Resource types that accept IAM policies

This page lists the resource types on which you can set Identity and Access Management (IAM) policies.

Select a service to see which of its resource types support IAM policies:

Service Resources that accept IAM policies
AI Platform   Jobs (training)
Jobs (predicting)
Models
AI Platform Notebooks Instances
Apigee Environments
Artifact Registry Repositories
AutoML Datasets
Locations
Models
BigQuery Connections
Cloud Bigtable Backups
Instances
Tables
Binary Authorization Attestors
Policy
Cloud Billing Accounts
Cloud Data Fusion Instances
Cloud Deployment Manager Deployments
Cloud Functions Functions
Cloud Healthcare API Datasets
DICOM stores
FHIR stores
H17v2 stores
Cloud IoT Registries
Cloud Key Management Service Cryptographic keys
Import jobs
Key rings
Cloud Run  Services
Cloud Runtime Configuration API Configs
Cloud Source Repositories Repos
Cloud Spanner Backups
Databases
Instances
Cloud Storage Buckets
Cloud Tasks Queues
Compute Engine Backend buckets
Disks
Images
Instance templates
Instances
Licenses
Machine images
Node groups
Node templates
Region disks
Reservations
Resource policies
Snapshots
Subnetworks
Container Analysis Notes
Occurrences
Data Catalog Entries
Entry groups
Policy tags
Tag templates
Taxonomies
Dataproc Autoscaling policies (for locations)
Autoscaling policies (for regions)
Clusters
Jobs
Operations
Workflow templates (for locations)
Workflow templates (for regions)
Game Servers Game server deployments
Identity and Access Management Service accounts
Identity-Aware Proxy Tunnel
Tunnel instances
Tunnel zones
Web
Web service versions
Web services
Web types
Managed Service for Microsoft Active Directory Domains
Network Management API Connectivity tests
Pub/Sub Snapshots
Subscriptions
Topics
Resource Manager Folders
Organizations
Projects
Secret Manager Secrets
Security Command Center Sources
Service Directory Namespaces
Services
Service Management Consumers
Services