Informationen zu Rollen

Auf dieser Seite werden IAM-Rollen beschrieben und die vordefinierten Rollen aufgelistet, die Sie Ihren Hauptkonten zuweisen können.

Eine Rolle enthält eine Reihe von Berechtigungen, mit denen Sie bestimmte Aktionen für Google Cloud-Ressourcen vornehmen können. Wenn Sie Hauptkonten Berechtigungen erteilen möchten, einschließlich Nutzern, Gruppen und Dienstkonten, weisen Sie den Hauptkonten Rollen zu.

Voraussetzungen für diese Anleitung

Machen Sie sich mit den grundlegenden Konzepten von IAM vertraut

Rollentypen

Es gibt drei Arten von Rollen in IAM:

Einfache Rollen, zu denen die Rollen "Inhaber", "Bearbeiter" und "Betrachter" gehören und die es schon vor der Einführung von IAM gab.
Vordefinierte Rollen, die detaillierten Zugriff auf einen bestimmten Dienst bieten und von Google Cloud verwaltet werden.
Benutzerdefinierte Rollen, die detaillierten Zugriff gemäß einer vom Nutzer angegebenen Liste von Berechtigungen bieten.

Mit einer der folgenden Methoden können Sie ermitteln, ob eine Berechtigung in einer einfachen, vordefinierten oder benutzerdefinierten Rolle enthalten ist:

Führen Sie den Befehl gcloud iam roles describe aus, um die Berechtigungen der Rolle aufzulisten:
Rufen Sie die REST API-Methode roles.get() auf, um die Berechtigungen in der Rolle aufzulisten.
Nur für einfache und vordefinierte Rollen: Suchen Sie in der Berechtigungsreferenz, ob die Berechtigung von der Rolle gewährt wird.
Nur für vordefinierte Rollen: Suchen Sie auf dieser Seite in den vordefinierten Rollenbeschreibungen, um zu sehen, welche Berechtigungen die Rolle enthält.

In den folgenden Abschnitten werden die einzelnen Rollentypen beschrieben und Beispiele für deren Verwendung gegeben.

Einfache Rollen

Vor der Einführung von IAM gab es mehrere einfache Rollen: "Inhaber", "Bearbeiter" und "Betrachter". Diese Rollen sind konzentrisch, was bedeutet, dass die Inhaberrolle die Berechtigungen der Bearbeiterrolle und die Bearbeiterrolle die Berechtigungen der Betrachterrolle beinhaltet. Sie wurden ursprünglich als „einfache Rollen“ bezeichnet.

In der folgenden Tabelle sind die Berechtigungen zusammengefasst, die die einfachen Rollen in allen Google Cloud-Diensten enthalten:

Definitionen für einfache Rollen

Name	Titel	Berechtigungen
`roles/viewer`	Betrachter	Berechtigungen für schreibgeschützte Aktionen, die sich nicht auf den Status auswirken, z. B. Anzeigen (aber nicht Ändern) vorhandener Ressourcen oder Daten
`roles/editor`	Bearbeiter	Alle Berechtigungen des Betrachters sowie Berechtigungen für Aktionen, durch die der Status geändert wird, z. B. das Ändern vorhandener Ressourcen Hinweis: Die Bearbeiterrolle enthält Berechtigungen zum Erstellen und Löschen von Ressourcen für die meisten Google Cloud-Dienste. Es enthält jedoch nicht die Berechtigung, sämtliche Aktionen für alle Dienste auszuführen. Weitere Informationen dazu, wie Sie prüfen können, ob eine Rolle die erforderlichen Berechtigungen hat, finden Sie auf dieser Seite unter Rollentypen.
`roles/owner`	Inhaber	Alle Berechtigungen des Bearbeiters und Berechtigungen für die folgenden Aktionen: Rollen und Berechtigungen für ein Projekt und alle Ressourcen innerhalb des Projekts verwalten Abrechnung für ein Projekt einrichten Hinweis: Durch das Zuweisen der Inhaberrolle auf Ressourcenebene, z. B. ein Pub/Sub-Thema, wird die Inhaberrolle im übergeordneten Projekt nicht zugewiesen. Wenn Sie die Inhaberrolle auf Organisationsebene zuweisen, können Sie die Metadaten der Organisation nicht aktualisieren. Sie können damit jedoch alle Projekte und andere Ressourcen in dieser Organisation ändern. Hinweis: Wenn Sie einem Nutzer außerhalb Ihrer Organisation die Rolle Inhaber für ein Projekt zuweisen möchten, müssen Sie die Google Cloud Console verwenden, nicht die gcloud CLI. Wenn Ihr Projekt nicht zu einer Organisation gehört, müssen Sie die Cloud Console zum Erteilen der Rolle „Inhaber“ verwenden.

Sie können einfache Rollen mit der Google Cloud Console, der API und der gcloud-Befehlszeile zuweisen. Informationen zum Zuweisen einfacher Rollen für ein Projekt, einen Ordner oder eine Organisation finden Sie unter Zugriff auf Projekte, Ordner und Organisationen verwalten. Informationen zum Zuweisen einfacher Rollen für andere Ressourcen finden Sie unter Zugriff auf andere Ressourcen verwalten.

Vordefinierte Rollen

Zusätzlich zu den einfachen Rollen bietet IAM weitere vordefinierte Rollen, die detaillierten Zugriff auf bestimmte Ressourcen von Google Cloud ermöglichen und unerwünschten Zugriff auf andere Ressourcen verhindern. Vordefinierte Rollen werden von Google erstellt und verwaltet. Google aktualisiert seine Berechtigungen bei Bedarf automatisch, z. B. wenn Google Cloud neue Features oder Dienste hinzufügt.

Die folgende Tabelle enthält diese Rollen, ihre Beschreibung und den Ressourcentyp der untersten Ebene, für den Rollen festgelegt werden. Eine bestimmte Rolle kann diesem Ressourcentyp oder in den meisten Fällen einem übergeordneten Typ in der Google Cloud-Ressourcen-Hierarchie zugewiesen werden.

Sie können demselben Nutzer auf jeder Ebene der Ressourcenhierarchie mehrere Rollen zuweisen. Zum Beispiel kann ein Nutzer die Rollen "Compute-Netzwerkadministrator" und "Logbetrachter" für ein Projekt und auch die Rolle "Pub/Sub-Publisher" für ein Pub/Sub-Thema in diesem Projekt haben. Informationen zum Auflisten der in einer Rolle enthaltenen Berechtigungen finden Sie unter Rollenmetadaten abrufen.

Informationen zur Auswahl der am besten geeigneten vordefinierten Rollen finden Sie unter Vordefinierte Rollen auswählen.

Rollen zur Zugriffsgenehmigung

Rolle Berechtigungen

Rolle	Berechtigungen
Genehmiger für Zugriffsgenehmigungen (`roles/accessapproval.approver`) Kann Anfragen für Zugriffsgenehmigungen ansehen und bearbeiten sowie Konfigurationen ansehen	accessapproval.requests.* accessapproval.requests.approve accessapproval.requests.dismiss accessapproval.requests.get accessapproval.requests.invalidate accessapproval.requests.list accessapproval.serviceAccounts.get accessapproval.settings.get resourcemanager.projects.get resourcemanager.projects.list
Bearbeiter der Zugriffsgenehmigungskonfiguration (`roles/accessapproval.configEditor`) Kann die Zugriffsgenehmigungskonfiguration aktualisieren	accessapproval.serviceAccounts.get accessapproval.settings.* accessapproval.settings.delete accessapproval.settings.get accessapproval.settings.update resourcemanager.projects.get resourcemanager.projects.list
Annullierfunktion für die Zugriffsgenehmigung (`roles/accessapproval.invalidator`) Funktion zur Annullierung bereits genehmigter Genehmigungsanfragen	accessapproval.requests.invalidate accessapproval.serviceAccounts.get accessapproval.settings.get resourcemanager.projects.get resourcemanager.projects.list
Zugriffsgenehmigungsbetrachter (`roles/accessapproval.viewer`) Kann Anfragen für Zugriffsgenehmigungen und Konfigurationen ansehen	accessapproval.requests.get accessapproval.requests.list accessapproval.serviceAccounts.get accessapproval.settings.get resourcemanager.projects.get resourcemanager.projects.list

Genehmiger für Zugriffsgenehmigungen

(roles/accessapproval.approver)

Kann Anfragen für Zugriffsgenehmigungen ansehen und bearbeiten sowie Konfigurationen ansehen

accessapproval.requests.*

accessapproval.requests.approve
accessapproval.requests.dismiss
accessapproval.requests.get
accessapproval.requests.invalidate
accessapproval.requests.list

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Bearbeiter der Zugriffsgenehmigungskonfiguration

(roles/accessapproval.configEditor)

Kann die Zugriffsgenehmigungskonfiguration aktualisieren

accessapproval.serviceAccounts.get

accessapproval.settings.*

accessapproval.settings.delete
accessapproval.settings.get
accessapproval.settings.update

resourcemanager.projects.get

resourcemanager.projects.list

Annullierfunktion für die Zugriffsgenehmigung

(roles/accessapproval.invalidator)

Funktion zur Annullierung bereits genehmigter Genehmigungsanfragen

accessapproval.requests.invalidate

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Zugriffsgenehmigungsbetrachter

(roles/accessapproval.viewer)

Kann Anfragen für Zugriffsgenehmigungen und Konfigurationen ansehen

accessapproval.requests.get

accessapproval.requests.list

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager-Rollen

Role Permissions

Role	Permissions
Cloud Access Binding Admin (`roles/accesscontextmanager.gcpAccessAdmin`) Create, edit, and change Cloud access bindings.	accesscontextmanager.gcpUserAccessBindings.* accesscontextmanager.gcpUserAccessBindings.create accesscontextmanager.gcpUserAccessBindings.delete accesscontextmanager.gcpUserAccessBindings.get accesscontextmanager.gcpUserAccessBindings.list accesscontextmanager.gcpUserAccessBindings.update
Cloud Access Binding Reader (`roles/accesscontextmanager.gcpAccessReader`) Read access to Cloud access bindings.	accesscontextmanager.gcpUserAccessBindings.get accesscontextmanager.gcpUserAccessBindings.list
Access Context Manager Admin (`roles/accesscontextmanager.policyAdmin`) Full access to policies, access levels, access zones and authorized orgs descs.	accesscontextmanager.accessLevels.* accesscontextmanager.accessLevels.create accesscontextmanager.accessLevels.delete accesscontextmanager.accessLevels.get accesscontextmanager.accessLevels.list accesscontextmanager.accessLevels.replaceAll accesscontextmanager.accessLevels.update accesscontextmanager.accessPolicies.* accesscontextmanager.accessPolicies.create accesscontextmanager.accessPolicies.delete accesscontextmanager.accessPolicies.get accesscontextmanager.accessPolicies.getIamPolicy accesscontextmanager.accessPolicies.list accesscontextmanager.accessPolicies.setIamPolicy accesscontextmanager.accessPolicies.update accesscontextmanager.accessZones.* accesscontextmanager.accessZones.create accesscontextmanager.accessZones.delete accesscontextmanager.accessZones.get accesscontextmanager.accessZones.list accesscontextmanager.accessZones.update accesscontextmanager.authorizedOrgsDescs.* accesscontextmanager.authorizedOrgsDescs.create accesscontextmanager.authorizedOrgsDescs.delete accesscontextmanager.authorizedOrgsDescs.get accesscontextmanager.authorizedOrgsDescs.list accesscontextmanager.authorizedOrgsDescs.update accesscontextmanager.policies.* accesscontextmanager.policies.create accesscontextmanager.policies.delete accesscontextmanager.policies.get accesscontextmanager.policies.getIamPolicy accesscontextmanager.policies.list accesscontextmanager.policies.setIamPolicy accesscontextmanager.policies.update accesscontextmanager.servicePerimeters.* accesscontextmanager.servicePerimeters.commit accesscontextmanager.servicePerimeters.create accesscontextmanager.servicePerimeters.delete accesscontextmanager.servicePerimeters.get accesscontextmanager.servicePerimeters.list accesscontextmanager.servicePerimeters.replaceAll accesscontextmanager.servicePerimeters.update cloudasset.assets.searchAllResources resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list
Access Context Manager Editor (`roles/accesscontextmanager.policyEditor`) Edit access to policies. Create, edit, and change access levels, access zones and authorized orgs descs.	accesscontextmanager.accessLevels.* accesscontextmanager.accessLevels.create accesscontextmanager.accessLevels.delete accesscontextmanager.accessLevels.get accesscontextmanager.accessLevels.list accesscontextmanager.accessLevels.replaceAll accesscontextmanager.accessLevels.update accesscontextmanager.accessPolicies.create accesscontextmanager.accessPolicies.delete accesscontextmanager.accessPolicies.get accesscontextmanager.accessPolicies.getIamPolicy accesscontextmanager.accessPolicies.list accesscontextmanager.accessPolicies.update accesscontextmanager.accessZones.* accesscontextmanager.accessZones.create accesscontextmanager.accessZones.delete accesscontextmanager.accessZones.get accesscontextmanager.accessZones.list accesscontextmanager.accessZones.update accesscontextmanager.authorizedOrgsDescs.* accesscontextmanager.authorizedOrgsDescs.create accesscontextmanager.authorizedOrgsDescs.delete accesscontextmanager.authorizedOrgsDescs.get accesscontextmanager.authorizedOrgsDescs.list accesscontextmanager.authorizedOrgsDescs.update accesscontextmanager.policies.create accesscontextmanager.policies.delete accesscontextmanager.policies.get accesscontextmanager.policies.getIamPolicy accesscontextmanager.policies.list accesscontextmanager.policies.update accesscontextmanager.servicePerimeters.* accesscontextmanager.servicePerimeters.commit accesscontextmanager.servicePerimeters.create accesscontextmanager.servicePerimeters.delete accesscontextmanager.servicePerimeters.get accesscontextmanager.servicePerimeters.list accesscontextmanager.servicePerimeters.replaceAll accesscontextmanager.servicePerimeters.update cloudasset.assets.searchAllResources resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list
Access Context Manager Reader (`roles/accesscontextmanager.policyReader`) Read access to policies, access levels, access zones and authorized orgs descs.	accesscontextmanager.accessLevels.get accesscontextmanager.accessLevels.list accesscontextmanager.accessPolicies.get accesscontextmanager.accessPolicies.getIamPolicy accesscontextmanager.accessPolicies.list accesscontextmanager.accessZones.get accesscontextmanager.accessZones.list accesscontextmanager.authorizedOrgsDescs.get accesscontextmanager.authorizedOrgsDescs.list accesscontextmanager.policies.get accesscontextmanager.policies.getIamPolicy accesscontextmanager.policies.list accesscontextmanager.servicePerimeters.get accesscontextmanager.servicePerimeters.list resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list
VPC Service Controls Troubleshooter Viewer (`roles/accesscontextmanager.vpcScTroubleshooterViewer`)	accesscontextmanager.accessLevels.get accesscontextmanager.accessLevels.list accesscontextmanager.authorizedOrgsDescs.get accesscontextmanager.authorizedOrgsDescs.list accesscontextmanager.policies.get accesscontextmanager.policies.getIamPolicy accesscontextmanager.policies.list accesscontextmanager.servicePerimeters.get accesscontextmanager.servicePerimeters.list logging.exclusions.get logging.exclusions.list logging.logEntries.list logging.logMetrics.get logging.logMetrics.list logging.logServiceIndexes.list logging.logServices.list logging.logs.list logging.sinks.get logging.sinks.list logging.usage.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list

Cloud Access Binding Admin

(roles/accesscontextmanager.gcpAccessAdmin)

Create, edit, and change Cloud access bindings.

accesscontextmanager.gcpUserAccessBindings.*

accesscontextmanager.gcpUserAccessBindings.create
accesscontextmanager.gcpUserAccessBindings.delete
accesscontextmanager.gcpUserAccessBindings.get
accesscontextmanager.gcpUserAccessBindings.list
accesscontextmanager.gcpUserAccessBindings.update

Cloud Access Binding Reader

(roles/accesscontextmanager.gcpAccessReader)

Read access to Cloud access bindings.

accesscontextmanager.gcpUserAccessBindings.get

accesscontextmanager.gcpUserAccessBindings.list

Access Context Manager Admin

(roles/accesscontextmanager.policyAdmin)

Full access to policies, access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.*

accesscontextmanager.accessLevels.create
accesscontextmanager.accessLevels.delete
accesscontextmanager.accessLevels.get
accesscontextmanager.accessLevels.list
accesscontextmanager.accessLevels.replaceAll
accesscontextmanager.accessLevels.update

accesscontextmanager.accessPolicies.*

accesscontextmanager.accessPolicies.create
accesscontextmanager.accessPolicies.delete
accesscontextmanager.accessPolicies.get
accesscontextmanager.accessPolicies.getIamPolicy
accesscontextmanager.accessPolicies.list
accesscontextmanager.accessPolicies.setIamPolicy
accesscontextmanager.accessPolicies.update

accesscontextmanager.accessZones.*

accesscontextmanager.accessZones.create
accesscontextmanager.accessZones.delete
accesscontextmanager.accessZones.get
accesscontextmanager.accessZones.list
accesscontextmanager.accessZones.update

accesscontextmanager.authorizedOrgsDescs.*

accesscontextmanager.authorizedOrgsDescs.create
accesscontextmanager.authorizedOrgsDescs.delete
accesscontextmanager.authorizedOrgsDescs.get
accesscontextmanager.authorizedOrgsDescs.list
accesscontextmanager.authorizedOrgsDescs.update

accesscontextmanager.policies.*

accesscontextmanager.policies.create
accesscontextmanager.policies.delete
accesscontextmanager.policies.get
accesscontextmanager.policies.getIamPolicy
accesscontextmanager.policies.list
accesscontextmanager.policies.setIamPolicy
accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

accesscontextmanager.servicePerimeters.commit
accesscontextmanager.servicePerimeters.create
accesscontextmanager.servicePerimeters.delete
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.replaceAll
accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager Editor

(roles/accesscontextmanager.policyEditor)

Edit access to policies. Create, edit, and change access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.*

accesscontextmanager.accessLevels.create
accesscontextmanager.accessLevels.delete
accesscontextmanager.accessLevels.get
accesscontextmanager.accessLevels.list
accesscontextmanager.accessLevels.replaceAll
accesscontextmanager.accessLevels.update

accesscontextmanager.accessPolicies.create

accesscontextmanager.accessPolicies.delete

accesscontextmanager.accessPolicies.get

accesscontextmanager.accessPolicies.getIamPolicy

accesscontextmanager.accessPolicies.list

accesscontextmanager.accessPolicies.update

accesscontextmanager.accessZones.*

accesscontextmanager.accessZones.create
accesscontextmanager.accessZones.delete
accesscontextmanager.accessZones.get
accesscontextmanager.accessZones.list
accesscontextmanager.accessZones.update

accesscontextmanager.authorizedOrgsDescs.*

accesscontextmanager.authorizedOrgsDescs.create
accesscontextmanager.authorizedOrgsDescs.delete
accesscontextmanager.authorizedOrgsDescs.get
accesscontextmanager.authorizedOrgsDescs.list
accesscontextmanager.authorizedOrgsDescs.update

accesscontextmanager.policies.create

accesscontextmanager.policies.delete

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

accesscontextmanager.servicePerimeters.commit
accesscontextmanager.servicePerimeters.create
accesscontextmanager.servicePerimeters.delete
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.replaceAll
accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager Reader

(roles/accesscontextmanager.policyReader)

Read access to policies, access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.accessPolicies.get

accesscontextmanager.accessPolicies.getIamPolicy

accesscontextmanager.accessPolicies.list

accesscontextmanager.accessZones.get

accesscontextmanager.accessZones.list

accesscontextmanager.authorizedOrgsDescs.get

accesscontextmanager.authorizedOrgsDescs.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

VPC Service Controls Troubleshooter Viewer

(roles/accesscontextmanager.vpcScTroubleshooterViewer)

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.authorizedOrgsDescs.get

accesscontextmanager.authorizedOrgsDescs.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

logging.exclusions.get

logging.exclusions.list

logging.logEntries.list

logging.logMetrics.get

logging.logMetrics.list

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.sinks.get

logging.sinks.list

logging.usage.get

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Actions-Rollen

Role Permissions

Role	Permissions
Actions Admin (`roles/actions.Admin`) Access to edit and deploy an action	actions.* actions.agent.claimContentProvider actions.agent.get actions.agent.update actions.agentVersions.create actions.agentVersions.delete actions.agentVersions.deploy actions.agentVersions.get actions.agentVersions.list firebase.projects.get firebase.projects.update resourcemanager.projects.get resourcemanager.projects.list serviceusage.services.use
Actions Viewer (`roles/actions.Viewer`) Access to view an action	actions.agent.get actions.agentVersions.get actions.agentVersions.list firebase.projects.get resourcemanager.projects.get resourcemanager.projects.list serviceusage.services.use

Actions Admin

(roles/actions.Admin)

Access to edit and deploy an action

actions.*

actions.agent.claimContentProvider
actions.agent.get
actions.agent.update
actions.agentVersions.create
actions.agentVersions.delete
actions.agentVersions.deploy
actions.agentVersions.get
actions.agentVersions.list

firebase.projects.get

firebase.projects.update

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

Actions Viewer

(roles/actions.Viewer)

Access to view an action

actions.agent.get

actions.agentVersions.get

actions.agentVersions.list

firebase.projects.get

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

AI Notebooks-Rollen

Role Permissions

Role	Permissions
Notebooks Admin (`roles/notebooks.admin`) Full access to Notebooks, all resources. Lowest-level resources where you can grant this role: Instance	compute.acceleratorTypes.* compute.acceleratorTypes.get compute.acceleratorTypes.list compute.addresses.get compute.addresses.list compute.autoscalers.get compute.autoscalers.list compute.backendBuckets.get compute.backendBuckets.getIamPolicy compute.backendBuckets.list compute.backendBuckets.listEffectiveTags compute.backendBuckets.listTagBindings compute.backendServices.get compute.backendServices.getIamPolicy compute.backendServices.list compute.backendServices.listEffectiveTags compute.backendServices.listTagBindings compute.commitments.get compute.commitments.list compute.diskTypes.* compute.diskTypes.get compute.diskTypes.list compute.disks.get compute.disks.getIamPolicy compute.disks.list compute.disks.listEffectiveTags compute.disks.listTagBindings compute.externalVpnGateways.get compute.externalVpnGateways.list compute.firewallPolicies.get compute.firewallPolicies.getIamPolicy compute.firewallPolicies.list compute.firewallPolicies.listEffectiveTags compute.firewallPolicies.listTagBindings compute.firewalls.get compute.firewalls.list compute.firewalls.listEffectiveTags compute.firewalls.listTagBindings compute.forwardingRules.get compute.forwardingRules.list compute.forwardingRules.listEffectiveTags compute.forwardingRules.listTagBindings compute.futureReservations.get compute.futureReservations.getIamPolicy compute.futureReservations.list compute.globalAddresses.get compute.globalAddresses.list compute.globalForwardingRules.get compute.globalForwardingRules.list compute.globalForwardingRules.listEffectiveTags compute.globalForwardingRules.listTagBindings compute.globalForwardingRules.pscGet compute.globalNetworkEndpointGroups.get compute.globalNetworkEndpointGroups.list compute.globalNetworkEndpointGroups.listEffectiveTags compute.globalNetworkEndpointGroups.listTagBindings compute.globalOperations.get compute.globalOperations.getIamPolicy compute.globalOperations.list compute.globalPublicDelegatedPrefixes.get compute.globalPublicDelegatedPrefixes.list compute.healthChecks.get compute.healthChecks.list compute.healthChecks.listEffectiveTags compute.healthChecks.listTagBindings compute.httpHealthChecks.get compute.httpHealthChecks.list compute.httpHealthChecks.listEffectiveTags compute.httpHealthChecks.listTagBindings compute.httpsHealthChecks.get compute.httpsHealthChecks.list compute.httpsHealthChecks.listEffectiveTags compute.httpsHealthChecks.listTagBindings compute.images.get compute.images.getFromFamily compute.images.getIamPolicy compute.images.list compute.images.listEffectiveTags compute.images.listTagBindings compute.instanceGroupManagers.get compute.instanceGroupManagers.list compute.instanceGroups.get compute.instanceGroups.list compute.instanceSettings.get compute.instanceTemplates.get compute.instanceTemplates.getIamPolicy compute.instanceTemplates.list compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getIamPolicy compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instantSnapshots.get compute.instantSnapshots.getIamPolicy compute.instantSnapshots.list compute.interconnectAttachments.get compute.interconnectAttachments.list compute.interconnectLocations.* compute.interconnectLocations.get compute.interconnectLocations.list compute.interconnectRemoteLocations.* compute.interconnectRemoteLocations.get compute.interconnectRemoteLocations.list compute.interconnects.get compute.interconnects.list compute.licenseCodes.get compute.licenseCodes.getIamPolicy compute.licenseCodes.list compute.licenses.get compute.licenses.getIamPolicy compute.licenses.list compute.machineImages.get compute.machineImages.getIamPolicy compute.machineImages.list compute.machineTypes.* compute.machineTypes.get compute.machineTypes.list compute.maintenancePolicies.get compute.maintenancePolicies.getIamPolicy compute.maintenancePolicies.list compute.networkAttachments.get compute.networkAttachments.getIamPolicy compute.networkAttachments.list compute.networkEdgeSecurityServices.get compute.networkEdgeSecurityServices.list compute.networkEndpointGroups.get compute.networkEndpointGroups.getIamPolicy compute.networkEndpointGroups.list compute.networkEndpointGroups.listEffectiveTags compute.networkEndpointGroups.listTagBindings compute.networks.get compute.networks.getEffectiveFirewalls compute.networks.getRegionEffectiveFirewalls compute.networks.list compute.networks.listEffectiveTags compute.networks.listPeeringRoutes compute.networks.listTagBindings compute.nodeGroups.get compute.nodeGroups.getIamPolicy compute.nodeGroups.list compute.nodeTemplates.get compute.nodeTemplates.getIamPolicy compute.nodeTemplates.list compute.nodeTypes.* compute.nodeTypes.get compute.nodeTypes.list compute.organizations.listAssociations compute.packetMirrorings.get compute.packetMirrorings.list compute.projects.get compute.publicAdvertisedPrefixes.get compute.publicAdvertisedPrefixes.list compute.publicDelegatedPrefixes.get compute.publicDelegatedPrefixes.list compute.regionBackendServices.get compute.regionBackendServices.getIamPolicy compute.regionBackendServices.list compute.regionBackendServices.listEffectiveTags compute.regionBackendServices.listTagBindings compute.regionFirewallPolicies.get compute.regionFirewallPolicies.getIamPolicy compute.regionFirewallPolicies.list compute.regionFirewallPolicies.listEffectiveTags compute.regionFirewallPolicies.listTagBindings compute.regionHealthCheckServices.get compute.regionHealthCheckServices.list compute.regionHealthChecks.get compute.regionHealthChecks.list compute.regionHealthChecks.listEffectiveTags compute.regionHealthChecks.listTagBindings compute.regionNetworkEndpointGroups.get compute.regionNetworkEndpointGroups.list compute.regionNetworkEndpointGroups.listEffectiveTags compute.regionNetworkEndpointGroups.listTagBindings compute.regionNotificationEndpoints.get compute.regionNotificationEndpoints.list compute.regionOperations.get compute.regionOperations.getIamPolicy compute.regionOperations.list compute.regionSecurityPolicies.get compute.regionSecurityPolicies.list compute.regionSecurityPolicies.listEffectiveTags compute.regionSecurityPolicies.listTagBindings compute.regionSslCertificates.get compute.regionSslCertificates.list compute.regionSslCertificates.listEffectiveTags compute.regionSslCertificates.listTagBindings compute.regionSslPolicies.get compute.regionSslPolicies.list compute.regionSslPolicies.listAvailableFeatures compute.regionTargetHttpProxies.get compute.regionTargetHttpProxies.list compute.regionTargetHttpProxies.listEffectiveTags compute.regionTargetHttpProxies.listTagBindings compute.regionTargetHttpsProxies.get compute.regionTargetHttpsProxies.list compute.regionTargetHttpsProxies.listEffectiveTags compute.regionTargetHttpsProxies.listTagBindings compute.regionTargetTcpProxies.get compute.regionTargetTcpProxies.list compute.regionUrlMaps.get compute.regionUrlMaps.list compute.regionUrlMaps.listEffectiveTags compute.regionUrlMaps.listTagBindings compute.regionUrlMaps.validate compute.regions.* compute.regions.get compute.regions.list compute.reservations.get compute.reservations.list compute.resourcePolicies.get compute.resourcePolicies.getIamPolicy compute.resourcePolicies.list compute.routers.get compute.routers.list compute.routes.get compute.routes.list compute.routes.listEffectiveTags compute.routes.listTagBindings compute.securityPolicies.get compute.securityPolicies.getIamPolicy compute.securityPolicies.list compute.securityPolicies.listEffectiveTags compute.securityPolicies.listTagBindings compute.serviceAttachments.get compute.serviceAttachments.getIamPolicy compute.serviceAttachments.list compute.snapshots.get compute.snapshots.getIamPolicy compute.snapshots.list compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings compute.sslCertificates.get compute.sslCertificates.list compute.sslCertificates.listEffectiveTags compute.sslCertificates.listTagBindings compute.sslPolicies.get compute.sslPolicies.list compute.sslPolicies.listAvailableFeatures compute.sslPolicies.listEffectiveTags compute.sslPolicies.listTagBindings compute.subnetworks.get compute.subnetworks.getIamPolicy compute.subnetworks.list compute.subnetworks.listEffectiveTags compute.subnetworks.listTagBindings compute.targetGrpcProxies.get compute.targetGrpcProxies.list compute.targetHttpProxies.get compute.targetHttpProxies.list compute.targetHttpProxies.listEffectiveTags compute.targetHttpProxies.listTagBindings compute.targetHttpsProxies.get compute.targetHttpsProxies.list compute.targetHttpsProxies.listEffectiveTags compute.targetHttpsProxies.listTagBindings compute.targetInstances.get compute.targetInstances.list compute.targetInstances.listEffectiveTags compute.targetInstances.listTagBindings compute.targetPools.get compute.targetPools.list compute.targetPools.listEffectiveTags compute.targetPools.listTagBindings compute.targetSslProxies.get compute.targetSslProxies.list compute.targetSslProxies.listEffectiveTags compute.targetSslProxies.listTagBindings compute.targetTcpProxies.get compute.targetTcpProxies.list compute.targetTcpProxies.listEffectiveTags compute.targetTcpProxies.listTagBindings compute.targetVpnGateways.get compute.targetVpnGateways.list compute.urlMaps.get compute.urlMaps.list compute.urlMaps.listEffectiveTags compute.urlMaps.listTagBindings compute.urlMaps.validate compute.vpnGateways.get compute.vpnGateways.list compute.vpnTunnels.get compute.vpnTunnels.list compute.zoneOperations.get compute.zoneOperations.getIamPolicy compute.zoneOperations.list compute.zones.* compute.zones.get compute.zones.list notebooks.* notebooks.environments.create notebooks.environments.delete notebooks.environments.get notebooks.environments.getIamPolicy notebooks.environments.list notebooks.environments.setIamPolicy notebooks.executions.create notebooks.executions.delete notebooks.executions.get notebooks.executions.getIamPolicy notebooks.executions.list notebooks.executions.setIamPolicy notebooks.instances.checkUpgradability notebooks.instances.create notebooks.instances.delete notebooks.instances.diagnose notebooks.instances.get notebooks.instances.getHealth notebooks.instances.getIamPolicy notebooks.instances.list notebooks.instances.reset notebooks.instances.setAccelerator notebooks.instances.setIamPolicy notebooks.instances.setLabels notebooks.instances.setMachineType notebooks.instances.start notebooks.instances.stop notebooks.instances.update notebooks.instances.updateConfig notebooks.instances.updateShieldInstanceConfig notebooks.instances.upgrade notebooks.instances.use notebooks.locations.get notebooks.locations.list notebooks.operations.cancel notebooks.operations.delete notebooks.operations.get notebooks.operations.list notebooks.runtimes.create notebooks.runtimes.delete notebooks.runtimes.diagnose notebooks.runtimes.get notebooks.runtimes.getIamPolicy notebooks.runtimes.list notebooks.runtimes.reset notebooks.runtimes.setIamPolicy notebooks.runtimes.start notebooks.runtimes.stop notebooks.runtimes.switch notebooks.runtimes.update notebooks.runtimes.upgrade notebooks.schedules.create notebooks.schedules.delete notebooks.schedules.get notebooks.schedules.getIamPolicy notebooks.schedules.list notebooks.schedules.setIamPolicy resourcemanager.projects.get resourcemanager.projects.list serviceusage.quotas.get serviceusage.services.get serviceusage.services.list
Notebooks Legacy Admin (`roles/notebooks.legacyAdmin`) Full access to Notebooks all resources through compute API.	compute.* compute.acceleratorTypes.get compute.acceleratorTypes.list compute.addresses.create compute.addresses.createInternal compute.addresses.delete compute.addresses.deleteInternal compute.addresses.get compute.addresses.list compute.addresses.setLabels compute.addresses.use compute.addresses.useInternal compute.autoscalers.create compute.autoscalers.delete compute.autoscalers.get compute.autoscalers.list compute.autoscalers.update compute.backendBuckets.addSignedUrlKey compute.backendBuckets.create compute.backendBuckets.createTagBinding compute.backendBuckets.delete compute.backendBuckets.deleteSignedUrlKey compute.backendBuckets.deleteTagBinding compute.backendBuckets.get compute.backendBuckets.getIamPolicy compute.backendBuckets.list compute.backendBuckets.listEffectiveTags compute.backendBuckets.listTagBindings compute.backendBuckets.setIamPolicy compute.backendBuckets.setSecurityPolicy compute.backendBuckets.update compute.backendBuckets.use compute.backendServices.addSignedUrlKey compute.backendServices.create compute.backendServices.createTagBinding compute.backendServices.delete compute.backendServices.deleteSignedUrlKey compute.backendServices.deleteTagBinding compute.backendServices.get compute.backendServices.getIamPolicy compute.backendServices.list compute.backendServices.listEffectiveTags compute.backendServices.listTagBindings compute.backendServices.setIamPolicy compute.backendServices.setSecurityPolicy compute.backendServices.update compute.backendServices.use compute.commitments.create compute.commitments.get compute.commitments.list compute.commitments.update compute.commitments.updateReservations compute.diskTypes.get compute.diskTypes.list compute.disks.addResourcePolicies compute.disks.create compute.disks.createSnapshot compute.disks.createTagBinding compute.disks.delete compute.disks.deleteTagBinding compute.disks.get compute.disks.getIamPolicy compute.disks.list compute.disks.listEffectiveTags compute.disks.listTagBindings compute.disks.removeResourcePolicies compute.disks.resize compute.disks.setIamPolicy compute.disks.setLabels compute.disks.startAsyncReplication compute.disks.stopAsyncReplication compute.disks.stopGroupAsyncReplication compute.disks.update compute.disks.use compute.disks.useReadOnly compute.externalVpnGateways.create compute.externalVpnGateways.delete compute.externalVpnGateways.get compute.externalVpnGateways.list compute.externalVpnGateways.setLabels compute.externalVpnGateways.use compute.firewallPolicies.addAssociation compute.firewallPolicies.cloneRules compute.firewallPolicies.copyRules compute.firewallPolicies.create compute.firewallPolicies.createTagBinding compute.firewallPolicies.delete compute.firewallPolicies.deleteTagBinding compute.firewallPolicies.get compute.firewallPolicies.getIamPolicy compute.firewallPolicies.list compute.firewallPolicies.listEffectiveTags compute.firewallPolicies.listTagBindings compute.firewallPolicies.move compute.firewallPolicies.removeAssociation compute.firewallPolicies.setIamPolicy compute.firewallPolicies.update compute.firewallPolicies.use compute.firewalls.create compute.firewalls.createTagBinding compute.firewalls.delete compute.firewalls.deleteTagBinding compute.firewalls.get compute.firewalls.list compute.firewalls.listEffectiveTags compute.firewalls.listTagBindings compute.firewalls.update compute.forwardingRules.create compute.forwardingRules.createTagBinding compute.forwardingRules.delete compute.forwardingRules.deleteTagBinding compute.forwardingRules.get compute.forwardingRules.list compute.forwardingRules.listEffectiveTags compute.forwardingRules.listTagBindings compute.forwardingRules.pscCreate compute.forwardingRules.pscDelete compute.forwardingRules.pscSetLabels compute.forwardingRules.pscSetTarget compute.forwardingRules.pscUpdate compute.forwardingRules.setLabels compute.forwardingRules.setTarget compute.forwardingRules.update compute.forwardingRules.use compute.futureReservations.cancel compute.futureReservations.create compute.futureReservations.delete compute.futureReservations.get compute.futureReservations.getIamPolicy compute.futureReservations.list compute.futureReservations.setIamPolicy compute.futureReservations.update compute.globalAddresses.create compute.globalAddresses.createInternal compute.globalAddresses.delete compute.globalAddresses.deleteInternal compute.globalAddresses.get compute.globalAddresses.list compute.globalAddresses.setLabels compute.globalAddresses.use compute.globalForwardingRules.create compute.globalForwardingRules.createTagBinding compute.globalForwardingRules.delete compute.globalForwardingRules.deleteTagBinding compute.globalForwardingRules.get compute.globalForwardingRules.list compute.globalForwardingRules.listEffectiveTags compute.globalForwardingRules.listTagBindings compute.globalForwardingRules.pscCreate compute.globalForwardingRules.pscDelete compute.globalForwardingRules.pscGet compute.globalForwardingRules.pscSetLabels compute.globalForwardingRules.pscSetTarget compute.globalForwardingRules.pscUpdate compute.globalForwardingRules.setLabels compute.globalForwardingRules.setTarget compute.globalForwardingRules.update compute.globalNetworkEndpointGroups.attachNetworkEndpoints compute.globalNetworkEndpointGroups.create compute.globalNetworkEndpointGroups.createTagBinding compute.globalNetworkEndpointGroups.delete compute.globalNetworkEndpointGroups.deleteTagBinding compute.globalNetworkEndpointGroups.detachNetworkEndpoints compute.globalNetworkEndpointGroups.get compute.globalNetworkEndpointGroups.list compute.globalNetworkEndpointGroups.listEffectiveTags compute.globalNetworkEndpointGroups.listTagBindings compute.globalNetworkEndpointGroups.use compute.globalOperations.delete compute.globalOperations.get compute.globalOperations.getIamPolicy compute.globalOperations.list compute.globalOperations.setIamPolicy compute.globalPublicDelegatedPrefixes.create compute.globalPublicDelegatedPrefixes.delete compute.globalPublicDelegatedPrefixes.get compute.globalPublicDelegatedPrefixes.list compute.globalPublicDelegatedPrefixes.update compute.globalPublicDelegatedPrefixes.updatePolicy compute.globalPublicDelegatedPrefixes.use compute.healthChecks.create compute.healthChecks.createTagBinding compute.healthChecks.delete compute.healthChecks.deleteTagBinding compute.healthChecks.get compute.healthChecks.list compute.healthChecks.listEffectiveTags compute.healthChecks.listTagBindings compute.healthChecks.update compute.healthChecks.use compute.healthChecks.useReadOnly compute.httpHealthChecks.create compute.httpHealthChecks.createTagBinding compute.httpHealthChecks.delete compute.httpHealthChecks.deleteTagBinding compute.httpHealthChecks.get compute.httpHealthChecks.list compute.httpHealthChecks.listEffectiveTags compute.httpHealthChecks.listTagBindings compute.httpHealthChecks.update compute.httpHealthChecks.use compute.httpHealthChecks.useReadOnly compute.httpsHealthChecks.create compute.httpsHealthChecks.createTagBinding compute.httpsHealthChecks.delete compute.httpsHealthChecks.deleteTagBinding compute.httpsHealthChecks.get compute.httpsHealthChecks.list compute.httpsHealthChecks.listEffectiveTags compute.httpsHealthChecks.listTagBindings compute.httpsHealthChecks.update compute.httpsHealthChecks.use compute.httpsHealthChecks.useReadOnly compute.images.create compute.images.createTagBinding compute.images.delete compute.images.deleteTagBinding compute.images.deprecate compute.images.get compute.images.getFromFamily compute.images.getIamPolicy compute.images.list compute.images.listEffectiveTags compute.images.listTagBindings compute.images.setIamPolicy compute.images.setLabels compute.images.update compute.images.useReadOnly compute.instanceGroupManagers.create compute.instanceGroupManagers.delete compute.instanceGroupManagers.get compute.instanceGroupManagers.list compute.instanceGroupManagers.update compute.instanceGroupManagers.use compute.instanceGroups.create compute.instanceGroups.delete compute.instanceGroups.get compute.instanceGroups.list compute.instanceGroups.update compute.instanceGroups.use compute.instanceSettings.get compute.instanceSettings.update compute.instanceTemplates.create compute.instanceTemplates.delete compute.instanceTemplates.get compute.instanceTemplates.getIamPolicy compute.instanceTemplates.list compute.instanceTemplates.setIamPolicy compute.instanceTemplates.useReadOnly compute.instances.addAccessConfig compute.instances.addMaintenancePolicies compute.instances.addResourcePolicies compute.instances.attachDisk compute.instances.create compute.instances.createTagBinding compute.instances.delete compute.instances.deleteAccessConfig compute.instances.deleteTagBinding compute.instances.detachDisk compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getIamPolicy compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instances.osAdminLogin compute.instances.osLogin compute.instances.removeMaintenancePolicies compute.instances.removeResourcePolicies compute.instances.reset compute.instances.resume compute.instances.sendDiagnosticInterrupt compute.instances.setDeletionProtection compute.instances.setDiskAutoDelete compute.instances.setIamPolicy compute.instances.setLabels compute.instances.setMachineResources compute.instances.setMachineType compute.instances.setMetadata compute.instances.setMinCpuPlatform compute.instances.setName compute.instances.setScheduling compute.instances.setSecurityPolicy compute.instances.setServiceAccount compute.instances.setShieldedInstanceIntegrityPolicy compute.instances.setShieldedVmIntegrityPolicy compute.instances.setTags compute.instances.simulateMaintenanceEvent compute.instances.start compute.instances.startWithEncryptionKey compute.instances.stop compute.instances.suspend compute.instances.update compute.instances.updateAccessConfig compute.instances.updateDisplayDevice compute.instances.updateNetworkInterface compute.instances.updateSecurity compute.instances.updateShieldedInstanceConfig compute.instances.updateShieldedVmConfig compute.instances.use compute.instances.useReadOnly compute.instantSnapshots.create compute.instantSnapshots.delete compute.instantSnapshots.export compute.instantSnapshots.get compute.instantSnapshots.getIamPolicy compute.instantSnapshots.list compute.instantSnapshots.setIamPolicy compute.instantSnapshots.setLabels compute.instantSnapshots.useReadOnly compute.interconnectAttachments.create compute.interconnectAttachments.delete compute.interconnectAttachments.get compute.interconnectAttachments.list compute.interconnectAttachments.setLabels compute.interconnectAttachments.update compute.interconnectAttachments.use compute.interconnectLocations.get compute.interconnectLocations.list compute.interconnectRemoteLocations.get compute.interconnectRemoteLocations.list compute.interconnects.create compute.interconnects.delete compute.interconnects.get compute.interconnects.getMacsecConfig compute.interconnects.list compute.interconnects.setLabels compute.interconnects.update compute.interconnects.use compute.licenseCodes.get compute.licenseCodes.getIamPolicy compute.licenseCodes.list compute.licenseCodes.setIamPolicy compute.licenseCodes.update compute.licenseCodes.use compute.licenses.create compute.licenses.delete compute.licenses.get compute.licenses.getIamPolicy compute.licenses.list compute.licenses.setIamPolicy compute.machineImages.create compute.machineImages.delete compute.machineImages.get compute.machineImages.getIamPolicy compute.machineImages.list compute.machineImages.setIamPolicy compute.machineImages.useReadOnly compute.machineTypes.get compute.machineTypes.list compute.maintenancePolicies.create compute.maintenancePolicies.delete compute.maintenancePolicies.get compute.maintenancePolicies.getIamPolicy compute.maintenancePolicies.list compute.maintenancePolicies.setIamPolicy compute.maintenancePolicies.use compute.networkAttachments.create compute.networkAttachments.delete compute.networkAttachments.get compute.networkAttachments.getIamPolicy compute.networkAttachments.list compute.networkAttachments.setIamPolicy compute.networkEdgeSecurityServices.create compute.networkEdgeSecurityServices.delete compute.networkEdgeSecurityServices.get compute.networkEdgeSecurityServices.list compute.networkEdgeSecurityServices.update compute.networkEndpointGroups.attachNetworkEndpoints compute.networkEndpointGroups.create compute.networkEndpointGroups.createTagBinding compute.networkEndpointGroups.delete compute.networkEndpointGroups.deleteTagBinding compute.networkEndpointGroups.detachNetworkEndpoints compute.networkEndpointGroups.get compute.networkEndpointGroups.getIamPolicy compute.networkEndpointGroups.list compute.networkEndpointGroups.listEffectiveTags compute.networkEndpointGroups.listTagBindings compute.networkEndpointGroups.setIamPolicy compute.networkEndpointGroups.use compute.networks.access compute.networks.addPeering compute.networks.create compute.networks.createTagBinding compute.networks.delete compute.networks.deleteTagBinding compute.networks.get compute.networks.getEffectiveFirewalls compute.networks.getRegionEffectiveFirewalls compute.networks.list compute.networks.listEffectiveTags compute.networks.listPeeringRoutes compute.networks.listTagBindings compute.networks.mirror compute.networks.removePeering compute.networks.setFirewallPolicy compute.networks.switchToCustomMode compute.networks.update compute.networks.updatePeering compute.networks.updatePolicy compute.networks.use compute.networks.useExternalIp compute.nodeGroups.addNodes compute.nodeGroups.create compute.nodeGroups.delete compute.nodeGroups.deleteNodes compute.nodeGroups.get compute.nodeGroups.getIamPolicy compute.nodeGroups.list compute.nodeGroups.performMaintenance compute.nodeGroups.setIamPolicy compute.nodeGroups.setNodeTemplate compute.nodeGroups.simulateMaintenanceEvent compute.nodeGroups.update compute.nodeTemplates.create compute.nodeTemplates.delete compute.nodeTemplates.get compute.nodeTemplates.getIamPolicy compute.nodeTemplates.list compute.nodeTemplates.setIamPolicy compute.nodeTypes.get compute.nodeTypes.list compute.organizations.administerXpn compute.organizations.disableXpnHost compute.organizations.disableXpnResource compute.organizations.enableXpnHost compute.organizations.enableXpnResource compute.organizations.listAssociations compute.organizations.setFirewallPolicy compute.organizations.setSecurityPolicy compute.oslogin.updateExternalUser compute.packetMirrorings.create compute.packetMirrorings.delete compute.packetMirrorings.get compute.packetMirrorings.list compute.packetMirrorings.update compute.projects.get compute.projects.setCommonInstanceMetadata compute.projects.setDefaultNetworkTier compute.projects.setDefaultServiceAccount compute.projects.setManagedProtectionTier compute.projects.setUsageExportBucket compute.publicAdvertisedPrefixes.create compute.publicAdvertisedPrefixes.delete compute.publicAdvertisedPrefixes.get compute.publicAdvertisedPrefixes.list compute.publicAdvertisedPrefixes.update compute.publicAdvertisedPrefixes.updatePolicy compute.publicAdvertisedPrefixes.use compute.publicDelegatedPrefixes.create compute.publicDelegatedPrefixes.delete compute.publicDelegatedPrefixes.get compute.publicDelegatedPrefixes.list compute.publicDelegatedPrefixes.update compute.publicDelegatedPrefixes.updatePolicy compute.publicDelegatedPrefixes.use compute.regionBackendServices.create compute.regionBackendServices.createTagBinding compute.regionBackendServices.delete compute.regionBackendServices.deleteTagBinding compute.regionBackendServices.get compute.regionBackendServices.getIamPolicy compute.regionBackendServices.list compute.regionBackendServices.listEffectiveTags compute.regionBackendServices.listTagBindings compute.regionBackendServices.setIamPolicy compute.regionBackendServices.setSecurityPolicy compute.regionBackendServices.update compute.regionBackendServices.use compute.regionFirewallPolicies.cloneRules compute.regionFirewallPolicies.create compute.regionFirewallPolicies.createTagBinding compute.regionFirewallPolicies.delete compute.regionFirewallPolicies.deleteTagBinding compute.regionFirewallPolicies.get compute.regionFirewallPolicies.getIamPolicy compute.regionFirewallPolicies.list compute.regionFirewallPolicies.listEffectiveTags compute.regionFirewallPolicies.listTagBindings compute.regionFirewallPolicies.setIamPolicy compute.regionFirewallPolicies.update compute.regionFirewallPolicies.use compute.regionHealthCheckServices.create compute.regionHealthCheckServices.delete compute.regionHealthCheckServices.get compute.regionHealthCheckServices.list compute.regionHealthCheckServices.update compute.regionHealthCheckServices.use compute.regionHealthChecks.create compute.regionHealthChecks.createTagBinding compute.regionHealthChecks.delete compute.regionHealthChecks.deleteTagBinding compute.regionHealthChecks.get compute.regionHealthChecks.list compute.regionHealthChecks.listEffectiveTags compute.regionHealthChecks.listTagBindings compute.regionHealthChecks.update compute.regionHealthChecks.use compute.regionHealthChecks.useReadOnly compute.regionNetworkEndpointGroups.attachNetworkEndpoints compute.regionNetworkEndpointGroups.create compute.regionNetworkEndpointGroups.createTagBinding compute.regionNetworkEndpointGroups.delete compute.regionNetworkEndpointGroups.deleteTagBinding compute.regionNetworkEndpointGroups.detachNetworkEndpoints compute.regionNetworkEndpointGroups.get compute.regionNetworkEndpointGroups.list compute.regionNetworkEndpointGroups.listEffectiveTags compute.regionNetworkEndpointGroups.listTagBindings compute.regionNetworkEndpointGroups.use compute.regionNotificationEndpoints.create compute.regionNotificationEndpoints.delete compute.regionNotificationEndpoints.get compute.regionNotificationEndpoints.list compute.regionNotificationEndpoints.update compute.regionNotificationEndpoints.use compute.regionOperations.delete compute.regionOperations.get compute.regionOperations.getIamPolicy compute.regionOperations.list compute.regionOperations.setIamPolicy compute.regionSecurityPolicies.create compute.regionSecurityPolicies.createTagBinding compute.regionSecurityPolicies.delete compute.regionSecurityPolicies.deleteTagBinding compute.regionSecurityPolicies.get compute.regionSecurityPolicies.list compute.regionSecurityPolicies.listEffectiveTags compute.regionSecurityPolicies.listTagBindings compute.regionSecurityPolicies.update compute.regionSecurityPolicies.use compute.regionSslCertificates.create compute.regionSslCertificates.createTagBinding compute.regionSslCertificates.delete compute.regionSslCertificates.deleteTagBinding compute.regionSslCertificates.get compute.regionSslCertificates.list compute.regionSslCertificates.listEffectiveTags compute.regionSslCertificates.listTagBindings compute.regionSslPolicies.create compute.regionSslPolicies.delete compute.regionSslPolicies.get compute.regionSslPolicies.list compute.regionSslPolicies.listAvailableFeatures compute.regionSslPolicies.update compute.regionSslPolicies.use compute.regionTargetHttpProxies.create compute.regionTargetHttpProxies.createTagBinding compute.regionTargetHttpProxies.delete compute.regionTargetHttpProxies.deleteTagBinding compute.regionTargetHttpProxies.get compute.regionTargetHttpProxies.list compute.regionTargetHttpProxies.listEffectiveTags compute.regionTargetHttpProxies.listTagBindings compute.regionTargetHttpProxies.setUrlMap compute.regionTargetHttpProxies.update compute.regionTargetHttpProxies.use compute.regionTargetHttpsProxies.create compute.regionTargetHttpsProxies.createTagBinding compute.regionTargetHttpsProxies.delete compute.regionTargetHttpsProxies.deleteTagBinding compute.regionTargetHttpsProxies.get compute.regionTargetHttpsProxies.list compute.regionTargetHttpsProxies.listEffectiveTags compute.regionTargetHttpsProxies.listTagBindings compute.regionTargetHttpsProxies.setSslCertificates compute.regionTargetHttpsProxies.setUrlMap compute.regionTargetHttpsProxies.update compute.regionTargetHttpsProxies.use compute.regionTargetTcpProxies.create compute.regionTargetTcpProxies.delete compute.regionTargetTcpProxies.get compute.regionTargetTcpProxies.list compute.regionTargetTcpProxies.use compute.regionUrlMaps.create compute.regionUrlMaps.createTagBinding compute.regionUrlMaps.delete compute.regionUrlMaps.deleteTagBinding compute.regionUrlMaps.get compute.regionUrlMaps.invalidateCache compute.regionUrlMaps.list compute.regionUrlMaps.listEffectiveTags compute.regionUrlMaps.listTagBindings compute.regionUrlMaps.update compute.regionUrlMaps.use compute.regionUrlMaps.validate compute.regions.get compute.regions.list compute.reservations.create compute.reservations.delete compute.reservations.get compute.reservations.list compute.reservations.resize compute.reservations.update compute.resourcePolicies.create compute.resourcePolicies.delete compute.resourcePolicies.get compute.resourcePolicies.getIamPolicy compute.resourcePolicies.list compute.resourcePolicies.setIamPolicy compute.resourcePolicies.update compute.resourcePolicies.use compute.resourcePolicies.useReadOnly compute.routers.create compute.routers.delete compute.routers.get compute.routers.list compute.routers.update compute.routers.use compute.routes.create compute.routes.createTagBinding compute.routes.delete compute.routes.deleteTagBinding compute.routes.get compute.routes.list compute.routes.listEffectiveTags compute.routes.listTagBindings compute.securityPolicies.addAssociation compute.securityPolicies.copyRules compute.securityPolicies.create compute.securityPolicies.createTagBinding compute.securityPolicies.delete compute.securityPolicies.deleteTagBinding compute.securityPolicies.get compute.securityPolicies.getIamPolicy compute.securityPolicies.list compute.securityPolicies.listEffectiveTags compute.securityPolicies.listTagBindings compute.securityPolicies.move compute.securityPolicies.removeAssociation compute.securityPolicies.setIamPolicy compute.securityPolicies.setLabels compute.securityPolicies.update compute.securityPolicies.use compute.serviceAttachments.create compute.serviceAttachments.delete compute.serviceAttachments.get compute.serviceAttachments.getIamPolicy compute.serviceAttachments.list compute.serviceAttachments.setIamPolicy compute.serviceAttachments.update compute.serviceAttachments.use compute.snapshots.create compute.snapshots.createTagBinding compute.snapshots.delete compute.snapshots.deleteTagBinding compute.snapshots.get compute.snapshots.getIamPolicy compute.snapshots.list compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings compute.snapshots.setIamPolicy compute.snapshots.setLabels compute.snapshots.useReadOnly compute.sslCertificates.create compute.sslCertificates.createTagBinding compute.sslCertificates.delete compute.sslCertificates.deleteTagBinding compute.sslCertificates.get compute.sslCertificates.list compute.sslCertificates.listEffectiveTags compute.sslCertificates.listTagBindings compute.sslPolicies.create compute.sslPolicies.createTagBinding compute.sslPolicies.delete compute.sslPolicies.deleteTagBinding compute.sslPolicies.get compute.sslPolicies.list compute.sslPolicies.listAvailableFeatures compute.sslPolicies.listEffectiveTags compute.sslPolicies.listTagBindings compute.sslPolicies.update compute.sslPolicies.use compute.subnetworks.create compute.subnetworks.createTagBinding compute.subnetworks.delete compute.subnetworks.deleteTagBinding compute.subnetworks.expandIpCidrRange compute.subnetworks.get compute.subnetworks.getIamPolicy compute.subnetworks.list compute.subnetworks.listEffectiveTags compute.subnetworks.listTagBindings compute.subnetworks.mirror compute.subnetworks.setIamPolicy compute.subnetworks.setPrivateIpGoogleAccess compute.subnetworks.update compute.subnetworks.use compute.subnetworks.useExternalIp compute.targetGrpcProxies.create compute.targetGrpcProxies.delete compute.targetGrpcProxies.get compute.targetGrpcProxies.list compute.targetGrpcProxies.update compute.targetGrpcProxies.use compute.targetHttpProxies.create compute.targetHttpProxies.createTagBinding compute.targetHttpProxies.delete compute.targetHttpProxies.deleteTagBinding compute.targetHttpProxies.get compute.targetHttpProxies.list compute.targetHttpProxies.listEffectiveTags compute.targetHttpProxies.listTagBindings compute.targetHttpProxies.setUrlMap compute.targetHttpProxies.update compute.targetHttpProxies.use compute.targetHttpsProxies.create compute.targetHttpsProxies.createTagBinding compute.targetHttpsProxies.delete compute.targetHttpsProxies.deleteTagBinding compute.targetHttpsProxies.get compute.targetHttpsProxies.list compute.targetHttpsProxies.listEffectiveTags compute.targetHttpsProxies.listTagBindings compute.targetHttpsProxies.setCertificateMap compute.targetHttpsProxies.setQuicOverride compute.targetHttpsProxies.setSslCertificates compute.targetHttpsProxies.setSslPolicy compute.targetHttpsProxies.setUrlMap compute.targetHttpsProxies.update compute.targetHttpsProxies.use compute.targetInstances.create compute.targetInstances.createTagBinding compute.targetInstances.delete compute.targetInstances.deleteTagBinding compute.targetInstances.get compute.targetInstances.list compute.targetInstances.listEffectiveTags compute.targetInstances.listTagBindings compute.targetInstances.setSecurityPolicy compute.targetInstances.use compute.targetPools.addHealthCheck compute.targetPools.addInstance compute.targetPools.create compute.targetPools.createTagBinding compute.targetPools.delete compute.targetPools.deleteTagBinding compute.targetPools.get compute.targetPools.list compute.targetPools.listEffectiveTags compute.targetPools.listTagBindings compute.targetPools.removeHealthCheck compute.targetPools.removeInstance compute.targetPools.setSecurityPolicy compute.targetPools.update compute.targetPools.use compute.targetSslProxies.create compute.targetSslProxies.createTagBinding compute.targetSslProxies.delete compute.targetSslProxies.deleteTagBinding compute.targetSslProxies.get compute.targetSslProxies.list compute.targetSslProxies.listEffectiveTags compute.targetSslProxies.listTagBindings compute.targetSslProxies.setBackendService compute.targetSslProxies.setCertificateMap compute.targetSslProxies.setProxyHeader compute.targetSslProxies.setSslCertificates compute.targetSslProxies.setSslPolicy compute.targetSslProxies.update compute.targetSslProxies.use compute.targetTcpProxies.create compute.targetTcpProxies.createTagBinding compute.targetTcpProxies.delete compute.targetTcpProxies.deleteTagBinding compute.targetTcpProxies.get compute.targetTcpProxies.list compute.targetTcpProxies.listEffectiveTags compute.targetTcpProxies.listTagBindings compute.targetTcpProxies.update compute.targetTcpProxies.use compute.targetVpnGateways.create compute.targetVpnGateways.delete compute.targetVpnGateways.get compute.targetVpnGateways.list compute.targetVpnGateways.setLabels compute.targetVpnGateways.use compute.urlMaps.create compute.urlMaps.createTagBinding compute.urlMaps.delete compute.urlMaps.deleteTagBinding compute.urlMaps.get compute.urlMaps.invalidateCache compute.urlMaps.list compute.urlMaps.listEffectiveTags compute.urlMaps.listTagBindings compute.urlMaps.update compute.urlMaps.use compute.urlMaps.validate compute.vpnGateways.create compute.vpnGateways.delete compute.vpnGateways.get compute.vpnGateways.list compute.vpnGateways.setLabels compute.vpnGateways.use compute.vpnTunnels.create compute.vpnTunnels.delete compute.vpnTunnels.get compute.vpnTunnels.list compute.vpnTunnels.setLabels compute.zoneOperations.delete compute.zoneOperations.get compute.zoneOperations.getIamPolicy compute.zoneOperations.list compute.zoneOperations.setIamPolicy compute.zones.get compute.zones.list notebooks.* notebooks.environments.create notebooks.environments.delete notebooks.environments.get notebooks.environments.getIamPolicy notebooks.environments.list notebooks.environments.setIamPolicy notebooks.executions.create notebooks.executions.delete notebooks.executions.get notebooks.executions.getIamPolicy notebooks.executions.list notebooks.executions.setIamPolicy notebooks.instances.checkUpgradability notebooks.instances.create notebooks.instances.delete notebooks.instances.diagnose notebooks.instances.get notebooks.instances.getHealth notebooks.instances.getIamPolicy notebooks.instances.list notebooks.instances.reset notebooks.instances.setAccelerator notebooks.instances.setIamPolicy notebooks.instances.setLabels notebooks.instances.setMachineType notebooks.instances.start notebooks.instances.stop notebooks.instances.update notebooks.instances.updateConfig notebooks.instances.updateShieldInstanceConfig notebooks.instances.upgrade notebooks.instances.use notebooks.locations.get notebooks.locations.list notebooks.operations.cancel notebooks.operations.delete notebooks.operations.get notebooks.operations.list notebooks.runtimes.create notebooks.runtimes.delete notebooks.runtimes.diagnose notebooks.runtimes.get notebooks.runtimes.getIamPolicy notebooks.runtimes.list notebooks.runtimes.reset notebooks.runtimes.setIamPolicy notebooks.runtimes.start notebooks.runtimes.stop notebooks.runtimes.switch notebooks.runtimes.update notebooks.runtimes.upgrade notebooks.schedules.create notebooks.schedules.delete notebooks.schedules.get notebooks.schedules.getIamPolicy notebooks.schedules.list notebooks.schedules.setIamPolicy resourcemanager.projects.get resourcemanager.projects.list serviceusage.quotas.get serviceusage.services.get serviceusage.services.list
Notebooks Legacy Viewer (`roles/notebooks.legacyViewer`) Read-only access to Notebooks all resources through compute API.	compute.acceleratorTypes.* compute.acceleratorTypes.get compute.acceleratorTypes.list compute.addresses.get compute.addresses.list compute.autoscalers.get compute.autoscalers.list compute.backendBuckets.get compute.backendBuckets.getIamPolicy compute.backendBuckets.list compute.backendBuckets.listEffectiveTags compute.backendBuckets.listTagBindings compute.backendServices.get compute.backendServices.getIamPolicy compute.backendServices.list compute.backendServices.listEffectiveTags compute.backendServices.listTagBindings compute.commitments.get compute.commitments.list compute.diskTypes.* compute.diskTypes.get compute.diskTypes.list compute.disks.get compute.disks.getIamPolicy compute.disks.list compute.disks.listEffectiveTags compute.disks.listTagBindings compute.externalVpnGateways.get compute.externalVpnGateways.list compute.firewallPolicies.get compute.firewallPolicies.getIamPolicy compute.firewallPolicies.list compute.firewallPolicies.listEffectiveTags compute.firewallPolicies.listTagBindings compute.firewalls.get compute.firewalls.list compute.firewalls.listEffectiveTags compute.firewalls.listTagBindings compute.forwardingRules.get compute.forwardingRules.list compute.forwardingRules.listEffectiveTags compute.forwardingRules.listTagBindings compute.futureReservations.get compute.futureReservations.getIamPolicy compute.futureReservations.list compute.globalAddresses.get compute.globalAddresses.list compute.globalForwardingRules.get compute.globalForwardingRules.list compute.globalForwardingRules.listEffectiveTags compute.globalForwardingRules.listTagBindings compute.globalForwardingRules.pscGet compute.globalNetworkEndpointGroups.get compute.globalNetworkEndpointGroups.list compute.globalNetworkEndpointGroups.listEffectiveTags compute.globalNetworkEndpointGroups.listTagBindings compute.globalOperations.get compute.globalOperations.getIamPolicy compute.globalOperations.list compute.globalPublicDelegatedPrefixes.get compute.globalPublicDelegatedPrefixes.list compute.healthChecks.get compute.healthChecks.list compute.healthChecks.listEffectiveTags compute.healthChecks.listTagBindings compute.httpHealthChecks.get compute.httpHealthChecks.list compute.httpHealthChecks.listEffectiveTags compute.httpHealthChecks.listTagBindings compute.httpsHealthChecks.get compute.httpsHealthChecks.list compute.httpsHealthChecks.listEffectiveTags compute.httpsHealthChecks.listTagBindings compute.images.get compute.images.getFromFamily compute.images.getIamPolicy compute.images.list compute.images.listEffectiveTags compute.images.listTagBindings compute.instanceGroupManagers.get compute.instanceGroupManagers.list compute.instanceGroups.get compute.instanceGroups.list compute.instanceSettings.get compute.instanceTemplates.get compute.instanceTemplates.getIamPolicy compute.instanceTemplates.list compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getIamPolicy compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instantSnapshots.get compute.instantSnapshots.getIamPolicy compute.instantSnapshots.list compute.interconnectAttachments.get compute.interconnectAttachments.list compute.interconnectLocations.* compute.interconnectLocations.get compute.interconnectLocations.list compute.interconnectRemoteLocations.* compute.interconnectRemoteLocations.get compute.interconnectRemoteLocations.list compute.interconnects.get compute.interconnects.list compute.licenseCodes.get compute.licenseCodes.getIamPolicy compute.licenseCodes.list compute.licenses.get compute.licenses.getIamPolicy compute.licenses.list compute.machineImages.get compute.machineImages.getIamPolicy compute.machineImages.list compute.machineTypes.* compute.machineTypes.get compute.machineTypes.list compute.maintenancePolicies.get compute.maintenancePolicies.getIamPolicy compute.maintenancePolicies.list compute.networkAttachments.get compute.networkAttachments.getIamPolicy compute.networkAttachments.list compute.networkEdgeSecurityServices.get compute.networkEdgeSecurityServices.list compute.networkEndpointGroups.get compute.networkEndpointGroups.getIamPolicy compute.networkEndpointGroups.list compute.networkEndpointGroups.listEffectiveTags compute.networkEndpointGroups.listTagBindings compute.networks.get compute.networks.getEffectiveFirewalls compute.networks.getRegionEffectiveFirewalls compute.networks.list compute.networks.listEffectiveTags compute.networks.listPeeringRoutes compute.networks.listTagBindings compute.nodeGroups.get compute.nodeGroups.getIamPolicy compute.nodeGroups.list compute.nodeTemplates.get compute.nodeTemplates.getIamPolicy compute.nodeTemplates.list compute.nodeTypes.* compute.nodeTypes.get compute.nodeTypes.list compute.organizations.listAssociations compute.packetMirrorings.get compute.packetMirrorings.list compute.projects.get compute.publicAdvertisedPrefixes.get compute.publicAdvertisedPrefixes.list compute.publicDelegatedPrefixes.get compute.publicDelegatedPrefixes.list compute.regionBackendServices.get compute.regionBackendServices.getIamPolicy compute.regionBackendServices.list compute.regionBackendServices.listEffectiveTags compute.regionBackendServices.listTagBindings compute.regionFirewallPolicies.get compute.regionFirewallPolicies.getIamPolicy compute.regionFirewallPolicies.list compute.regionFirewallPolicies.listEffectiveTags compute.regionFirewallPolicies.listTagBindings compute.regionHealthCheckServices.get compute.regionHealthCheckServices.list compute.regionHealthChecks.get compute.regionHealthChecks.list compute.regionHealthChecks.listEffectiveTags compute.regionHealthChecks.listTagBindings compute.regionNetworkEndpointGroups.get compute.regionNetworkEndpointGroups.list compute.regionNetworkEndpointGroups.listEffectiveTags compute.regionNetworkEndpointGroups.listTagBindings compute.regionNotificationEndpoints.get compute.regionNotificationEndpoints.list compute.regionOperations.get compute.regionOperations.getIamPolicy compute.regionOperations.list compute.regionSecurityPolicies.get compute.regionSecurityPolicies.list compute.regionSecurityPolicies.listEffectiveTags compute.regionSecurityPolicies.listTagBindings compute.regionSslCertificates.get compute.regionSslCertificates.list compute.regionSslCertificates.listEffectiveTags compute.regionSslCertificates.listTagBindings compute.regionSslPolicies.get compute.regionSslPolicies.list compute.regionSslPolicies.listAvailableFeatures compute.regionTargetHttpProxies.get compute.regionTargetHttpProxies.list compute.regionTargetHttpProxies.listEffectiveTags compute.regionTargetHttpProxies.listTagBindings compute.regionTargetHttpsProxies.get compute.regionTargetHttpsProxies.list compute.regionTargetHttpsProxies.listEffectiveTags compute.regionTargetHttpsProxies.listTagBindings compute.regionTargetTcpProxies.get compute.regionTargetTcpProxies.list compute.regionUrlMaps.get compute.regionUrlMaps.list compute.regionUrlMaps.listEffectiveTags compute.regionUrlMaps.listTagBindings compute.regionUrlMaps.validate compute.regions.* compute.regions.get compute.regions.list compute.reservations.get compute.reservations.list compute.resourcePolicies.get compute.resourcePolicies.getIamPolicy compute.resourcePolicies.list compute.routers.get compute.routers.list compute.routes.get compute.routes.list compute.routes.listEffectiveTags compute.routes.listTagBindings compute.securityPolicies.get compute.securityPolicies.getIamPolicy compute.securityPolicies.list compute.securityPolicies.listEffectiveTags compute.securityPolicies.listTagBindings compute.serviceAttachments.get compute.serviceAttachments.getIamPolicy compute.serviceAttachments.list compute.snapshots.get compute.snapshots.getIamPolicy compute.snapshots.list compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings compute.sslCertificates.get compute.sslCertificates.list compute.sslCertificates.listEffectiveTags compute.sslCertificates.listTagBindings compute.sslPolicies.get compute.sslPolicies.list compute.sslPolicies.listAvailableFeatures compute.sslPolicies.listEffectiveTags compute.sslPolicies.listTagBindings compute.subnetworks.get compute.subnetworks.getIamPolicy compute.subnetworks.list compute.subnetworks.listEffectiveTags compute.subnetworks.listTagBindings compute.targetGrpcProxies.get compute.targetGrpcProxies.list compute.targetHttpProxies.get compute.targetHttpProxies.list compute.targetHttpProxies.listEffectiveTags compute.targetHttpProxies.listTagBindings compute.targetHttpsProxies.get compute.targetHttpsProxies.list compute.targetHttpsProxies.listEffectiveTags compute.targetHttpsProxies.listTagBindings compute.targetInstances.get compute.targetInstances.list compute.targetInstances.listEffectiveTags compute.targetInstances.listTagBindings compute.targetPools.get compute.targetPools.list compute.targetPools.listEffectiveTags compute.targetPools.listTagBindings compute.targetSslProxies.get compute.targetSslProxies.list compute.targetSslProxies.listEffectiveTags compute.targetSslProxies.listTagBindings compute.targetTcpProxies.get compute.targetTcpProxies.list compute.targetTcpProxies.listEffectiveTags compute.targetTcpProxies.listTagBindings compute.targetVpnGateways.get compute.targetVpnGateways.list compute.urlMaps.get compute.urlMaps.list compute.urlMaps.listEffectiveTags compute.urlMaps.listTagBindings compute.urlMaps.validate compute.vpnGateways.get compute.vpnGateways.list compute.vpnTunnels.get compute.vpnTunnels.list compute.zoneOperations.get compute.zoneOperations.getIamPolicy compute.zoneOperations.list compute.zones.* compute.zones.get compute.zones.list notebooks.environments.get notebooks.environments.getIamPolicy notebooks.environments.list notebooks.executions.get notebooks.executions.getIamPolicy notebooks.executions.list notebooks.instances.checkUpgradability notebooks.instances.get notebooks.instances.getHealth notebooks.instances.getIamPolicy notebooks.instances.list notebooks.locations.* notebooks.locations.get notebooks.locations.list notebooks.operations.get notebooks.operations.list notebooks.runtimes.get notebooks.runtimes.getIamPolicy notebooks.runtimes.list notebooks.schedules.get notebooks.schedules.getIamPolicy notebooks.schedules.list resourcemanager.projects.get resourcemanager.projects.list serviceusage.quotas.get serviceusage.services.get serviceusage.services.list
Notebooks Runner (`roles/notebooks.runner`) Restricted access for running scheduled Notebooks.	compute.acceleratorTypes.* compute.acceleratorTypes.get compute.acceleratorTypes.list compute.addresses.get compute.addresses.list compute.autoscalers.get compute.autoscalers.list compute.backendBuckets.get compute.backendBuckets.getIamPolicy compute.backendBuckets.list compute.backendBuckets.listEffectiveTags compute.backendBuckets.listTagBindings compute.backendServices.get compute.backendServices.getIamPolicy compute.backendServices.list compute.backendServices.listEffectiveTags compute.backendServices.listTagBindings compute.commitments.get compute.commitments.list compute.diskTypes.* compute.diskTypes.get compute.diskTypes.list compute.disks.get compute.disks.getIamPolicy compute.disks.list compute.disks.listEffectiveTags compute.disks.listTagBindings compute.externalVpnGateways.get compute.externalVpnGateways.list compute.firewallPolicies.get compute.firewallPolicies.getIamPolicy compute.firewallPolicies.list compute.firewallPolicies.listEffectiveTags compute.firewallPolicies.listTagBindings compute.firewalls.get compute.firewalls.list compute.firewalls.listEffectiveTags compute.firewalls.listTagBindings compute.forwardingRules.get compute.forwardingRules.list compute.forwardingRules.listEffectiveTags compute.forwardingRules.listTagBindings compute.futureReservations.get compute.futureReservations.getIamPolicy compute.futureReservations.list compute.globalAddresses.get compute.globalAddresses.list compute.globalForwardingRules.get compute.globalForwardingRules.list compute.globalForwardingRules.listEffectiveTags compute.globalForwardingRules.listTagBindings compute.globalForwardingRules.pscGet compute.globalNetworkEndpointGroups.get compute.globalNetworkEndpointGroups.list compute.globalNetworkEndpointGroups.listEffectiveTags compute.globalNetworkEndpointGroups.listTagBindings compute.globalOperations.get compute.globalOperations.getIamPolicy compute.globalOperations.list compute.globalPublicDelegatedPrefixes.get compute.globalPublicDelegatedPrefixes.list compute.healthChecks.get compute.healthChecks.list compute.healthChecks.listEffectiveTags compute.healthChecks.listTagBindings compute.httpHealthChecks.get compute.httpHealthChecks.list compute.httpHealthChecks.listEffectiveTags compute.httpHealthChecks.listTagBindings compute.httpsHealthChecks.get compute.httpsHealthChecks.list compute.httpsHealthChecks.listEffectiveTags compute.httpsHealthChecks.listTagBindings compute.images.get compute.images.getFromFamily compute.images.getIamPolicy compute.images.list compute.images.listEffectiveTags compute.images.listTagBindings compute.instanceGroupManagers.get compute.instanceGroupManagers.list compute.instanceGroups.get compute.instanceGroups.list compute.instanceSettings.get compute.instanceTemplates.get compute.instanceTemplates.getIamPolicy compute.instanceTemplates.list compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getIamPolicy compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instantSnapshots.get compute.instantSnapshots.getIamPolicy compute.instantSnapshots.list compute.interconnectAttachments.get compute.interconnectAttachments.list compute.interconnectLocations.* compute.interconnectLocations.get compute.interconnectLocations.list compute.interconnectRemoteLocations.* compute.interconnectRemoteLocations.get compute.interconnectRemoteLocations.list compute.interconnects.get compute.interconnects.list compute.licenseCodes.get compute.licenseCodes.getIamPolicy compute.licenseCodes.list compute.licenses.get compute.licenses.getIamPolicy compute.licenses.list compute.machineImages.get compute.machineImages.getIamPolicy compute.machineImages.list compute.machineTypes.* compute.machineTypes.get compute.machineTypes.list compute.maintenancePolicies.get compute.maintenancePolicies.getIamPolicy compute.maintenancePolicies.list compute.networkAttachments.get compute.networkAttachments.getIamPolicy compute.networkAttachments.list compute.networkEdgeSecurityServices.get compute.networkEdgeSecurityServices.list compute.networkEndpointGroups.get compute.networkEndpointGroups.getIamPolicy compute.networkEndpointGroups.list compute.networkEndpointGroups.listEffectiveTags compute.networkEndpointGroups.listTagBindings compute.networks.get compute.networks.getEffectiveFirewalls compute.networks.getRegionEffectiveFirewalls compute.networks.list compute.networks.listEffectiveTags compute.networks.listPeeringRoutes compute.networks.listTagBindings compute.nodeGroups.get compute.nodeGroups.getIamPolicy compute.nodeGroups.list compute.nodeTemplates.get compute.nodeTemplates.getIamPolicy compute.nodeTemplates.list compute.nodeTypes.* compute.nodeTypes.get compute.nodeTypes.list compute.organizations.listAssociations compute.packetMirrorings.get compute.packetMirrorings.list compute.projects.get compute.publicAdvertisedPrefixes.get compute.publicAdvertisedPrefixes.list compute.publicDelegatedPrefixes.get compute.publicDelegatedPrefixes.list compute.regionBackendServices.get compute.regionBackendServices.getIamPolicy compute.regionBackendServices.list compute.regionBackendServices.listEffectiveTags compute.regionBackendServices.listTagBindings compute.regionFirewallPolicies.get compute.regionFirewallPolicies.getIamPolicy compute.regionFirewallPolicies.list compute.regionFirewallPolicies.listEffectiveTags compute.regionFirewallPolicies.listTagBindings compute.regionHealthCheckServices.get compute.regionHealthCheckServices.list compute.regionHealthChecks.get compute.regionHealthChecks.list compute.regionHealthChecks.listEffectiveTags compute.regionHealthChecks.listTagBindings compute.regionNetworkEndpointGroups.get compute.regionNetworkEndpointGroups.list compute.regionNetworkEndpointGroups.listEffectiveTags compute.regionNetworkEndpointGroups.listTagBindings compute.regionNotificationEndpoints.get compute.regionNotificationEndpoints.list compute.regionOperations.get compute.regionOperations.getIamPolicy compute.regionOperations.list compute.regionSecurityPolicies.get compute.regionSecurityPolicies.list compute.regionSecurityPolicies.listEffectiveTags compute.regionSecurityPolicies.listTagBindings compute.regionSslCertificates.get compute.regionSslCertificates.list compute.regionSslCertificates.listEffectiveTags compute.regionSslCertificates.listTagBindings compute.regionSslPolicies.get compute.regionSslPolicies.list compute.regionSslPolicies.listAvailableFeatures compute.regionTargetHttpProxies.get compute.regionTargetHttpProxies.list compute.regionTargetHttpProxies.listEffectiveTags compute.regionTargetHttpProxies.listTagBindings compute.regionTargetHttpsProxies.get compute.regionTargetHttpsProxies.list compute.regionTargetHttpsProxies.listEffectiveTags compute.regionTargetHttpsProxies.listTagBindings compute.regionTargetTcpProxies.get compute.regionTargetTcpProxies.list compute.regionUrlMaps.get compute.regionUrlMaps.list compute.regionUrlMaps.listEffectiveTags compute.regionUrlMaps.listTagBindings compute.regionUrlMaps.validate compute.regions.* compute.regions.get compute.regions.list compute.reservations.get compute.reservations.list compute.resourcePolicies.get compute.resourcePolicies.getIamPolicy compute.resourcePolicies.list compute.routers.get compute.routers.list compute.routes.get compute.routes.list compute.routes.listEffectiveTags compute.routes.listTagBindings compute.securityPolicies.get compute.securityPolicies.getIamPolicy compute.securityPolicies.list compute.securityPolicies.listEffectiveTags compute.securityPolicies.listTagBindings compute.serviceAttachments.get compute.serviceAttachments.getIamPolicy compute.serviceAttachments.list compute.snapshots.get compute.snapshots.getIamPolicy compute.snapshots.list compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings compute.sslCertificates.get compute.sslCertificates.list compute.sslCertificates.listEffectiveTags compute.sslCertificates.listTagBindings compute.sslPolicies.get compute.sslPolicies.list compute.sslPolicies.listAvailableFeatures compute.sslPolicies.listEffectiveTags compute.sslPolicies.listTagBindings compute.subnetworks.get compute.subnetworks.getIamPolicy compute.subnetworks.list compute.subnetworks.listEffectiveTags compute.subnetworks.listTagBindings compute.targetGrpcProxies.get compute.targetGrpcProxies.list compute.targetHttpProxies.get compute.targetHttpProxies.list compute.targetHttpProxies.listEffectiveTags compute.targetHttpProxies.listTagBindings compute.targetHttpsProxies.get compute.targetHttpsProxies.list compute.targetHttpsProxies.listEffectiveTags compute.targetHttpsProxies.listTagBindings compute.targetInstances.get compute.targetInstances.list compute.targetInstances.listEffectiveTags compute.targetInstances.listTagBindings compute.targetPools.get compute.targetPools.list compute.targetPools.listEffectiveTags compute.targetPools.listTagBindings compute.targetSslProxies.get compute.targetSslProxies.list compute.targetSslProxies.listEffectiveTags compute.targetSslProxies.listTagBindings compute.targetTcpProxies.get compute.targetTcpProxies.list compute.targetTcpProxies.listEffectiveTags compute.targetTcpProxies.listTagBindings compute.targetVpnGateways.get compute.targetVpnGateways.list compute.urlMaps.get compute.urlMaps.list compute.urlMaps.listEffectiveTags compute.urlMaps.listTagBindings compute.urlMaps.validate compute.vpnGateways.get compute.vpnGateways.list compute.vpnTunnels.get compute.vpnTunnels.list compute.zoneOperations.get compute.zoneOperations.getIamPolicy compute.zoneOperations.list compute.zones.* compute.zones.get compute.zones.list notebooks.environments.get notebooks.environments.getIamPolicy notebooks.environments.list notebooks.executions.create notebooks.executions.get notebooks.executions.getIamPolicy notebooks.executions.list notebooks.instances.checkUpgradability notebooks.instances.create notebooks.instances.get notebooks.instances.getHealth notebooks.instances.getIamPolicy notebooks.instances.list notebooks.locations.* notebooks.locations.get notebooks.locations.list notebooks.operations.get notebooks.operations.list notebooks.runtimes.create notebooks.runtimes.get notebooks.runtimes.getIamPolicy notebooks.runtimes.list notebooks.schedules.create notebooks.schedules.get notebooks.schedules.getIamPolicy notebooks.schedules.list resourcemanager.projects.get resourcemanager.projects.list serviceusage.quotas.get serviceusage.services.get serviceusage.services.list
Notebooks Viewer (`roles/notebooks.viewer`) Read-only access to Notebooks, all resources. Lowest-level resources where you can grant this role: Instance	compute.acceleratorTypes.* compute.acceleratorTypes.get compute.acceleratorTypes.list compute.addresses.get compute.addresses.list compute.autoscalers.get compute.autoscalers.list compute.backendBuckets.get compute.backendBuckets.getIamPolicy compute.backendBuckets.list compute.backendBuckets.listEffectiveTags compute.backendBuckets.listTagBindings compute.backendServices.get compute.backendServices.getIamPolicy compute.backendServices.list compute.backendServices.listEffectiveTags compute.backendServices.listTagBindings compute.commitments.get compute.commitments.list compute.diskTypes.* compute.diskTypes.get compute.diskTypes.list compute.disks.get compute.disks.getIamPolicy compute.disks.list compute.disks.listEffectiveTags compute.disks.listTagBindings compute.externalVpnGateways.get compute.externalVpnGateways.list compute.firewallPolicies.get compute.firewallPolicies.getIamPolicy compute.firewallPolicies.list compute.firewallPolicies.listEffectiveTags compute.firewallPolicies.listTagBindings compute.firewalls.get compute.firewalls.list compute.firewalls.listEffectiveTags compute.firewalls.listTagBindings compute.forwardingRules.get compute.forwardingRules.list compute.forwardingRules.listEffectiveTags compute.forwardingRules.listTagBindings compute.futureReservations.get compute.futureReservations.getIamPolicy compute.futureReservations.list compute.globalAddresses.get compute.globalAddresses.list compute.globalForwardingRules.get compute.globalForwardingRules.list compute.globalForwardingRules.listEffectiveTags compute.globalForwardingRules.listTagBindings compute.globalForwardingRules.pscGet compute.globalNetworkEndpointGroups.get compute.globalNetworkEndpointGroups.list compute.globalNetworkEndpointGroups.listEffectiveTags compute.globalNetworkEndpointGroups.listTagBindings compute.globalOperations.get compute.globalOperations.getIamPolicy compute.globalOperations.list compute.globalPublicDelegatedPrefixes.get compute.globalPublicDelegatedPrefixes.list compute.healthChecks.get compute.healthChecks.list compute.healthChecks.listEffectiveTags compute.healthChecks.listTagBindings compute.httpHealthChecks.get compute.httpHealthChecks.list compute.httpHealthChecks.listEffectiveTags compute.httpHealthChecks.listTagBindings compute.httpsHealthChecks.get compute.httpsHealthChecks.list compute.httpsHealthChecks.listEffectiveTags compute.httpsHealthChecks.listTagBindings compute.images.get compute.images.getFromFamily compute.images.getIamPolicy compute.images.list compute.images.listEffectiveTags compute.images.listTagBindings compute.instanceGroupManagers.get compute.instanceGroupManagers.list compute.instanceGroups.get compute.instanceGroups.list compute.instanceSettings.get compute.instanceTemplates.get compute.instanceTemplates.getIamPolicy compute.instanceTemplates.list compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getIamPolicy compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instantSnapshots.get compute.instantSnapshots.getIamPolicy compute.instantSnapshots.list compute.interconnectAttachments.get compute.interconnectAttachments.list compute.interconnectLocations.* compute.interconnectLocations.get compute.interconnectLocations.list compute.interconnectRemoteLocations.* compute.interconnectRemoteLocations.get compute.interconnectRemoteLocations.list compute.interconnects.get compute.interconnects.list compute.licenseCodes.get compute.licenseCodes.getIamPolicy compute.licenseCodes.list compute.licenses.get compute.licenses.getIamPolicy compute.licenses.list compute.machineImages.get compute.machineImages.getIamPolicy compute.machineImages.list compute.machineTypes.* compute.machineTypes.get compute.machineTypes.list compute.maintenancePolicies.get compute.maintenancePolicies.getIamPolicy compute.maintenancePolicies.list compute.networkAttachments.get compute.networkAttachments.getIamPolicy compute.networkAttachments.list compute.networkEdgeSecurityServices.get compute.networkEdgeSecurityServices.list compute.networkEndpointGroups.get compute.networkEndpointGroups.getIamPolicy compute.networkEndpointGroups.list compute.networkEndpointGroups.listEffectiveTags compute.networkEndpointGroups.listTagBindings compute.networks.get compute.networks.getEffectiveFirewalls compute.networks.getRegionEffectiveFirewalls compute.networks.list compute.networks.listEffectiveTags compute.networks.listPeeringRoutes compute.networks.listTagBindings compute.nodeGroups.get compute.nodeGroups.getIamPolicy compute.nodeGroups.list compute.nodeTemplates.get compute.nodeTemplates.getIamPolicy compute.nodeTemplates.list compute.nodeTypes.* compute.nodeTypes.get compute.nodeTypes.list compute.organizations.listAssociations compute.packetMirrorings.get compute.packetMirrorings.list compute.projects.get compute.publicAdvertisedPrefixes.get compute.publicAdvertisedPrefixes.list compute.publicDelegatedPrefixes.get compute.publicDelegatedPrefixes.list compute.regionBackendServices.get compute.regionBackendServices.getIamPolicy compute.regionBackendServices.list compute.regionBackendServices.listEffectiveTags compute.regionBackendServices.listTagBindings compute.regionFirewallPolicies.get compute.regionFirewallPolicies.getIamPolicy compute.regionFirewallPolicies.list compute.regionFirewallPolicies.listEffectiveTags compute.regionFirewallPolicies.listTagBindings compute.regionHealthCheckServices.get compute.regionHealthCheckServices.list compute.regionHealthChecks.get compute.regionHealthChecks.list compute.regionHealthChecks.listEffectiveTags compute.regionHealthChecks.listTagBindings compute.regionNetworkEndpointGroups.get compute.regionNetworkEndpointGroups.list compute.regionNetworkEndpointGroups.listEffectiveTags compute.regionNetworkEndpointGroups.listTagBindings compute.regionNotificationEndpoints.get compute.regionNotificationEndpoints.list compute.regionOperations.get compute.regionOperations.getIamPolicy compute.regionOperations.list compute.regionSecurityPolicies.get compute.regionSecurityPolicies.list compute.regionSecurityPolicies.listEffectiveTags compute.regionSecurityPolicies.listTagBindings compute.regionSslCertificates.get compute.regionSslCertificates.list compute.regionSslCertificates.listEffectiveTags compute.regionSslCertificates.listTagBindings compute.regionSslPolicies.get compute.regionSslPolicies.list compute.regionSslPolicies.listAvailableFeatures compute.regionTargetHttpProxies.get compute.regionTargetHttpProxies.list compute.regionTargetHttpProxies.listEffectiveTags compute.regionTargetHttpProxies.listTagBindings compute.regionTargetHttpsProxies.get compute.regionTargetHttpsProxies.list compute.regionTargetHttpsProxies.listEffectiveTags compute.regionTargetHttpsProxies.listTagBindings compute.regionTargetTcpProxies.get compute.regionTargetTcpProxies.list compute.regionUrlMaps.get compute.regionUrlMaps.list compute.regionUrlMaps.listEffectiveTags compute.regionUrlMaps.listTagBindings compute.regionUrlMaps.validate compute.regions.* compute.regions.get compute.regions.list compute.reservations.get compute.reservations.list compute.resourcePolicies.get compute.resourcePolicies.getIamPolicy compute.resourcePolicies.list compute.routers.get compute.routers.list compute.routes.get compute.routes.list compute.routes.listEffectiveTags compute.routes.listTagBindings compute.securityPolicies.get compute.securityPolicies.getIamPolicy compute.securityPolicies.list compute.securityPolicies.listEffectiveTags compute.securityPolicies.listTagBindings compute.serviceAttachments.get compute.serviceAttachments.getIamPolicy compute.serviceAttachments.list compute.snapshots.get compute.snapshots.getIamPolicy compute.snapshots.list compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings compute.sslCertificates.get compute.sslCertificates.list compute.sslCertificates.listEffectiveTags compute.sslCertificates.listTagBindings compute.sslPolicies.get compute.sslPolicies.list compute.sslPolicies.listAvailableFeatures compute.sslPolicies.listEffectiveTags compute.sslPolicies.listTagBindings compute.subnetworks.get compute.subnetworks.getIamPolicy compute.subnetworks.list compute.subnetworks.listEffectiveTags compute.subnetworks.listTagBindings compute.targetGrpcProxies.get compute.targetGrpcProxies.list compute.targetHttpProxies.get compute.targetHttpProxies.list compute.targetHttpProxies.listEffectiveTags compute.targetHttpProxies.listTagBindings compute.targetHttpsProxies.get compute.targetHttpsProxies.list compute.targetHttpsProxies.listEffectiveTags compute.targetHttpsProxies.listTagBindings compute.targetInstances.get compute.targetInstances.list compute.targetInstances.listEffectiveTags compute.targetInstances.listTagBindings compute.targetPools.get compute.targetPools.list compute.targetPools.listEffectiveTags compute.targetPools.listTagBindings compute.targetSslProxies.get compute.targetSslProxies.list compute.targetSslProxies.listEffectiveTags compute.targetSslProxies.listTagBindings compute.targetTcpProxies.get compute.targetTcpProxies.list compute.targetTcpProxies.listEffectiveTags compute.targetTcpProxies.listTagBindings compute.targetVpnGateways.get compute.targetVpnGateways.list compute.urlMaps.get compute.urlMaps.list compute.urlMaps.listEffectiveTags compute.urlMaps.listTagBindings compute.urlMaps.validate compute.vpnGateways.get compute.vpnGateways.list compute.vpnTunnels.get compute.vpnTunnels.list compute.zoneOperations.get compute.zoneOperations.getIamPolicy compute.zoneOperations.list compute.zones.* compute.zones.get compute.zones.list notebooks.environments.get notebooks.environments.getIamPolicy notebooks.environments.list notebooks.executions.get notebooks.executions.getIamPolicy notebooks.executions.list notebooks.instances.checkUpgradability notebooks.instances.get notebooks.instances.getHealth notebooks.instances.getIamPolicy notebooks.instances.list notebooks.locations.* notebooks.locations.get notebooks.locations.list notebooks.operations.get notebooks.operations.list notebooks.runtimes.get notebooks.runtimes.getIamPolicy notebooks.runtimes.list notebooks.schedules.get notebooks.schedules.getIamPolicy notebooks.schedules.list resourcemanager.projects.get resourcemanager.projects.list serviceusage.quotas.get serviceusage.services.get serviceusage.services.list

Notebooks Admin

(roles/notebooks.admin)

Full access to Notebooks, all resources.

Lowest-level resources where you can grant this role:

Instance

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.*

notebooks.environments.create
notebooks.environments.delete
notebooks.environments.get
notebooks.environments.getIamPolicy
notebooks.environments.list
notebooks.environments.setIamPolicy
notebooks.executions.create
notebooks.executions.delete
notebooks.executions.get
notebooks.executions.getIamPolicy
notebooks.executions.list
notebooks.executions.setIamPolicy
notebooks.instances.checkUpgradability
notebooks.instances.create
notebooks.instances.delete
notebooks.instances.diagnose
notebooks.instances.get
notebooks.instances.getHealth
notebooks.instances.getIamPolicy
notebooks.instances.list
notebooks.instances.reset
notebooks.instances.setAccelerator
notebooks.instances.setIamPolicy
notebooks.instances.setLabels
notebooks.instances.setMachineType
notebooks.instances.start
notebooks.instances.stop
notebooks.instances.update
notebooks.instances.updateConfig
notebooks.instances.updateShieldInstanceConfig
notebooks.instances.upgrade
notebooks.instances.use
notebooks.locations.get
notebooks.locations.list
notebooks.operations.cancel
notebooks.operations.delete
notebooks.operations.get
notebooks.operations.list
notebooks.runtimes.create
notebooks.runtimes.delete
notebooks.runtimes.diagnose
notebooks.runtimes.get
notebooks.runtimes.getIamPolicy
notebooks.runtimes.list
notebooks.runtimes.reset
notebooks.runtimes.setIamPolicy
notebooks.runtimes.start
notebooks.runtimes.stop
notebooks.runtimes.switch
notebooks.runtimes.update
notebooks.runtimes.upgrade
notebooks.schedules.create
notebooks.schedules.delete
notebooks.schedules.get
notebooks.schedules.getIamPolicy
notebooks.schedules.list
notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Legacy Admin

(roles/notebooks.legacyAdmin)

Full access to Notebooks all resources through compute API.

compute.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list
compute.addresses.create
compute.addresses.createInternal
compute.addresses.delete
compute.addresses.deleteInternal
compute.addresses.get
compute.addresses.list
compute.addresses.setLabels
compute.addresses.use
compute.addresses.useInternal
compute.autoscalers.create
compute.autoscalers.delete
compute.autoscalers.get
compute.autoscalers.list
compute.autoscalers.update
compute.backendBuckets.addSignedUrlKey
compute.backendBuckets.create
compute.backendBuckets.createTagBinding
compute.backendBuckets.delete
compute.backendBuckets.deleteSignedUrlKey
compute.backendBuckets.deleteTagBinding
compute.backendBuckets.get
compute.backendBuckets.getIamPolicy
compute.backendBuckets.list
compute.backendBuckets.listEffectiveTags
compute.backendBuckets.listTagBindings
compute.backendBuckets.setIamPolicy
compute.backendBuckets.setSecurityPolicy
compute.backendBuckets.update
compute.backendBuckets.use
compute.backendServices.addSignedUrlKey
compute.backendServices.create
compute.backendServices.createTagBinding
compute.backendServices.delete
compute.backendServices.deleteSignedUrlKey
compute.backendServices.deleteTagBinding
compute.backendServices.get
compute.backendServices.getIamPolicy
compute.backendServices.list
compute.backendServices.listEffectiveTags
compute.backendServices.listTagBindings
compute.backendServices.setIamPolicy
compute.backendServices.setSecurityPolicy
compute.backendServices.update
compute.backendServices.use
compute.commitments.create
compute.commitments.get
compute.commitments.list
compute.commitments.update
compute.commitments.updateReservations
compute.diskTypes.get
compute.diskTypes.list
compute.disks.addResourcePolicies
compute.disks.create
compute.disks.createSnapshot
compute.disks.createTagBinding
compute.disks.delete
compute.disks.deleteTagBinding
compute.disks.get
compute.disks.getIamPolicy
compute.disks.list
compute.disks.listEffectiveTags
compute.disks.listTagBindings
compute.disks.removeResourcePolicies
compute.disks.resize
compute.disks.setIamPolicy
compute.disks.setLabels
compute.disks.startAsyncReplication
compute.disks.stopAsyncReplication
compute.disks.stopGroupAsyncReplication
compute.disks.update
compute.disks.use
compute.disks.useReadOnly
compute.externalVpnGateways.create
compute.externalVpnGateways.delete
compute.externalVpnGateways.get
compute.externalVpnGateways.list
compute.externalVpnGateways.setLabels
compute.externalVpnGateways.use
compute.firewallPolicies.addAssociation
compute.firewallPolicies.cloneRules
compute.firewallPolicies.copyRules
compute.firewallPolicies.create
compute.firewallPolicies.createTagBinding
compute.firewallPolicies.delete
compute.firewallPolicies.deleteTagBinding
compute.firewallPolicies.get
compute.firewallPolicies.getIamPolicy
compute.firewallPolicies.list
compute.firewallPolicies.listEffectiveTags
compute.firewallPolicies.listTagBindings
compute.firewallPolicies.move
compute.firewallPolicies.removeAssociation
compute.firewallPolicies.setIamPolicy
compute.firewallPolicies.update
compute.firewallPolicies.use
compute.firewalls.create
compute.firewalls.createTagBinding
compute.firewalls.delete
compute.firewalls.deleteTagBinding
compute.firewalls.get
compute.firewalls.list
compute.firewalls.listEffectiveTags
compute.firewalls.listTagBindings
compute.firewalls.update
compute.forwardingRules.create
compute.forwardingRules.createTagBinding
compute.forwardingRules.delete
compute.forwardingRules.deleteTagBinding
compute.forwardingRules.get
compute.forwardingRules.list
compute.forwardingRules.listEffectiveTags
compute.forwardingRules.listTagBindings
compute.forwardingRules.pscCreate
compute.forwardingRules.pscDelete
compute.forwardingRules.pscSetLabels
compute.forwardingRules.pscSetTarget
compute.forwardingRules.pscUpdate
compute.forwardingRules.setLabels
compute.forwardingRules.setTarget
compute.forwardingRules.update
compute.forwardingRules.use
compute.futureReservations.cancel
compute.futureReservations.create
compute.futureReservations.delete
compute.futureReservations.get
compute.futureReservations.getIamPolicy
compute.futureReservations.list
compute.futureReservations.setIamPolicy
compute.futureReservations.update
compute.globalAddresses.create
compute.globalAddresses.createInternal
compute.globalAddresses.delete
compute.globalAddresses.deleteInternal
compute.globalAddresses.get
compute.globalAddresses.list
compute.globalAddresses.setLabels
compute.globalAddresses.use
compute.globalForwardingRules.create
compute.globalForwardingRules.createTagBinding
compute.globalForwardingRules.delete
compute.globalForwardingRules.deleteTagBinding
compute.globalForwardingRules.get
compute.globalForwardingRules.list
compute.globalForwardingRules.listEffectiveTags
compute.globalForwardingRules.listTagBindings
compute.globalForwardingRules.pscCreate
compute.globalForwardingRules.pscDelete
compute.globalForwardingRules.pscGet
compute.globalForwardingRules.pscSetLabels
compute.globalForwardingRules.pscSetTarget
compute.globalForwardingRules.pscUpdate
compute.globalForwardingRules.setLabels
compute.globalForwardingRules.setTarget
compute.globalForwardingRules.update
compute.globalNetworkEndpointGroups.attachNetworkEndpoints
compute.globalNetworkEndpointGroups.create
compute.globalNetworkEndpointGroups.createTagBinding
compute.globalNetworkEndpointGroups.delete
compute.globalNetworkEndpointGroups.deleteTagBinding
compute.globalNetworkEndpointGroups.detachNetworkEndpoints
compute.globalNetworkEndpointGroups.get
compute.globalNetworkEndpointGroups.list
compute.globalNetworkEndpointGroups.listEffectiveTags
compute.globalNetworkEndpointGroups.listTagBindings
compute.globalNetworkEndpointGroups.use
compute.globalOperations.delete
compute.globalOperations.get
compute.globalOperations.getIamPolicy
compute.globalOperations.list
compute.globalOperations.setIamPolicy
compute.globalPublicDelegatedPrefixes.create
compute.globalPublicDelegatedPrefixes.delete
compute.globalPublicDelegatedPrefixes.get
compute.globalPublicDelegatedPrefixes.list
compute.globalPublicDelegatedPrefixes.update
compute.globalPublicDelegatedPrefixes.updatePolicy
compute.globalPublicDelegatedPrefixes.use
compute.healthChecks.create
compute.healthChecks.createTagBinding
compute.healthChecks.delete
compute.healthChecks.deleteTagBinding
compute.healthChecks.get
compute.healthChecks.list
compute.healthChecks.listEffectiveTags
compute.healthChecks.listTagBindings
compute.healthChecks.update
compute.healthChecks.use
compute.healthChecks.useReadOnly
compute.httpHealthChecks.create
compute.httpHealthChecks.createTagBinding
compute.httpHealthChecks.delete
compute.httpHealthChecks.deleteTagBinding
compute.httpHealthChecks.get
compute.httpHealthChecks.list
compute.httpHealthChecks.listEffectiveTags
compute.httpHealthChecks.listTagBindings
compute.httpHealthChecks.update
compute.httpHealthChecks.use
compute.httpHealthChecks.useReadOnly
compute.httpsHealthChecks.create
compute.httpsHealthChecks.createTagBinding
compute.httpsHealthChecks.delete
compute.httpsHealthChecks.deleteTagBinding
compute.httpsHealthChecks.get
compute.httpsHealthChecks.list
compute.httpsHealthChecks.listEffectiveTags
compute.httpsHealthChecks.listTagBindings
compute.httpsHealthChecks.update
compute.httpsHealthChecks.use
compute.httpsHealthChecks.useReadOnly
compute.images.create
compute.images.createTagBinding
compute.images.delete
compute.images.deleteTagBinding
compute.images.deprecate
compute.images.get
compute.images.getFromFamily
compute.images.getIamPolicy
compute.images.list
compute.images.listEffectiveTags
compute.images.listTagBindings
compute.images.setIamPolicy
compute.images.setLabels
compute.images.update
compute.images.useReadOnly
compute.instanceGroupManagers.create
compute.instanceGroupManagers.delete
compute.instanceGroupManagers.get
compute.instanceGroupManagers.list
compute.instanceGroupManagers.update
compute.instanceGroupManagers.use
compute.instanceGroups.create
compute.instanceGroups.delete
compute.instanceGroups.get
compute.instanceGroups.list
compute.instanceGroups.update
compute.instanceGroups.use
compute.instanceSettings.get
compute.instanceSettings.update
compute.instanceTemplates.create
compute.instanceTemplates.delete
compute.instanceTemplates.get
compute.instanceTemplates.getIamPolicy
compute.instanceTemplates.list
compute.instanceTemplates.setIamPolicy
compute.instanceTemplates.useReadOnly
compute.instances.addAccessConfig
compute.instances.addMaintenancePolicies
compute.instances.addResourcePolicies
compute.instances.attachDisk
compute.instances.create
compute.instances.createTagBinding
compute.instances.delete
compute.instances.deleteAccessConfig
compute.instances.deleteTagBinding
compute.instances.detachDisk
compute.instances.get
compute.instances.getEffectiveFirewalls
compute.instances.getGuestAttributes
compute.instances.getIamPolicy
compute.instances.getScreenshot
compute.instances.getSerialPortOutput
compute.instances.getShieldedInstanceIdentity
compute.instances.getShieldedVmIdentity
compute.instances.list
compute.instances.listEffectiveTags
compute.instances.listReferrers
compute.instances.listTagBindings
compute.instances.osAdminLogin
compute.instances.osLogin
compute.instances.removeMaintenancePolicies
compute.instances.removeResourcePolicies
compute.instances.reset
compute.instances.resume
compute.instances.sendDiagnosticInterrupt
compute.instances.setDeletionProtection
compute.instances.setDiskAutoDelete
compute.instances.setIamPolicy
compute.instances.setLabels
compute.instances.setMachineResources
compute.instances.setMachineType
compute.instances.setMetadata
compute.instances.setMinCpuPlatform
compute.instances.setName
compute.instances.setScheduling
compute.instances.setSecurityPolicy
compute.instances.setServiceAccount
compute.instances.setShieldedInstanceIntegrityPolicy
compute.instances.setShieldedVmIntegrityPolicy
compute.instances.setTags
compute.instances.simulateMaintenanceEvent
compute.instances.start
compute.instances.startWithEncryptionKey
compute.instances.stop
compute.instances.suspend
compute.instances.update
compute.instances.updateAccessConfig
compute.instances.updateDisplayDevice
compute.instances.updateNetworkInterface
compute.instances.updateSecurity
compute.instances.updateShieldedInstanceConfig
compute.instances.updateShieldedVmConfig
compute.instances.use
compute.instances.useReadOnly
compute.instantSnapshots.create
compute.instantSnapshots.delete
compute.instantSnapshots.export
compute.instantSnapshots.get
compute.instantSnapshots.getIamPolicy
compute.instantSnapshots.list
compute.instantSnapshots.setIamPolicy
compute.instantSnapshots.setLabels
compute.instantSnapshots.useReadOnly
compute.interconnectAttachments.create
compute.interconnectAttachments.delete
compute.interconnectAttachments.get
compute.interconnectAttachments.list
compute.interconnectAttachments.setLabels
compute.interconnectAttachments.update
compute.interconnectAttachments.use
compute.interconnectLocations.get
compute.interconnectLocations.list
compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list
compute.interconnects.create
compute.interconnects.delete
compute.interconnects.get
compute.interconnects.getMacsecConfig
compute.interconnects.list
compute.interconnects.setLabels
compute.interconnects.update
compute.interconnects.use
compute.licenseCodes.get
compute.licenseCodes.getIamPolicy
compute.licenseCodes.list
compute.licenseCodes.setIamPolicy
compute.licenseCodes.update
compute.licenseCodes.use
compute.licenses.create
compute.licenses.delete
compute.licenses.get
compute.licenses.getIamPolicy
compute.licenses.list
compute.licenses.setIamPolicy
compute.machineImages.create
compute.machineImages.delete
compute.machineImages.get
compute.machineImages.getIamPolicy
compute.machineImages.list
compute.machineImages.setIamPolicy
compute.machineImages.useReadOnly
compute.machineTypes.get
compute.machineTypes.list
compute.maintenancePolicies.create
compute.maintenancePolicies.delete
compute.maintenancePolicies.get
compute.maintenancePolicies.getIamPolicy
compute.maintenancePolicies.list
compute.maintenancePolicies.setIamPolicy
compute.maintenancePolicies.use
compute.networkAttachments.create
compute.networkAttachments.delete
compute.networkAttachments.get
compute.networkAttachments.getIamPolicy
compute.networkAttachments.list
compute.networkAttachments.setIamPolicy
compute.networkEdgeSecurityServices.create
compute.networkEdgeSecurityServices.delete
compute.networkEdgeSecurityServices.get
compute.networkEdgeSecurityServices.list
compute.networkEdgeSecurityServices.update
compute.networkEndpointGroups.attachNetworkEndpoints
compute.networkEndpointGroups.create
compute.networkEndpointGroups.createTagBinding
compute.networkEndpointGroups.delete
compute.networkEndpointGroups.deleteTagBinding
compute.networkEndpointGroups.detachNetworkEndpoints
compute.networkEndpointGroups.get
compute.networkEndpointGroups.getIamPolicy
compute.networkEndpointGroups.list
compute.networkEndpointGroups.listEffectiveTags
compute.networkEndpointGroups.listTagBindings
compute.networkEndpointGroups.setIamPolicy
compute.networkEndpointGroups.use
compute.networks.access
compute.networks.addPeering
compute.networks.create
compute.networks.createTagBinding
compute.networks.delete
compute.networks.deleteTagBinding
compute.networks.get
compute.networks.getEffectiveFirewalls
compute.networks.getRegionEffectiveFirewalls
compute.networks.list
compute.networks.listEffectiveTags
compute.networks.listPeeringRoutes
compute.networks.listTagBindings
compute.networks.mirror
compute.networks.removePeering
compute.networks.setFirewallPolicy
compute.networks.switchToCustomMode
compute.networks.update
compute.networks.updatePeering
compute.networks.updatePolicy
compute.networks.use
compute.networks.useExternalIp
compute.nodeGroups.addNodes
compute.nodeGroups.create
compute.nodeGroups.delete
compute.nodeGroups.deleteNodes
compute.nodeGroups.get
compute.nodeGroups.getIamPolicy
compute.nodeGroups.list
compute.nodeGroups.performMaintenance
compute.nodeGroups.setIamPolicy
compute.nodeGroups.setNodeTemplate
compute.nodeGroups.simulateMaintenanceEvent
compute.nodeGroups.update
compute.nodeTemplates.create
compute.nodeTemplates.delete
compute.nodeTemplates.get
compute.nodeTemplates.getIamPolicy
compute.nodeTemplates.list
compute.nodeTemplates.setIamPolicy
compute.nodeTypes.get
compute.nodeTypes.list
compute.organizations.administerXpn
compute.organizations.disableXpnHost
compute.organizations.disableXpnResource
compute.organizations.enableXpnHost
compute.organizations.enableXpnResource
compute.organizations.listAssociations
compute.organizations.setFirewallPolicy
compute.organizations.setSecurityPolicy
compute.oslogin.updateExternalUser
compute.packetMirrorings.create
compute.packetMirrorings.delete
compute.packetMirrorings.get
compute.packetMirrorings.list
compute.packetMirrorings.update
compute.projects.get
compute.projects.setCommonInstanceMetadata
compute.projects.setDefaultNetworkTier
compute.projects.setDefaultServiceAccount
compute.projects.setManagedProtectionTier
compute.projects.setUsageExportBucket
compute.publicAdvertisedPrefixes.create
compute.publicAdvertisedPrefixes.delete
compute.publicAdvertisedPrefixes.get
compute.publicAdvertisedPrefixes.list
compute.publicAdvertisedPrefixes.update
compute.publicAdvertisedPrefixes.updatePolicy
compute.publicAdvertisedPrefixes.use
compute.publicDelegatedPrefixes.create
compute.publicDelegatedPrefixes.delete
compute.publicDelegatedPrefixes.get
compute.publicDelegatedPrefixes.list
compute.publicDelegatedPrefixes.update
compute.publicDelegatedPrefixes.updatePolicy
compute.publicDelegatedPrefixes.use
compute.regionBackendServices.create
compute.regionBackendServices.createTagBinding
compute.regionBackendServices.delete
compute.regionBackendServices.deleteTagBinding
compute.regionBackendServices.get
compute.regionBackendServices.getIamPolicy
compute.regionBackendServices.list
compute.regionBackendServices.listEffectiveTags
compute.regionBackendServices.listTagBindings
compute.regionBackendServices.setIamPolicy
compute.regionBackendServices.setSecurityPolicy
compute.regionBackendServices.update
compute.regionBackendServices.use
compute.regionFirewallPolicies.cloneRules
compute.regionFirewallPolicies.create
compute.regionFirewallPolicies.createTagBinding
compute.regionFirewallPolicies.delete
compute.regionFirewallPolicies.deleteTagBinding
compute.regionFirewallPolicies.get
compute.regionFirewallPolicies.getIamPolicy
compute.regionFirewallPolicies.list
compute.regionFirewallPolicies.listEffectiveTags
compute.regionFirewallPolicies.listTagBindings
compute.regionFirewallPolicies.setIamPolicy
compute.regionFirewallPolicies.update
compute.regionFirewallPolicies.use
compute.regionHealthCheckServices.create
compute.regionHealthCheckServices.delete
compute.regionHealthCheckServices.get
compute.regionHealthCheckServices.list
compute.regionHealthCheckServices.update
compute.regionHealthCheckServices.use
compute.regionHealthChecks.create
compute.regionHealthChecks.createTagBinding
compute.regionHealthChecks.delete
compute.regionHealthChecks.deleteTagBinding
compute.regionHealthChecks.get
compute.regionHealthChecks.list
compute.regionHealthChecks.listEffectiveTags
compute.regionHealthChecks.listTagBindings
compute.regionHealthChecks.update
compute.regionHealthChecks.use
compute.regionHealthChecks.useReadOnly
compute.regionNetworkEndpointGroups.attachNetworkEndpoints
compute.regionNetworkEndpointGroups.create
compute.regionNetworkEndpointGroups.createTagBinding
compute.regionNetworkEndpointGroups.delete
compute.regionNetworkEndpointGroups.deleteTagBinding
compute.regionNetworkEndpointGroups.detachNetworkEndpoints
compute.regionNetworkEndpointGroups.get
compute.regionNetworkEndpointGroups.list
compute.regionNetworkEndpointGroups.listEffectiveTags
compute.regionNetworkEndpointGroups.listTagBindings
compute.regionNetworkEndpointGroups.use
compute.regionNotificationEndpoints.create
compute.regionNotificationEndpoints.delete
compute.regionNotificationEndpoints.get
compute.regionNotificationEndpoints.list
compute.regionNotificationEndpoints.update
compute.regionNotificationEndpoints.use
compute.regionOperations.delete
compute.regionOperations.get
compute.regionOperations.getIamPolicy
compute.regionOperations.list
compute.regionOperations.setIamPolicy
compute.regionSecurityPolicies.create
compute.regionSecurityPolicies.createTagBinding
compute.regionSecurityPolicies.delete
compute.regionSecurityPolicies.deleteTagBinding
compute.regionSecurityPolicies.get
compute.regionSecurityPolicies.list
compute.regionSecurityPolicies.listEffectiveTags
compute.regionSecurityPolicies.listTagBindings
compute.regionSecurityPolicies.update
compute.regionSecurityPolicies.use
compute.regionSslCertificates.create
compute.regionSslCertificates.createTagBinding
compute.regionSslCertificates.delete
compute.regionSslCertificates.deleteTagBinding
compute.regionSslCertificates.get
compute.regionSslCertificates.list
compute.regionSslCertificates.listEffectiveTags
compute.regionSslCertificates.listTagBindings
compute.regionSslPolicies.create
compute.regionSslPolicies.delete
compute.regionSslPolicies.get
compute.regionSslPolicies.list
compute.regionSslPolicies.listAvailableFeatures
compute.regionSslPolicies.update
compute.regionSslPolicies.use
compute.regionTargetHttpProxies.create
compute.regionTargetHttpProxies.createTagBinding
compute.regionTargetHttpProxies.delete
compute.regionTargetHttpProxies.deleteTagBinding
compute.regionTargetHttpProxies.get
compute.regionTargetHttpProxies.list
compute.regionTargetHttpProxies.listEffectiveTags
compute.regionTargetHttpProxies.listTagBindings
compute.regionTargetHttpProxies.setUrlMap
compute.regionTargetHttpProxies.update
compute.regionTargetHttpProxies.use
compute.regionTargetHttpsProxies.create
compute.regionTargetHttpsProxies.createTagBinding
compute.regionTargetHttpsProxies.delete
compute.regionTargetHttpsProxies.deleteTagBinding
compute.regionTargetHttpsProxies.get
compute.regionTargetHttpsProxies.list
compute.regionTargetHttpsProxies.listEffectiveTags
compute.regionTargetHttpsProxies.listTagBindings
compute.regionTargetHttpsProxies.setSslCertificates
compute.regionTargetHttpsProxies.setUrlMap
compute.regionTargetHttpsProxies.update
compute.regionTargetHttpsProxies.use
compute.regionTargetTcpProxies.create
compute.regionTargetTcpProxies.delete
compute.regionTargetTcpProxies.get
compute.regionTargetTcpProxies.list
compute.regionTargetTcpProxies.use
compute.regionUrlMaps.create
compute.regionUrlMaps.createTagBinding
compute.regionUrlMaps.delete
compute.regionUrlMaps.deleteTagBinding
compute.regionUrlMaps.get
compute.regionUrlMaps.invalidateCache
compute.regionUrlMaps.list
compute.regionUrlMaps.listEffectiveTags
compute.regionUrlMaps.listTagBindings
compute.regionUrlMaps.update
compute.regionUrlMaps.use
compute.regionUrlMaps.validate
compute.regions.get
compute.regions.list
compute.reservations.create
compute.reservations.delete
compute.reservations.get
compute.reservations.list
compute.reservations.resize
compute.reservations.update
compute.resourcePolicies.create
compute.resourcePolicies.delete
compute.resourcePolicies.get
compute.resourcePolicies.getIamPolicy
compute.resourcePolicies.list
compute.resourcePolicies.setIamPolicy
compute.resourcePolicies.update
compute.resourcePolicies.use
compute.resourcePolicies.useReadOnly
compute.routers.create
compute.routers.delete
compute.routers.get
compute.routers.list
compute.routers.update
compute.routers.use
compute.routes.create
compute.routes.createTagBinding
compute.routes.delete
compute.routes.deleteTagBinding
compute.routes.get
compute.routes.list
compute.routes.listEffectiveTags
compute.routes.listTagBindings
compute.securityPolicies.addAssociation
compute.securityPolicies.copyRules
compute.securityPolicies.create
compute.securityPolicies.createTagBinding
compute.securityPolicies.delete
compute.securityPolicies.deleteTagBinding
compute.securityPolicies.get
compute.securityPolicies.getIamPolicy
compute.securityPolicies.list
compute.securityPolicies.listEffectiveTags
compute.securityPolicies.listTagBindings
compute.securityPolicies.move
compute.securityPolicies.removeAssociation
compute.securityPolicies.setIamPolicy
compute.securityPolicies.setLabels
compute.securityPolicies.update
compute.securityPolicies.use
compute.serviceAttachments.create
compute.serviceAttachments.delete
compute.serviceAttachments.get
compute.serviceAttachments.getIamPolicy
compute.serviceAttachments.list
compute.serviceAttachments.setIamPolicy
compute.serviceAttachments.update
compute.serviceAttachments.use
compute.snapshots.create
compute.snapshots.createTagBinding
compute.snapshots.delete
compute.snapshots.deleteTagBinding
compute.snapshots.get
compute.snapshots.getIamPolicy
compute.snapshots.list
compute.snapshots.listEffectiveTags
compute.snapshots.listTagBindings
compute.snapshots.setIamPolicy
compute.snapshots.setLabels
compute.snapshots.useReadOnly
compute.sslCertificates.create
compute.sslCertificates.createTagBinding
compute.sslCertificates.delete
compute.sslCertificates.deleteTagBinding
compute.sslCertificates.get
compute.sslCertificates.list
compute.sslCertificates.listEffectiveTags
compute.sslCertificates.listTagBindings
compute.sslPolicies.create
compute.sslPolicies.createTagBinding
compute.sslPolicies.delete
compute.sslPolicies.deleteTagBinding
compute.sslPolicies.get
compute.sslPolicies.list
compute.sslPolicies.listAvailableFeatures
compute.sslPolicies.listEffectiveTags
compute.sslPolicies.listTagBindings
compute.sslPolicies.update
compute.sslPolicies.use
compute.subnetworks.create
compute.subnetworks.createTagBinding
compute.subnetworks.delete
compute.subnetworks.deleteTagBinding
compute.subnetworks.expandIpCidrRange
compute.subnetworks.get
compute.subnetworks.getIamPolicy
compute.subnetworks.list
compute.subnetworks.listEffectiveTags
compute.subnetworks.listTagBindings
compute.subnetworks.mirror
compute.subnetworks.setIamPolicy
compute.subnetworks.setPrivateIpGoogleAccess
compute.subnetworks.update
compute.subnetworks.use
compute.subnetworks.useExternalIp
compute.targetGrpcProxies.create
compute.targetGrpcProxies.delete
compute.targetGrpcProxies.get
compute.targetGrpcProxies.list
compute.targetGrpcProxies.update
compute.targetGrpcProxies.use
compute.targetHttpProxies.create
compute.targetHttpProxies.createTagBinding
compute.targetHttpProxies.delete
compute.targetHttpProxies.deleteTagBinding
compute.targetHttpProxies.get
compute.targetHttpProxies.list
compute.targetHttpProxies.listEffectiveTags
compute.targetHttpProxies.listTagBindings
compute.targetHttpProxies.setUrlMap
compute.targetHttpProxies.update
compute.targetHttpProxies.use
compute.targetHttpsProxies.create
compute.targetHttpsProxies.createTagBinding
compute.targetHttpsProxies.delete
compute.targetHttpsProxies.deleteTagBinding
compute.targetHttpsProxies.get
compute.targetHttpsProxies.list
compute.targetHttpsProxies.listEffectiveTags
compute.targetHttpsProxies.listTagBindings
compute.targetHttpsProxies.setCertificateMap
compute.targetHttpsProxies.setQuicOverride
compute.targetHttpsProxies.setSslCertificates
compute.targetHttpsProxies.setSslPolicy
compute.targetHttpsProxies.setUrlMap
compute.targetHttpsProxies.update
compute.targetHttpsProxies.use
compute.targetInstances.create
compute.targetInstances.createTagBinding
compute.targetInstances.delete
compute.targetInstances.deleteTagBinding
compute.targetInstances.get
compute.targetInstances.list
compute.targetInstances.listEffectiveTags
compute.targetInstances.listTagBindings
compute.targetInstances.setSecurityPolicy
compute.targetInstances.use
compute.targetPools.addHealthCheck
compute.targetPools.addInstance
compute.targetPools.create
compute.targetPools.createTagBinding
compute.targetPools.delete
compute.targetPools.deleteTagBinding
compute.targetPools.get
compute.targetPools.list
compute.targetPools.listEffectiveTags
compute.targetPools.listTagBindings
compute.targetPools.removeHealthCheck
compute.targetPools.removeInstance
compute.targetPools.setSecurityPolicy
compute.targetPools.update
compute.targetPools.use
compute.targetSslProxies.create
compute.targetSslProxies.createTagBinding
compute.targetSslProxies.delete
compute.targetSslProxies.deleteTagBinding
compute.targetSslProxies.get
compute.targetSslProxies.list
compute.targetSslProxies.listEffectiveTags
compute.targetSslProxies.listTagBindings
compute.targetSslProxies.setBackendService
compute.targetSslProxies.setCertificateMap
compute.targetSslProxies.setProxyHeader
compute.targetSslProxies.setSslCertificates
compute.targetSslProxies.setSslPolicy
compute.targetSslProxies.update
compute.targetSslProxies.use
compute.targetTcpProxies.create
compute.targetTcpProxies.createTagBinding
compute.targetTcpProxies.delete
compute.targetTcpProxies.deleteTagBinding
compute.targetTcpProxies.get
compute.targetTcpProxies.list
compute.targetTcpProxies.listEffectiveTags
compute.targetTcpProxies.listTagBindings
compute.targetTcpProxies.update
compute.targetTcpProxies.use
compute.targetVpnGateways.create
compute.targetVpnGateways.delete
compute.targetVpnGateways.get
compute.targetVpnGateways.list
compute.targetVpnGateways.setLabels
compute.targetVpnGateways.use
compute.urlMaps.create
compute.urlMaps.createTagBinding
compute.urlMaps.delete
compute.urlMaps.deleteTagBinding
compute.urlMaps.get
compute.urlMaps.invalidateCache
compute.urlMaps.list
compute.urlMaps.listEffectiveTags
compute.urlMaps.listTagBindings
compute.urlMaps.update
compute.urlMaps.use
compute.urlMaps.validate
compute.vpnGateways.create
compute.vpnGateways.delete
compute.vpnGateways.get
compute.vpnGateways.list
compute.vpnGateways.setLabels
compute.vpnGateways.use
compute.vpnTunnels.create
compute.vpnTunnels.delete
compute.vpnTunnels.get
compute.vpnTunnels.list
compute.vpnTunnels.setLabels
compute.zoneOperations.delete
compute.zoneOperations.get
compute.zoneOperations.getIamPolicy
compute.zoneOperations.list
compute.zoneOperations.setIamPolicy
compute.zones.get
compute.zones.list

notebooks.*

notebooks.environments.create
notebooks.environments.delete
notebooks.environments.get
notebooks.environments.getIamPolicy
notebooks.environments.list
notebooks.environments.setIamPolicy
notebooks.executions.create
notebooks.executions.delete
notebooks.executions.get
notebooks.executions.getIamPolicy
notebooks.executions.list
notebooks.executions.setIamPolicy
notebooks.instances.checkUpgradability
notebooks.instances.create
notebooks.instances.delete
notebooks.instances.diagnose
notebooks.instances.get
notebooks.instances.getHealth
notebooks.instances.getIamPolicy
notebooks.instances.list
notebooks.instances.reset
notebooks.instances.setAccelerator
notebooks.instances.setIamPolicy
notebooks.instances.setLabels
notebooks.instances.setMachineType
notebooks.instances.start
notebooks.instances.stop
notebooks.instances.update
notebooks.instances.updateConfig
notebooks.instances.updateShieldInstanceConfig
notebooks.instances.upgrade
notebooks.instances.use
notebooks.locations.get
notebooks.locations.list
notebooks.operations.cancel
notebooks.operations.delete
notebooks.operations.get
notebooks.operations.list
notebooks.runtimes.create
notebooks.runtimes.delete
notebooks.runtimes.diagnose
notebooks.runtimes.get
notebooks.runtimes.getIamPolicy
notebooks.runtimes.list
notebooks.runtimes.reset
notebooks.runtimes.setIamPolicy
notebooks.runtimes.start
notebooks.runtimes.stop
notebooks.runtimes.switch
notebooks.runtimes.update
notebooks.runtimes.upgrade
notebooks.schedules.create
notebooks.schedules.delete
notebooks.schedules.get
notebooks.schedules.getIamPolicy
notebooks.schedules.list
notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Legacy Viewer

(roles/notebooks.legacyViewer)

Read-only access to Notebooks all resources through compute API.

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

notebooks.locations.get
notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Runner

(roles/notebooks.runner)

Restricted access for running scheduled Notebooks.

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.create

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.create

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

notebooks.locations.get
notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.create

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.create

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Viewer

(roles/notebooks.viewer)

Read-only access to Notebooks, all resources.

Lowest-level resources where you can grant this role:

Instance

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

notebooks.locations.get
notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

AI Platform-Rollen

Role Permissions

Role	Permissions
AI Platform Admin (`roles/ml.admin`) Provides full access to AI Platform resources, and its jobs, operations, models, and versions. Lowest-level resources where you can grant this role: Project	ml.* ml.jobs.cancel ml.jobs.create ml.jobs.get ml.jobs.getIamPolicy ml.jobs.list ml.jobs.setIamPolicy ml.jobs.update ml.locations.get ml.locations.list ml.models.create ml.models.delete ml.models.get ml.models.getIamPolicy ml.models.list ml.models.predict ml.models.setIamPolicy ml.models.update ml.operations.cancel ml.operations.get ml.operations.list ml.projects.getConfig ml.studies.create ml.studies.delete ml.studies.get ml.studies.getIamPolicy ml.studies.list ml.studies.setIamPolicy ml.trials.create ml.trials.delete ml.trials.get ml.trials.list ml.trials.update ml.versions.create ml.versions.delete ml.versions.get ml.versions.list ml.versions.predict ml.versions.update resourcemanager.projects.get
AI Platform Developer (`roles/ml.developer`) Provides ability to use AI Platform resources for creating models, versions, jobs for training and prediction, and sending online prediction requests. Lowest-level resources where you can grant this role: Project	ml.jobs.create ml.jobs.get ml.jobs.getIamPolicy ml.jobs.list ml.locations.* ml.locations.get ml.locations.list ml.models.create ml.models.get ml.models.getIamPolicy ml.models.list ml.models.predict ml.operations.get ml.operations.list ml.projects.getConfig ml.studies.* ml.studies.create ml.studies.delete ml.studies.get ml.studies.getIamPolicy ml.studies.list ml.studies.setIamPolicy ml.trials.* ml.trials.create ml.trials.delete ml.trials.get ml.trials.list ml.trials.update ml.versions.get ml.versions.list ml.versions.predict resourcemanager.projects.get
AI Platform Job Owner (`roles/ml.jobOwner`) Provides full access to all permissions for a particular job resource. This role is automatically granted to the user who creates the job. Lowest-level resources where you can grant this role: Job	ml.jobs.* ml.jobs.cancel ml.jobs.create ml.jobs.get ml.jobs.getIamPolicy ml.jobs.list ml.jobs.setIamPolicy ml.jobs.update
AI Platform Model Owner (`roles/ml.modelOwner`) Provides full access to the model and its versions. This role is automatically granted to the user who creates the model. Lowest-level resources where you can grant this role: Model	ml.models.* ml.models.create ml.models.delete ml.models.get ml.models.getIamPolicy ml.models.list ml.models.predict ml.models.setIamPolicy ml.models.update ml.versions.* ml.versions.create ml.versions.delete ml.versions.get ml.versions.list ml.versions.predict ml.versions.update
AI Platform Model User (`roles/ml.modelUser`) Provides permissions to read the model and its versions, and use them for prediction. Lowest-level resources where you can grant this role: Model	ml.models.get ml.models.predict ml.versions.get ml.versions.list ml.versions.predict
AI Platform Operation Owner (`roles/ml.operationOwner`) Provides full access to all permissions for a particular operation resource. Lowest-level resources where you can grant this role: Operation	ml.operations.* ml.operations.cancel ml.operations.get ml.operations.list
AI Platform Viewer (`roles/ml.viewer`) Provides read-only access to AI Platform resources. Lowest-level resources where you can grant this role: Project	ml.jobs.get ml.jobs.list ml.locations.* ml.locations.get ml.locations.list ml.models.get ml.models.list ml.operations.get ml.operations.list ml.projects.getConfig ml.studies.get ml.studies.getIamPolicy ml.studies.list ml.trials.get ml.trials.list ml.versions.get ml.versions.list resourcemanager.projects.get

AI Platform Admin

(roles/ml.admin)

Provides full access to AI Platform resources, and its jobs, operations, models, and versions.

Lowest-level resources where you can grant this role:

Project

ml.*

ml.jobs.cancel
ml.jobs.create
ml.jobs.get
ml.jobs.getIamPolicy
ml.jobs.list
ml.jobs.setIamPolicy
ml.jobs.update
ml.locations.get
ml.locations.list
ml.models.create
ml.models.delete
ml.models.get
ml.models.getIamPolicy
ml.models.list
ml.models.predict
ml.models.setIamPolicy
ml.models.update
ml.operations.cancel
ml.operations.get
ml.operations.list
ml.projects.getConfig
ml.studies.create
ml.studies.delete
ml.studies.get
ml.studies.getIamPolicy
ml.studies.list
ml.studies.setIamPolicy
ml.trials.create
ml.trials.delete
ml.trials.get
ml.trials.list
ml.trials.update
ml.versions.create
ml.versions.delete
ml.versions.get
ml.versions.list
ml.versions.predict
ml.versions.update

resourcemanager.projects.get

AI Platform Developer

(roles/ml.developer)

Provides ability to use AI Platform resources for creating models, versions, jobs for training and prediction, and sending online prediction requests.

Lowest-level resources where you can grant this role:

Project

ml.jobs.create

ml.jobs.get

ml.jobs.getIamPolicy

ml.jobs.list

ml.locations.*

ml.locations.get
ml.locations.list

ml.models.create

ml.models.get

ml.models.getIamPolicy

ml.models.list

ml.models.predict

ml.operations.get

ml.operations.list

ml.projects.getConfig

ml.studies.*

ml.studies.create
ml.studies.delete
ml.studies.get
ml.studies.getIamPolicy
ml.studies.list
ml.studies.setIamPolicy

ml.trials.*

ml.trials.create
ml.trials.delete
ml.trials.get
ml.trials.list
ml.trials.update

ml.versions.get

ml.versions.list

ml.versions.predict

resourcemanager.projects.get

AI Platform Job Owner

(roles/ml.jobOwner)

Provides full access to all permissions for a particular job resource. This role is automatically granted to the user who creates the job.

Lowest-level resources where you can grant this role:

ml.jobs.*

ml.jobs.cancel
ml.jobs.create
ml.jobs.get
ml.jobs.getIamPolicy
ml.jobs.list
ml.jobs.setIamPolicy
ml.jobs.update

AI Platform Model Owner

(roles/ml.modelOwner)

Provides full access to the model and its versions. This role is automatically granted to the user who creates the model.

Lowest-level resources where you can grant this role:

Model

ml.models.*

ml.models.create
ml.models.delete
ml.models.get
ml.models.getIamPolicy
ml.models.list
ml.models.predict
ml.models.setIamPolicy
ml.models.update

ml.versions.*

ml.versions.create
ml.versions.delete
ml.versions.get
ml.versions.list
ml.versions.predict
ml.versions.update

AI Platform Model User

(roles/ml.modelUser)

Provides permissions to read the model and its versions, and use them for prediction.

Lowest-level resources where you can grant this role:

Model

ml.models.get

ml.models.predict

ml.versions.get

ml.versions.list

ml.versions.predict

AI Platform Operation Owner

(roles/ml.operationOwner)

Provides full access to all permissions for a particular operation resource.

Lowest-level resources where you can grant this role:

Operation

ml.operations.*

ml.operations.cancel
ml.operations.get
ml.operations.list

AI Platform Viewer

(roles/ml.viewer)

Provides read-only access to AI Platform resources.

Lowest-level resources where you can grant this role:

Project

ml.jobs.get

ml.jobs.list

ml.locations.*

ml.locations.get
ml.locations.list

ml.models.get

ml.models.list

ml.operations.get

ml.operations.list

ml.projects.getConfig

ml.studies.get

ml.studies.getIamPolicy

ml.studies.list

ml.trials.get

ml.trials.list

ml.versions.get

ml.versions.list

resourcemanager.projects.get

Analytics Hub-Rollen

Role Permissions

Role	Permissions
Analytics Hub Admin (`roles/analyticshub.admin`) Administer Data Exchanges and Listings	analyticshub.dataExchanges.create analyticshub.dataExchanges.delete analyticshub.dataExchanges.get analyticshub.dataExchanges.getIamPolicy analyticshub.dataExchanges.list analyticshub.dataExchanges.setIamPolicy analyticshub.dataExchanges.update analyticshub.dataExchanges.viewSubscriptions analyticshub.listings.create analyticshub.listings.delete analyticshub.listings.get analyticshub.listings.getIamPolicy analyticshub.listings.list analyticshub.listings.setIamPolicy analyticshub.listings.update analyticshub.listings.viewSubscriptions analyticshub.subscriptions.* analyticshub.subscriptions.create analyticshub.subscriptions.delete analyticshub.subscriptions.get analyticshub.subscriptions.list analyticshub.subscriptions.update resourcemanager.projects.get resourcemanager.projects.list
Analytics Hub Listing Admin (`roles/analyticshub.listingAdmin`) Grants full control over the Listing, including updating, deleting and setting ACLs	analyticshub.dataExchanges.get analyticshub.dataExchanges.getIamPolicy analyticshub.dataExchanges.list analyticshub.listings.delete analyticshub.listings.get analyticshub.listings.getIamPolicy analyticshub.listings.list analyticshub.listings.setIamPolicy analyticshub.listings.update analyticshub.listings.viewSubscriptions resourcemanager.projects.get resourcemanager.projects.list
Analytics Hub Publisher (`roles/analyticshub.publisher`) Can publish to Data Exchanges thus creating Listings	analyticshub.dataExchanges.get analyticshub.dataExchanges.getIamPolicy analyticshub.dataExchanges.list analyticshub.listings.create analyticshub.listings.get analyticshub.listings.getIamPolicy analyticshub.listings.list resourcemanager.projects.get resourcemanager.projects.list
Analytics Hub Subscriber (`roles/analyticshub.subscriber`) Can browse Data Exchanges and subscribe to Listings	analyticshub.dataExchanges.get analyticshub.dataExchanges.getIamPolicy analyticshub.dataExchanges.list analyticshub.dataExchanges.subscribe analyticshub.listings.get analyticshub.listings.getIamPolicy analyticshub.listings.list analyticshub.listings.subscribe resourcemanager.projects.get resourcemanager.projects.list
Analytics Hub Subscription Owner (`roles/analyticshub.subscriptionOwner`) Grants full control over the Subscription, including updating and deleting	analyticshub.dataExchanges.get analyticshub.dataExchanges.getIamPolicy analyticshub.dataExchanges.list analyticshub.listings.get analyticshub.listings.getIamPolicy analyticshub.listings.list analyticshub.subscriptions.* analyticshub.subscriptions.create analyticshub.subscriptions.delete analyticshub.subscriptions.get analyticshub.subscriptions.list analyticshub.subscriptions.update resourcemanager.projects.get resourcemanager.projects.list
Analytics Hub Viewer (`roles/analyticshub.viewer`) Can browse Data Exchanges and Listings	analyticshub.dataExchanges.get analyticshub.dataExchanges.getIamPolicy analyticshub.dataExchanges.list analyticshub.listings.get analyticshub.listings.getIamPolicy analyticshub.listings.list resourcemanager.projects.get resourcemanager.projects.list

Analytics Hub Admin

(roles/analyticshub.admin)

Administer Data Exchanges and Listings

analyticshub.dataExchanges.create

analyticshub.dataExchanges.delete

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.dataExchanges.setIamPolicy

analyticshub.dataExchanges.update

analyticshub.dataExchanges.viewSubscriptions

analyticshub.listings.create

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

analyticshub.listings.viewSubscriptions

analyticshub.subscriptions.*

analyticshub.subscriptions.create
analyticshub.subscriptions.delete
analyticshub.subscriptions.get
analyticshub.subscriptions.list
analyticshub.subscriptions.update

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Listing Admin

(roles/analyticshub.listingAdmin)

Grants full control over the Listing, including updating, deleting and setting ACLs

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

analyticshub.listings.viewSubscriptions

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Publisher

(roles/analyticshub.publisher)

Can publish to Data Exchanges thus creating Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.create

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Subscriber

(roles/analyticshub.subscriber)

Can browse Data Exchanges and subscribe to Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.dataExchanges.subscribe

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.subscribe

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Subscription Owner

(roles/analyticshub.subscriptionOwner)

Grants full control over the Subscription, including updating and deleting

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.subscriptions.*

analyticshub.subscriptions.create
analyticshub.subscriptions.delete
analyticshub.subscriptions.get
analyticshub.subscriptions.list
analyticshub.subscriptions.update

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Viewer

(roles/analyticshub.viewer)

Can browse Data Exchanges and Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

Android Management-Rollen

Role Permissions

Role	Permissions
Android Management User (`roles/androidmanagement.user`) Full access to manage devices.	androidmanagement.enterprises.manage serviceusage.quotas.get serviceusage.services.get serviceusage.services.list

Android Management User

(roles/androidmanagement.user)

Full access to manage devices.

androidmanagement.enterprises.manage

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Anthos Multi-Cloud-Rollen

Role Permissions

Role	Permissions
Anthos Multi-cloud Admin (`roles/gkemulticloud.admin`) Admin access to Anthos Multi-cloud resources.	gkemulticloud.* gkemulticloud.attachedClusters.create gkemulticloud.attachedClusters.delete gkemulticloud.attachedClusters.generateInstallManifest gkemulticloud.attachedClusters.get gkemulticloud.attachedClusters.import gkemulticloud.attachedClusters.list gkemulticloud.attachedClusters.update gkemulticloud.attachedServerConfigs.get gkemulticloud.awsClusters.create gkemulticloud.awsClusters.delete gkemulticloud.awsClusters.generateAccessToken gkemulticloud.awsClusters.get gkemulticloud.awsClusters.getAdminKubeconfig gkemulticloud.awsClusters.list gkemulticloud.awsClusters.update gkemulticloud.awsNodePools.create gkemulticloud.awsNodePools.delete gkemulticloud.awsNodePools.get gkemulticloud.awsNodePools.list gkemulticloud.awsNodePools.update gkemulticloud.awsServerConfigs.get gkemulticloud.azureClients.create gkemulticloud.azureClients.delete gkemulticloud.azureClients.get gkemulticloud.azureClients.list gkemulticloud.azureClusters.create gkemulticloud.azureClusters.delete gkemulticloud.azureClusters.generateAccessToken gkemulticloud.azureClusters.get gkemulticloud.azureClusters.getAdminKubeconfig gkemulticloud.azureClusters.list gkemulticloud.azureClusters.update gkemulticloud.azureNodePools.create gkemulticloud.azureNodePools.delete gkemulticloud.azureNodePools.get gkemulticloud.azureNodePools.list gkemulticloud.azureNodePools.update gkemulticloud.azureServerConfigs.get gkemulticloud.operations.cancel gkemulticloud.operations.delete gkemulticloud.operations.get gkemulticloud.operations.list gkemulticloud.operations.wait resourcemanager.projects.get resourcemanager.projects.list
Anthos Multi-cloud Telemetry Writer (`roles/gkemulticloud.telemetryWriter`) Grant access to write cluster telemetry data such as logs, metrics, and resource metadata.	logging.logEntries.create logging.logEntries.route monitoring.metricDescriptors.create monitoring.metricDescriptors.get monitoring.metricDescriptors.list monitoring.monitoredResourceDescriptors.* monitoring.monitoredResourceDescriptors.get monitoring.monitoredResourceDescriptors.list monitoring.timeSeries.create opsconfigmonitoring.resourceMetadata.write
Anthos Multi-cloud Viewer (`roles/gkemulticloud.viewer`) Viewer access to Anthos Multi-cloud resources.	gkemulticloud.attachedClusters.generateInstallManifest gkemulticloud.attachedClusters.get gkemulticloud.attachedClusters.list gkemulticloud.attachedServerConfigs.get gkemulticloud.awsClusters.generateAccessToken gkemulticloud.awsClusters.get gkemulticloud.awsClusters.list gkemulticloud.awsNodePools.get gkemulticloud.awsNodePools.list gkemulticloud.awsServerConfigs.get gkemulticloud.azureClients.get gkemulticloud.azureClients.list gkemulticloud.azureClusters.generateAccessToken gkemulticloud.azureClusters.get gkemulticloud.azureClusters.list gkemulticloud.azureNodePools.get gkemulticloud.azureNodePools.list gkemulticloud.azureServerConfigs.get gkemulticloud.operations.get gkemulticloud.operations.list gkemulticloud.operations.wait resourcemanager.projects.get resourcemanager.projects.list

Anthos Multi-cloud Admin

(roles/gkemulticloud.admin)

Admin access to Anthos Multi-cloud resources.

gkemulticloud.*

gkemulticloud.attachedClusters.create
gkemulticloud.attachedClusters.delete
gkemulticloud.attachedClusters.generateInstallManifest
gkemulticloud.attachedClusters.get
gkemulticloud.attachedClusters.import
gkemulticloud.attachedClusters.list
gkemulticloud.attachedClusters.update
gkemulticloud.attachedServerConfigs.get
gkemulticloud.awsClusters.create
gkemulticloud.awsClusters.delete
gkemulticloud.awsClusters.generateAccessToken
gkemulticloud.awsClusters.get
gkemulticloud.awsClusters.getAdminKubeconfig
gkemulticloud.awsClusters.list
gkemulticloud.awsClusters.update
gkemulticloud.awsNodePools.create
gkemulticloud.awsNodePools.delete
gkemulticloud.awsNodePools.get
gkemulticloud.awsNodePools.list
gkemulticloud.awsNodePools.update
gkemulticloud.awsServerConfigs.get
gkemulticloud.azureClients.create
gkemulticloud.azureClients.delete
gkemulticloud.azureClients.get
gkemulticloud.azureClients.list
gkemulticloud.azureClusters.create
gkemulticloud.azureClusters.delete
gkemulticloud.azureClusters.generateAccessToken
gkemulticloud.azureClusters.get
gkemulticloud.azureClusters.getAdminKubeconfig
gkemulticloud.azureClusters.list
gkemulticloud.azureClusters.update
gkemulticloud.azureNodePools.create
gkemulticloud.azureNodePools.delete
gkemulticloud.azureNodePools.get
gkemulticloud.azureNodePools.list
gkemulticloud.azureNodePools.update
gkemulticloud.azureServerConfigs.get
gkemulticloud.operations.cancel
gkemulticloud.operations.delete
gkemulticloud.operations.get
gkemulticloud.operations.list
gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

Anthos Multi-cloud Telemetry Writer

(roles/gkemulticloud.telemetryWriter)

Grant access to write cluster telemetry data such as logs, metrics, and resource metadata.

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

opsconfigmonitoring.resourceMetadata.write

Anthos Multi-cloud Viewer

(roles/gkemulticloud.viewer)

Viewer access to Anthos Multi-cloud resources.

gkemulticloud.attachedClusters.generateInstallManifest

gkemulticloud.attachedClusters.get

gkemulticloud.attachedClusters.list

gkemulticloud.attachedServerConfigs.get

gkemulticloud.awsClusters.generateAccessToken

gkemulticloud.awsClusters.get

gkemulticloud.awsClusters.list

gkemulticloud.awsNodePools.get

gkemulticloud.awsNodePools.list

gkemulticloud.awsServerConfigs.get

gkemulticloud.azureClients.get

gkemulticloud.azureClients.list

gkemulticloud.azureClusters.generateAccessToken

gkemulticloud.azureClusters.get

gkemulticloud.azureClusters.list

gkemulticloud.azureNodePools.get

gkemulticloud.azureNodePools.list

gkemulticloud.azureServerConfigs.get

gkemulticloud.operations.get

gkemulticloud.operations.list

gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

API-Gateway-Rollen

Role Permissions

Role	Permissions
ApiGateway Admin (`roles/apigateway.admin`) Full access to ApiGateway and related resources.	apigateway.* apigateway.apiconfigs.create apigateway.apiconfigs.delete apigateway.apiconfigs.get apigateway.apiconfigs.getIamPolicy apigateway.apiconfigs.list apigateway.apiconfigs.setIamPolicy apigateway.apiconfigs.update apigateway.apis.create apigateway.apis.delete apigateway.apis.get apigateway.apis.getIamPolicy apigateway.apis.list apigateway.apis.setIamPolicy apigateway.apis.update apigateway.gateways.create apigateway.gateways.delete apigateway.gateways.get apigateway.gateways.getIamPolicy apigateway.gateways.list apigateway.gateways.setIamPolicy apigateway.gateways.update apigateway.locations.get apigateway.locations.list apigateway.operations.cancel apigateway.operations.delete apigateway.operations.get apigateway.operations.list monitoring.metricDescriptors.list monitoring.monitoredResourceDescriptors.get monitoring.timeSeries.list resourcemanager.projects.get resourcemanager.projects.list servicemanagement.services.get serviceusage.services.list
ApiGateway Viewer (`roles/apigateway.viewer`) Read-only access to ApiGateway and related resources.	apigateway.apiconfigs.get apigateway.apiconfigs.getIamPolicy apigateway.apiconfigs.list apigateway.apis.get apigateway.apis.getIamPolicy apigateway.apis.list apigateway.gateways.get apigateway.gateways.getIamPolicy apigateway.gateways.list apigateway.locations.* apigateway.locations.get apigateway.locations.list apigateway.operations.get apigateway.operations.list monitoring.metricDescriptors.list monitoring.monitoredResourceDescriptors.get monitoring.timeSeries.list resourcemanager.projects.get resourcemanager.projects.list servicemanagement.services.get serviceusage.services.list

ApiGateway Admin

(roles/apigateway.admin)

Full access to ApiGateway and related resources.

apigateway.*

apigateway.apiconfigs.create
apigateway.apiconfigs.delete
apigateway.apiconfigs.get
apigateway.apiconfigs.getIamPolicy
apigateway.apiconfigs.list
apigateway.apiconfigs.setIamPolicy
apigateway.apiconfigs.update
apigateway.apis.create
apigateway.apis.delete
apigateway.apis.get
apigateway.apis.getIamPolicy
apigateway.apis.list
apigateway.apis.setIamPolicy
apigateway.apis.update
apigateway.gateways.create
apigateway.gateways.delete
apigateway.gateways.get
apigateway.gateways.getIamPolicy
apigateway.gateways.list
apigateway.gateways.setIamPolicy
apigateway.gateways.update
apigateway.locations.get
apigateway.locations.list
apigateway.operations.cancel
apigateway.operations.delete
apigateway.operations.get
apigateway.operations.list

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.get

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.get

serviceusage.services.list

ApiGateway Viewer

(roles/apigateway.viewer)

Read-only access to ApiGateway and related resources.

apigateway.apiconfigs.get

apigateway.apiconfigs.getIamPolicy

apigateway.apiconfigs.list

apigateway.apis.get

apigateway.apis.getIamPolicy

apigateway.apis.list

apigateway.gateways.get

apigateway.gateways.getIamPolicy

apigateway.gateways.list

apigateway.locations.*

apigateway.locations.get
apigateway.locations.list

apigateway.operations.get

apigateway.operations.list

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.get

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.get

serviceusage.services.list

Apigee-Rollen

Role Permissions

Role	Permissions
Apigee Organization Admin (`roles/apigee.admin`) Full access to all apigee resource features	apigee.* apigee.addonsconfig.get apigee.addonsconfig.update apigee.apiproductattributes.createOrUpdateAll apigee.apiproductattributes.delete apigee.apiproductattributes.get apigee.apiproductattributes.list apigee.apiproductattributes.update apigee.apiproducts.create apigee.apiproducts.delete apigee.apiproducts.get apigee.apiproducts.list apigee.apiproducts.update apigee.appgroupapps.create apigee.appgroupapps.delete apigee.appgroupapps.get apigee.appgroupapps.list apigee.appgroupapps.manage apigee.appgroups.create apigee.appgroups.delete apigee.appgroups.get apigee.appgroups.list apigee.appgroups.update apigee.appkeys.create apigee.appkeys.delete apigee.appkeys.get apigee.appkeys.manage apigee.apps.get apigee.apps.list apigee.archivedeployments.create apigee.archivedeployments.delete apigee.archivedeployments.download apigee.archivedeployments.get apigee.archivedeployments.list apigee.archivedeployments.update apigee.archivedeployments.upload apigee.caches.delete apigee.caches.list apigee.canaryevaluations.create apigee.canaryevaluations.get apigee.datacollectors.create apigee.datacollectors.delete apigee.datacollectors.get apigee.datacollectors.list apigee.datacollectors.update apigee.datalocation.get apigee.datastores.create apigee.datastores.delete apigee.datastores.get apigee.datastores.list apigee.datastores.update apigee.deployments.create apigee.deployments.delete apigee.deployments.get apigee.deployments.list apigee.deployments.update apigee.developerappattributes.createOrUpdateAll apigee.developerappattributes.delete apigee.developerappattributes.get apigee.developerappattributes.list apigee.developerappattributes.update apigee.developerapps.create apigee.developerapps.delete apigee.developerapps.get apigee.developerapps.list apigee.developerapps.manage apigee.developerattributes.createOrUpdateAll apigee.developerattributes.delete apigee.developerattributes.get apigee.developerattributes.list apigee.developerattributes.update apigee.developerbalances.adjust apigee.developerbalances.get apigee.developerbalances.update apigee.developermonetizationconfigs.get apigee.developermonetizationconfigs.update apigee.developers.create apigee.developers.delete apigee.developers.get apigee.developers.list apigee.developers.update apigee.developersubscriptions.create apigee.developersubscriptions.get apigee.developersubscriptions.list apigee.developersubscriptions.update apigee.endpointattachments.create apigee.endpointattachments.delete apigee.endpointattachments.get apigee.endpointattachments.list apigee.entitlements.get apigee.envgroupattachments.create apigee.envgroupattachments.delete apigee.envgroupattachments.get apigee.envgroupattachments.list apigee.envgroups.create apigee.envgroups.delete apigee.envgroups.get apigee.envgroups.list apigee.envgroups.update apigee.environments.create apigee.environments.delete apigee.environments.get apigee.environments.getDataLocation apigee.environments.getIamPolicy apigee.environments.getStats apigee.environments.list apigee.environments.manageRuntime apigee.environments.setIamPolicy apigee.environments.update apigee.exports.create apigee.exports.get apigee.exports.list apigee.flowhooks.attachSharedFlow apigee.flowhooks.detachSharedFlow apigee.flowhooks.getSharedFlow apigee.flowhooks.list apigee.hostqueries.create apigee.hostqueries.get apigee.hostqueries.list apigee.hostsecurityreports.create apigee.hostsecurityreports.get apigee.hostsecurityreports.list apigee.hoststats.get apigee.ingressconfigs.get apigee.instanceattachments.create apigee.instanceattachments.delete apigee.instanceattachments.get apigee.instanceattachments.list apigee.instances.create apigee.instances.delete apigee.instances.get apigee.instances.list apigee.instances.reportStatus apigee.instances.update apigee.keystorealiases.create apigee.keystorealiases.delete apigee.keystorealiases.exportCertificate apigee.keystorealiases.generateCSR apigee.keystorealiases.get apigee.keystorealiases.list apigee.keystorealiases.update apigee.keystores.create apigee.keystores.delete apigee.keystores.export apigee.keystores.get apigee.keystores.list apigee.keyvaluemapentries.create apigee.keyvaluemapentries.delete apigee.keyvaluemapentries.get apigee.keyvaluemapentries.list apigee.keyvaluemaps.create apigee.keyvaluemaps.delete apigee.keyvaluemaps.list apigee.maskconfigs.get apigee.maskconfigs.update apigee.nataddresses.activate apigee.nataddresses.create apigee.nataddresses.delete apigee.nataddresses.get apigee.nataddresses.list apigee.operations.get apigee.operations.list apigee.organizations.create apigee.organizations.delete apigee.organizations.get apigee.organizations.list apigee.organizations.update apigee.portals.create apigee.portals.delete apigee.portals.get apigee.portals.list apigee.portals.update apigee.projectorganizations.get apigee.projects.migrate apigee.projects.previewMigration apigee.projects.update apigee.proxies.create apigee.proxies.delete apigee.proxies.get apigee.proxies.list apigee.proxies.update apigee.proxyrevisions.delete apigee.proxyrevisions.deploy apigee.proxyrevisions.get apigee.proxyrevisions.list apigee.proxyrevisions.undeploy apigee.proxyrevisions.update apigee.queries.create apigee.queries.get apigee.queries.list apigee.rateplans.create apigee.rateplans.delete apigee.rateplans.get apigee.rateplans.list apigee.rateplans.update apigee.references.create apigee.references.delete apigee.references.get apigee.references.list apigee.references.update apigee.reports.create apigee.reports.delete apigee.reports.get apigee.reports.list apigee.reports.update apigee.resourcefiles.create apigee.resourcefiles.delete apigee.resourcefiles.get apigee.resourcefiles.list apigee.resourcefiles.update apigee.runtimeconfigs.get apigee.securityActions.create apigee.securityActions.get apigee.securityActions.list apigee.securityActions.update apigee.securityActionsConfig.get apigee.securityActionsConfig.update apigee.securityIncidents.get apigee.securityIncidents.list apigee.securityProfileEnvironments.computeScore apigee.securityProfileEnvironments.create apigee.securityProfileEnvironments.delete apigee.securityProfiles.create apigee.securityProfiles.delete apigee.securityProfiles.get apigee.securityProfiles.list apigee.securityProfiles.update apigee.securityStats.queryTabularStats apigee.securityStats.queryTimeSeriesStats apigee.securityreports.create apigee.securityreports.get apigee.securityreports.list apigee.setupcontexts.get apigee.setupcontexts.update apigee.sharedflowrevisions.delete apigee.sharedflowrevisions.deploy apigee.sharedflowrevisions.get apigee.sharedflowrevisions.list apigee.sharedflowrevisions.undeploy apigee.sharedflowrevisions.update apigee.sharedflows.create apigee.sharedflows.delete apigee.sharedflows.get apigee.sharedflows.list apigee.targetservers.create apigee.targetservers.delete apigee.targetservers.get apigee.targetservers.list apigee.targetservers.update apigee.traceconfig.get apigee.traceconfig.update apigee.traceconfigoverrides.create apigee.traceconfigoverrides.delete apigee.traceconfigoverrides.get apigee.traceconfigoverrides.list apigee.traceconfigoverrides.update apigee.tracesessions.create apigee.tracesessions.delete apigee.tracesessions.get apigee.tracesessions.list monitoring.timeSeries.list resourcemanager.projects.get resourcemanager.projects.getIamPolicy resourcemanager.projects.list
Apigee Analytics Agent (`roles/apigee.analyticsAgent`) Curated set of permissions for Apigee Universal Data Collection Agent to manage analytics for an Apigee Organization	apigee.datalocation.get apigee.environments.getDataLocation apigee.runtimeconfigs.get
Apigee Analytics Editor (`roles/apigee.analyticsEditor`) Analytics editor for an Apigee Organization	apigee.datacollectors.* apigee.datacollectors.create apigee.datacollectors.delete apigee.datacollectors.get apigee.datacollectors.list apigee.datacollectors.update apigee.datastores.* apigee.datastores.create apigee.datastores.delete apigee.datastores.get apigee.datastores.list apigee.datastores.update apigee.entitlements.get apigee.envgroupattachments.get apigee.envgroupattachments.list apigee.envgroups.get apigee.envgroups.list apigee.environments.get apigee.environments.getStats apigee.environments.list apigee.exports.* apigee.exports.create apigee.exports.get apigee.exports.list apigee.hostqueries.* apigee.hostqueries.create apigee.hostqueries.get apigee.hostqueries.list apigee.hoststats.get apigee.organizations.get apigee.organizations.list apigee.projectorganizations.get apigee.queries.* apigee.queries.create apigee.queries.get apigee.queries.list apigee.reports.* apigee.reports.create apigee.reports.delete apigee.reports.get apigee.reports.list apigee.reports.update resourcemanager.projects.get resourcemanager.projects.list
Apigee Analytics Viewer (`roles/apigee.analyticsViewer`) Analytics viewer for an Apigee Organization	apigee.datacollectors.get apigee.datacollectors.list apigee.datastores.get apigee.datastores.list apigee.entitlements.get apigee.envgroupattachments.get apigee.envgroupattachments.list apigee.envgroups.get apigee.envgroups.list apigee.environments.get apigee.environments.getStats apigee.environments.list apigee.exports.get apigee.exports.list apigee.hostqueries.get apigee.hostqueries.list apigee.hoststats.get apigee.organizations.get apigee.organizations.list apigee.projectorganizations.get apigee.queries.get apigee.queries.list apigee.reports.get apigee.reports.list resourcemanager.projects.get resourcemanager.projects.list
Apigee API Admin (`roles/apigee.apiAdminV2`) Full read/write access to all apigee API resources	apigee.apiproductattributes.* apigee.apiproductattributes.createOrUpdateAll apigee.apiproductattributes.delete apigee.apiproductattributes.get apigee.apiproductattributes.list apigee.apiproductattributes.update apigee.apiproducts.* apigee.apiproducts.create apigee.apiproducts.delete apigee.apiproducts.get apigee.apiproducts.list apigee.apiproducts.update apigee.entitlements.get apigee.envgroupattachments.get apigee.envgroupattachments.list apigee.envgroups.get apigee.envgroups.list apigee.environments.get apigee.environments.getStats apigee.environments.list apigee.keyvaluemapentries.* apigee.keyvaluemapentries.create apigee.keyvaluemapentries.delete apigee.keyvaluemapentries.get apigee.keyvaluemapentries.list apigee.keyvaluemaps.* apigee.keyvaluemaps.create apigee.keyvaluemaps.delete apigee.keyvaluemaps.list apigee.organizations.get apigee.organizations.list apigee.projectorganizations.get apigee.proxies.* apigee.proxies.create apigee.proxies.delete apigee.proxies.get apigee.proxies.list apigee.proxies.update apigee.proxyrevisions.* apigee.proxyrevisions.delete apigee.proxyrevisions.deploy apigee.proxyrevisions.get apigee.proxyrevisions.list apigee.proxyrevisions.undeploy apigee.proxyrevisions.update apigee.sharedflowrevisions.* apigee.sharedflowrevisions.delete apigee.sharedflowrevisions.deploy apigee.sharedflowrevisions.get apigee.sharedflowrevisions.list apigee.sharedflowrevisions.undeploy apigee.sharedflowrevisions.update apigee.sharedflows.* apigee.sharedflows.create apigee.sharedflows.delete apigee.sharedflows.get apigee.sharedflows.list resourcemanager.projects.get resourcemanager.projects.list
Apigee API Reader (`roles/apigee.apiReaderV2`) Reader of apigee resources	apigee.apiproductattributes.get apigee.apiproductattributes.list apigee.apiproducts.get apigee.apiproducts.list apigee.entitlements.get apigee.envgroupattachments.get apigee.envgroupattachments.list apigee.envgroups.get apigee.envgroups.list apigee.environments.get apigee.environments.getStats apigee.environments.list apigee.keyvaluemapentries.get apigee.keyvaluemapentries.list apigee.keyvaluemaps.list apigee.organizations.get apigee.organizations.list apigee.projectorganizations.get apigee.proxies.get apigee.proxies.list apigee.proxyrevisions.deploy apigee.proxyrevisions.get apigee.proxyrevisions.list apigee.proxyrevisions.undeploy apigee.sharedflowrevisions.deploy apigee.sharedflowrevisions.get apigee.sharedflowrevisions.list apigee.sharedflowrevisions.undeploy apigee.sharedflows.get apigee.sharedflows.list resourcemanager.projects.get resourcemanager.projects.list
Apigee Developer Admin (`roles/apigee.developerAdmin`) Developer admin of apigee resources	apigee.apiproductattributes.get apigee.apiproductattributes.list apigee.apiproducts.get apigee.apiproducts.list apigee.appgroupapps.* apigee.appgroupapps.create apigee.appgroupapps.delete apigee.appgroupapps.get apigee.appgroupapps.list apigee.appgroupapps.manage apigee.appgroups.* apigee.appgroups.create apigee.appgroups.delete apigee.appgroups.get apigee.appgroups.list apigee.appgroups.update apigee.appkeys.* apigee.appkeys.create apigee.appkeys.delete apigee.appkeys.get apigee.appkeys.manage apigee.apps.* apigee.apps.get apigee.apps.list apigee.datacollectors.* apigee.datacollectors.create apigee.datacollectors.delete apigee.datacollectors.get apigee.datacollectors.list apigee.datacollectors.update apigee.developerappattributes.* apigee.developerappattributes.createOrUpdateAll apigee.developerappattributes.delete apigee.developerappattributes.get apigee.developerappattributes.list apigee.developerappattributes.update apigee.developerapps.* apigee.developerapps.create apigee.developerapps.delete apigee.developerapps.get apigee.developerapps.list apigee.developerapps.manage apigee.developerattributes.* apigee.developerattributes.createOrUpdateAll apigee.developerattributes.delete apigee.developerattributes.get apigee.developerattributes.list apigee.developerattributes.update apigee.developerbalances.* apigee.developerbalances.adjust apigee.developerbalances.get apigee.developerbalances.update apigee.developermonetizationconfigs.* apigee.developermonetizationconfigs.get apigee.developermonetizationconfigs.update apigee.developers.* apigee.developers.create apigee.developers.delete apigee.developers.get apigee.developers.list apigee.developers.update apigee.developersubscriptions.* apigee.developersubscriptions.create apigee.developersubscriptions.get apigee.developersubscriptions.list apigee.developersubscriptions.update apigee.entitlements.get apigee.environments.get

Apigee Organization Admin

(roles/apigee.admin)

Full access to all apigee resource features

apigee.*

apigee.addonsconfig.get
apigee.addonsconfig.update
apigee.apiproductattributes.createOrUpdateAll
apigee.apiproductattributes.delete
apigee.apiproductattributes.get
apigee.apiproductattributes.list
apigee.apiproductattributes.update
apigee.apiproducts.create
apigee.apiproducts.delete
apigee.apiproducts.get
apigee.apiproducts.list
apigee.apiproducts.update
apigee.appgroupapps.create
apigee.appgroupapps.delete
apigee.appgroupapps.get
apigee.appgroupapps.list
apigee.appgroupapps.manage
apigee.appgroups.create
apigee.appgroups.delete
apigee.appgroups.get
apigee.appgroups.list
apigee.appgroups.update
apigee.appkeys.create
apigee.appkeys.delete
apigee.appkeys.get
apigee.appkeys.manage
apigee.apps.get
apigee.apps.list
apigee.archivedeployments.create
apigee.archivedeployments.delete
apigee.archivedeployments.download
apigee.archivedeployments.get
apigee.archivedeployments.list
apigee.archivedeployments.update
apigee.archivedeployments.upload
apigee.caches.delete
apigee.caches.list
apigee.canaryevaluations.create
apigee.canaryevaluations.get
apigee.datacollectors.create
apigee.datacollectors.delete
apigee.datacollectors.get
apigee.datacollectors.list
apigee.datacollectors.update
apigee.datalocation.get
apigee.datastores.create
apigee.datastores.delete
apigee.datastores.get
apigee.datastores.list
apigee.datastores.update
apigee.deployments.create
apigee.deployments.delete
apigee.deployments.get
apigee.deployments.list
apigee.deployments.update
apigee.developerappattributes.createOrUpdateAll
apigee.developerappattributes.delete
apigee.developerappattributes.get
apigee.developerappattributes.list
apigee.developerappattributes.update
apigee.developerapps.create
apigee.developerapps.delete
apigee.developerapps.get
apigee.developerapps.list
apigee.developerapps.manage
apigee.developerattributes.createOrUpdateAll
apigee.developerattributes.delete
apigee.developerattributes.get
apigee.developerattributes.list
apigee.developerattributes.update
apigee.developerbalances.adjust
apigee.developerbalances.get
apigee.developerbalances.update
apigee.developermonetizationconfigs.get
apigee.developermonetizationconfigs.update
apigee.developers.create
apigee.developers.delete
apigee.developers.get
apigee.developers.list
apigee.developers.update
apigee.developersubscriptions.create
apigee.developersubscriptions.get
apigee.developersubscriptions.list
apigee.developersubscriptions.update
apigee.endpointattachments.create
apigee.endpointattachments.delete
apigee.endpointattachments.get
apigee.endpointattachments.list
apigee.entitlements.get
apigee.envgroupattachments.create
apigee.envgroupattachments.delete
apigee.envgroupattachments.get
apigee.envgroupattachments.list
apigee.envgroups.create
apigee.envgroups.delete
apigee.envgroups.get
apigee.envgroups.list
apigee.envgroups.update
apigee.environments.create
apigee.environments.delete
apigee.environments.get
apigee.environments.getDataLocation
apigee.environments.getIamPolicy
apigee.environments.getStats
apigee.environments.list
apigee.environments.manageRuntime
apigee.environments.setIamPolicy
apigee.environments.update
apigee.exports.create
apigee.exports.get
apigee.exports.list
apigee.flowhooks.attachSharedFlow
apigee.flowhooks.detachSharedFlow
apigee.flowhooks.getSharedFlow
apigee.flowhooks.list
apigee.hostqueries.create
apigee.hostqueries.get
apigee.hostqueries.list
apigee.hostsecurityreports.create
apigee.hostsecurityreports.get
apigee.hostsecurityreports.list
apigee.hoststats.get
apigee.ingressconfigs.get
apigee.instanceattachments.create
apigee.instanceattachments.delete
apigee.instanceattachments.get
apigee.instanceattachments.list
apigee.instances.create
apigee.instances.delete
apigee.instances.get
apigee.instances.list
apigee.instances.reportStatus
apigee.instances.update
apigee.keystorealiases.create
apigee.keystorealiases.delete
apigee.keystorealiases.exportCertificate
apigee.keystorealiases.generateCSR
apigee.keystorealiases.get
apigee.keystorealiases.list
apigee.keystorealiases.update
apigee.keystores.create
apigee.keystores.delete
apigee.keystores.export
apigee.keystores.get
apigee.keystores.list
apigee.keyvaluemapentries.create
apigee.keyvaluemapentries.delete
apigee.keyvaluemapentries.get
apigee.keyvaluemapentries.list
apigee.keyvaluemaps.create
apigee.keyvaluemaps.delete
apigee.keyvaluemaps.list
apigee.maskconfigs.get
apigee.maskconfigs.update
apigee.nataddresses.activate
apigee.nataddresses.create
apigee.nataddresses.delete
apigee.nataddresses.get
apigee.nataddresses.list
apigee.operations.get
apigee.operations.list
apigee.organizations.create
apigee.organizations.delete
apigee.organizations.get
apigee.organizations.list
apigee.organizations.update
apigee.portals.create
apigee.portals.delete
apigee.portals.get
apigee.portals.list
apigee.portals.update
apigee.projectorganizations.get
apigee.projects.migrate
apigee.projects.previewMigration
apigee.projects.update
apigee.proxies.create
apigee.proxies.delete
apigee.proxies.get
apigee.proxies.list
apigee.proxies.update
apigee.proxyrevisions.delete
apigee.proxyrevisions.deploy
apigee.proxyrevisions.get
apigee.proxyrevisions.list
apigee.proxyrevisions.undeploy
apigee.proxyrevisions.update
apigee.queries.create
apigee.queries.get
apigee.queries.list
apigee.rateplans.create
apigee.rateplans.delete
apigee.rateplans.get
apigee.rateplans.list
apigee.rateplans.update
apigee.references.create
apigee.references.delete
apigee.references.get
apigee.references.list
apigee.references.update
apigee.reports.create
apigee.reports.delete
apigee.reports.get
apigee.reports.list
apigee.reports.update
apigee.resourcefiles.create
apigee.resourcefiles.delete
apigee.resourcefiles.get
apigee.resourcefiles.list
apigee.resourcefiles.update
apigee.runtimeconfigs.get
apigee.securityActions.create
apigee.securityActions.get
apigee.securityActions.list
apigee.securityActions.update
apigee.securityActionsConfig.get
apigee.securityActionsConfig.update
apigee.securityIncidents.get
apigee.securityIncidents.list
apigee.securityProfileEnvironments.computeScore
apigee.securityProfileEnvironments.create
apigee.securityProfileEnvironments.delete
apigee.securityProfiles.create
apigee.securityProfiles.delete
apigee.securityProfiles.get
apigee.securityProfiles.list
apigee.securityProfiles.update
apigee.securityStats.queryTabularStats
apigee.securityStats.queryTimeSeriesStats
apigee.securityreports.create
apigee.securityreports.get
apigee.securityreports.list
apigee.setupcontexts.get
apigee.setupcontexts.update
apigee.sharedflowrevisions.delete
apigee.sharedflowrevisions.deploy
apigee.sharedflowrevisions.get
apigee.sharedflowrevisions.list
apigee.sharedflowrevisions.undeploy
apigee.sharedflowrevisions.update
apigee.sharedflows.create
apigee.sharedflows.delete
apigee.sharedflows.get
apigee.sharedflows.list
apigee.targetservers.create
apigee.targetservers.delete
apigee.targetservers.get
apigee.targetservers.list
apigee.targetservers.update
apigee.traceconfig.get
apigee.traceconfig.update
apigee.traceconfigoverrides.create
apigee.traceconfigoverrides.delete
apigee.traceconfigoverrides.get
apigee.traceconfigoverrides.list
apigee.traceconfigoverrides.update
apigee.tracesessions.create
apigee.tracesessions.delete
apigee.tracesessions.get
apigee.tracesessions.list

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.getIamPolicy

resourcemanager.projects.list

Apigee Analytics Agent

(roles/apigee.analyticsAgent)

Curated set of permissions for Apigee Universal Data Collection Agent to manage analytics for an Apigee Organization

apigee.datalocation.get

apigee.environments.getDataLocation

apigee.runtimeconfigs.get

Apigee Analytics Editor

(roles/apigee.analyticsEditor)

Analytics editor for an Apigee Organization

apigee.datacollectors.*

apigee.datacollectors.create
apigee.datacollectors.delete
apigee.datacollectors.get
apigee.datacollectors.list
apigee.datacollectors.update

apigee.datastores.*

apigee.datastores.create
apigee.datastores.delete
apigee.datastores.get
apigee.datastores.list
apigee.datastores.update

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.exports.*

apigee.exports.create
apigee.exports.get
apigee.exports.list

apigee.hostqueries.*

apigee.hostqueries.create
apigee.hostqueries.get
apigee.hostqueries.list

apigee.hoststats.get

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.queries.*

apigee.queries.create
apigee.queries.get
apigee.queries.list

apigee.reports.*

apigee.reports.create
apigee.reports.delete
apigee.reports.get
apigee.reports.list
apigee.reports.update

resourcemanager.projects.get

resourcemanager.projects.list

Apigee Analytics Viewer

(roles/apigee.analyticsViewer)

Analytics viewer for an Apigee Organization

apigee.datacollectors.get

apigee.datacollectors.list

apigee.datastores.get

apigee.datastores.list

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.exports.get

apigee.exports.list

apigee.hostqueries.get

apigee.hostqueries.list

apigee.hoststats.get

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.queries.get

apigee.queries.list

apigee.reports.get

apigee.reports.list

resourcemanager.projects.get

resourcemanager.projects.list

Apigee API Admin

(roles/apigee.apiAdminV2)

Full read/write access to all apigee API resources

apigee.apiproductattributes.*

apigee.apiproductattributes.createOrUpdateAll
apigee.apiproductattributes.delete
apigee.apiproductattributes.get
apigee.apiproductattributes.list
apigee.apiproductattributes.update

apigee.apiproducts.*

apigee.apiproducts.create
apigee.apiproducts.delete
apigee.apiproducts.get
apigee.apiproducts.list
apigee.apiproducts.update

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.keyvaluemapentries.*

apigee.keyvaluemapentries.create
apigee.keyvaluemapentries.delete
apigee.keyvaluemapentries.get
apigee.keyvaluemapentries.list

apigee.keyvaluemaps.*

apigee.keyvaluemaps.create
apigee.keyvaluemaps.delete
apigee.keyvaluemaps.list

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.proxies.*

apigee.proxies.create
apigee.proxies.delete
apigee.proxies.get
apigee.proxies.list
apigee.proxies.update

apigee.proxyrevisions.*

apigee.proxyrevisions.delete
apigee.proxyrevisions.deploy
apigee.proxyrevisions.get
apigee.proxyrevisions.list
apigee.proxyrevisions.undeploy
apigee.proxyrevisions.update

apigee.sharedflowrevisions.*

apigee.sharedflowrevisions.delete
apigee.sharedflowrevisions.deploy
apigee.sharedflowrevisions.get
apigee.sharedflowrevisions.list
apigee.sharedflowrevisions.undeploy
apigee.sharedflowrevisions.update

apigee.sharedflows.*

apigee.sharedflows.create
apigee.sharedflows.delete
apigee.sharedflows.get
apigee.sharedflows.list

resourcemanager.projects.get

resourcemanager.projects.list

Apigee API Reader

(roles/apigee.apiReaderV2)

Reader of apigee resources

apigee.apiproductattributes.get

apigee.apiproductattributes.list

apigee.apiproducts.get

apigee.apiproducts.list

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.keyvaluemapentries.get

apigee.keyvaluemapentries.list

apigee.keyvaluemaps.list

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.proxies.get

apigee.proxies.list

apigee.proxyrevisions.deploy

apigee.proxyrevisions.get

apigee.proxyrevisions.list

apigee.proxyrevisions.undeploy

apigee.sharedflowrevisions.deploy

apigee.sharedflowrevisions.get

apigee.sharedflowrevisions.list

apigee.sharedflowrevisions.undeploy

apigee.sharedflows.get

apigee.sharedflows.list

resourcemanager.projects.get

resourcemanager.projects.list

Apigee Developer Admin

(roles/apigee.developerAdmin)

Developer admin of apigee resources

apigee.apiproductattributes.get

apigee.apiproductattributes.list

apigee.apiproducts.get

apigee.apiproducts.list

apigee.appgroupapps.*

apigee.appgroupapps.create
apigee.appgroupapps.delete
apigee.appgroupapps.get
apigee.appgroupapps.list
apigee.appgroupapps.manage

apigee.appgroups.*

apigee.appgroups.create
apigee.appgroups.delete
apigee.appgroups.get
apigee.appgroups.list
apigee.appgroups.update

apigee.appkeys.*

apigee.appkeys.create
apigee.appkeys.delete
apigee.appkeys.get
apigee.appkeys.manage

apigee.apps.*

apigee.apps.get
apigee.apps.list

apigee.datacollectors.*

apigee.datacollectors.create
apigee.datacollectors.delete
apigee.datacollectors.get
apigee.datacollectors.list
apigee.datacollectors.update

apigee.developerappattributes.*

apigee.developerappattributes.createOrUpdateAll
apigee.developerappattributes.delete
apigee.developerappattributes.get
apigee.developerappattributes.list
apigee.developerappattributes.update

apigee.developerapps.*

apigee.developerapps.create
apigee.developerapps.delete
apigee.developerapps.get
apigee.developerapps.list
apigee.developerapps.manage

apigee.developerattributes.*

apigee.developerattributes.createOrUpdateAll
apigee.developerattributes.delete
apigee.developerattributes.get
apigee.developerattributes.list
apigee.developerattributes.update

apigee.developerbalances.*

apigee.developerbalances.adjust
apigee.developerbalances.get
apigee.developerbalances.update

apigee.developermonetizationconfigs.*

apigee.developermonetizationconfigs.get
apigee.developermonetizationconfigs.update

apigee.developers.*

apigee.developers.create
apigee.developers.delete
apigee.developers.get
apigee.developers.list
apigee.developers.update

apigee.developersubscriptions.*

apigee.developersubscriptions.create
apigee.developersubscriptions.get
apigee.developersubscriptions.list
apigee.developersubscriptions.update

apigee.entitlements.get

apigee.environments.get