Access Control

Access control in Google Cloud Platform is controlled using Google Cloud Identity and Access Management (IAM). IAM allows you to set permissions specifying who has what kind of access to which resources in your project.

Cloud Source Repositories uses IAM for access control. You can use IAM to add team members to your project and to grant them permissions to create, view, and update repositories.

This page explains describes the IAM permissions and roles that apply to Cloud Source Repositories.

Permissions

With IAM, every action on a repository in Cloud Source Repositories requires that the account initiating the action has the appropriate permissions. Permissions are granted by granting roles, which includes that permission.

The following table describes the permissions available in Cloud Source Repositories.

Permission Description
source.repos.list List repositories within the project.
source.repos.create Create a new repository within the project.
source.repos.get Clone, fetch, browse on the web.
source.repos.update Push new changes to the repository.
source.repos.delete Delete repository.
source.repos.getIamPolicy Read/view the IAM policy of a repository.
source.repos.setIamPolicy Change the IAM policy of a repository.

Roles

You assign permissions to accounts through the use of roles. The following table lists the roles available for Cloud Source Repositories.

Role Role Title
role/source.reader Source Repository Reader
role/source.writer Source Repository Writer
role/source.admin Source Repository Administrator

Roles and permissions matrix

Use the table below to select the appropriate role for an account, based on the types of actions you want that account to perform.

Capability reader writer admin
List repositories
Clone, fetch and browse repositories
Update repositories
Create repositories
Delete repositories
View IAM policies
Set IAM policies

Custom roles

In addition to the pre-defined roles, Cloud Source Repositories also supports custom roles. For more information, see Creating and Managing Custom Roles in the Cloud IAM documentation.

Send feedback about...

Cloud Source Repositories