iac describe, set up credentials to make authenticated requests to your GCP project.
iac describecommand uses the Cloud Asset API, you must use a service account.
iac describewith deep mode, you need access to retrieve the details of a resource and the Cloud Asset Viewer role is not enough. To be able to get the details, set up the basic role of Viewer on your project. To read your IAM policies you also need the role iam.securityReviewer on your project.