Foglight uses service account to monitor Google Cloud. Each RESTful API provided by Google cloud requires that the service account has corresponding permissions.
For Compute Engine monitoring viewer role is required.
For Cost monitoring, the following roles are required:
• Billing Account Viewer.
• Bigquery user.
• Bigquery dataViewer.
For Automatically installing stackdriver, the following roles are required:
• compute.osAdminLogin
• iam.serviceAccountUser
• compute.instanceAdmin.v1
• compute.osLogin
• compute.securityAdmin