Roles and permissions
This page describes the permissions that you need to carry out tasks in Network Topology.
Required roles and permissions
To get the permissions that you need to carry out tasks in Network Topology, ask your administrator to grant you the following IAM roles on your project:
-
Network Management Viewer (
roles/networkmanagement.viewer
) -
Monitoring Viewer (
roles/monitoring.viewer
)
For more information about granting roles, see Manage access to projects, folders, and organizations.
These predefined roles contain the permissions required to carry out tasks in Network Topology. To see the exact permissions that are required, expand the Required permissions section:
Required permissions
The following permissions are required to carry out tasks in Network Topology:
-
Open a project:
resourcemanager.projects.get
-
View the Network Topology graphs for a project and monitored projects:
networkmanagement.topologygraphs.read
-
View the metrics on the Network Topology graph:
monitoring.timeSeries.list
You might also be able to get these permissions with custom roles or other predefined roles.
To view multiple projects, you need to have the networkmanagement.topologygraphs.read
permission for the scoping project. For more
information, see View metrics for multiple Cloud projects.
For more information about using Network Topology to visualize resources from multiple projects, see Multiple projects.