To apply the necessary permissions to a service account, you can use a script that is automatically generated while adding the project to the Veeam Backup for GCP infrastructure. Download the script and run it under an account that has permissions both to get and set project IAM policies and to create custom IAM roles (for example, it can have the iam.securityAdmin and iam.roleAdmin roles assigned). To learn what permissions and roles are required to create custom roles in IAM, see Google Cloud documentation.
NOTE: You can click Check permissions to ensure that the account now has all the permissions required to perform data protection and disaster recovery tasks for the project. Keep in mind that it may take some time for Google Cloud to apply the changes to the account, and the permission check may display the permissions as missing right after you click Check permissions. To work around the issue, try checking permissions once again in 5–10 minutes.
Alternatively, you can assign the permissions to the service account manually. The permissions are listed below.
Expand each heading below to see specific permissions.