Cloud Profiler controls access to profiling activities in Google Cloud projects by using Cloud Identity and Access Management (Cloud IAM) roles and permissions.
To use Cloud Profiler, you must have the appropriate Cloud IAM permissions granted on the Google Cloud project for the feature in question.
Permissions are not granted directly to users; permissions are instead granted indirectly through roles, which group multiple permissions to make managing them easier. For more information on these concepts, see the Cloud IAM documentation on roles, permissions, and related concepts.
Permissions and roles
This section summarizes the permissions and roles that apply to Profiler.
The following table lists the permissions required for profiling activities:
Cloud IAM roles include permissions and can be assigned to users, groups, and service accounts. The following roles include the listed permissions for Profiler:
Cloud Profiler Agent
||Ability to register and provide profiling data|
Cloud Profiler User
||Ability to view and query profiling data|
To learn how to assign Cloud Identity and Access Management roles to a user or service account, see Managing Policies.