# Cloud project access¶

We manage many projects across multiple cloud providers. This document defines our access policy, and is the canonical location for the projects we do have access to.

## Access policy¶

Every 2i2c engineer should have equal access to every cloud project we maintain. This prevents particular individuals from becoming single points of failure.

In some cases, this requires paperwork for each engineer to get access. We should try to find ways around this, but if not, just do the paperwork.

On Google Cloud, we have a 2i2c organization, that contains some projects we are fully responsible for. Access to all projects in this organization can be granted by adding the user to the group gcp-organization-admins@2i2c.org in the Google Workspace Admin dashboard (available only to admins of the 2i2c.org Google Workspace account). Note that this option is only available for engineers with a @2i2c.org account.
For all other projects, we will need to make a manual entry in the project’s IAM Page for the engineer’s @2i2c.org account, with Owner permissions.