Send feedback
IAM roles and permissions
Stay organized with collections
Save and categorize content based on your preferences.
This page
applies to Apigee and Apigee hybrid .
You can view and grant roles using the permissions panel on the IAM & Admin > IAM
page in your Google Cloud project.
Go to IAM & Admin
Note: If a role is assigned to a user then all the associated permissions of the role are
automatically assigned to the user.
The following table lists the roles and the corresponding permissions required to create and
manage API hub resources.
IAM role name
Description
Required permissions
Cloud API hub Viewer
This role can view all resources in API hub
apihub.googleapis.com/locations.searchResourcesapihub.googleapis.com/apis.listapihub.googleapis.com/apis.getapihub.googleapis.com/specs.listapihub.googleapis.com/specs.getapihub.googleapis.com/apiOperations.listapihub.googleapis.com/apiOperations.getapihub.googleapis.com/versions.listapihub.googleapis.com/versions.getapihub.googleapis.com/deployments.listapihub.googleapis.com/deployments.getapihub.googleapis.com/attributes.listapihub.googleapis.com/attributes.getapihub.googleapis.com/definitions.listapihub.googleapis.com/definitions.getapihub.googleapis.com/definitions.getapihub.googleapis.com/externalApis.getapihub.googleapis.com/externalApis.listapihub.googleapis.com/dependencies.getapihub.googleapis.com/dependencies.listapihub.googleapis.com/plugins.getapihub.googleapis.com/plugins.listapihub.googleapis.com/runTimeProjectAttachments.getapihub.googleapis.com/runTimeProjectAttachments.listapihub.googleapis.com/hostProjectRegistrations.listapihub.googleapis.com/hostProjectRegistrations.getapihub.googleapis.com/apiHubInstances.getapihub.googleapis.com/apiHubInstances.listapihub.googleapis.com/styleGuides.getcloudresourcemanager.googleapis.com/projects.getcloudresourcemanager.googleapis.com/projects.list
Cloud API hub Plugins Admin
All permissions related to plugins
cloudresourcemanager.googleapis.com/projects.getcloudresourcemanager.googleapis.com/projects.listapihub.googleapis.com/plugins.getapihub.googleapis.com/plugins.listapihub.googleapis.com/plugins.enableapihub.googleapis.com/plugins.disableapihub.googleapis.com/specs.lintapihub.googleapis.com/styleGuides.getapihub.googleapis.com/styleGuides.update
Cloud API hub Editor
Editor role for resources
In addition to the permissions of the Cloud API hub viewer role, this
role has the following permissions:
apihub.googleapis.com/apis.createapihub.googleapis.com/apis.updateapihub.googleapis.com/apis.deleteapihub.googleapis.com/versions.createapihub.googleapis.com/versions.updateapihub.googleapis.com/versions.deleteapihub.googleapis.com/specs.createapihub.googleapis.com/specs.updateapihub.googleapis.com/specs.deleteapihub.googleapis.com/deployments.createapihub.googleapis.com/deployments.updateapihub.googleapis.com/deployments.deleteapihub.googleapis.com/specs.lint
Cloud API hub Provisioning Admin
All permissions related to provisioning
cloudresourcemanager.googleapis.com/projects.getcloudresourcemanager.googleapis.com/projects.listapihub.googleapis.com/hostProjectRegistrations.listapihub.googleapis.com/hostProjectRegistrations.getapihub.googleapis.com/hostProjectRegistrations.createapihub.googleapis.com/hostProjectRegistrations.registerapihub.googleapis.com/hostProjectRegistrations.deleteapihub.googleapis.com/runTimeProjectAttachments.listapihub.googleapis.com/runTimeProjectAttachments.getapihub.googleapis.com/runTimeProjectAttachments.lookupapihub.googleapis.com/runTimeProjectAttachments.createapihub.googleapis.com/runTimeProjectAttachments.attachapihub.googleapis.com/runTimeProjectAttachments.deleteapihub.googleapis.com/apiHubInstances.getapihub.googleapis.com/apiHubInstances.listapihub.googleapis.com/apiHubInstances.createapihub.googleapis.com/apiHubInstances.delete
Cloud API hub Attributes Admin
All permissions related to attributes
cloudresourcemanager.googleapis.com/projects.getcloudresourcemanager.googleapis.com/projects.listapihub.googleapis.com/attributes.createapihub.googleapis.com/attributes.updateapihub.googleapis.com/attributes.deleteapihub.googleapis.com/attributes.listapihub.googleapis.com/attributes.get
Cloud API hub Admin
All permissions
This role has all the permissions of the following roles:
Cloud API hub Editor
Cloud API hub Attributes Admin
Cloud API hub Provisioning Admin
Cloud API hub Plugins Admin
Send feedback
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-01-30 UTC.
Need to tell us more?
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-01-30 UTC."],[],[]]
