choose the roles needed: - **Service Usage Admin** (`roles/serviceusage.serviceUsageAdmin`) - **API Keys Admin** (`roles/serviceusage.apiKeysAdmin`) - Click **"Weitere Rolle hinzufügen"** (Add another role) if needed 6. **Save:** - Click **"Speichern"** (Save) button - The user will be added with the selected roles ## Visual Guide ### What to Look For: ``` ┌─────────────────────────────────────────┐ │ Berechtigungen für das Projekt │ │ 'ordio-256916' │ │ │ │ [+ Zugriffsrechte erteilen] ← THIS! │ │ [- Zugriffsrechte aufheben] │ │ │ │ ┌─────────────────────────────────────┐ │ │ │ Principal │ Roles │ │ │ │ david@ordio.com │ Owner │ │ │ └─────────────────────────────────────┘ │ └─────────────────────────────────────────┘ ``` ### After Clicking the Button: ``` ┌─────────────────────────────────────────┐ │ Zugriff auf 'ordio-256916' gewähren │ │ │ │ Neue Hauptkonten * │ │ [Enter email address here] │ │ │ │ Rolle auswählen * │ │ [Select role dropdown] │ │ │ │ [Speichern] [Abbrechen] │ └─────────────────────────────────────────┘ ``` ## German to English Translation | German | English | What It Means | |--------|---------|---------------| | **Zugriffsrechte erteilen** | Grant Access | Add user/principal | | **Zugriffsrechte aufheben** | Revoke Access | Remove user/principal | | **Neue Hauptkonten** | New Principals | User/account email field | | **Rolle auswählen** | Select Role | Choose IAM role | | **Weitere Rolle hinzufügen** | Add Another Role | Add additional role | | **Speichern** | Save | Save changes | | **Abbrechen** | Cancel | Cancel operation | | **Berechtigungen** | Permissions | Access rights | ## Common Issues ### Issue 1: Button Not Visible **Symptom:** Can't see "+ Zugriffsrechte erteilen" button **Solutions:** - Make sure you're in the **IAM** section (not Settings or other sections) - Check you have Owner or IAM Admin role yourself - Try refreshing the page - Check if you're viewing by roles instead of principals (switch tabs) ### Issue 2: Can't Add Roles **Symptom:** Role dropdown is empty or restricted **Solutions:** - You need **Owner** or **IAM Admin** role to assign roles - Some roles require specific permissions (e.g., Billing Admin) - Check if organization policies restrict role assignments ### Issue 3: User Not Receiving Access **Symptom:** Added user but they can't access **Solutions:** - Wait 1-2 minutes for propagation - Verify email address is correct - Check if user needs to accept invitation (if applicable) - Verify roles were saved correctly ## Quick Reference for Adding Roles When adding users for Vision API setup, use these roles: 1. **Service Usage Admin** (`roles/serviceusage.serviceUsageAdmin`) - Allows enabling/disabling APIs - Required to enable Vision API 2. **API Keys Admin** (`roles/serviceusage.apiKeysAdmin`) - Allows editing API key restrictions - Required to add Vision API to allowed APIs ## Direct Links - **IAM Page:** https://console.cloud.google.com/iam-admin/iam?project=ordio-256916 - **Project Settings:** https://console.cloud.google.com/iam-admin/settings?project=ordio-256916 ## Related Documentation - [GCP IAM Roles Required](GCP_IAM_ROLES_REQUIRED.md) - [Action Required](ACTION_REQUIRED.md)