Para ver las listas de permisos y roles que admite Cloud Scheduler, consulta las secciones siguientes.
Habilitar la API de Cloud Scheduler
Para ver y asignar roles de IAM de Cloud Scheduler, debes habilitar la API de Cloud Scheduler en tu proyecto. No podrás ver los roles de Cloud Scheduler en la Google Cloud consola
hasta que habilites la API.
En la siguiente tabla se indican los roles de gestión de identidades y accesos predefinidos de Cloud Scheduler, así como una lista de todos los permisos que incluye cada rol.
Los roles predefinidos se adaptan a la mayoría de los casos prácticos habituales. Si los roles predefinidos no se ajustan a tu caso práctico, puedes crear un rol personalizado de IAM.
Roles de Cloud Scheduler
Role
Permissions
Cloud Scheduler Admin
(roles/cloudscheduler.admin)
Full access to jobs and executions.
Note that a Cloud Scheduler Admin (or any custom role with the permission
cloudscheduler.jobs.create) can create jobs that publish to any Pub/Sub topics within the
project.
appengine.applications.get
cloudscheduler.*
cloudscheduler.jobs.create
cloudscheduler.jobs.delete
cloudscheduler.jobs.enable
cloudscheduler.jobs.fullView
cloudscheduler.jobs.get
cloudscheduler.jobs.list
cloudscheduler.jobs.pause
cloudscheduler.jobs.run
cloudscheduler.jobs.update
cloudscheduler.locations.get
cloudscheduler.locations.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.get
serviceusage.services.list
Cloud Scheduler Job Runner
(roles/cloudscheduler.jobRunner)
Access to run jobs.
appengine.applications.get
cloudscheduler.jobs.fullView
cloudscheduler.jobs.run
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.get
serviceusage.services.list
Cloud Scheduler Service Agent
(roles/cloudscheduler.serviceAgent)
Grants Cloud Scheduler Service Account access to manage resources.
iam.serviceAccounts.getAccessToken
iam.serviceAccounts.getOpenIdToken
logging.logEntries.create
logging.logEntries.route
pubsub.topics.publish
Cloud Scheduler Viewer
(roles/cloudscheduler.viewer)
Get and list access to jobs, executions, and locations.
appengine.applications.get
cloudscheduler.jobs.fullView
cloudscheduler.jobs.get
cloudscheduler.jobs.list
cloudscheduler.locations.*
cloudscheduler.locations.get
cloudscheduler.locations.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.get
serviceusage.services.list
Gestión de identidades y accesos a nivel de proyecto
A nivel de proyecto, puedes asignar, cambiar y revocar roles de gestión de identidades y accesos mediante la Google Cloud consola, la API de gestión de identidades y accesos o la CLI de Google Cloud.
Para obtener instrucciones, consulta el artículo Gestionar acceso a proyectos, carpetas y organizaciones.
[[["Es fácil de entender","easyToUnderstand","thumb-up"],["Me ofreció una solución al problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Es difícil de entender","hardToUnderstand","thumb-down"],["La información o el código de muestra no son correctos","incorrectInformationOrSampleCode","thumb-down"],["Me faltan las muestras o la información que necesito","missingTheInformationSamplesINeed","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Otro","otherDown","thumb-down"]],["Última actualización: 2025-09-04 (UTC)."],[],[],null,["# Access control with IAM\n\nThis page describes the access control options that are available to you in\nCloud Scheduler.\n\nOverview\n--------\n\nCloud Scheduler uses Identity and Access Management (IAM) for access control.\n\nFor an introduction to IAM and its features, see the\n[IAM overview](/iam/docs/overview). To learn how to grant and\nrevoke access, see\n[Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access).\n\nFor lists of the permissions and roles that Cloud Scheduler\nsupports, see the following sections.\n\nEnable the Cloud Scheduler API\n------------------------------\n\nTo view and assign IAM roles for Cloud Scheduler,\nyou must enable the Cloud Scheduler API for your project. You won't be able to\nsee the Cloud Scheduler roles in the Google Cloud console\nuntil you enable the API.\n\n\n[Enable the API](https://console.cloud.google.com/flows/enableapi?apiid=cloudscheduler.googleapis.com&redirect=https://console.cloud.google.com)\n\nPredefined roles\n----------------\n\nThe following table lists the Cloud Scheduler predefined\nIAM roles with a corresponding list of all the permissions each\nrole includes.\n\nThe predefined roles address most typical use cases. If your use case isn't\ncovered by the predefined roles, you can\n[create an IAM custom role](/iam/docs/understanding-custom-roles).\n\n### Cloud Scheduler roles\n\nProject-level IAM management\n----------------------------\n\nAt the project level, you can grant, change, and revoke IAM roles\nusing the Google Cloud console, the IAM API, or the Google Cloud CLI.\nFor instructions, see\n[Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access)."]]
