Grant appropriate App Hub IAM roles to users or
groups who will manage or view applications within App Hub
administrative boundaries. To grant roles, you can use the IAM
page in the Google Cloud console or the Google Cloud CLI. For detailed instructions,
see Manage access to projects, folders, and organizations.
App Hub roles
The following table describes App Hub IAM roles and
their typical responsibilities:
Role
Description
Purpose
App Hub Admin
Attach service projects to a host project, create applications,
update application attributes, register services and workloads, update
service and workload attributes, and delegate application control to the
App Hub Editor.
Manage the full lifecycle of an application or attach service
projects to a host project.
Get administrative permissions and complete visibility of the
end-to-end application architecture.
App Hub Editor
Create and update applications, register and unregister services and
workloads, and update attributes.
Scale the capability to create, update, or delete services and
workloads.
Manage application deployments.
App Hub Viewer
View services, workloads, and applications, and their
attributes.
Visualize services, workloads, and applications, as well as their
dependencies.
Obtain visibility of applications as an App Hub user.
App Hub permissions
The following table lists the permissions that each App Hub
IAM role has:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-18 UTC."],[],[],null,[]]
