See the supported connectors for Application Integration.

Predefined Application Integration IAM roles

Predefined roles give granular access to specific Google Cloud resources. These roles are created and maintained by Google. Google automatically updates their permissions as necessary, such as when Google Cloud adds new features or services.

The following table lists all the predefined IAM roles for Application Integration:

  • Application Integration

(roles/integrations.integrationAdmin)

A user that has full access (CRUD) to all integrations.

integrations.apigeeAuthConfigs.*

integrations.apigeeCertificates.*

integrations.apigeeExecutions.list

integrations.apigeeIntegrationVers.*

integrations.apigeeIntegrations.*

integrations.apigeeSfdcChannels.*

integrations.apigeeSfdcInstances.*

integrations.apigeeSuspensions.*

integrations.authConfigs.*

integrations.certificates.*

integrations.executions.*

integrations.integrationVersions.create

integrations.integrationVersions.delete

integrations.integrationVersions.deploy

integrations.integrationVersions.get

integrations.integrationVersions.list

integrations.integrationVersions.update

integrations.integrations.*

integrations.sfdcChannels.*

integrations.sfdcInstances.*

integrations.suspensions.*

integrations.testCases.*

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.integrationDeployer)

A developer that can deploy/undeploy integrations to the integration runtime.

integrations.apigeeIntegrationVers.deploy

integrations.apigeeIntegrationVers.get

integrations.apigeeIntegrationVers.list

integrations.apigeeIntegrations.list

integrations.integrationVersions.deploy

integrations.integrationVersions.get

integrations.integrationVersions.list

integrations.integrations.deploy

integrations.integrations.get

integrations.integrations.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.integrationEditor)

A developer that can list, create and update integrations.

integrations.apigeeAuthConfigs.create

integrations.apigeeAuthConfigs.get

integrations.apigeeAuthConfigs.list

integrations.apigeeAuthConfigs.update

integrations.apigeeCertificates.create

integrations.apigeeCertificates.get

integrations.apigeeCertificates.list

integrations.apigeeCertificates.update

integrations.apigeeExecutions.list

integrations.apigeeIntegrationVers.*

integrations.apigeeIntegrations.*

integrations.apigeeSfdcChannels.create

integrations.apigeeSfdcChannels.get

integrations.apigeeSfdcChannels.list

integrations.apigeeSfdcChannels.update

integrations.apigeeSfdcInstances.create

integrations.apigeeSfdcInstances.get

integrations.apigeeSfdcInstances.list

integrations.apigeeSfdcInstances.update

integrations.authConfigs.create

integrations.authConfigs.get

integrations.authConfigs.list

integrations.authConfigs.update

integrations.certificates.get

integrations.executions.*

integrations.integrationVersions.create

integrations.integrationVersions.delete

integrations.integrationVersions.deploy

integrations.integrationVersions.get

integrations.integrationVersions.list

integrations.integrationVersions.update

integrations.integrations.create

integrations.integrations.generateOpenApiSpec

integrations.integrations.get

integrations.integrations.invoke

integrations.integrations.list

integrations.integrations.update

integrations.sfdcChannels.*

integrations.sfdcInstances.*

integrations.testCases.*

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.integrationInvoker)

A role that can invoke integrations.

integrations.apigeeExecutions.list

integrations.apigeeIntegrationVers.get

integrations.apigeeIntegrationVers.list

integrations.apigeeIntegrations.*

integrations.executions.*

integrations.integrationVersions.get

integrations.integrationVersions.invoke

integrations.integrationVersions.list

integrations.integrations.get

integrations.integrations.invoke

integrations.integrations.list

integrations.testCases.get

integrations.testCases.invoke

integrations.testCases.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.integrationViewer)

A developer that can list and view integrations.

integrations.apigeeAuthConfigs.list

integrations.apigeeCertificates.list

integrations.apigeeIntegrationVers.get

integrations.apigeeIntegrationVers.list

integrations.apigeeIntegrations.list

integrations.apigeeSfdcChannels.list

integrations.apigeeSfdcInstances.list

integrations.authConfigs.get

integrations.authConfigs.list

integrations.certificates.get

integrations.certificates.list

integrations.executions.get

integrations.executions.list

integrations.integrationVersions.get

integrations.integrationVersions.list

integrations.integrations.generateOpenApiSpec

integrations.integrations.get

integrations.integrations.list

integrations.sfdcChannels.list

integrations.sfdcInstances.list

integrations.testCases.get

integrations.testCases.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.sfdcInstanceAdmin)

A user that has full access (CRUD) to all SFDC instances.

integrations.sfdcChannels.*

integrations.sfdcInstances.*

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.sfdcInstanceEditor)

A developer that can list, create and update integrations.

integrations.sfdcChannels.create

integrations.sfdcChannels.get

integrations.sfdcChannels.list

integrations.sfdcChannels.update

integrations.sfdcInstances.create

integrations.sfdcInstances.get

integrations.sfdcInstances.list

integrations.sfdcInstances.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.sfdcInstanceViewer)

A developer that can list and view SFDC instances.

integrations.sfdcChannels.get

integrations.sfdcChannels.list

integrations.sfdcInstances.get

integrations.sfdcInstances.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/integrations.suspensionResolver)

A role that can resolve suspended integrations.

integrations.apigeeSuspensions.*

integrations.suspensions.*

resourcemanager.projects.get

resourcemanager.projects.list

For more information about predefined roles, see Roles and permissions. For help choosing the most appropriate predefined roles, see Choose predefined roles.