This page lists the permissions required by Google Distributed Cloud connected and the Identity and Access Management (IAM) roles that encapsulate them.
Distributed Cloud Edge Container API roles and permissions
The following table lists the Google Cloud project roles for the Distributed Cloud Edge Container API and the Distributed Cloud connected permissions that they encapsulate.
Role | Permissions |
---|---|
Edge Container Admin( Full access to Edge Container all resources. |
|
Edge Container Cluster Service Agent( Grants the Edge Container Cluster Service Account access to manage resources. |
|
Edge Container Identity Provider Admin( Access to manage Identity Providers. |
|
Edge Container Identity Provider Viewer( Read-only access to Identity Providers. |
|
Edge Container Machine User( Access to use Edge Container Machine resources. |
|
Edge Container Cluster offline Credential User( Access to get Edge Container cluster offline credentials |
|
Edge Container Service Account Admin( Access to manage Service Accounts. |
|
Edge Container Service Account Key Admin( Access to manage Service Account Keys. |
|
Edge Container Service Account Viewer( Read-only access to Service Accounts. |
|
Edge Container Service Agent( Grants the Edge Container Service Account access to manage resources. |
|
Edge Container Viewer( Read-only access to Edge Container all resources. |
|
Edge Container Zonal Project Admin( Access to manage zonal projects. |
|
Edge Container Zonal Project Viewer( Read-only access to zonal projects. |
|
Edge Container Zonal Service Admin( Access to mutate zonal service. |
|
Edge Container Zonal Service Viewer( Read-only access to zonal services. |
|
Edge Container Zone Iam Policy Admin( Access to manage Iam Policy in the zone. |
|
Edge Container Zone Iam Policy Viewer( Read-only access to Iam Policy in the zone. |
|
Edge Container Zone Viewer( Read-only access to zones. |
|
Distributed Cloud Edge Network API roles and permissions
The following table lists the Google Cloud project roles for the Distributed Cloud Edge Network API and the Distributed Cloud connected permissions that they encapsulate.
Role | Permissions |
---|---|
Edge Network Admin( Full access to Edge Network all resources. |
|
Edge Network Viewer( Read-only access to Edge Network all resources. |
|
GDC Hardware Management API roles and permissions
The following table lists the Google Cloud project roles for the GDC Hardware Management API and the Distributed Cloud connected permissions that they encapsulate.
Role | Permissions |
---|---|
GDC Hardware Management Admin Beta( Full access to GDC Hardware Management resources. |
|
GDC Hardware Management Operator Beta( Create, read, and update access to GDC Hardware Management resources that support those operations. Also grants delete access to HardwareGroup resource. |
|
GDC Hardware Management Reader Beta( Readonly access to GDC Hardware Management resources. |
|