This page lists the permissions required by Gemini on Google Distributed Cloud connected API and the Identity and Access Management (IAM) roles that encapsulate them.
Distributed Cloud Edge Container API roles and permissions
Distributed Cloud Edge Container API roles and permissions required on the Google Cloud organization that hosts your Gemini on GDC connected API Google Cloud project. Assign them to accounts that interact with Gemini on GDC connected API endpoints.
The following Distributed Cloud Edge Container API roles and permissions are required on the Google Cloud project that hosts your Gemini on GDC connected API deployment. Assign them to accounts that interact with Gemini on GDC connected API endpoints.
- Service Usage Admin
- Edge Container Zonal Service Admin
- Edge Container Zonal Service Viewer
- Edge Container Service Account Admin
- Edge Container Service Account Viewer
- Edge Container Service Account Key Admin
- Edge Container Zone Iam Policy Admin
- Edge Container Zone Iam Policy Viewer
- Edge Container Machine User
Vertex AI API roles and permissions
Vertex AI API roles and permissions required on the Google Cloud project that hosts your Gemini on GDC connected API deployment:
Gemini on GDC connected API roles and permissions
The following Gemini on GDC connected API roles and permissions are required on the Google Cloud project that hosts your Gemini on GDC connected API deployment. Assign them to accounts that interact with Gemini on GDC connected API endpoints. You must use the steps described in Deploy an endpoint to assign the roles listed in this section.
- AI Platform Gemini Developer (
roles/aiplatform.geminiDeveloper)