This documentation is for the current version of GKE on AWS, released in November 2021. See the
Release notes for more information.
Send feedback
API roles and permissions
Stay organized with collections
Save and categorize content based on your preferences.
GKE on AWS
has specific Identity and Access Management (IAM) permissions. Those permissions are
described in the following tables. For instructions on managing permissions, see
Granting, Changing, and Revoking Access to Resources .
GKE on AWS API permissions
The GKE on AWS API includes the predefined gkemulticloud.viewer
,
and gkemulticloud.admin
roles. These roles are described in the following
table:
Role
Permissions
Anthos Multi-cloud Admin
(roles/ gkemulticloud.admin
)
Admin access to Anthos Multi-cloud resources.
gkemulticloud.*
gkemulticloud. attachedClusters. create
gkemulticloud. attachedClusters. delete
gkemulticloud. attachedClusters. generateInstallManifest
gkemulticloud. attachedClusters. get
gkemulticloud. attachedClusters. import
gkemulticloud. attachedClusters. list
gkemulticloud. attachedClusters. update
gkemulticloud. attachedServerConfigs. get
gkemulticloud. awsClusters. create
gkemulticloud. awsClusters. delete
gkemulticloud. awsClusters. generateAccessToken
gkemulticloud.awsClusters.get
gkemulticloud. awsClusters. getAdminKubeconfig
gkemulticloud.awsClusters.list
gkemulticloud. awsClusters. update
gkemulticloud. awsNodePools. create
gkemulticloud. awsNodePools. delete
gkemulticloud.awsNodePools.get
gkemulticloud. awsNodePools. list
gkemulticloud. awsNodePools. update
gkemulticloud. awsServerConfigs. get
gkemulticloud. azureClients. create
gkemulticloud. azureClients. delete
gkemulticloud.azureClients.get
gkemulticloud. azureClients. list
gkemulticloud. azureClusters. create
gkemulticloud. azureClusters. delete
gkemulticloud. azureClusters. generateAccessToken
gkemulticloud. azureClusters. get
gkemulticloud. azureClusters. getAdminKubeconfig
gkemulticloud. azureClusters. list
gkemulticloud. azureClusters. update
gkemulticloud. azureNodePools. create
gkemulticloud. azureNodePools. delete
gkemulticloud. azureNodePools. get
gkemulticloud. azureNodePools. list
gkemulticloud. azureNodePools. update
gkemulticloud. azureServerConfigs. get
gkemulticloud. operations. cancel
gkemulticloud. operations. delete
gkemulticloud.operations.get
gkemulticloud.operations.list
gkemulticloud.operations.wait
resourcemanager.projects.get
resourcemanager.projects.list
Anthos Multi-cloud Viewer
(roles/ gkemulticloud.viewer
)
Viewer access to Anthos Multi-cloud resources.
gkemulticloud. attachedClusters. generateInstallManifest
gkemulticloud. attachedClusters. get
gkemulticloud. attachedClusters. list
gkemulticloud. attachedServerConfigs. get
gkemulticloud. awsClusters. generateAccessToken
gkemulticloud.awsClusters.get
gkemulticloud.awsClusters.list
gkemulticloud.awsNodePools.get
gkemulticloud. awsNodePools. list
gkemulticloud. awsServerConfigs. get
gkemulticloud.azureClients.get
gkemulticloud. azureClients. list
gkemulticloud. azureClusters. generateAccessToken
gkemulticloud. azureClusters. get
gkemulticloud. azureClusters. list
gkemulticloud. azureNodePools. get
gkemulticloud. azureNodePools. list
gkemulticloud. azureServerConfigs. get
gkemulticloud.operations.get
gkemulticloud.operations.list
gkemulticloud.operations.wait
resourcemanager.projects.get
resourcemanager.projects.list
What's next
Additional IAM roles, such as owner and editor, include
GKE on AWS permissions. For more information, see the complete
IAM Permissions reference
list.
Send feedback
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-01-28 UTC.
Need to tell us more?
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-01-28 UTC."],[],[]]