Permissions required to install Anthos Service Mesh

The following table describes the roles that are required to install Anthos Service Mesh.

Role name Role ID Description
Project Editor roles/editor Permissions for actions that modify state, such as changing existing resources.
Compute Admin roles/compute.admin Full control of all Compute Engine resources.
Kubernetes Engine Admin roles/container.admin Provides access to full management of Container Clusters and their Kubernetes API objects.
Project IAM Admin roles/resourcemanager.projectIamAdmin Provides permissions to administer IAM policies on projects.
Service Account Admin roles/iam.serviceAccountAdmin Create and manage service accounts.
Service Account Key Admin roles/iam.serviceAccountKeyAdmin Create and manage (and rotate) service account keys.
GKE Hub Admin (Beta) roles/gkehub.admin Full access to GKE Hubs and related resources.

What's next