Send feedback
Roles and permissions
Stay organized with collections
Save and categorize content based on your preferences.
This page describes the Identity and Access Management (IAM) roles and permissions needed for
setting up a Secure Web Proxy instance.
You can grant users or service accounts permissions or a predefined role, or
you can create a custom role that uses permissions that you specify. The
following table describes the IAM predefined roles and their
associated permissions.
For more information, see the IAM
permissions reference .
Description
Role
Permissions (methods)
Provision and manage a Secure Web Proxy instance
Create a custom role with the specified permissions. For information about creating a custom role, see Create a custom role.
certificatemanager.certs.getcertificatemanager.certs.listcertificatemanager.certs.usecompute.addresses.createcompute.addresses.createInternalcompute.addresses.listcompute.instances.updatecompute.networks.getcompute.networks.listcompute.projects.getcompute.projects.getcompute.regionOperations.getcompute.routers.createcompute.routers.deletecompute.routers.getcompute.routers.listcompute.routers.updatecompute.subnetworks.getcompute.subnetworks.listnetworksecurity.gatewaySecurityPolicies.getnetworksecurity.gatewaySecurityPolicies.listnetworksecurity.gatewaySecurityPolicies.usenetworksecurity.gatewaySecurityPolicyRules.getnetworksecurity.gatewaySecurityPolicyRules.listnetworksecurity.locations.listnetworksecurity.urlLists.getnetworksecurity.urlLists.listnetworksecurity.urlLists.usenetworkservices.gateways.createnetworkservices.gateways.deletenetworkservices.gateways.getnetworkservices.gateways.listnetworkservices.gateways.updatenetworkservices.gateways.usenetworkservices.locations.listnetworkservices.operations.getnetworkservices.operations.listresourcemanager.projects.getresourcemanager.projects.listserviceusage.quotas.getserviceusage.services.getserviceusage.services.list
View, create, update, list, and delete Secure Web Proxy policies
Create a custom role with the specified permissions. For information about creating a custom role, see Create a custom role.
networksecurity.gatewaySecurityPolicies.createnetworksecurity.gatewaySecurityPolicies.deletenetworksecurity.gatewaySecurityPolicies.getnetworksecurity.gatewaySecurityPolicies.listnetworksecurity.gatewaySecurityPolicies.updatenetworksecurity.gatewaySecurityPolicyRules.createnetworksecurity.gatewaySecurityPolicyRules.deletenetworksecurity.gatewaySecurityPolicyRules.getnetworksecurity.gatewaySecurityPolicyRules.listnetworksecurity.gatewaySecurityPolicyRules.updatenetworksecurity.operations.getnetworksecurity.tlsInspectionPolicies.createnetworksecurity.tlsInspectionPolicies.deletenetworksecurity.tlsInspectionPolicies.getnetworksecurity.tlsInspectionPolicies.listnetworksecurity.tlsInspectionPolicies.updatenetworksecurity.tlsInspectionPolicies.usenetworksecurity.urlLists.createnetworksecurity.urlLists.deletenetworksecurity.urlLists.getnetworksecurity.urlLists.listnetworksecurity.urlLists.updatenetworksecurity.urlLists.use
For more information about project roles and permissions, see the following:
What's next
Send feedback
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-09-19 UTC.
Need to tell us more?
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-19 UTC."],[],[],null,[]]
