I am the Google Workspace Super Admin for a newly created org (URL Removed by Staff) I am also the Owner of a GCP project (PII Removed by Staff) that was recently migrated into the this organization.
My account does not have GCP Organization Administrator rights, even though it is the Workspace Super Admin. I cannot modify org-level IAM policies or Organization Policies in Google Cloud Console or via the gcloud CLI.
What I’ve tried: - Accessing org-level IAM in GCP Console as Super Admin — access denied
- Running gcloud organizations get-iam-policy — returns permission denied - Running gcloud organizations add-iam-policy-binding — returns permission denied
Why this is needed: The org has an active iam.allowedPolicyMemberDomains policy that is blocking my Cloud Run service from being made publicly accessible, which I need to fix in order to deploy my application to production.