Dataplex permissions allow users to perform specific actions on
Dataplex services, resources, and operations. For example,
the dataplex.lake.create
permission allows a user to create
Dataplex lakes in your project. You don't directly give users
permissions; instead, you grant them roles, which have one or more permissions
bundled within them.
This document focuses on the IAM permissions relevant to Dataplex.
Before you begin
Read the IAM documentation.
Dataplex permissions
The following tables list the permissions necessary to call
Dataplex API methods.
IAM Set and Get policy permissions
API Method |
IAM Permission |
GetIamPolicy |
dataplex.lakes.getIamPolicy |
SetIamPolicy |
dataplex.lakes.setIamPolicy |
Lake, zone, and asset permissions
API Method |
IAM Permission |
CreateLake |
dataplex.lakes.create |
UpdateLake |
dataplex.lakes.update |
DeleteLake |
dataplex.lakes.delete |
ListLakes |
dataplex.lakes.list |
GetLake |
dataplex.lakes.get |
ListLakeActions |
dataplex.lakeActions.list |
CreateZone |
dataplex.zones.create |
UpdateZone |
dataplex.zones.update |
DeleteZone |
dataplex.zones.delete |
ListZones |
dataplex.zones.list |
GetZone |
dataplex.zones.get |
ListZoneActions |
dataplex.zoneActions.list |
CreateAsset |
dataplex.assets.create |
UpdateAsset |
dataplex.assets.update |
DeleteAsset |
dataplex.assets.delete |
ListAssets |
dataplex.assets.list |
GetAsset |
dataplex.assets.get |
ListAssetActions |
dataplex.assetActions.list |
Task permissions
API Method |
IAM Permission |
CreateTask |
dataplex.tasks.create |
UpdateTask |
dataplex.tasks.update |
DeleteTask |
dataplex.tasks.delete |
ListTasks |
dataplex.tasks.list |
GetTask |
dataplex.tasks.get |
ListJobs |
dataplex.tasks.get |
GetJob |
dataplex.tasks.get |
CancelJob |
dataplex.tasks.cancel |
Environment permissions
API Method |
IAM Permission |
CreateEnvironment |
dataplex.environments.create |
UpdateEnvironment |
dataplex.environments.update |
DeleteEnvironment |
dataplex.environments.delete |
ListEnvironments |
dataplex.environments.list |
GetEnvironment |
dataplex.environments.get |
CreateContent |
dataplex.content.create |
UpdateContent |
dataplex.content.update |
DeleteContent |
dataplex.content.delete |
ListContent |
dataplex.content.list |
GetContent |
dataplex.content.get |
ListSessions |
dataplex.environments.get |
API Method |
IAM Permission |
CreateEntity |
dataplex.entities.create |
UpdateEntity |
dataplex.entities.update |
DeleteEntity |
dataplex.entities.delete |
GetEntity |
dataplex.entities.get |
ListEntities |
dataplex.entities.list |
CreatePartition |
dataplex.partitions.create |
UpdatePartition |
dataplex.partitions.update |
DeletePartition |
dataplex.partitions.delete |
GetPartition |
dataplex.partitions.get |
ListPartitions |
dataplex.partitions.list |
DataScan permissions
API Method |
IAM Permission |
CreateDataScan |
dataplex.datascans.create |
UpdateDataScan |
dataplex.datascans.update |
DeleteDataScan |
dataplex.datascans.delete |
ListDataScans |
dataplex.datascans.list |
GetDataScan (basic view) |
dataplex.datascans.get |
GetDataScan (full view) |
dataplex.datascans.getData |
ListDataScanJobs |
dataplex.datascans.get |
GetDataScanJob (basic view) |
dataplex.datascans.get |
GetDataScanJob (full view) |
dataplex.datascans.getData |
RunDataScan |
dataplex.datascans.run |
What's next