Skip to main content

Support access to Google Cloud

DoiT provides complete transparency when accessing your Google Cloud (GCP) account.

When you open a technical support request with DoiT International, we may occasionally need to access your GCP account to help you effectively. This document describes how to grant access and how access control works.

Key points

  • We only access your GCP account to provide technical support per our contractual obligations. We never access your GCP account for any other reason.

  • Support engineers do not have write access to your GCP account. The only exception is that we are able to raise GCP support requests on your behalf.

Grant access

When you request technical support and create a new service request with DoiT, you will be prompted to grant DoiT access to the relevant GCP projects.

A typical access grant is implemented with a gcloud command (part of Google Cloud SDK). The access is always read-only, limited, and only provides access to the support engineers handling your request.

gcloud projects add-iam-policy-binding cassandra-db-prod-289507 \
--member="group:[email protected]" \
--role=roles/viewer --condition=None

For example, the above command:

  • Grants read-only access (--role=roles/viewer)
  • To a group of engineers assigned with request #38432 ( --member="group:[email protected]")
  • For your Google Cloud project (cassandra-db-prod-289507)

We will automatically generate and display the appropriate command to copy and run when you create a support request.

Revoke access

Support access is automatically revoked for security reasons when the ticket is resolved. The next time you create a support request, you will need to grant our support engineers access again.