Should a small organization have more than one Owner role in GCP?

Question

Is it recommended for a small organization to have more than one Owner role in GCP? My Google results seem to be too broad. Please could anyone advise me on that?

Answer 1

The owner role is a legacy role and has too wide range of permissions. It's not recommended to use it but it's the default role with your create a project.

In your question you talk about Organization. I don't know what is it, but there 2 cases:

• You are talking about a Google Cloud Organization. if so, you have a Google Workspace account, with an admin. You have at least free identity that allow you to log into Google Cloud. In that case, I don't recommend you to have several users with the owner role, the Google Workspace admin is also the Google Cloud Organization admin and is able to recover the project if the owner looses their credentials
• You are a small company and you haven't Google Cloud Organization, only independent projects. It's not a good practice and having a Google Cloud Organization is better, but in that case, I recommend to have at least one additional user with the IAM security admin role. That role allows the user granting anyone owner or with any other role in the project.

In both situation, the principle is not to loose the control of GCP project in case of owner credential loss. That way, I recommend to always have a backup, but not especially another OWNER user.