I am trying to delete/edit organization policy constraints in my GCP project which can be found in IAM & Admin --> Organization Policies . Though I have added all the required permissions to the account ( orgpolicy.policy.get, orgpolicy.policies.create, orgpolicy.policies.delete, and orgpolicy.policies.update ) and also enabled the service ( orgpolicy.googleapis.com ) still getting permission denied error while running the below command
gcloud org-policies delete storage.publicAccessPrevention --project=PROJECT_NAME
Am i missing anything in this regard?
The Identity and Access Management role roles/orgpolicy.policyAdmin enables an administrator to manage organization policies. Users must be organization policy administrators to change or override organization policies.
So to set, change, or delete an organization policy, you must have the Organization Policy Administrator role.