IAM basic and predefined roles reference

This page lists all basic and predefined roles for Identity and Access Management (IAM). To learn more about IAM roles, see Roles and permissions.

Basic roles

Basic roles are highly permissive roles that existed prior to the introduction of IAM. You can use basic roles to grant principals broad access to Google Cloud resources.

When you grant a basic role to a principal, the principal gets all of the permissions in the basic role. They also get any permissions that services provide to principals with basic roles—for example, permissions gained through Cloud Storage convenience values and BigQuery special group membership.

The following table summarizes the permissions that the basic roles give users across all Google Cloud services:

Basic roles Permissions

Basic roles	Permissions
Viewer (`roles/viewer`)	Permissions for read-only actions that don't affect state, such as viewing (but not modifying) existing resources or data. For a list of permissions in the Viewer role, see the role details in the Google Cloud console: Go to Viewer role
Editor (`roles/editor`)	All viewer permissions, plus permissions for actions that modify state, such as changing existing resources. The permissions in the Editor role let you create and delete resources for most Google Cloud services. However, the Editor role doesn't contain permissions to perform all actions for all services. For more information about how to check whether a role has the permissions that you need, see Role types. For a list of permissions in the Editor role, see the role details in the Google Cloud console: Go to Editor role
Owner (`roles/owner`)	All Editor permissions, plus permissions for actions like the following: Completing sensitive tasks, like canceling BigQuery jobs Managing roles and permissions for a project and all resources within the project Setting up billing for a project Note: To grant the Owner role on a project to a user outside of your organization, you must use the Google Cloud console, not the gcloud CLI. If your project is not part of an organization, you must use the Google Cloud console to grant the Owner role. For a list of permissions in the Owner role, see the role details in the Google Cloud console: Go to Owner role

Viewer

(roles/viewer)

Permissions for read-only actions that don't affect state, such as viewing (but not modifying) existing resources or data.

For a list of permissions in the Viewer role, see the role details in the Google Cloud console:

Go to Viewer role

Editor

(roles/editor)

All viewer permissions, plus permissions for actions that modify state, such as changing existing resources.

The permissions in the Editor role let you create and delete resources for most Google Cloud services. However, the Editor role doesn't contain permissions to perform all actions for all services. For more information about how to check whether a role has the permissions that you need, see Role types.

For a list of permissions in the Editor role, see the role details in the Google Cloud console:

Go to Editor role

Owner

(roles/owner)

All Editor permissions, plus permissions for actions like the following:

Completing sensitive tasks, like canceling BigQuery jobs
Managing roles and permissions for a project and all resources within the project
Setting up billing for a project

For a list of permissions in the Owner role, see the role details in the Google Cloud console:

Go to Owner role

Predefined roles

Predefined roles give granular access to specific Google Cloud resources. These roles are created and maintained by Google. Google automatically updates their permissions as necessary, such as when Google Cloud adds new features or services.

The following table lists all IAM predefined roles, organized by service.

For more information about predefined roles, see Roles and permissions. For help choosing the most appropriate predefined roles, see Choose predefined roles.

Access Approval roles

Permissions

Access Approval Approver

(roles/accessapproval.approver)

Ability to view or act on access approval requests and view configuration

accessapproval.requests.*

accessapproval.requests.approve
accessapproval.requests.dismiss
accessapproval.requests.get
accessapproval.requests.invalidate
accessapproval.requests.list

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Approval Config Editor

(roles/accessapproval.configEditor)

Ability to update the Access Approval configuration

accessapproval.serviceAccounts.get

accessapproval.settings.*

accessapproval.settings.delete
accessapproval.settings.get
accessapproval.settings.update

resourcemanager.projects.get

resourcemanager.projects.list

Access Approval Invalidator

(roles/accessapproval.invalidator)

Ability to invalidate existing approved approval requests

accessapproval.requests.invalidate

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Approval Viewer

(roles/accessapproval.viewer)

Ability to view access approval requests and configuration

accessapproval.requests.get

accessapproval.requests.list

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager roles

Permissions

Cloud Access Binding Admin

(roles/accesscontextmanager.gcpAccessAdmin)

Create, edit, and change Cloud access bindings.

accesscontextmanager.gcpUserAccessBindings.*

accesscontextmanager.gcpUserAccessBindings.create
accesscontextmanager.gcpUserAccessBindings.delete
accesscontextmanager.gcpUserAccessBindings.get
accesscontextmanager.gcpUserAccessBindings.list
accesscontextmanager.gcpUserAccessBindings.update

Cloud Access Binding Reader

(roles/accesscontextmanager.gcpAccessReader)

Read access to Cloud access bindings.

accesscontextmanager.gcpUserAccessBindings.get

accesscontextmanager.gcpUserAccessBindings.list

Access Context Manager Admin

(roles/accesscontextmanager.policyAdmin)

Full access to policies, access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.*

accesscontextmanager.accessLevels.create
accesscontextmanager.accessLevels.delete
accesscontextmanager.accessLevels.get
accesscontextmanager.accessLevels.list
accesscontextmanager.accessLevels.replaceAll
accesscontextmanager.accessLevels.update

accesscontextmanager.accessPolicies.*

accesscontextmanager.accessPolicies.create
accesscontextmanager.accessPolicies.delete
accesscontextmanager.accessPolicies.get
accesscontextmanager.accessPolicies.getIamPolicy
accesscontextmanager.accessPolicies.list
accesscontextmanager.accessPolicies.setIamPolicy
accesscontextmanager.accessPolicies.update

accesscontextmanager.accessZones.*

accesscontextmanager.accessZones.create
accesscontextmanager.accessZones.delete
accesscontextmanager.accessZones.get
accesscontextmanager.accessZones.list
accesscontextmanager.accessZones.update

accesscontextmanager.authorizedOrgsDescs.*

accesscontextmanager.authorizedOrgsDescs.create
accesscontextmanager.authorizedOrgsDescs.delete
accesscontextmanager.authorizedOrgsDescs.get
accesscontextmanager.authorizedOrgsDescs.list
accesscontextmanager.authorizedOrgsDescs.update

accesscontextmanager.policies.*

accesscontextmanager.policies.create
accesscontextmanager.policies.delete
accesscontextmanager.policies.get
accesscontextmanager.policies.getIamPolicy
accesscontextmanager.policies.list
accesscontextmanager.policies.setIamPolicy
accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

accesscontextmanager.servicePerimeters.commit
accesscontextmanager.servicePerimeters.create
accesscontextmanager.servicePerimeters.delete
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.replaceAll
accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager Editor

(roles/accesscontextmanager.policyEditor)

Edit access to policies. Create, edit, and change access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.*

accesscontextmanager.accessLevels.create
accesscontextmanager.accessLevels.delete
accesscontextmanager.accessLevels.get
accesscontextmanager.accessLevels.list
accesscontextmanager.accessLevels.replaceAll
accesscontextmanager.accessLevels.update

accesscontextmanager.accessPolicies.create

accesscontextmanager.accessPolicies.delete

accesscontextmanager.accessPolicies.get

accesscontextmanager.accessPolicies.getIamPolicy

accesscontextmanager.accessPolicies.list

accesscontextmanager.accessPolicies.update

accesscontextmanager.accessZones.*

accesscontextmanager.accessZones.create
accesscontextmanager.accessZones.delete
accesscontextmanager.accessZones.get
accesscontextmanager.accessZones.list
accesscontextmanager.accessZones.update

accesscontextmanager.authorizedOrgsDescs.*

accesscontextmanager.authorizedOrgsDescs.create
accesscontextmanager.authorizedOrgsDescs.delete
accesscontextmanager.authorizedOrgsDescs.get
accesscontextmanager.authorizedOrgsDescs.list
accesscontextmanager.authorizedOrgsDescs.update

accesscontextmanager.policies.create

accesscontextmanager.policies.delete

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

accesscontextmanager.servicePerimeters.commit
accesscontextmanager.servicePerimeters.create
accesscontextmanager.servicePerimeters.delete
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.replaceAll
accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager Reader

(roles/accesscontextmanager.policyReader)

Read access to policies, access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.accessPolicies.get

accesscontextmanager.accessPolicies.getIamPolicy

accesscontextmanager.accessPolicies.list

accesscontextmanager.accessZones.get

accesscontextmanager.accessZones.list

accesscontextmanager.authorizedOrgsDescs.get

accesscontextmanager.authorizedOrgsDescs.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

VPC Service Controls Troubleshooter Viewer

(roles/accesscontextmanager.vpcScTroubleshooterViewer)

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.authorizedOrgsDescs.get

accesscontextmanager.authorizedOrgsDescs.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

logging.exclusions.get

logging.exclusions.list

logging.logEntries.list

logging.logMetrics.get

logging.logMetrics.list

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.sinks.get

logging.sinks.list

logging.usage.get

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Actions roles

Permissions

Actions Admin

(roles/actions.Admin)

Access to edit and deploy an action

actions.*

actions.agent.claimContentProvider
actions.agent.get
actions.agent.update
actions.agentVersions.create
actions.agentVersions.delete
actions.agentVersions.deploy
actions.agentVersions.get
actions.agentVersions.list

firebase.projects.get

firebase.projects.update

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

Actions Viewer

(roles/actions.Viewer)

Access to view an action

actions.agent.get

actions.agentVersions.get

actions.agentVersions.list

firebase.projects.get

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

AI Notebooks roles

Permissions

Notebooks Admin

(roles/notebooks.admin)

Full access to Notebooks, all resources.

Lowest-level resources where you can grant this role:

Instance

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.*

notebooks.environments.create
notebooks.environments.delete
notebooks.environments.get
notebooks.environments.getIamPolicy
notebooks.environments.list
notebooks.environments.setIamPolicy
notebooks.executions.create
notebooks.executions.delete
notebooks.executions.get
notebooks.executions.getIamPolicy
notebooks.executions.list
notebooks.executions.setIamPolicy
notebooks.instances.checkUpgradability
notebooks.instances.create
notebooks.instances.delete
notebooks.instances.diagnose
notebooks.instances.get
notebooks.instances.getHealth
notebooks.instances.getIamPolicy
notebooks.instances.list
notebooks.instances.reset
notebooks.instances.setAccelerator
notebooks.instances.setIamPolicy
notebooks.instances.setLabels
notebooks.instances.setMachineType
notebooks.instances.start
notebooks.instances.stop
notebooks.instances.update
notebooks.instances.updateConfig
notebooks.instances.updateShieldInstanceConfig
notebooks.instances.upgrade
notebooks.instances.use
notebooks.locations.get
notebooks.locations.list
notebooks.operations.cancel
notebooks.operations.delete
notebooks.operations.get
notebooks.operations.list
notebooks.runtimes.create
notebooks.runtimes.delete
notebooks.runtimes.diagnose
notebooks.runtimes.get
notebooks.runtimes.getIamPolicy
notebooks.runtimes.list
notebooks.runtimes.reset
notebooks.runtimes.setIamPolicy
notebooks.runtimes.start
notebooks.runtimes.stop
notebooks.runtimes.switch
notebooks.runtimes.update
notebooks.runtimes.upgrade
notebooks.schedules.create
notebooks.schedules.delete
notebooks.schedules.get
notebooks.schedules.getIamPolicy
notebooks.schedules.list
notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Legacy Admin

(roles/notebooks.legacyAdmin)

Full access to Notebooks all resources through compute API.

compute.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list
compute.addresses.create
compute.addresses.createInternal
compute.addresses.delete
compute.addresses.deleteInternal
compute.addresses.get
compute.addresses.list
compute.addresses.setLabels
compute.addresses.use
compute.addresses.useInternal
compute.autoscalers.create
compute.autoscalers.delete
compute.autoscalers.get
compute.autoscalers.list
compute.autoscalers.update
compute.backendBuckets.addSignedUrlKey
compute.backendBuckets.create
compute.backendBuckets.createTagBinding
compute.backendBuckets.delete
compute.backendBuckets.deleteSignedUrlKey
compute.backendBuckets.deleteTagBinding
compute.backendBuckets.get
compute.backendBuckets.getIamPolicy
compute.backendBuckets.list
compute.backendBuckets.listEffectiveTags
compute.backendBuckets.listTagBindings
compute.backendBuckets.setIamPolicy
compute.backendBuckets.setSecurityPolicy
compute.backendBuckets.update
compute.backendBuckets.use
compute.backendServices.addSignedUrlKey
compute.backendServices.create
compute.backendServices.createTagBinding
compute.backendServices.delete
compute.backendServices.deleteSignedUrlKey
compute.backendServices.deleteTagBinding
compute.backendServices.get
compute.backendServices.getIamPolicy
compute.backendServices.list
compute.backendServices.listEffectiveTags
compute.backendServices.listTagBindings
compute.backendServices.setIamPolicy
compute.backendServices.setSecurityPolicy
compute.backendServices.update
compute.backendServices.use
compute.commitments.create
compute.commitments.get
compute.commitments.list
compute.commitments.update
compute.commitments.updateReservations
compute.diskTypes.get
compute.diskTypes.list
compute.disks.addResourcePolicies
compute.disks.create
compute.disks.createSnapshot
compute.disks.createTagBinding
compute.disks.delete
compute.disks.deleteTagBinding
compute.disks.get
compute.disks.getIamPolicy
compute.disks.list
compute.disks.listEffectiveTags
compute.disks.listTagBindings
compute.disks.removeResourcePolicies
compute.disks.resize
compute.disks.setIamPolicy
compute.disks.setLabels
compute.disks.startAsyncReplication
compute.disks.stopAsyncReplication
compute.disks.stopGroupAsyncReplication
compute.disks.update
compute.disks.use
compute.disks.useReadOnly
compute.externalVpnGateways.create
compute.externalVpnGateways.delete
compute.externalVpnGateways.get
compute.externalVpnGateways.list
compute.externalVpnGateways.setLabels
compute.externalVpnGateways.use
compute.firewallPolicies.addAssociation
compute.firewallPolicies.cloneRules
compute.firewallPolicies.copyRules
compute.firewallPolicies.create
compute.firewallPolicies.createTagBinding
compute.firewallPolicies.delete
compute.firewallPolicies.deleteTagBinding
compute.firewallPolicies.get
compute.firewallPolicies.getIamPolicy
compute.firewallPolicies.list
compute.firewallPolicies.listEffectiveTags
compute.firewallPolicies.listTagBindings
compute.firewallPolicies.move
compute.firewallPolicies.removeAssociation
compute.firewallPolicies.setIamPolicy
compute.firewallPolicies.update
compute.firewallPolicies.use
compute.firewalls.create
compute.firewalls.createTagBinding
compute.firewalls.delete
compute.firewalls.deleteTagBinding
compute.firewalls.get
compute.firewalls.list
compute.firewalls.listEffectiveTags
compute.firewalls.listTagBindings
compute.firewalls.update
compute.forwardingRules.create
compute.forwardingRules.createTagBinding
compute.forwardingRules.delete
compute.forwardingRules.deleteTagBinding
compute.forwardingRules.get
compute.forwardingRules.list
compute.forwardingRules.listEffectiveTags
compute.forwardingRules.listTagBindings
compute.forwardingRules.pscCreate
compute.forwardingRules.pscDelete
compute.forwardingRules.pscSetLabels
compute.forwardingRules.pscSetTarget
compute.forwardingRules.pscUpdate
compute.forwardingRules.setLabels
compute.forwardingRules.setTarget
compute.forwardingRules.update
compute.forwardingRules.use
compute.futureReservations.cancel
compute.futureReservations.create
compute.futureReservations.delete
compute.futureReservations.get
compute.futureReservations.getIamPolicy
compute.futureReservations.list
compute.futureReservations.setIamPolicy
compute.futureReservations.update
compute.globalAddresses.create
compute.globalAddresses.createInternal
compute.globalAddresses.delete
compute.globalAddresses.deleteInternal
compute.globalAddresses.get
compute.globalAddresses.list
compute.globalAddresses.setLabels
compute.globalAddresses.use
compute.globalForwardingRules.create
compute.globalForwardingRules.createTagBinding
compute.globalForwardingRules.delete
compute.globalForwardingRules.deleteTagBinding
compute.globalForwardingRules.get
compute.globalForwardingRules.list
compute.globalForwardingRules.listEffectiveTags
compute.globalForwardingRules.listTagBindings
compute.globalForwardingRules.pscCreate
compute.globalForwardingRules.pscDelete
compute.globalForwardingRules.pscGet
compute.globalForwardingRules.pscSetLabels
compute.globalForwardingRules.pscSetTarget
compute.globalForwardingRules.pscUpdate
compute.globalForwardingRules.setLabels
compute.globalForwardingRules.setTarget
compute.globalForwardingRules.update
compute.globalNetworkEndpointGroups.attachNetworkEndpoints
compute.globalNetworkEndpointGroups.create
compute.globalNetworkEndpointGroups.createTagBinding
compute.globalNetworkEndpointGroups.delete
compute.globalNetworkEndpointGroups.deleteTagBinding
compute.globalNetworkEndpointGroups.detachNetworkEndpoints
compute.globalNetworkEndpointGroups.get
compute.globalNetworkEndpointGroups.list
compute.globalNetworkEndpointGroups.listEffectiveTags
compute.globalNetworkEndpointGroups.listTagBindings
compute.globalNetworkEndpointGroups.use
compute.globalOperations.delete
compute.globalOperations.get
compute.globalOperations.getIamPolicy
compute.globalOperations.list
compute.globalOperations.setIamPolicy
compute.globalPublicDelegatedPrefixes.create
compute.globalPublicDelegatedPrefixes.delete
compute.globalPublicDelegatedPrefixes.get
compute.globalPublicDelegatedPrefixes.list
compute.globalPublicDelegatedPrefixes.update
compute.globalPublicDelegatedPrefixes.updatePolicy
compute.globalPublicDelegatedPrefixes.use
compute.healthChecks.create
compute.healthChecks.createTagBinding
compute.healthChecks.delete
compute.healthChecks.deleteTagBinding
compute.healthChecks.get
compute.healthChecks.list
compute.healthChecks.listEffectiveTags
compute.healthChecks.listTagBindings
compute.healthChecks.update
compute.healthChecks.use
compute.healthChecks.useReadOnly
compute.httpHealthChecks.create
compute.httpHealthChecks.createTagBinding
compute.httpHealthChecks.delete
compute.httpHealthChecks.deleteTagBinding
compute.httpHealthChecks.get
compute.httpHealthChecks.list
compute.httpHealthChecks.listEffectiveTags
compute.httpHealthChecks.listTagBindings
compute.httpHealthChecks.update
compute.httpHealthChecks.use
compute.httpHealthChecks.useReadOnly
compute.httpsHealthChecks.create
compute.httpsHealthChecks.createTagBinding
compute.httpsHealthChecks.delete
compute.httpsHealthChecks.deleteTagBinding
compute.httpsHealthChecks.get
compute.httpsHealthChecks.list
compute.httpsHealthChecks.listEffectiveTags
compute.httpsHealthChecks.listTagBindings
compute.httpsHealthChecks.update
compute.httpsHealthChecks.use
compute.httpsHealthChecks.useReadOnly
compute.images.create
compute.images.createTagBinding
compute.images.delete
compute.images.deleteTagBinding
compute.images.deprecate
compute.images.get
compute.images.getFromFamily
compute.images.getIamPolicy
compute.images.list
compute.images.listEffectiveTags
compute.images.listTagBindings
compute.images.setIamPolicy
compute.images.setLabels
compute.images.update
compute.images.useReadOnly
compute.instanceGroupManagers.create
compute.instanceGroupManagers.delete
compute.instanceGroupManagers.get
compute.instanceGroupManagers.list
compute.instanceGroupManagers.update
compute.instanceGroupManagers.use
compute.instanceGroups.create
compute.instanceGroups.delete
compute.instanceGroups.get
compute.instanceGroups.list
compute.instanceGroups.update
compute.instanceGroups.use
compute.instanceSettings.get
compute.instanceSettings.update
compute.instanceTemplates.create
compute.instanceTemplates.delete
compute.instanceTemplates.get
compute.instanceTemplates.getIamPolicy
compute.instanceTemplates.list
compute.instanceTemplates.setIamPolicy
compute.instanceTemplates.useReadOnly
compute.instances.addAccessConfig
compute.instances.addMaintenancePolicies
compute.instances.addResourcePolicies
compute.instances.attachDisk
compute.instances.create
compute.instances.createTagBinding
compute.instances.delete
compute.instances.deleteAccessConfig
compute.instances.deleteTagBinding
compute.instances.detachDisk
compute.instances.get
compute.instances.getEffectiveFirewalls
compute.instances.getGuestAttributes
compute.instances.getIamPolicy
compute.instances.getScreenshot
compute.instances.getSerialPortOutput
compute.instances.getShieldedInstanceIdentity
compute.instances.getShieldedVmIdentity
compute.instances.list
compute.instances.listEffectiveTags
compute.instances.listReferrers
compute.instances.listTagBindings
compute.instances.osAdminLogin
compute.instances.osLogin
compute.instances.removeMaintenancePolicies
compute.instances.removeResourcePolicies
compute.instances.reset
compute.instances.resume
compute.instances.sendDiagnosticInterrupt
compute.instances.setDeletionProtection
compute.instances.setDiskAutoDelete
compute.instances.setIamPolicy
compute.instances.setLabels
compute.instances.setMachineResources
compute.instances.setMachineType
compute.instances.setMetadata
compute.instances.setMinCpuPlatform
compute.instances.setName
compute.instances.setScheduling
compute.instances.setSecurityPolicy
compute.instances.setServiceAccount
compute.instances.setShieldedInstanceIntegrityPolicy
compute.instances.setShieldedVmIntegrityPolicy
compute.instances.setTags
compute.instances.simulateMaintenanceEvent
compute.instances.start
compute.instances.startWithEncryptionKey
compute.instances.stop
compute.instances.suspend
compute.instances.update
compute.instances.updateAccessConfig
compute.instances.updateDisplayDevice
compute.instances.updateNetworkInterface
compute.instances.updateSecurity
compute.instances.updateShieldedInstanceConfig
compute.instances.updateShieldedVmConfig
compute.instances.use
compute.instances.useReadOnly
compute.instantSnapshots.create
compute.instantSnapshots.delete
compute.instantSnapshots.export
compute.instantSnapshots.get
compute.instantSnapshots.getIamPolicy
compute.instantSnapshots.list
compute.instantSnapshots.setIamPolicy
compute.instantSnapshots.setLabels
compute.instantSnapshots.useReadOnly
compute.interconnectAttachments.create
compute.interconnectAttachments.delete
compute.interconnectAttachments.get
compute.interconnectAttachments.list
compute.interconnectAttachments.setLabels
compute.interconnectAttachments.update
compute.interconnectAttachments.use
compute.interconnectLocations.get
compute.interconnectLocations.list
compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list
compute.interconnects.create
compute.interconnects.delete
compute.interconnects.get
compute.interconnects.getMacsecConfig
compute.interconnects.list
compute.interconnects.setLabels
compute.interconnects.update
compute.interconnects.use
compute.licenseCodes.get
compute.licenseCodes.getIamPolicy
compute.licenseCodes.list
compute.licenseCodes.setIamPolicy
compute.licenseCodes.update
compute.licenseCodes.use
compute.licenses.create
compute.licenses.delete
compute.licenses.get
compute.licenses.getIamPolicy
compute.licenses.list
compute.licenses.setIamPolicy
compute.machineImages.create
compute.machineImages.delete
compute.machineImages.get
compute.machineImages.getIamPolicy
compute.machineImages.list
compute.machineImages.setIamPolicy
compute.machineImages.useReadOnly
compute.machineTypes.get
compute.machineTypes.list
compute.maintenancePolicies.create
compute.maintenancePolicies.delete
compute.maintenancePolicies.get
compute.maintenancePolicies.getIamPolicy
compute.maintenancePolicies.list
compute.maintenancePolicies.setIamPolicy
compute.maintenancePolicies.use
compute.networkAttachments.create
compute.networkAttachments.delete
compute.networkAttachments.get
compute.networkAttachments.getIamPolicy
compute.networkAttachments.list
compute.networkAttachments.setIamPolicy
compute.networkEdgeSecurityServices.create
compute.networkEdgeSecurityServices.delete
compute.networkEdgeSecurityServices.get
compute.networkEdgeSecurityServices.list
compute.networkEdgeSecurityServices.update
compute.networkEndpointGroups.attachNetworkEndpoints
compute.networkEndpointGroups.create
compute.networkEndpointGroups.createTagBinding
compute.networkEndpointGroups.delete
compute.networkEndpointGroups.deleteTagBinding
compute.networkEndpointGroups.detachNetworkEndpoints
compute.networkEndpointGroups.get
compute.networkEndpointGroups.getIamPolicy
compute.networkEndpointGroups.list
compute.networkEndpointGroups.listEffectiveTags
compute.networkEndpointGroups.listTagBindings
compute.networkEndpointGroups.setIamPolicy
compute.networkEndpointGroups.use
compute.networks.access
compute.networks.addPeering
compute.networks.create
compute.networks.createTagBinding
compute.networks.delete
compute.networks.deleteTagBinding
compute.networks.get
compute.networks.getEffectiveFirewalls
compute.networks.getRegionEffectiveFirewalls
compute.networks.list
compute.networks.listEffectiveTags
compute.networks.listPeeringRoutes
compute.networks.listTagBindings
compute.networks.mirror
compute.networks.removePeering
compute.networks.setFirewallPolicy
compute.networks.switchToCustomMode
compute.networks.update
compute.networks.updatePeering
compute.networks.updatePolicy
compute.networks.use
compute.networks.useExternalIp
compute.nodeGroups.addNodes
compute.nodeGroups.create
compute.nodeGroups.delete
compute.nodeGroups.deleteNodes
compute.nodeGroups.get
compute.nodeGroups.getIamPolicy
compute.nodeGroups.list
compute.nodeGroups.performMaintenance
compute.nodeGroups.setIamPolicy
compute.nodeGroups.setNodeTemplate
compute.nodeGroups.simulateMaintenanceEvent
compute.nodeGroups.update
compute.nodeTemplates.create
compute.nodeTemplates.delete
compute.nodeTemplates.get
compute.nodeTemplates.getIamPolicy
compute.nodeTemplates.list
compute.nodeTemplates.setIamPolicy
compute.nodeTypes.get
compute.nodeTypes.list
compute.organizations.administerXpn
compute.organizations.disableXpnHost
compute.organizations.disableXpnResource
compute.organizations.enableXpnHost
compute.organizations.enableXpnResource
compute.organizations.listAssociations
compute.organizations.setFirewallPolicy
compute.organizations.setSecurityPolicy
compute.oslogin.updateExternalUser
compute.packetMirrorings.create
compute.packetMirrorings.delete
compute.packetMirrorings.get
compute.packetMirrorings.list
compute.packetMirrorings.update
compute.projects.get
compute.projects.setCommonInstanceMetadata
compute.projects.setDefaultNetworkTier
compute.projects.setDefaultServiceAccount
compute.projects.setManagedProtectionTier
compute.projects.setUsageExportBucket
compute.publicAdvertisedPrefixes.create
compute.publicAdvertisedPrefixes.delete
compute.publicAdvertisedPrefixes.get
compute.publicAdvertisedPrefixes.list
compute.publicAdvertisedPrefixes.update
compute.publicAdvertisedPrefixes.updatePolicy
compute.publicAdvertisedPrefixes.use
compute.publicDelegatedPrefixes.create
compute.publicDelegatedPrefixes.delete
compute.publicDelegatedPrefixes.get
compute.publicDelegatedPrefixes.list
compute.publicDelegatedPrefixes.update
compute.publicDelegatedPrefixes.updatePolicy
compute.publicDelegatedPrefixes.use
compute.regionBackendServices.create
compute.regionBackendServices.createTagBinding
compute.regionBackendServices.delete
compute.regionBackendServices.deleteTagBinding
compute.regionBackendServices.get
compute.regionBackendServices.getIamPolicy
compute.regionBackendServices.list
compute.regionBackendServices.listEffectiveTags
compute.regionBackendServices.listTagBindings
compute.regionBackendServices.setIamPolicy
compute.regionBackendServices.setSecurityPolicy
compute.regionBackendServices.update
compute.regionBackendServices.use
compute.regionFirewallPolicies.cloneRules
compute.regionFirewallPolicies.create
compute.regionFirewallPolicies.createTagBinding
compute.regionFirewallPolicies.delete
compute.regionFirewallPolicies.deleteTagBinding
compute.regionFirewallPolicies.get
compute.regionFirewallPolicies.getIamPolicy
compute.regionFirewallPolicies.list
compute.regionFirewallPolicies.listEffectiveTags
compute.regionFirewallPolicies.listTagBindings
compute.regionFirewallPolicies.setIamPolicy
compute.regionFirewallPolicies.update
compute.regionFirewallPolicies.use
compute.regionHealthCheckServices.create
compute.regionHealthCheckServices.delete
compute.regionHealthCheckServices.get
compute.regionHealthCheckServices.list
compute.regionHealthCheckServices.update
compute.regionHealthCheckServices.use
compute.regionHealthChecks.create
compute.regionHealthChecks.createTagBinding
compute.regionHealthChecks.delete
compute.regionHealthChecks.deleteTagBinding
compute.regionHealthChecks.get
compute.regionHealthChecks.list
compute.regionHealthChecks.listEffectiveTags
compute.regionHealthChecks.listTagBindings
compute.regionHealthChecks.update
compute.regionHealthChecks.use
compute.regionHealthChecks.useReadOnly
compute.regionNetworkEndpointGroups.attachNetworkEndpoints
compute.regionNetworkEndpointGroups.create
compute.regionNetworkEndpointGroups.createTagBinding
compute.regionNetworkEndpointGroups.delete
compute.regionNetworkEndpointGroups.deleteTagBinding
compute.regionNetworkEndpointGroups.detachNetworkEndpoints
compute.regionNetworkEndpointGroups.get
compute.regionNetworkEndpointGroups.list
compute.regionNetworkEndpointGroups.listEffectiveTags
compute.regionNetworkEndpointGroups.listTagBindings
compute.regionNetworkEndpointGroups.use
compute.regionNotificationEndpoints.create
compute.regionNotificationEndpoints.delete
compute.regionNotificationEndpoints.get
compute.regionNotificationEndpoints.list
compute.regionNotificationEndpoints.update
compute.regionNotificationEndpoints.use
compute.regionOperations.delete
compute.regionOperations.get
compute.regionOperations.getIamPolicy
compute.regionOperations.list
compute.regionOperations.setIamPolicy
compute.regionSecurityPolicies.create
compute.regionSecurityPolicies.createTagBinding
compute.regionSecurityPolicies.delete
compute.regionSecurityPolicies.deleteTagBinding
compute.regionSecurityPolicies.get
compute.regionSecurityPolicies.list
compute.regionSecurityPolicies.listEffectiveTags
compute.regionSecurityPolicies.listTagBindings
compute.regionSecurityPolicies.update
compute.regionSecurityPolicies.use
compute.regionSslCertificates.create
compute.regionSslCertificates.createTagBinding
compute.regionSslCertificates.delete
compute.regionSslCertificates.deleteTagBinding
compute.regionSslCertificates.get
compute.regionSslCertificates.list
compute.regionSslCertificates.listEffectiveTags
compute.regionSslCertificates.listTagBindings
compute.regionSslPolicies.create
compute.regionSslPolicies.delete
compute.regionSslPolicies.get
compute.regionSslPolicies.list
compute.regionSslPolicies.listAvailableFeatures
compute.regionSslPolicies.update
compute.regionSslPolicies.use
compute.regionTargetHttpProxies.create
compute.regionTargetHttpProxies.createTagBinding
compute.regionTargetHttpProxies.delete
compute.regionTargetHttpProxies.deleteTagBinding
compute.regionTargetHttpProxies.get
compute.regionTargetHttpProxies.list
compute.regionTargetHttpProxies.listEffectiveTags
compute.regionTargetHttpProxies.listTagBindings
compute.regionTargetHttpProxies.setUrlMap
compute.regionTargetHttpProxies.update
compute.regionTargetHttpProxies.use
compute.regionTargetHttpsProxies.create
compute.regionTargetHttpsProxies.createTagBinding
compute.regionTargetHttpsProxies.delete
compute.regionTargetHttpsProxies.deleteTagBinding
compute.regionTargetHttpsProxies.get
compute.regionTargetHttpsProxies.list
compute.regionTargetHttpsProxies.listEffectiveTags
compute.regionTargetHttpsProxies.listTagBindings
compute.regionTargetHttpsProxies.setSslCertificates
compute.regionTargetHttpsProxies.setUrlMap
compute.regionTargetHttpsProxies.update
compute.regionTargetHttpsProxies.use
compute.regionTargetTcpProxies.create
compute.regionTargetTcpProxies.delete
compute.regionTargetTcpProxies.get
compute.regionTargetTcpProxies.list
compute.regionTargetTcpProxies.use
compute.regionUrlMaps.create
compute.regionUrlMaps.createTagBinding
compute.regionUrlMaps.delete
compute.regionUrlMaps.deleteTagBinding
compute.regionUrlMaps.get
compute.regionUrlMaps.invalidateCache
compute.regionUrlMaps.list
compute.regionUrlMaps.listEffectiveTags
compute.regionUrlMaps.listTagBindings
compute.regionUrlMaps.update
compute.regionUrlMaps.use
compute.regionUrlMaps.validate
compute.regions.get
compute.regions.list
compute.reservations.create
compute.reservations.delete
compute.reservations.get
compute.reservations.list
compute.reservations.resize
compute.reservations.update
compute.resourcePolicies.create
compute.resourcePolicies.delete
compute.resourcePolicies.get
compute.resourcePolicies.getIamPolicy
compute.resourcePolicies.list
compute.resourcePolicies.setIamPolicy
compute.resourcePolicies.update
compute.resourcePolicies.use
compute.resourcePolicies.useReadOnly
compute.routers.create
compute.routers.delete
compute.routers.get
compute.routers.list
compute.routers.update
compute.routers.use
compute.routes.create
compute.routes.createTagBinding
compute.routes.delete
compute.routes.deleteTagBinding
compute.routes.get
compute.routes.list
compute.routes.listEffectiveTags
compute.routes.listTagBindings
compute.securityPolicies.addAssociation
compute.securityPolicies.copyRules
compute.securityPolicies.create
compute.securityPolicies.createTagBinding
compute.securityPolicies.delete
compute.securityPolicies.deleteTagBinding
compute.securityPolicies.get
compute.securityPolicies.getIamPolicy
compute.securityPolicies.list
compute.securityPolicies.listEffectiveTags
compute.securityPolicies.listTagBindings
compute.securityPolicies.move
compute.securityPolicies.removeAssociation
compute.securityPolicies.setIamPolicy
compute.securityPolicies.setLabels
compute.securityPolicies.update
compute.securityPolicies.use
compute.serviceAttachments.create
compute.serviceAttachments.delete
compute.serviceAttachments.get
compute.serviceAttachments.getIamPolicy
compute.serviceAttachments.list
compute.serviceAttachments.setIamPolicy
compute.serviceAttachments.update
compute.serviceAttachments.use
compute.snapshots.create
compute.snapshots.createTagBinding
compute.snapshots.delete
compute.snapshots.deleteTagBinding
compute.snapshots.get
compute.snapshots.getIamPolicy
compute.snapshots.list
compute.snapshots.listEffectiveTags
compute.snapshots.listTagBindings
compute.snapshots.setIamPolicy
compute.snapshots.setLabels
compute.snapshots.useReadOnly
compute.sslCertificates.create
compute.sslCertificates.createTagBinding
compute.sslCertificates.delete
compute.sslCertificates.deleteTagBinding
compute.sslCertificates.get
compute.sslCertificates.list
compute.sslCertificates.listEffectiveTags
compute.sslCertificates.listTagBindings
compute.sslPolicies.create
compute.sslPolicies.createTagBinding
compute.sslPolicies.delete
compute.sslPolicies.deleteTagBinding
compute.sslPolicies.get
compute.sslPolicies.list
compute.sslPolicies.listAvailableFeatures
compute.sslPolicies.listEffectiveTags
compute.sslPolicies.listTagBindings
compute.sslPolicies.update
compute.sslPolicies.use
compute.subnetworks.create
compute.subnetworks.createTagBinding
compute.subnetworks.delete
compute.subnetworks.deleteTagBinding
compute.subnetworks.expandIpCidrRange
compute.subnetworks.get
compute.subnetworks.getIamPolicy
compute.subnetworks.list
compute.subnetworks.listEffectiveTags
compute.subnetworks.listTagBindings
compute.subnetworks.mirror
compute.subnetworks.setIamPolicy
compute.subnetworks.setPrivateIpGoogleAccess
compute.subnetworks.update
compute.subnetworks.use
compute.subnetworks.useExternalIp
compute.targetGrpcProxies.create
compute.targetGrpcProxies.delete
compute.targetGrpcProxies.get
compute.targetGrpcProxies.list
compute.targetGrpcProxies.update
compute.targetGrpcProxies.use
compute.targetHttpProxies.create
compute.targetHttpProxies.createTagBinding
compute.targetHttpProxies.delete
compute.targetHttpProxies.deleteTagBinding
compute.targetHttpProxies.get
compute.targetHttpProxies.list
compute.targetHttpProxies.listEffectiveTags
compute.targetHttpProxies.listTagBindings
compute.targetHttpProxies.setUrlMap
compute.targetHttpProxies.update
compute.targetHttpProxies.use
compute.targetHttpsProxies.create
compute.targetHttpsProxies.createTagBinding
compute.targetHttpsProxies.delete
compute.targetHttpsProxies.deleteTagBinding
compute.targetHttpsProxies.get
compute.targetHttpsProxies.list
compute.targetHttpsProxies.listEffectiveTags
compute.targetHttpsProxies.listTagBindings
compute.targetHttpsProxies.setCertificateMap
compute.targetHttpsProxies.setQuicOverride
compute.targetHttpsProxies.setSslCertificates
compute.targetHttpsProxies.setSslPolicy
compute.targetHttpsProxies.setUrlMap
compute.targetHttpsProxies.update
compute.targetHttpsProxies.use
compute.targetInstances.create
compute.targetInstances.createTagBinding
compute.targetInstances.delete
compute.targetInstances.deleteTagBinding
compute.targetInstances.get
compute.targetInstances.list
compute.targetInstances.listEffectiveTags
compute.targetInstances.listTagBindings
compute.targetInstances.setSecurityPolicy
compute.targetInstances.use
compute.targetPools.addHealthCheck
compute.targetPools.addInstance
compute.targetPools.create
compute.targetPools.createTagBinding
compute.targetPools.delete
compute.targetPools.deleteTagBinding
compute.targetPools.get
compute.targetPools.list
compute.targetPools.listEffectiveTags
compute.targetPools.listTagBindings
compute.targetPools.removeHealthCheck
compute.targetPools.removeInstance
compute.targetPools.setSecurityPolicy
compute.targetPools.update
compute.targetPools.use
compute.targetSslProxies.create
compute.targetSslProxies.createTagBinding
compute.targetSslProxies.delete
compute.targetSslProxies.deleteTagBinding
compute.targetSslProxies.get
compute.targetSslProxies.list
compute.targetSslProxies.listEffectiveTags
compute.targetSslProxies.listTagBindings
compute.targetSslProxies.setBackendService
compute.targetSslProxies.setCertificateMap
compute.targetSslProxies.setProxyHeader
compute.targetSslProxies.setSslCertificates
compute.targetSslProxies.setSslPolicy
compute.targetSslProxies.update
compute.targetSslProxies.use
compute.targetTcpProxies.create
compute.targetTcpProxies.createTagBinding
compute.targetTcpProxies.delete
compute.targetTcpProxies.deleteTagBinding
compute.targetTcpProxies.get
compute.targetTcpProxies.list
compute.targetTcpProxies.listEffectiveTags
compute.targetTcpProxies.listTagBindings
compute.targetTcpProxies.update
compute.targetTcpProxies.use
compute.targetVpnGateways.create
compute.targetVpnGateways.delete
compute.targetVpnGateways.get
compute.targetVpnGateways.list
compute.targetVpnGateways.setLabels
compute.targetVpnGateways.use
compute.urlMaps.create
compute.urlMaps.createTagBinding
compute.urlMaps.delete
compute.urlMaps.deleteTagBinding
compute.urlMaps.get
compute.urlMaps.invalidateCache
compute.urlMaps.list
compute.urlMaps.listEffectiveTags
compute.urlMaps.listTagBindings
compute.urlMaps.update
compute.urlMaps.use
compute.urlMaps.validate
compute.vpnGateways.create
compute.vpnGateways.delete
compute.vpnGateways.get
compute.vpnGateways.list
compute.vpnGateways.setLabels
compute.vpnGateways.use
compute.vpnTunnels.create
compute.vpnTunnels.delete
compute.vpnTunnels.get
compute.vpnTunnels.list
compute.vpnTunnels.setLabels
compute.zoneOperations.delete
compute.zoneOperations.get
compute.zoneOperations.getIamPolicy
compute.zoneOperations.list
compute.zoneOperations.setIamPolicy
compute.zones.get
compute.zones.list

notebooks.*

notebooks.environments.create
notebooks.environments.delete
notebooks.environments.get
notebooks.environments.getIamPolicy
notebooks.environments.list
notebooks.environments.setIamPolicy
notebooks.executions.create
notebooks.executions.delete
notebooks.executions.get
notebooks.executions.getIamPolicy
notebooks.executions.list
notebooks.executions.setIamPolicy
notebooks.instances.checkUpgradability
notebooks.instances.create
notebooks.instances.delete
notebooks.instances.diagnose
notebooks.instances.get
notebooks.instances.getHealth
notebooks.instances.getIamPolicy
notebooks.instances.list
notebooks.instances.reset
notebooks.instances.setAccelerator
notebooks.instances.setIamPolicy
notebooks.instances.setLabels
notebooks.instances.setMachineType
notebooks.instances.start
notebooks.instances.stop
notebooks.instances.update
notebooks.instances.updateConfig
notebooks.instances.updateShieldInstanceConfig
notebooks.instances.upgrade
notebooks.instances.use
notebooks.locations.get
notebooks.locations.list
notebooks.operations.cancel
notebooks.operations.delete
notebooks.operations.get
notebooks.operations.list
notebooks.runtimes.create
notebooks.runtimes.delete
notebooks.runtimes.diagnose
notebooks.runtimes.get
notebooks.runtimes.getIamPolicy
notebooks.runtimes.list
notebooks.runtimes.reset
notebooks.runtimes.setIamPolicy
notebooks.runtimes.start
notebooks.runtimes.stop
notebooks.runtimes.switch
notebooks.runtimes.update
notebooks.runtimes.upgrade
notebooks.schedules.create
notebooks.schedules.delete
notebooks.schedules.get
notebooks.schedules.getIamPolicy
notebooks.schedules.list
notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Legacy Viewer

(roles/notebooks.legacyViewer)

Read-only access to Notebooks all resources through compute API.

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

notebooks.locations.get
notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Runner

(roles/notebooks.runner)

Restricted access for running scheduled Notebooks.

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.create

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.create

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

notebooks.locations.get
notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.create

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.create

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Notebooks Viewer

(roles/notebooks.viewer)

Read-only access to Notebooks, all resources.

Lowest-level resources where you can grant this role:

Instance

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalNetworkEndpointGroups.listEffectiveTags

compute.globalNetworkEndpointGroups.listTagBindings

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceSettings.get

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networkEndpointGroups.listEffectiveTags

compute.networkEndpointGroups.listTagBindings

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNetworkEndpointGroups.listEffectiveTags

compute.regionNetworkEndpointGroups.listTagBindings

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

notebooks.locations.get
notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

AI Platform roles

Permissions

AI Platform Admin

(roles/ml.admin)

Provides full access to AI Platform resources, and its jobs, operations, models, and versions.

Lowest-level resources where you can grant this role:

Project

ml.*

ml.jobs.cancel
ml.jobs.create
ml.jobs.get
ml.jobs.getIamPolicy
ml.jobs.list
ml.jobs.setIamPolicy
ml.jobs.update
ml.locations.get
ml.locations.list
ml.models.create
ml.models.delete
ml.models.get
ml.models.getIamPolicy
ml.models.list
ml.models.predict
ml.models.setIamPolicy
ml.models.update
ml.operations.cancel
ml.operations.get
ml.operations.list
ml.projects.getConfig
ml.studies.create
ml.studies.delete
ml.studies.get
ml.studies.getIamPolicy
ml.studies.list
ml.studies.setIamPolicy
ml.trials.create
ml.trials.delete
ml.trials.get
ml.trials.list
ml.trials.update
ml.versions.create
ml.versions.delete
ml.versions.get
ml.versions.list
ml.versions.predict
ml.versions.update

resourcemanager.projects.get

AI Platform Developer

(roles/ml.developer)

Provides ability to use AI Platform resources for creating models, versions, jobs for training and prediction, and sending online prediction requests.

Lowest-level resources where you can grant this role:

Project

ml.jobs.create

ml.jobs.get

ml.jobs.getIamPolicy

ml.jobs.list

ml.locations.*

ml.locations.get
ml.locations.list

ml.models.create

ml.models.get

ml.models.getIamPolicy

ml.models.list

ml.models.predict

ml.operations.get

ml.operations.list

ml.projects.getConfig

ml.studies.*

ml.studies.create
ml.studies.delete
ml.studies.get
ml.studies.getIamPolicy
ml.studies.list
ml.studies.setIamPolicy

ml.trials.*

ml.trials.create
ml.trials.delete
ml.trials.get
ml.trials.list
ml.trials.update

ml.versions.get

ml.versions.list

ml.versions.predict

resourcemanager.projects.get

AI Platform Job Owner

(roles/ml.jobOwner)

Provides full access to all permissions for a particular job resource. This role is automatically granted to the user who creates the job.

Lowest-level resources where you can grant this role:

ml.jobs.*

ml.jobs.cancel
ml.jobs.create
ml.jobs.get
ml.jobs.getIamPolicy
ml.jobs.list
ml.jobs.setIamPolicy
ml.jobs.update

AI Platform Model Owner

(roles/ml.modelOwner)

Provides full access to the model and its versions. This role is automatically granted to the user who creates the model.

Lowest-level resources where you can grant this role:

Model

ml.models.*

ml.models.create
ml.models.delete
ml.models.get
ml.models.getIamPolicy
ml.models.list
ml.models.predict
ml.models.setIamPolicy
ml.models.update

ml.versions.*

ml.versions.create
ml.versions.delete
ml.versions.get
ml.versions.list
ml.versions.predict
ml.versions.update

AI Platform Model User

(roles/ml.modelUser)

Provides permissions to read the model and its versions, and use them for prediction.

Lowest-level resources where you can grant this role:

Model

ml.models.get

ml.models.predict

ml.versions.get

ml.versions.list

ml.versions.predict

AI Platform Operation Owner

(roles/ml.operationOwner)

Provides full access to all permissions for a particular operation resource.

Lowest-level resources where you can grant this role:

Operation

ml.operations.*

ml.operations.cancel
ml.operations.get
ml.operations.list

AI Platform Viewer

(roles/ml.viewer)

Provides read-only access to AI Platform resources.

Lowest-level resources where you can grant this role:

Project

ml.jobs.get

ml.jobs.list

ml.locations.*

ml.locations.get
ml.locations.list

ml.models.get

ml.models.list

ml.operations.get

ml.operations.list

ml.projects.getConfig

ml.studies.get

ml.studies.getIamPolicy

ml.studies.list

ml.trials.get

ml.trials.list

ml.versions.get

ml.versions.list

resourcemanager.projects.get

Analytics Hub roles

Permissions

Analytics Hub Admin

(roles/analyticshub.admin)

Administer Data Exchanges and Listings

analyticshub.dataExchanges.create

analyticshub.dataExchanges.delete

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.dataExchanges.setIamPolicy

analyticshub.dataExchanges.update

analyticshub.dataExchanges.viewSubscriptions

analyticshub.listings.create

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

analyticshub.listings.viewSubscriptions

analyticshub.subscriptions.*

analyticshub.subscriptions.create
analyticshub.subscriptions.delete
analyticshub.subscriptions.get
analyticshub.subscriptions.list
analyticshub.subscriptions.update

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Listing Admin

(roles/analyticshub.listingAdmin)

Grants full control over the Listing, including updating, deleting and setting ACLs

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

analyticshub.listings.viewSubscriptions

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Publisher

(roles/analyticshub.publisher)

Can publish to Data Exchanges thus creating Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.create

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Subscriber

(roles/analyticshub.subscriber)

Can browse Data Exchanges and subscribe to Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.dataExchanges.subscribe

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.subscribe

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Subscription Owner

(roles/analyticshub.subscriptionOwner)

Grants full control over the Subscription, including updating and deleting

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.subscriptions.*

analyticshub.subscriptions.create
analyticshub.subscriptions.delete
analyticshub.subscriptions.get
analyticshub.subscriptions.list
analyticshub.subscriptions.update

resourcemanager.projects.get

resourcemanager.projects.list

Analytics Hub Viewer

(roles/analyticshub.viewer)

Can browse Data Exchanges and Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

Android Management roles

Permissions

Android Management User

(roles/androidmanagement.user)

Full access to manage devices.

androidmanagement.enterprises.manage

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Anthos Multi-cloud roles

Permissions

Anthos Multi-cloud Admin

(roles/gkemulticloud.admin)

Admin access to Anthos Multi-cloud resources.

gkemulticloud.*

gkemulticloud.attachedClusters.create
gkemulticloud.attachedClusters.delete
gkemulticloud.attachedClusters.generateInstallManifest
gkemulticloud.attachedClusters.get
gkemulticloud.attachedClusters.import
gkemulticloud.attachedClusters.list
gkemulticloud.attachedClusters.update
gkemulticloud.attachedServerConfigs.get
gkemulticloud.awsClusters.create
gkemulticloud.awsClusters.delete
gkemulticloud.awsClusters.generateAccessToken
gkemulticloud.awsClusters.get
gkemulticloud.awsClusters.getAdminKubeconfig
gkemulticloud.awsClusters.list
gkemulticloud.awsClusters.update
gkemulticloud.awsNodePools.create
gkemulticloud.awsNodePools.delete
gkemulticloud.awsNodePools.get
gkemulticloud.awsNodePools.list
gkemulticloud.awsNodePools.update
gkemulticloud.awsServerConfigs.get
gkemulticloud.azureClients.create
gkemulticloud.azureClients.delete
gkemulticloud.azureClients.get
gkemulticloud.azureClients.list
gkemulticloud.azureClusters.create
gkemulticloud.azureClusters.delete
gkemulticloud.azureClusters.generateAccessToken
gkemulticloud.azureClusters.get
gkemulticloud.azureClusters.getAdminKubeconfig
gkemulticloud.azureClusters.list
gkemulticloud.azureClusters.update
gkemulticloud.azureNodePools.create
gkemulticloud.azureNodePools.delete
gkemulticloud.azureNodePools.get
gkemulticloud.azureNodePools.list
gkemulticloud.azureNodePools.update
gkemulticloud.azureServerConfigs.get
gkemulticloud.operations.cancel
gkemulticloud.operations.delete
gkemulticloud.operations.get
gkemulticloud.operations.list
gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

Anthos Multi-cloud Telemetry Writer

(roles/gkemulticloud.telemetryWriter)

Grant access to write cluster telemetry data such as logs, metrics, and resource metadata.

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

opsconfigmonitoring.resourceMetadata.write

Anthos Multi-cloud Viewer

(roles/gkemulticloud.viewer)

Viewer access to Anthos Multi-cloud resources.

gkemulticloud.attachedClusters.generateInstallManifest

gkemulticloud.attachedClusters.get

gkemulticloud.attachedClusters.list

gkemulticloud.attachedServerConfigs.get

gkemulticloud.awsClusters.generateAccessToken

gkemulticloud.awsClusters.get

gkemulticloud.awsClusters.list

gkemulticloud.awsNodePools.get

gkemulticloud.awsNodePools.list

gkemulticloud.awsServerConfigs.get

gkemulticloud.azureClients.get

gkemulticloud.azureClients.list

gkemulticloud.azureClusters.generateAccessToken

gkemulticloud.azureClusters.get

gkemulticloud.azureClusters.list

gkemulticloud.azureNodePools.get

gkemulticloud.azureNodePools.list

gkemulticloud.azureServerConfigs.get

gkemulticloud.operations.get

gkemulticloud.operations.list

gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

API Gateway roles

Permissions

ApiGateway Admin

(roles/apigateway.admin)

Full access to ApiGateway and related resources.

apigateway.*

apigateway.apiconfigs.create
apigateway.apiconfigs.delete
apigateway.apiconfigs.get
apigateway.apiconfigs.getIamPolicy
apigateway.apiconfigs.list
apigateway.apiconfigs.setIamPolicy
apigateway.apiconfigs.update
apigateway.apis.create
apigateway.apis.delete
apigateway.apis.get
apigateway.apis.getIamPolicy
apigateway.apis.list
apigateway.apis.setIamPolicy
apigateway.apis.update
apigateway.gateways.create
apigateway.gateways.delete
apigateway.gateways.get
apigateway.gateways.getIamPolicy
apigateway.gateways.list
apigateway.gateways.setIamPolicy
apigateway.gateways.update
apigateway.locations.get
apigateway.locations.list
apigateway.operations.cancel
apigateway.operations.delete
apigateway.operations.get
apigateway.operations.list

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.get

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.get

serviceusage.services.list

ApiGateway Viewer

(roles/apigateway.viewer)

Read-only access to ApiGateway and related resources.

apigateway.apiconfigs.get

apigateway.apiconfigs.getIamPolicy

apigateway.apiconfigs.list

apigateway.apis.get

apigateway.apis.getIamPolicy

apigateway.apis.list

apigateway.gateways.get

apigateway.gateways.getIamPolicy

apigateway.gateways.list

apigateway.locations.*

apigateway.locations.get
apigateway.locations.list

apigateway.operations.get

apigateway.operations.list

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.get

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.get

serviceusage.services.list

Apigee roles

Permissions

Apigee Organization Admin

(roles/apigee.admin)

Full access to all apigee resource features

apigee.*

apigee.addonsconfig.get
apigee.addonsconfig.update
apigee.apiproductattributes.createOrUpdateAll
apigee.apiproductattributes.delete
apigee.apiproductattributes.get
apigee.apiproductattributes.list
apigee.apiproductattributes.update
apigee.apiproducts.create
apigee.apiproducts.delete
apigee.apiproducts.get
apigee.apiproducts.list
apigee.apiproducts.update
apigee.appgroupapps.create
apigee.appgroupapps.delete
apigee.appgroupapps.get
apigee.appgroupapps.list
apigee.appgroupapps.manage
apigee.appgroups.create
apigee.appgroups.delete
apigee.appgroups.get
apigee.appgroups.list
apigee.appgroups.update
apigee.appkeys.create
apigee.appkeys.delete
apigee.appkeys.get
apigee.appkeys.manage
apigee.apps.get
apigee.apps.list
apigee.archivedeployments.create
apigee.archivedeployments.delete
apigee.archivedeployments.download
apigee.archivedeployments.get
apigee.archivedeployments.list
apigee.archivedeployments.update
apigee.archivedeployments.upload
apigee.caches.delete
apigee.caches.list
apigee.canaryevaluations.create
apigee.canaryevaluations.get
apigee.datacollectors.create
apigee.datacollectors.delete
apigee.datacollectors.get
apigee.datacollectors.list
apigee.datacollectors.update
apigee.datalocation.get
apigee.datastores.create
apigee.datastores.delete
apigee.datastores.get
apigee.datastores.list
apigee.datastores.update
apigee.deployments.create
apigee.deployments.delete
apigee.deployments.get
apigee.deployments.list
apigee.deployments.update
apigee.developerappattributes.createOrUpdateAll
apigee.developerappattributes.delete
apigee.developerappattributes.get
apigee.developerappattributes.list
apigee.developerappattributes.update
apigee.developerapps.create
apigee.developerapps.delete
apigee.developerapps.get
apigee.developerapps.list
apigee.developerapps.manage
apigee.developerattributes.createOrUpdateAll
apigee.developerattributes.delete
apigee.developerattributes.get
apigee.developerattributes.list
apigee.developerattributes.update
apigee.developerbalances.adjust
apigee.developerbalances.get
apigee.developerbalances.update
apigee.developermonetizationconfigs.get
apigee.developermonetizationconfigs.update
apigee.developers.create
apigee.developers.delete
apigee.developers.get
apigee.developers.list
apigee.developers.update
apigee.developersubscriptions.create
apigee.developersubscriptions.get
apigee.developersubscriptions.list
apigee.developersubscriptions.update
apigee.endpointattachments.create
apigee.endpointattachments.delete
apigee.endpointattachments.get
apigee.endpointattachments.list
apigee.entitlements.get
apigee.envgroupattachments.create
apigee.envgroupattachments.delete
apigee.envgroupattachments.get
apigee.envgroupattachments.list
apigee.envgroups.create
apigee.envgroups.delete
apigee.envgroups.get
apigee.envgroups.list
apigee.envgroups.update
apigee.environments.create
apigee.environments.delete
apigee.environments.get
apigee.environments.getDataLocation
apigee.environments.getIamPolicy
apigee.environments.getStats
apigee.environments.list
apigee.environments.manageRuntime
apigee.environments.setIamPolicy
apigee.environments.update
apigee.exports.create
apigee.exports.get
apigee.exports.list
apigee.flowhooks.attachSharedFlow
apigee.flowhooks.detachSharedFlow
apigee.flowhooks.getSharedFlow
apigee.flowhooks.list
apigee.hostqueries.create
apigee.hostqueries.get
apigee.hostqueries.list
apigee.hostsecurityreports.create
apigee.hostsecurityreports.get
apigee.hostsecurityreports.list
apigee.hoststats.get
apigee.ingressconfigs.get
apigee.instanceattachments.create
apigee.instanceattachments.delete
apigee.instanceattachments.get
apigee.instanceattachments.list
apigee.instances.create
apigee.instances.delete
apigee.instances.get
apigee.instances.list
apigee.instances.reportStatus
apigee.instances.update
apigee.keystorealiases.create
apigee.keystorealiases.delete
apigee.keystorealiases.exportCertificate
apigee.keystorealiases.generateCSR
apigee.keystorealiases.get
apigee.keystorealiases.list
apigee.keystorealiases.update
apigee.keystores.create
apigee.keystores.delete
apigee.keystores.export
apigee.keystores.get
apigee.keystores.list
apigee.keyvaluemapentries.create
apigee.keyvaluemapentries.delete
apigee.keyvaluemapentries.get
apigee.keyvaluemapentries.list
apigee.keyvaluemaps.create
apigee.keyvaluemaps.delete
apigee.keyvaluemaps.list
apigee.maskconfigs.get
apigee.maskconfigs.update
apigee.nataddresses.activate
apigee.nataddresses.create
apigee.nataddresses.delete
apigee.nataddresses.get
apigee.nataddresses.list
apigee.operations.get
apigee.operations.list
apigee.organizations.create
apigee.organizations.delete
apigee.organizations.get
apigee.organizations.list
apigee.organizations.update
apigee.portals.create
apigee.portals.delete
apigee.portals.get
apigee.portals.list
apigee.portals.update
apigee.projectorganizations.get
apigee.projects.migrate
apigee.projects.previewMigration
apigee.projects.update
apigee.proxies.create
apigee.proxies.delete
apigee.proxies.get
apigee.proxies.list
apigee.proxies.update
apigee.proxyrevisions.delete
apigee.proxyrevisions.deploy
apigee.proxyrevisions.get
apigee.proxyrevisions.list
apigee.proxyrevisions.undeploy
apigee.proxyrevisions.update
apigee.queries.create
apigee.queries.get
apigee.queries.list
apigee.rateplans.create
apigee.rateplans.delete
apigee.rateplans.get
apigee.rateplans.list
apigee.rateplans.update
apigee.references.create
apigee.references.delete
apigee.references.get
apigee.references.list
apigee.references.update
apigee.reports.create
apigee.reports.delete
apigee.reports.get
apigee.reports.list
apigee.reports.update
apigee.resourcefiles.create
apigee.resourcefiles.delete
apigee.resourcefiles.get
apigee.resourcefiles.list
apigee.resourcefiles.update
apigee.runtimeconfigs.get
apigee.securityActions.create
apigee.securityActions.get
apigee.securityActions.list
apigee.securityActions.update
apigee.securityActionsConfig.get
apigee.securityActionsConfig.update
apigee.securityIncidents.get
apigee.securityIncidents.list
apigee.securityProfileEnvironments.computeScore
apigee.securityProfileEnvironments.create
apigee.securityProfileEnvironments.delete
apigee.securityProfiles.create
apigee.securityProfiles.delete
apigee.securityProfiles.get
apigee.securityProfiles.list
apigee.securityProfiles.update
apigee.securityStats.queryTabularStats
apigee.securityStats.queryTimeSeriesStats
apigee.securityreports.create
apigee.securityreports.get
apigee.securityreports.list
apigee.setupcontexts.get
apigee.setupcontexts.update
apigee.sharedflowrevisions.delete
apigee.sharedflowrevisions.deploy
apigee.sharedflowrevisions.get
apigee.sharedflowrevisions.list
apigee.sharedflowrevisions.undeploy
apigee.sharedflowrevisions.update
apigee.sharedflows.create
apigee.sharedflows.delete
apigee.sharedflows.get
apigee.sharedflows.list
apigee.targetservers.create
apigee.targetservers.delete
apigee.targetservers.get
apigee.targetservers.list
apigee.targetservers.update
apigee.traceconfig.get
apigee.traceconfig.update
apigee.traceconfigoverrides.create
apigee.traceconfigoverrides.delete
apigee.traceconfigoverrides.get
apigee.traceconfigoverrides.list
apigee.traceconfigoverrides.update
apigee.tracesessions.create
apigee.tracesessions.delete
apigee.tracesessions.get
apigee.tracesessions.list

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.getIamPolicy

resourcemanager.projects.list

Apigee Analytics Agent

(roles/apigee.analyticsAgent)

Curated set of permissions for Apigee Universal Data Collection Agent to manage analytics for an Apigee Organization

apigee.datalocation.get

apigee.environments.getDataLocation

apigee.runtimeconfigs.get

Apigee Analytics Editor

(roles/apigee.analyticsEditor)

Analytics editor for an Apigee Organization

apigee.datacollectors.*

apigee.datacollectors.create
apigee.datacollectors.delete
apigee.datacollectors.get
apigee.datacollectors.list
apigee.datacollectors.update

apigee.datastores.*

apigee.datastores.create
apigee.datastores.delete
apigee.datastores.get
apigee.datastores.list
apigee.datastores.update

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.exports.*

apigee.exports.create
apigee.exports.get
apigee.exports.list

apigee.hostqueries.*

apigee.hostqueries.create
apigee.hostqueries.get
apigee.hostqueries.list

apigee.hoststats.get

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.queries.*

apigee.queries.create
apigee.queries.get
apigee.queries.list

apigee.reports.*

apigee.reports.create
apigee.reports.delete
apigee.reports.get
apigee.reports.list
apigee.reports.update

resourcemanager.projects.get

resourcemanager.projects.list

Apigee Analytics Viewer

(roles/apigee.analyticsViewer)

Analytics viewer for an Apigee Organization

apigee.datacollectors.get

apigee.datacollectors.list

apigee.datastores.get

apigee.datastores.list

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.exports.get

apigee.exports.list

apigee.hostqueries.get

apigee.hostqueries.list

apigee.hoststats.get

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.queries.get

apigee.queries.list

apigee.reports.get

apigee.reports.list

resourcemanager.projects.get

resourcemanager.projects.list

Apigee API Admin

(roles/apigee.apiAdminV2)

Full read/write access to all apigee API resources

apigee.apiproductattributes.*

apigee.apiproductattributes.createOrUpdateAll
apigee.apiproductattributes.delete
apigee.apiproductattributes.get
apigee.apiproductattributes.list
apigee.apiproductattributes.update

apigee.apiproducts.*

apigee.apiproducts.create
apigee.apiproducts.delete
apigee.apiproducts.get
apigee.apiproducts.list
apigee.apiproducts.update

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.keyvaluemapentries.*

apigee.keyvaluemapentries.create
apigee.keyvaluemapentries.delete
apigee.keyvaluemapentries.get
apigee.keyvaluemapentries.list

apigee.keyvaluemaps.*

apigee.keyvaluemaps.create
apigee.keyvaluemaps.delete
apigee.keyvaluemaps.list

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.proxies.*

apigee.proxies.create
apigee.proxies.delete
apigee.proxies.get
apigee.proxies.list
apigee.proxies.update

apigee.proxyrevisions.*

apigee.proxyrevisions.delete
apigee.proxyrevisions.deploy
apigee.proxyrevisions.get
apigee.proxyrevisions.list
apigee.proxyrevisions.undeploy
apigee.proxyrevisions.update

apigee.sharedflowrevisions.*

apigee.sharedflowrevisions.delete
apigee.sharedflowrevisions.deploy
apigee.sharedflowrevisions.get
apigee.sharedflowrevisions.list
apigee.sharedflowrevisions.undeploy
apigee.sharedflowrevisions.update

apigee.sharedflows.*

apigee.sharedflows.create
apigee.sharedflows.delete
apigee.sharedflows.get
apigee.sharedflows.list

resourcemanager.projects.get

resourcemanager.projects.list

Apigee API Reader

(roles/apigee.apiReaderV2)

Reader of apigee resources

apigee.apiproductattributes.get

apigee.apiproductattributes.list

apigee.apiproducts.get

apigee.apiproducts.list

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.keyvaluemapentries.get

apigee.keyvaluemapentries.list

apigee.keyvaluemaps.list

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.proxies.get

apigee.proxies.list

apigee.proxyrevisions.deploy

apigee.proxyrevisions.get

apigee.proxyrevisions.list

apigee.proxyrevisions.undeploy

apigee.sharedflowrevisions.deploy

apigee.sharedflowrevisions.get

apigee.sharedflowrevisions.list

apigee.sharedflowrevisions.undeploy

apigee.sharedflows.get

apigee.sharedflows.list

resourcemanager.projects.get

resourcemanager.projects.list

Apigee Developer Admin

(roles/apigee.developerAdmin)

Developer admin of apigee resources

apigee.apiproductattributes.get

apigee.apiproductattributes.list

apigee.apiproducts.get

apigee.apiproducts.list

apigee.appgroupapps.*

apigee.appgroupapps.create
apigee.appgroupapps.delete
apigee.appgroupapps.get
apigee.appgroupapps.list
apigee.appgroupapps.manage

apigee.appgroups.*

apigee.appgroups.create
apigee.appgroups.delete
apigee.appgroups.get
apigee.appgroups.list
apigee.appgroups.update

apigee.appkeys.*

apigee.appkeys.create
apigee.appkeys.delete
apigee.appkeys.get
apigee.appkeys.manage

apigee.apps.*

apigee.apps.get
apigee.apps.list

apigee.datacollectors.*

apigee.datacollectors.create
apigee.datacollectors.delete
apigee.datacollectors.get
apigee.datacollectors.list
apigee.datacollectors.update

apigee.developerappattributes.*

apigee.developerappattributes.createOrUpdateAll
apigee.developerappattributes.delete
apigee.developerappattributes.get
apigee.developerappattributes.list
apigee.developerappattributes.update

apigee.developerapps.*

apigee.developerapps.create
apigee.developerapps.delete
apigee.developerapps.get
apigee.developerapps.list
apigee.developerapps.manage

apigee.developerattributes.*

apigee.developerattributes.createOrUpdateAll
apigee.developerattributes.delete
apigee.developerattributes.get
apigee.developerattributes.list
apigee.developerattributes.update

apigee.developerbalances.*

apigee.developerbalances.adjust
apigee.developerbalances.get
apigee.developerbalances.update

apigee.developermonetizationconfigs.*

apigee.developermonetizationconfigs.get
apigee.developermonetizationconfigs.update

apigee.developers.*

apigee.developers.create
apigee.developers.delete
apigee.developers.get
apigee.developers.list
apigee.developers.update

apigee.developersubscriptions.*

apigee.developersubscriptions.create
apigee.developersubscriptions.get
apigee.developersubscriptions.list
apigee.developersubscriptions.update

apigee.entitlements.get

apigee.environments.get

apigee.environments.getStats

apigee.environments.list

apigee.hoststats.get

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.rateplans.get

apigee.rateplans.list

resourcemanager.projects.get

resourcemanager.projects.getIamPolicy

resourcemanager.projects.list

Apigee Environment Admin

(roles/apigee.environmentAdmin)

Full read/write access to apigee environment resources, including deployments.

apigee.addonsconfig.*

apigee.addonsconfig.get
apigee.addonsconfig.update

apigee.archivedeployments.*

apigee.archivedeployments.create
apigee.archivedeployments.delete
apigee.archivedeployments.download
apigee.archivedeployments.get
apigee.archivedeployments.list
apigee.archivedeployments.update
apigee.archivedeployments.upload

apigee.datacollectors.get

apigee.datacollectors.list

apigee.deployments.*

apigee.deployments.create
apigee.deployments.delete
apigee.deployments.get
apigee.deployments.list
apigee.deployments.update

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getIamPolicy

apigee.environments.getStats

apigee.environments.list

apigee.environments.setIamPolicy

apigee.environments.update

apigee.flowhooks.*

apigee.flowhooks.attachSharedFlow
apigee.flowhooks.detachSharedFlow
apigee.flowhooks.getSharedFlow
apigee.flowhooks.list

apigee.ingressconfigs.get

apigee.keystorealiases.*

apigee.keystorealiases.create
apigee.keystorealiases.delete
apigee.keystorealiases.exportCertificate
apigee.keystorealiases.generateCSR
apigee.keystorealiases.get
apigee.keystorealiases.list
apigee.keystorealiases.update

apigee.keystores.*

apigee.keystores.create
apigee.keystores.delete
apigee.keystores.export
apigee.keystores.get
apigee.keystores.list

apigee.keyvaluemapentries.*

apigee.keyvaluemapentries.create
apigee.keyvaluemapentries.delete
apigee.keyvaluemapentries.get
apigee.keyvaluemapentries.list

apigee.keyvaluemaps.*

apigee.keyvaluemaps.create
apigee.keyvaluemaps.delete
apigee.keyvaluemaps.list

apigee.maskconfigs.*

apigee.maskconfigs.get
apigee.maskconfigs.update

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.proxies.get

apigee.proxies.list

apigee.proxyrevisions.deploy

apigee.proxyrevisions.get

apigee.proxyrevisions.list

apigee.proxyrevisions.undeploy

apigee.references.*

apigee.references.create
apigee.references.delete
apigee.references.get
apigee.references.list
apigee.references.update

apigee.resourcefiles.*

apigee.resourcefiles.create
apigee.resourcefiles.delete
apigee.resourcefiles.get
apigee.resourcefiles.list
apigee.resourcefiles.update

apigee.sharedflowrevisions.deploy

apigee.sharedflowrevisions.get

apigee.sharedflowrevisions.list

apigee.sharedflowrevisions.undeploy

apigee.sharedflows.get

apigee.sharedflows.list

apigee.targetservers.*

apigee.targetservers.create
apigee.targetservers.delete
apigee.targetservers.get
apigee.targetservers.list
apigee.targetservers.update

apigee.traceconfig.*

apigee.traceconfig.get
apigee.traceconfig.update

apigee.traceconfigoverrides.*

apigee.traceconfigoverrides.create
apigee.traceconfigoverrides.delete
apigee.traceconfigoverrides.get
apigee.traceconfigoverrides.list
apigee.traceconfigoverrides.update

apigee.tracesessions.*

apigee.tracesessions.create
apigee.tracesessions.delete
apigee.tracesessions.get
apigee.tracesessions.list

resourcemanager.projects.get

resourcemanager.projects.getIamPolicy

resourcemanager.projects.list

Apigee Monetization Admin

(roles/apigee.monetizationAdmin)

All permissions related to monetization

apigee.apiproducts.get

apigee.apiproducts.list

apigee.developerbalances.*

apigee.developerbalances.adjust
apigee.developerbalances.get
apigee.developerbalances.update

apigee.developermonetizationconfigs.*

apigee.developermonetizationconfigs.get
apigee.developermonetizationconfigs.update

apigee.developersubscriptions.*

apigee.developersubscriptions.create
apigee.developersubscriptions.get
apigee.developersubscriptions.list
apigee.developersubscriptions.update

apigee.entitlements.get

apigee.organizations.get

apigee.organizations.list

apigee.projectorganizations.get

apigee.rateplans.*

apigee.rateplans.create
apigee.rateplans.delete
apigee.rateplans.get
apigee.rateplans.list
apigee.rateplans.update

resourcemanager.projects.get

resourcemanager.projects.list

Apigee Portal Admin

(roles/apigee.portalAdmin)

Portal admin for an Apigee Organization

apigee.entitlements.get

apigee.organizations.get

apigee.organizations.list

apigee.portals.*

apigee.portals.create
apigee.portals.delete
apigee.portals.get
apigee.portals.list
apigee.portals.update

apigee.projectorganizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Apigee Read-only Admin

(roles/apigee.readOnlyAdmin)

Viewer of all apigee resources

apigee.addonsconfig.get

apigee.apiproductattributes.get

apigee.apiproductattributes.list

apigee.apiproducts.get

apigee.apiproducts.list

apigee.appgroupapps.get

apigee.appgroupapps.list

apigee.appgroups.get

apigee.appgroups.list

apigee.appkeys.get

apigee.apps.*

apigee.apps.get
apigee.apps.list

apigee.archivedeployments.download

apigee.archivedeployments.get

apigee.archivedeployments.list

apigee.caches.list

apigee.canaryevaluations.get

apigee.datacollectors.get

apigee.datacollectors.list

apigee.datalocation.get

apigee.datastores.get

apigee.datastores.list

apigee.deployments.get

apigee.deployments.list

apigee.developerappattributes.get

apigee.developerappattributes.list

apigee.developerapps.get

apigee.developerapps.list

apigee.developerattributes.get

apigee.developerattributes.list

apigee.developerbalances.get

apigee.developermonetizationconfigs.get

apigee.developers.get

apigee.developers.list

apigee.developersubscriptions.get

apigee.developersubscriptions.list

apigee.endpointattachments.get

apigee.endpointattachments.list

apigee.entitlements.get

apigee.envgroupattachments.get

apigee.envgroupattachments.list

apigee.envgroups.get

apigee.envgroups.list

apigee.environments.get

apigee.environments.getDataLocation

apigee.environments.getIamPolicy

apigee.environments.getStats

apigee.environments.list

apigee.exports.get

apigee.exports.list

apigee.flowhooks.getSharedFlow

apigee.flowhooks.list

apigee.hostqueries.get

apigee.hostqueries.list

apigee.hostsecurityreports.get

apigee.hostsecurityreports.list

apigee.hoststats.get

apigee.ingressconfigs.get

apigee.instanceattachments.get

apigee.instanceattachments.list

apigee.instances.get

apigee.instances.list

apigee.keystorealiases.get

apigee.keystorealiases.list

apigee.keystores.get

apigee.keystores.list

apigee.keyvaluemapentries.get

apigee.keyvaluemapentries.list

apigee.keyvaluemaps.list

apigee.maskconfigs.get

apigee.nataddresses.get

apigee.nataddresses.list

apigee.operations.*

apigee.operations.get
apigee.operations.list

apigee.organizations.get

apigee.organizations.list

apigee.portals.get

apigee.portals.list

apigee.projectorganizations.get

apigee.proxies.get

apigee.proxies.list

apigee.proxyrevisions.get

apigee.proxyrevisions.list

apigee.queries.get