Tenant Admin Operations

This runbook is a practical checklist for tenant admins to onboard, configure approvals/guardrails, operate automations safely, and troubleshoot common issues.

1) First-time setup checklist

• Confirm your role has tenant admin permissions (see RBAC).
• Connect at least one GCP project via the onboarding flow (see Onboarding Flow).
• Configure approvals notifications (webhook/email/chat) for your tenant (see Approvals).
• Set initial risk profile/guardrails and concurrency limits (see Risk Guardrails).

2) Approvals & notifications (recommended defaults)

Approvals are used to gate high-impact or high-risk changes. Configure at least one approver channel so requests don’t stall.

• Start with a dedicated on-call channel (webhook or chat) and a small approver group.
• Set a conservative policy first; loosen once you trust the system.

Related:

• Approvals Flow
• Risk Guardrails & Approvals

3) Risk guardrails (tenant policy)

Guardrails should answer: “What is safe to do automatically?” and “What requires human approval?”

Suggested starting policy:

• Require approvals for stateful changes (DB/BigQuery/Cloud SQL), IAM changes, and large scaling jumps.
• Allow auto-apply only for low-risk tuning (small Cloud Run memory/CPU adjustments) within strict caps.
• Disable auto-approve for rollbacks until you’ve validated rollback safety in your environment.

4) Operating workflow (day-to-day)

1. Review findings/recommendations for your services.
2. If approval is required, confirm the change set is scoped and within policy.
3. Approve/deny from your configured channel.
4. Monitor execution progress in the UI and validate the outcome.

Related:

• Runtime Flow
• Background Workflows

5) Auditability and change tracking

Every approval and apply should produce audit records (who/what/when/result). Use these to:

• Prove which changes were made and why.
• Review failed executions and the reason for denial/failure.
• Support post-incident analysis.

For configuration change auditing, see Configuration.

6) Rollbacks (when something goes wrong)

Rollbacks are the safety net, but they are still changes and may require approval depending on policy.

Related:

• Rollback Basics

7) Troubleshooting quick hits

• Auth/impersonation issues: start with FAQ.
• Alerting on auth failures: Auth Error Alerting.