This page describes Developer Connect roles and permissions.
Access control in Developer Connect is controlled using Identity and Access Management (IAM). IAM lets you create and manage permissions for Google Cloud resources. Developer Connect provides a specific set of predefined IAM roles where each role contains a set of permissions suited to a particular type of access or action. We recommend that you adopt the security principle of least privilege, and grant only the necessary access to your resources.
Predefined Developer Connect roles
You assign permissions to accounts through the use of roles. The following table lists the roles available for Developer Connect and the permissions that they include:
Role | Description | Permissions |
---|---|---|
Name: Title: Developer Connect Admin |
Grants full access to Developer Connect resources. |
|
Name: Title: Developer Connect Read Token Accessor |
Grants access to read-only tokens. Also grants access to view the Git repository link. |
|
Name: Title: Developer Connect Token Accessor |
Grants access to read/write and read-only tokens. Also grants access to view the Git repository link. |
|
Name: Title: Developer Connect User |
Grants access to view the connection and access to the features that interact with the Git repository, such as reading content from the Git repository, or linking to the Git repository. |
|
Name: Title: Developer Connect Viewer |
Grants read-only access to Developer Connect resources. |
|
Developer Connect service account
Developer Connect uses a service account to execute tasks on your behalf when communicating with other services.
The identifier for the Developer Connect service agent is as follows, where PROJECT_NUMBER is your Google Cloud project number.
service-PROJECT_NUMBER@gcp-sa-devconnect.iam.gserviceaccount.com
You use this identifier to grant or modify IAM roles and permissions.
Configure access to resources
For specific steps on granting roles, see Granting, changing, and revoking access to resources.
What's next
- Learn about IAM.
- Connect to a GitHub repository.