Cloud Run IAM Permissions

The following tables list the Identity and Access Management (IAM) permissions that are associated with Cloud Run.

Services

Permission Description
run.services.get View services, excluding IAM policies.
run.services.list List services.
run.services.create Create new services.
run.services.update Update existing services.
run.services.delete Delete services.
run.services.getIamPolicy Get an IAM policy.
run.services.setIamPolicy Set an IAM policy.

Routes

Permission Description
run.routes.get View routes, excluding IAM policies.
run.routes.list List routes.
run.routes.invoke Invoke a route.

Configurations

Permission Description
run.configurations.get View configurations, excluding IAM policies.
run.configurations.list List configurations.

Revisions

Permission Description
run.revisions.get View revisions, excluding IAM policies.
run.revisions.list List revisions.
run.revisions.delete Delete revisions.

Locations

Permission Description
run.locations.get Get location information.
run.locations.list List all locations.

For a reference of which IAM permissions are contained in each IAM role, see Cloud Run IAM Roles.

Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Run Documentation