diff --git a/modules/ccs-gcp-customer-procedure.adoc b/modules/ccs-gcp-customer-procedure.adoc
index c863f2daffd1..f4bcc28d0e8c 100644
--- a/modules/ccs-gcp-customer-procedure.adoc
+++ b/modules/ccs-gcp-customer-procedure.adoc
@@ -99,12 +99,6 @@ The following roles must be link:https://cloud.google.com/iam/docs/granting-role
 |Organization Policy Viewer
 |`roles/orgpolicy.policyViewer`
 
-// |Owner
-// |`roles/owner`
-
-// |Project IAM Admin
-// |`roles/resourcemanager.projectIamAdmin`
-
 |Service Management Administrator
 |`roles/servicemanagement.admin`
 
diff --git a/modules/ccs-gcp-provisioned.adoc b/modules/ccs-gcp-provisioned.adoc
index 9988921dbb25..13b153b3bc65 100644
--- a/modules/ccs-gcp-provisioned.adoc
+++ b/modules/ccs-gcp-provisioned.adoc
@@ -46,28 +46,35 @@ GCP compute instances are required to deploy the control plane and data plane fu
 
 The following services must be enabled on a GCP CCS cluster:
 
-* `Deploymentmanager`
-* `Compute`
-* `Cloudapis`
-* `Cloudresourcemanager`
-* `DNS`
-* `Iamcredentials`
-* `IAM`
-* `Servicemanagement`
-* `Serviceusage`
-* `Storage-api`
-* `Storage-component`
+* `deploymentmanager`
+* `compute`
+* `cloudapis`
+* `cloudresourcemanager`
+* `dns`
+* `iamcredentials`
+* `iam`
+* `servicemanagement`
+* `serviceusage`
+* `storage-api`
+* `storage-component`
+* `orgpolicy`
+* `networksecurity`
 
 [id="gcp-policy-permissions_{context}"]
 == Permissions
 
 The following roles must be added to the support service account:
 
-* `Compute.admin`
-* `Dns.admin`
+* `compute.admin`
+* `dns.admin`
 * `orgpolicy.policyViewer`
-* `Owner`
-* `resourcemanager.projectIamAdmin`
-* `Servicemanagement.admin`
+* `servicemanagement.admin`
 * `serviceusage.serviceUsageAdmin`
 * `storage.admin`
+* `compute.loadBalancerAdmin`
+* `viewer`
+* `iam.roleAdmin`
+* `iam.securityAdmin`
+* `iam.serviceAccountKeyAdmin`
+* `iam.serviceAccountAdmin`
+* `iam.serviceAccountUser`
\ No newline at end of file