Access control

When you use Cloud Load Balancing, you make API requests. Each API request requires that the Cloud IAM member who makes the request has appropriate permission to create, modify, or delete the associated resources.

This page provides an overview of relevant Cloud IAM roles and permissions for Cloud Load Balancing. For a detailed description of Cloud IAM, see the Cloud IAM documentation.

Roles and permissions

You assign permissions by setting policies on a project. The policies that grant roles to an Cloud IAM member — a user, group, service account, or Google domain.

To follow the examples in the load balancing how-to guides, members need to create instances, firewall rules, and VPC networks. You can provide the necessary permissions in one of the following ways:

Role change latency

Cloud Load Balancing caches Cloud IAM permissions for five minutes, so it takes up to five minutes for a role change to become effective.

Managing Access Control for Cloud Load Balancing using Cloud IAM

You can get and set Cloud IAM policies using the Google Cloud Console, the Cloud IAM API, or the gcloud command-line tool. See Granting, changing, and revoking access to project members for details.

What's next