Error creating RegionNetworkEndpointGroup: googleapi: Error 403: Required 'compute.regionNetworkEndpointGroups.create' permission for 'projects/myproj

Question

On GCP, I'm trying to create a Serverless Network Endpoint Group for Cloud Run with this Terraform code below:

resource "google_compute_region_network_endpoint_group" "cloudrun_neg" {
  name                  = "neg"
  network_endpoint_type = "SERVERLESS"
  region                = "asia-northeast1"
  cloud_run {
    service = google_cloud_run_service.default.name
  }
}

But I got this error below:

Error creating RegionNetworkEndpointGroup: googleapi: Error 403: Required 'compute.regionNetworkEndpointGroups.create' permission for 'projects/myproject-813731/regions/asia-northeast1/networkEndpointGroups/neg', forbidden

So now, I'm trying to add a role to solve this error above but there are too many roles to choose:

What role do I need to choose?

Answer 1

You need to choose the role either "Compute Instance Admin (v1)":

Or "Compute Instance Admin (beta)" to create a Serverless Network Endpoint Group for Cloud Run:

In addition, you can choose the more abstract role "Compute Admin" to create a Serverless Network Endpoint Group for Cloud Run: