diff --git a/backend/api/README.md b/backend/api/README.md
index 606a92a..b806f53 100644
--- a/backend/api/README.md
+++ b/backend/api/README.md
@@ -70,8 +70,22 @@ gcloud compute backend-services update api-backend \
 ```shell
 gcloud iam service-accounts create ci-deployer \
   --display-name="CI Deployer"
-gcloud projects add-iam-policy-binding compass-130ba --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" --role="roles/artifactregistry.writer"
-gcloud projects add-iam-policy-binding compass-130ba --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" --role="roles/storage.objectAdmin"
+gcloud projects add-iam-policy-binding compass-130ba \
+  --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" \
+  --role="roles/artifactregistry.writer"
+gcloud projects add-iam-policy-binding compass-130ba \
+  --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" \
+  --role="roles/storage.objectAdmin"
+gcloud projects add-iam-policy-binding compass-130ba \
+  --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" \
+  --role="roles/storage.admin"
+gcloud projects add-iam-policy-binding compass-130ba \
+  --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" \
+  --role="roles/compute.admin"
+gcloud iam service-accounts add-iam-policy-binding \
+  253367029065-compute@developer.gserviceaccount.com \
+  --member="serviceAccount:ci-deployer@compass-130ba.iam.gserviceaccount.com" \
+  --role="roles/iam.serviceAccountUser"
 gcloud iam service-accounts keys create keyfile.json --iam-account=ci-deployer@compass-130ba.iam.gserviceaccount.com
 ```
 
diff --git a/backend/api/deploy-api.sh b/backend/api/deploy-api.sh
index abb376d..1c9b192 100755
--- a/backend/api/deploy-api.sh
+++ b/backend/api/deploy-api.sh
@@ -54,16 +54,16 @@ export TF_VAR_image_url=$IMAGE_URL
 export TF_VAR_env=$ENV
 tofu apply -auto-approve
 
-INSTANCE_NAME=$(gcloud compute instances list \
-  --filter="zone:(us-west1-c)" \
-  --sort-by="~creationTimestamp" \
-  --format="value(name)" \
-  --limit=1)
-SERVICE_ACCOUNT_EMAIL=$(gcloud compute instances describe ${INSTANCE_NAME} \
-  --zone us-west1-c \
-  --format="value(serviceAccounts.email)")
-gcloud projects add-iam-policy-binding ${PROJECT} \
-  --member="serviceAccount:$SERVICE_ACCOUNT_EMAIL" \
-  --role="roles/artifactregistry.reader"
+#INSTANCE_NAME=$(gcloud compute instances list \
+#  --filter="zone:(us-west1-c)" \
+#  --sort-by="~creationTimestamp" \
+#  --format="value(name)" \
+#  --limit=1)
+#SERVICE_ACCOUNT_EMAIL=$(gcloud compute instances describe ${INSTANCE_NAME} \
+#  --zone us-west1-c \
+#  --format="value(serviceAccounts.email)")
+#gcloud projects add-iam-policy-binding ${PROJECT} \
+#  --member="serviceAccount:$SERVICE_ACCOUNT_EMAIL" \
+#  --role="roles/artifactregistry.reader"
 
 echo "✅ Deployment complete! Image: ${IMAGE_URL}"
diff --git a/backend/api/package.json b/backend/api/package.json
index 43e0228..1092abf 100644
--- a/backend/api/package.json
+++ b/backend/api/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@compass/api",
   "description": "Backend API endpoints",
-  "version": "1.0.8",
+  "version": "1.0.9",
   "private": true,
   "scripts": {
     "watch:serve": "tsx watch src/serve.ts",