Dataplex Administrator
(roles/dataplex.admin )
Full access to Dataplex resources, except Dataplex Catalog.
|
cloudasset.assets.analyzeIamPolicy
cloudasset.assets.searchAllIamPolicies
cloudasset.assets.searchAllResources
dataplex.assetActions.list
dataplex.assets.create
dataplex.assets.delete
dataplex.assets.get
dataplex.assets.getIamPolicy
dataplex.assets.list
dataplex.assets.setIamPolicy
dataplex.assets.update
dataplex.content.*
dataplex.content.create
dataplex.content.delete
dataplex.content.get
dataplex.content.getIamPolicy
dataplex.content.list
dataplex.content.setIamPolicy
dataplex.content.update
dataplex.dataAttributeBindings.*
dataplex.dataAttributeBindings.create
dataplex.dataAttributeBindings.delete
dataplex.dataAttributeBindings.get
dataplex.dataAttributeBindings.getIamPolicy
dataplex.dataAttributeBindings.list
dataplex.dataAttributeBindings.setIamPolicy
dataplex.dataAttributeBindings.update
dataplex.dataAttributes.*
dataplex.dataAttributes.bind
dataplex.dataAttributes.create
dataplex.dataAttributes.delete
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataAttributes.setIamPolicy
dataplex.dataAttributes.update
dataplex.dataTaxonomies.*
dataplex.dataTaxonomies.configureDataAccess
dataplex.dataTaxonomies.configureResourceAccess
dataplex.dataTaxonomies.create
dataplex.dataTaxonomies.delete
dataplex.dataTaxonomies.get
dataplex.dataTaxonomies.getIamPolicy
dataplex.dataTaxonomies.list
dataplex.dataTaxonomies.setIamPolicy
dataplex.dataTaxonomies.update
dataplex.datascans.*
dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.setIamPolicy
dataplex.datascans.update
dataplex.encryptionConfig.*
dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update
dataplex.entities.*
dataplex.entities.create
dataplex.entities.delete
dataplex.entities.get
dataplex.entities.list
dataplex.entities.update
dataplex.entryGroups.export
dataplex.entryGroups.import
dataplex.environments.*
dataplex.environments.create
dataplex.environments.delete
dataplex.environments.execute
dataplex.environments.get
dataplex.environments.getIamPolicy
dataplex.environments.list
dataplex.environments.setIamPolicy
dataplex.environments.update
dataplex.lakeActions.list
dataplex.lakes.*
dataplex.lakes.create
dataplex.lakes.delete
dataplex.lakes.get
dataplex.lakes.getIamPolicy
dataplex.lakes.list
dataplex.lakes.setIamPolicy
dataplex.lakes.update
dataplex.locations.*
dataplex.locations.get
dataplex.locations.list
dataplex.metadataJobs.*
dataplex.metadataJobs.cancel
dataplex.metadataJobs.create
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.operations.*
dataplex.operations.cancel
dataplex.operations.delete
dataplex.operations.get
dataplex.operations.list
dataplex.partitions.*
dataplex.partitions.create
dataplex.partitions.delete
dataplex.partitions.get
dataplex.partitions.list
dataplex.partitions.update
dataplex.tasks.*
dataplex.tasks.cancel
dataplex.tasks.create
dataplex.tasks.delete
dataplex.tasks.get
dataplex.tasks.getIamPolicy
dataplex.tasks.list
dataplex.tasks.run
dataplex.tasks.setIamPolicy
dataplex.tasks.update
dataplex.zoneActions.list
dataplex.zones.*
dataplex.zones.create
dataplex.zones.delete
dataplex.zones.get
dataplex.zones.getIamPolicy
dataplex.zones.list
dataplex.zones.setIamPolicy
dataplex.zones.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Aspect Type Owner
(roles/dataplex.aspectTypeOwner )
Grants access to creating and managing Aspect Types. Does not give the right to create/modify Entries.
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.*
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.setIamPolicy
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Aspect Type User
(roles/dataplex.aspectTypeUser )
Grants access to use Aspect Types to create/modify Entries with the corresponding aspects.
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.get
dataplex.aspectTypes.list
dataplex.aspectTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Binding Administrator
(roles/dataplex.bindingAdmin )
Full access on DataAttribute Bindig resources.
|
dataplex.dataAttributeBindings.*
dataplex.dataAttributeBindings.create
dataplex.dataAttributeBindings.delete
dataplex.dataAttributeBindings.get
dataplex.dataAttributeBindings.getIamPolicy
dataplex.dataAttributeBindings.list
dataplex.dataAttributeBindings.setIamPolicy
dataplex.dataAttributeBindings.update
|
Dataplex Catalog Admin
(roles/dataplex.catalogAdmin )
Has full access to Catalog resources: Entry Groups, Entry Types, Aspect Types and Entries.
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.*
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.setIamPolicy
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.entries.*
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.*
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.import
dataplex.entryGroups.list
dataplex.entryGroups.setIamPolicy
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useSchemaAspect
dataplex.entryTypes.*
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.setIamPolicy
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Catalog Editor
(roles/dataplex.catalogEditor )
Has write access to Catalog resources: Entry Groups, Entry Types, Aspect Types and Entries. Cannot set IAM policies on resources
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.entries.*
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.list
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useSchemaAspect
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Catalog Viewer
(roles/dataplex.catalogViewer )
Has read access to Catalog resources: Entry Groups, Entry Types, Aspect Types and Entries. Can view IAM policies on Catalog resources.
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.entries.get
dataplex.entries.list
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.list
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Data Owner
(roles/dataplex.dataOwner )
Owner access to data. To be granted to Dataplex resources Lake, Zone or Asset only.
|
dataplex.assets.ownData
dataplex.assets.readData
dataplex.assets.writeData
|
Dataplex Data Reader
(roles/dataplex.dataReader )
Read only access to data. To be granted to Dataplex resources Lake, Zone or Asset only.
|
dataplex.assets.readData
|
Dataplex DataScan Administrator
(roles/dataplex.dataScanAdmin )
Full access to DataScan resources.
|
dataplex.datascans.*
dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.setIamPolicy
dataplex.datascans.update
dataplex.operations.get
dataplex.operations.list
|
Dataplex DataScan Creator
(roles/dataplex.dataScanCreator )
Access to create new DataScan resources.
|
dataplex.datascans.create
dataplex.datascans.get
dataplex.datascans.list
dataplex.operations.get
|
Dataplex DataScan DataViewer
(roles/dataplex.dataScanDataViewer )
Read access to DataScan resources and additional contents.
|
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
|
Dataplex DataScan Editor
(roles/dataplex.dataScanEditor )
Write access to DataScan resources.
|
dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.update
dataplex.operations.get
dataplex.operations.list
|
Dataplex DataScan Viewer
(roles/dataplex.dataScanViewer )
Read access to DataScan resources.
|
dataplex.datascans.get
dataplex.datascans.getIamPolicy
dataplex.datascans.list
|
Dataplex Data Writer
(roles/dataplex.dataWriter )
Write access to data. To be granted to Dataplex resources Lake, Zone or Asset only.
|
dataplex.assets.writeData
|
Dataplex Developer
(roles/dataplex.developer )
Allows running data analytics workloads in a lake.
|
dataplex.content.*
dataplex.content.create
dataplex.content.delete
dataplex.content.get
dataplex.content.getIamPolicy
dataplex.content.list
dataplex.content.setIamPolicy
dataplex.content.update
dataplex.environments.execute
dataplex.environments.get
dataplex.environments.list
dataplex.tasks.cancel
dataplex.tasks.create
dataplex.tasks.delete
dataplex.tasks.get
dataplex.tasks.list
dataplex.tasks.run
dataplex.tasks.update
|
Dataplex Editor
(roles/dataplex.editor )
Write access to Dataplex resources.
|
cloudasset.assets.analyzeIamPolicy
dataplex.assetActions.list
dataplex.assets.create
dataplex.assets.delete
dataplex.assets.get
dataplex.assets.getIamPolicy
dataplex.assets.list
dataplex.assets.update
dataplex.content.delete
dataplex.content.get
dataplex.content.getIamPolicy
dataplex.content.list
dataplex.dataAttributeBindings.create
dataplex.dataAttributeBindings.delete
dataplex.dataAttributeBindings.get
dataplex.dataAttributeBindings.getIamPolicy
dataplex.dataAttributeBindings.list
dataplex.dataAttributeBindings.update
dataplex.dataAttributes.bind
dataplex.dataAttributes.create
dataplex.dataAttributes.delete
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataAttributes.update
dataplex.dataTaxonomies.configureDataAccess
dataplex.dataTaxonomies.configureResourceAccess
dataplex.dataTaxonomies.create
dataplex.dataTaxonomies.delete
dataplex.dataTaxonomies.get
dataplex.dataTaxonomies.getIamPolicy
dataplex.dataTaxonomies.list
dataplex.dataTaxonomies.update
dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.update
dataplex.environments.create
dataplex.environments.delete
dataplex.environments.get
dataplex.environments.getIamPolicy
dataplex.environments.list
dataplex.environments.update
dataplex.lakeActions.list
dataplex.lakes.create
dataplex.lakes.delete
dataplex.lakes.get
dataplex.lakes.getIamPolicy
dataplex.lakes.list
dataplex.lakes.update
dataplex.operations.*
dataplex.operations.cancel
dataplex.operations.delete
dataplex.operations.get
dataplex.operations.list
dataplex.tasks.cancel
dataplex.tasks.create
dataplex.tasks.delete
dataplex.tasks.get
dataplex.tasks.getIamPolicy
dataplex.tasks.list
dataplex.tasks.run
dataplex.tasks.update
dataplex.zoneActions.list
dataplex.zones.create
dataplex.zones.delete
dataplex.zones.get
dataplex.zones.getIamPolicy
dataplex.zones.list
dataplex.zones.update
|
Dataplex Encryption Admin
Beta
(roles/dataplex.encryptionAdmin )
Gives user permissions to manage encryption config.
|
dataplex.encryptionConfig.*
dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update
|
Dataplex Entry Group Exporter
Beta
(roles/dataplex.entryGroupExporter )
Grants access to export this entry group for Metadata Job processing.
|
dataplex.entryGroups.export
dataplex.entryGroups.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Entry Group Importer
Beta
(roles/dataplex.entryGroupImporter )
Grants access to import this entry group for Metadata Job processing.
|
dataplex.entryGroups.get
dataplex.entryGroups.import
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Entry Group Owner
(roles/dataplex.entryGroupOwner )
Owns Entry Groups and Entries inside of them.
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.get
dataplex.aspectTypes.list
dataplex.aspectTypes.use
dataplex.entries.*
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.*
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.import
dataplex.entryGroups.list
dataplex.entryGroups.setIamPolicy
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useSchemaAspect
dataplex.entryTypes.get
dataplex.entryTypes.list
dataplex.entryTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Entry Owner
(roles/dataplex.entryOwner )
Owns Metadata Entries.
|
datacatalog.migrationConfig.get
dataplex.aspectTypes.get
dataplex.aspectTypes.list
dataplex.aspectTypes.use
dataplex.entries.*
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.get
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useSchemaAspect
dataplex.entryTypes.get
dataplex.entryTypes.list
dataplex.entryTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Entry Type Owner
(roles/dataplex.entryTypeOwner )
Grants access to creating and managing Entry Types. Does not give the right to create/modify Entries.
|
datacatalog.migrationConfig.get
dataplex.entryTypes.*
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.setIamPolicy
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Entry Type User
(roles/dataplex.entryTypeUser )
Grants access to use Entry Types to create/modify Entries of those types.
|
datacatalog.migrationConfig.get
dataplex.entryTypes.get
dataplex.entryTypes.list
dataplex.entryTypes.use
dataplex.projects.search
resourcemanager.projects.get
resourcemanager.projects.list
|
(roles/dataplex.metadataJobOwner )
Grants access to creating and managing Metadata Jobs. Does not give the right to create/modify Entry Groups.
|
dataplex.metadataJobs.*
dataplex.metadataJobs.cancel
dataplex.metadataJobs.create
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.operations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
(roles/dataplex.metadataJobViewer )
Read access to Metadata Job resources.
|
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.operations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
(roles/dataplex.metadataReader )
Read only access to metadata.
|
dataplex.assets.get
dataplex.assets.list
dataplex.entities.get
dataplex.entities.list
dataplex.partitions.get
dataplex.partitions.list
dataplex.zones.get
dataplex.zones.list
resourcemanager.projects.get
resourcemanager.projects.list
|
(roles/dataplex.metadataWriter )
Write and Read access to metadata.
|
dataplex.assets.get
dataplex.assets.list
dataplex.entities.*
dataplex.entities.create
dataplex.entities.delete
dataplex.entities.get
dataplex.entities.list
dataplex.entities.update
dataplex.partitions.*
dataplex.partitions.create
dataplex.partitions.delete
dataplex.partitions.get
dataplex.partitions.list
dataplex.partitions.update
dataplex.zones.get
dataplex.zones.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataplex Security Administrator
(roles/dataplex.securityAdmin )
Permissions configure ResourceAccess and DataAccess Specs on Data Attributes.
|
dataplex.dataTaxonomies.configureDataAccess
dataplex.dataTaxonomies.configureResourceAccess
|
Dataplex Storage Data Owner
(roles/dataplex.storageDataOwner )
Owner access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.
|
bigquery.datasets.get
bigquery.models.create
bigquery.models.delete
bigquery.models.export
bigquery.models.getData
bigquery.models.getMetadata
bigquery.models.list
bigquery.models.updateData
bigquery.models.updateMetadata
bigquery.routines.create
bigquery.routines.delete
bigquery.routines.get
bigquery.routines.list
bigquery.routines.update
bigquery.tables.create
bigquery.tables.createSnapshot
bigquery.tables.delete
bigquery.tables.deleteSnapshot
bigquery.tables.export
bigquery.tables.get
bigquery.tables.getData
bigquery.tables.list
bigquery.tables.restoreSnapshot
bigquery.tables.update
bigquery.tables.updateData
storage.buckets.get
storage.objects.create
storage.objects.delete
storage.objects.get
storage.objects.list
storage.objects.update
|
Dataplex Storage Data Reader
(roles/dataplex.storageDataReader )
Read only access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.
|
bigquery.datasets.get
bigquery.models.export
bigquery.models.getData
bigquery.models.getMetadata
bigquery.models.list
bigquery.routines.get
bigquery.routines.list
bigquery.tables.export
bigquery.tables.get
bigquery.tables.getData
bigquery.tables.list
storage.buckets.get
storage.objects.get
storage.objects.list
|
Dataplex Storage Data Writer
(roles/dataplex.storageDataWriter )
Write access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.
|
bigquery.tables.updateData
storage.objects.create
storage.objects.delete
storage.objects.update
|
Dataplex Taxonomy Administrator
(roles/dataplex.taxonomyAdmin )
Full access to DataTaxonomy, DataAttribute resources.
|
dataplex.dataAttributes.*
dataplex.dataAttributes.bind
dataplex.dataAttributes.create
dataplex.dataAttributes.delete
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataAttributes.setIamPolicy
dataplex.dataAttributes.update
dataplex.dataTaxonomies.create
dataplex.dataTaxonomies.delete
dataplex.dataTaxonomies.get
dataplex.dataTaxonomies.getIamPolicy
dataplex.dataTaxonomies.list
dataplex.dataTaxonomies.setIamPolicy
dataplex.dataTaxonomies.update
|
Dataplex Taxonomy Viewer
(roles/dataplex.taxonomyViewer )
Read access on DataTaxonomy, DataAttribute resources.
|
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataTaxonomies.get
dataplex.dataTaxonomies.getIamPolicy
dataplex.dataTaxonomies.list
|
Dataplex Viewer
(roles/dataplex.viewer )
Read access to Dataplex resources.
|
cloudasset.assets.analyzeIamPolicy
dataplex.assetActions.list
dataplex.assets.get
dataplex.assets.getIamPolicy
dataplex.assets.list
dataplex.content.get
dataplex.content.getIamPolicy
dataplex.content.list
dataplex.dataAttributeBindings.get
dataplex.dataAttributeBindings.getIamPolicy
dataplex.dataAttributeBindings.list
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataTaxonomies.get
dataplex.dataTaxonomies.getIamPolicy
dataplex.dataTaxonomies.list
dataplex.datascans.get
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.environments.get
dataplex.environments.getIamPolicy
dataplex.environments.list
dataplex.lakeActions.list
dataplex.lakes.get
dataplex.lakes.getIamPolicy
dataplex.lakes.list
dataplex.operations.get
dataplex.operations.list
dataplex.tasks.get
dataplex.tasks.getIamPolicy
dataplex.tasks.list
dataplex.zoneActions.list
dataplex.zones.get
dataplex.zones.getIamPolicy
dataplex.zones.list
|