The following Identity and Access Management (IAM) permissions will be deprecated December 31, 2025:
cloudaicompanion.companions.generateChatcloudaicompanion.companions.generateCode
To prepare for this change, take the following steps:
Identify any custom IAM roles that you have that control access to the Gemini for Google Cloud API:
In the Google Cloud console, go to the Roles page.
In the Google Cloud console toolbar, select your organization or project from the list.
To view role permissions, select the checkbox for one or more roles. An adjacent pane displays any permissions contained in the roles.
The icons in the Type column indicate if it's a custom role or a predefined role
If you want to find all the roles that include a specific permission, type the permission name in the Filter field at the beginning of the Roles list.
Add new permissions. Before December 31, 2025, add the following new permissions to your custom roles:
cloudaicompanion.instances.completeCodecloudaicompanion.instances.completeTaskcloudaicompanion.instances.generateCodecloudaicompanion.instances.generateText
Retain old permissions. Until December 31, 2025, keep the following permissions in your custom roles:
cloudaicompanion.companions.generateChatcloudaicompanion.companions.generateCode
After December 31, 2025, you can safely remove the old permissions from your custom roles.
For more information about updating custom roles, see
Create and manage custom roles.