Vertex AI access control with IAM

This page describes how to use Identity and Access Management (IAM) to manage access to Vertex AI resources. To manage access to Vertex AI Workbench resources, see the access control pages for managed notebooks or user-managed notebooks.

Vertex AI uses IAM to manage access to resources. You can manage access at the project level or resource level. To grant access to resources at the project level, assign one or more roles to a principal (user, group, or service account). To grant access to a specific resource, set an IAM policy on that resource; the resource must support resource-level policies. The policy defines which roles are assigned to which principals.

There are different types of IAM roles that can be used in Vertex AI:

Predefined roles let you grant a set of related permissions to your Vertex AI resources at the project level.
Basic roles (Owner, Editor, and Viewer) provide access control to your Vertex AI resources at the project level, and are common to all Google Cloud services.
Custom roles enable you to choose a specific set of permissions, create your own role with those permissions, and grant the role to users in your organization.

To add, update, or remove these roles in your Vertex AI project, see the documentation on granting, changing, and revoking access.

Predefined roles for Vertex AI

Role Permissions

Role	Permissions
Vertex AI Administrator (`roles/aiplatform.admin`) Grants full access to all resources in Vertex AI	aiplatform.annotationSpecs.* aiplatform.annotationSpecs.create aiplatform.annotationSpecs.delete aiplatform.annotationSpecs.get aiplatform.annotationSpecs.list aiplatform.annotationSpecs.update aiplatform.annotations.* aiplatform.annotations.create aiplatform.annotations.delete aiplatform.annotations.get aiplatform.annotations.list aiplatform.annotations.update aiplatform.artifacts.* aiplatform.artifacts.create aiplatform.artifacts.delete aiplatform.artifacts.get aiplatform.artifacts.list aiplatform.artifacts.update aiplatform.batchPredictionJobs.* aiplatform.batchPredictionJobs.cancel aiplatform.batchPredictionJobs.create aiplatform.batchPredictionJobs.delete aiplatform.batchPredictionJobs.get aiplatform.batchPredictionJobs.list aiplatform.contexts.* aiplatform.contexts.addContextArtifactsAndExecutions aiplatform.contexts.addContextChildren aiplatform.contexts.create aiplatform.contexts.delete aiplatform.contexts.get aiplatform.contexts.list aiplatform.contexts.queryContextLineageSubgraph aiplatform.contexts.update aiplatform.customJobs.* aiplatform.customJobs.cancel aiplatform.customJobs.create aiplatform.customJobs.delete aiplatform.customJobs.get aiplatform.customJobs.list aiplatform.dataItems.* aiplatform.dataItems.create aiplatform.dataItems.delete aiplatform.dataItems.get aiplatform.dataItems.list aiplatform.dataItems.update aiplatform.dataLabelingJobs.* aiplatform.dataLabelingJobs.cancel aiplatform.dataLabelingJobs.create aiplatform.dataLabelingJobs.delete aiplatform.dataLabelingJobs.get aiplatform.dataLabelingJobs.list aiplatform.datasets.* aiplatform.datasets.create aiplatform.datasets.delete aiplatform.datasets.export aiplatform.datasets.get aiplatform.datasets.import aiplatform.datasets.list aiplatform.datasets.update aiplatform.deploymentResourcePools.* aiplatform.deploymentResourcePools.create aiplatform.deploymentResourcePools.delete aiplatform.deploymentResourcePools.get aiplatform.deploymentResourcePools.list aiplatform.deploymentResourcePools.queryDeployedModels aiplatform.deploymentResourcePools.update aiplatform.edgeDeploymentJobs.* aiplatform.edgeDeploymentJobs.create aiplatform.edgeDeploymentJobs.delete aiplatform.edgeDeploymentJobs.get aiplatform.edgeDeploymentJobs.list aiplatform.edgeDeviceDebugInfo.get aiplatform.edgeDevices.* aiplatform.edgeDevices.create aiplatform.edgeDevices.delete aiplatform.edgeDevices.get aiplatform.edgeDevices.list aiplatform.edgeDevices.update aiplatform.endpoints.* aiplatform.endpoints.create aiplatform.endpoints.delete aiplatform.endpoints.deploy aiplatform.endpoints.explain aiplatform.endpoints.get aiplatform.endpoints.getIamPolicy aiplatform.endpoints.list aiplatform.endpoints.predict aiplatform.endpoints.setIamPolicy aiplatform.endpoints.undeploy aiplatform.endpoints.update aiplatform.entityTypes.* aiplatform.entityTypes.create aiplatform.entityTypes.delete aiplatform.entityTypes.deleteFeatureValues aiplatform.entityTypes.exportFeatureValues aiplatform.entityTypes.get aiplatform.entityTypes.getIamPolicy aiplatform.entityTypes.importFeatureValues aiplatform.entityTypes.list aiplatform.entityTypes.readFeatureValues aiplatform.entityTypes.setIamPolicy aiplatform.entityTypes.streamingReadFeatureValues aiplatform.entityTypes.update aiplatform.entityTypes.writeFeatureValues aiplatform.executions.* aiplatform.executions.addExecutionEvents aiplatform.executions.create aiplatform.executions.delete aiplatform.executions.get aiplatform.executions.list aiplatform.executions.queryExecutionInputsAndOutputs aiplatform.executions.update aiplatform.featureOnlineStores.* aiplatform.featureOnlineStores.create aiplatform.featureOnlineStores.delete aiplatform.featureOnlineStores.get aiplatform.featureOnlineStores.list aiplatform.featureOnlineStores.update aiplatform.featureViewSyncs.* aiplatform.featureViewSyncs.get aiplatform.featureViewSyncs.list aiplatform.featureViews.* aiplatform.featureViews.create aiplatform.featureViews.delete aiplatform.featureViews.fetchFeatureValues aiplatform.featureViews.get aiplatform.featureViews.list aiplatform.featureViews.searchNearestEntities aiplatform.featureViews.sync aiplatform.featureViews.update aiplatform.features.* aiplatform.features.create aiplatform.features.delete aiplatform.features.get aiplatform.features.list aiplatform.features.update aiplatform.featurestores.* aiplatform.featurestores.batchReadFeatureValues aiplatform.featurestores.create aiplatform.featurestores.delete aiplatform.featurestores.exportFeatures aiplatform.featurestores.get aiplatform.featurestores.getIamPolicy aiplatform.featurestores.importFeatures aiplatform.featurestores.list aiplatform.featurestores.readFeatures aiplatform.featurestores.setIamPolicy aiplatform.featurestores.update aiplatform.featurestores.writeFeatures aiplatform.humanInTheLoops.* aiplatform.humanInTheLoops.cancel aiplatform.humanInTheLoops.create aiplatform.humanInTheLoops.delete aiplatform.humanInTheLoops.get aiplatform.humanInTheLoops.list aiplatform.humanInTheLoops.queryAnnotationStats aiplatform.humanInTheLoops.send aiplatform.humanInTheLoops.update aiplatform.hyperparameterTuningJobs.* aiplatform.hyperparameterTuningJobs.cancel aiplatform.hyperparameterTuningJobs.create aiplatform.hyperparameterTuningJobs.delete aiplatform.hyperparameterTuningJobs.get aiplatform.hyperparameterTuningJobs.list aiplatform.indexEndpoints.* aiplatform.indexEndpoints.create aiplatform.indexEndpoints.delete aiplatform.indexEndpoints.deploy aiplatform.indexEndpoints.get aiplatform.indexEndpoints.list aiplatform.indexEndpoints.queryVectors aiplatform.indexEndpoints.undeploy aiplatform.indexEndpoints.update aiplatform.indexes.* aiplatform.indexes.create aiplatform.indexes.delete aiplatform.indexes.get aiplatform.indexes.list aiplatform.indexes.update aiplatform.locations.* aiplatform.locations.get aiplatform.locations.list aiplatform.metadataSchemas.* aiplatform.metadataSchemas.create aiplatform.metadataSchemas.delete aiplatform.metadataSchemas.get aiplatform.metadataSchemas.list aiplatform.metadataStores.* aiplatform.metadataStores.create aiplatform.metadataStores.delete aiplatform.metadataStores.get aiplatform.metadataStores.list aiplatform.migratableResources.* aiplatform.migratableResources.migrate aiplatform.migratableResources.search aiplatform.modelDeploymentMonitoringJobs.* aiplatform.modelDeploymentMonitoringJobs.create aiplatform.modelDeploymentMonitoringJobs.delete aiplatform.modelDeploymentMonitoringJobs.get aiplatform.modelDeploymentMonitoringJobs.list aiplatform.modelDeploymentMonitoringJobs.pause aiplatform.modelDeploymentMonitoringJobs.resume aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies aiplatform.modelDeploymentMonitoringJobs.update aiplatform.modelEvaluationSlices.* aiplatform.modelEvaluationSlices.get aiplatform.modelEvaluationSlices.import aiplatform.modelEvaluationSlices.list aiplatform.modelEvaluations.* aiplatform.modelEvaluations.exportEvaluatedDataItems aiplatform.modelEvaluations.get aiplatform.modelEvaluations.import aiplatform.modelEvaluations.list aiplatform.models.* aiplatform.models.delete aiplatform.models.export aiplatform.models.get aiplatform.models.list aiplatform.models.update aiplatform.models.upload aiplatform.nasJobs.* aiplatform.nasJobs.cancel aiplatform.nasJobs.create aiplatform.nasJobs.delete aiplatform.nasJobs.get aiplatform.nasJobs.list aiplatform.nasTrialDetails.* aiplatform.nasTrialDetails.get aiplatform.nasTrialDetails.list aiplatform.notebookRuntimeTemplates.* aiplatform.notebookRuntimeTemplates.apply aiplatform.notebookRuntimeTemplates.create aiplatform.notebookRuntimeTemplates.delete aiplatform.notebookRuntimeTemplates.get aiplatform.notebookRuntimeTemplates.getIamPolicy aiplatform.notebookRuntimeTemplates.list aiplatform.notebookRuntimeTemplates.setIamPolicy aiplatform.notebookRuntimeTemplates.update aiplatform.notebookRuntimes.assign aiplatform.notebookRuntimes.delete aiplatform.notebookRuntimes.get aiplatform.notebookRuntimes.list aiplatform.notebookRuntimes.upgrade aiplatform.operations.list aiplatform.persistentResources.* aiplatform.persistentResources.create aiplatform.persistentResources.delete aiplatform.persistentResources.get aiplatform.persistentResources.list aiplatform.pipelineJobs.* aiplatform.pipelineJobs.cancel aiplatform.pipelineJobs.create aiplatform.pipelineJobs.delete aiplatform.pipelineJobs.get aiplatform.pipelineJobs.list aiplatform.schedules.* aiplatform.schedules.create aiplatform.schedules.delete aiplatform.schedules.get aiplatform.schedules.list aiplatform.schedules.update aiplatform.specialistPools.* aiplatform.specialistPools.create aiplatform.specialistPools.delete aiplatform.specialistPools.get aiplatform.specialistPools.list aiplatform.specialistPools.update aiplatform.studies.* aiplatform.studies.create aiplatform.studies.delete aiplatform.studies.get aiplatform.studies.list aiplatform.studies.update aiplatform.tensorboardExperiments.* aiplatform.tensorboardExperiments.create aiplatform.tensorboardExperiments.delete aiplatform.tensorboardExperiments.get aiplatform.tensorboardExperiments.list aiplatform.tensorboardExperiments.update aiplatform.tensorboardExperiments.write aiplatform.tensorboardRuns.* aiplatform.tensorboardRuns.batchCreate aiplatform.tensorboardRuns.create aiplatform.tensorboardRuns.delete aiplatform.tensorboardRuns.get aiplatform.tensorboardRuns.list aiplatform.tensorboardRuns.update aiplatform.tensorboardRuns.write aiplatform.tensorboardTimeSeries.* aiplatform.tensorboardTimeSeries.batchCreate aiplatform.tensorboardTimeSeries.batchRead aiplatform.tensorboardTimeSeries.create aiplatform.tensorboardTimeSeries.delete aiplatform.tensorboardTimeSeries.get aiplatform.tensorboardTimeSeries.list aiplatform.tensorboardTimeSeries.read aiplatform.tensorboardTimeSeries.update aiplatform.tensorboards.* aiplatform.tensorboards.create aiplatform.tensorboards.delete aiplatform.tensorboards.get aiplatform.tensorboards.list aiplatform.tensorboards.recordAccess aiplatform.tensorboards.update aiplatform.trainingPipelines.* aiplatform.trainingPipelines.cancel aiplatform.trainingPipelines.create aiplatform.trainingPipelines.delete aiplatform.trainingPipelines.get aiplatform.trainingPipelines.list aiplatform.trials.* aiplatform.trials.create aiplatform.trials.delete aiplatform.trials.get aiplatform.trials.list aiplatform.trials.update resourcemanager.projects.get resourcemanager.projects.list
Vertex AI Feature Store EntityType owner (`roles/aiplatform.entityTypeOwner`) Provides full access to all permissions for a particular entity type resource. Lowest-level resources where you can grant this role: Entity type	aiplatform.entityTypes.delete aiplatform.entityTypes.deleteFeatureValues aiplatform.entityTypes.exportFeatureValues aiplatform.entityTypes.get aiplatform.entityTypes.getIamPolicy aiplatform.entityTypes.importFeatureValues aiplatform.entityTypes.readFeatureValues aiplatform.entityTypes.setIamPolicy aiplatform.entityTypes.streamingReadFeatureValues aiplatform.entityTypes.update aiplatform.entityTypes.writeFeatureValues aiplatform.featureOnlineStores.get aiplatform.featureOnlineStores.list aiplatform.featureViewSyncs.* aiplatform.featureViewSyncs.get aiplatform.featureViewSyncs.list aiplatform.featureViews.fetchFeatureValues aiplatform.featureViews.get aiplatform.featureViews.list aiplatform.features.* aiplatform.features.create aiplatform.features.delete aiplatform.features.get aiplatform.features.list aiplatform.features.update aiplatform.featurestores.batchReadFeatureValues resourcemanager.projects.get resourcemanager.projects.list
Vertex AI Feature Store Admin (`roles/aiplatform.featurestoreAdmin`) Grants full access to all resources in Vertex AI Feature Store Lowest-level resources where you can grant this role: Entity type	aiplatform.entityTypes.* aiplatform.entityTypes.create aiplatform.entityTypes.delete aiplatform.entityTypes.deleteFeatureValues aiplatform.entityTypes.exportFeatureValues aiplatform.entityTypes.get aiplatform.entityTypes.getIamPolicy aiplatform.entityTypes.importFeatureValues aiplatform.entityTypes.list aiplatform.entityTypes.readFeatureValues aiplatform.entityTypes.setIamPolicy aiplatform.entityTypes.streamingReadFeatureValues aiplatform.entityTypes.update aiplatform.entityTypes.writeFeatureValues aiplatform.featureOnlineStores.* aiplatform.featureOnlineStores.create aiplatform.featureOnlineStores.delete aiplatform.featureOnlineStores.get aiplatform.featureOnlineStores.list aiplatform.featureOnlineStores.update aiplatform.featureViewSyncs.* aiplatform.featureViewSyncs.get aiplatform.featureViewSyncs.list aiplatform.featureViews.create aiplatform.featureViews.delete aiplatform.featureViews.fetchFeatureValues aiplatform.featureViews.get aiplatform.featureViews.list aiplatform.featureViews.sync aiplatform.featureViews.update aiplatform.features.* aiplatform.features.create aiplatform.features.delete aiplatform.features.get aiplatform.features.list aiplatform.features.update aiplatform.featurestores.* aiplatform.featurestores.batchReadFeatureValues aiplatform.featurestores.create aiplatform.featurestores.delete aiplatform.featurestores.exportFeatures aiplatform.featurestores.get aiplatform.featurestores.getIamPolicy aiplatform.featurestores.importFeatures aiplatform.featurestores.list aiplatform.featurestores.readFeatures aiplatform.featurestores.setIamPolicy aiplatform.featurestores.update aiplatform.featurestores.writeFeatures aiplatform.operations.list resourcemanager.projects.get resourcemanager.projects.list
Vertex AI Feature Store Data Viewer (`roles/aiplatform.featurestoreDataViewer`) This role provides permissions to read Feature data. Lowest-level resources where you can grant this role: Entity type	aiplatform.entityTypes.exportFeatureValues aiplatform.entityTypes.get aiplatform.entityTypes.readFeatureValues aiplatform.entityTypes.streamingReadFeatureValues aiplatform.featureOnlineStores.get aiplatform.featureOnlineStores.list aiplatform.featureViewSyncs.* aiplatform.featureViewSyncs.get aiplatform.featureViewSyncs.list aiplatform.featureViews.fetchFeatureValues aiplatform.featureViews.get aiplatform.featureViews.list aiplatform.features.get aiplatform.features.list aiplatform.featurestores.batchReadFeatureValues resourcemanager.projects.get resourcemanager.projects.list
Vertex AI Feature Store Data Writer (`roles/aiplatform.featurestoreDataWriter`) This role provides permissions to read and write Feature data. Lowest-level resources where you can grant this role: Entity type	aiplatform.entityTypes.

Vertex AI Administrator

(roles/aiplatform.admin)

Grants full access to all resources in Vertex AI

aiplatform.annotationSpecs.*

aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update

aiplatform.annotations.*

aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.customJobs.*

aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list

aiplatform.dataItems.*

aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update

aiplatform.dataLabelingJobs.*

aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list

aiplatform.datasets.*

aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update

aiplatform.deploymentResourcePools.*

aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update

aiplatform.edgeDeploymentJobs.*

aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.*

aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update

aiplatform.endpoints.*

aiplatform.endpoints.create
aiplatform.endpoints.delete
aiplatform.endpoints.deploy
aiplatform.endpoints.explain
aiplatform.endpoints.get
aiplatform.endpoints.getIamPolicy
aiplatform.endpoints.list
aiplatform.endpoints.predict
aiplatform.endpoints.setIamPolicy
aiplatform.endpoints.undeploy
aiplatform.endpoints.update

aiplatform.entityTypes.*

aiplatform.entityTypes.create
aiplatform.entityTypes.delete
aiplatform.entityTypes.deleteFeatureValues
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.get
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.importFeatureValues
aiplatform.entityTypes.list
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.setIamPolicy
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.entityTypes.update
aiplatform.entityTypes.writeFeatureValues

aiplatform.executions.*

aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update

aiplatform.featureOnlineStores.*

aiplatform.featureOnlineStores.create
aiplatform.featureOnlineStores.delete
aiplatform.featureOnlineStores.get
aiplatform.featureOnlineStores.list
aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.*

aiplatform.featureViews.create
aiplatform.featureViews.delete
aiplatform.featureViews.fetchFeatureValues
aiplatform.featureViews.get
aiplatform.featureViews.list
aiplatform.featureViews.searchNearestEntities
aiplatform.featureViews.sync
aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.*

aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.create
aiplatform.featurestores.delete
aiplatform.featurestores.exportFeatures
aiplatform.featurestores.get
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.importFeatures
aiplatform.featurestores.list
aiplatform.featurestores.readFeatures
aiplatform.featurestores.setIamPolicy
aiplatform.featurestores.update
aiplatform.featurestores.writeFeatures

aiplatform.humanInTheLoops.*

aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update

aiplatform.hyperparameterTuningJobs.*

aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.locations.*

aiplatform.locations.get
aiplatform.locations.list

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.migratableResources.*

aiplatform.migratableResources.migrate
aiplatform.migratableResources.search

aiplatform.modelDeploymentMonitoringJobs.*

aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update

aiplatform.modelEvaluationSlices.*

aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.*

aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list

aiplatform.models.*

aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload

aiplatform.nasJobs.*

aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookRuntimeTemplates.*

aiplatform.notebookRuntimeTemplates.apply
aiplatform.notebookRuntimeTemplates.create
aiplatform.notebookRuntimeTemplates.delete
aiplatform.notebookRuntimeTemplates.get
aiplatform.notebookRuntimeTemplates.getIamPolicy
aiplatform.notebookRuntimeTemplates.list
aiplatform.notebookRuntimeTemplates.setIamPolicy
aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.assign

aiplatform.notebookRuntimes.delete

aiplatform.notebookRuntimes.get

aiplatform.notebookRuntimes.list

aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.persistentResources.*

aiplatform.persistentResources.create
aiplatform.persistentResources.delete
aiplatform.persistentResources.get
aiplatform.persistentResources.list

aiplatform.pipelineJobs.*

aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

aiplatform.specialistPools.*

aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update

aiplatform.studies.*

aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.*

aiplatform.tensorboards.create
aiplatform.tensorboards.delete
aiplatform.tensorboards.get
aiplatform.tensorboards.list
aiplatform.tensorboards.recordAccess
aiplatform.tensorboards.update

aiplatform.trainingPipelines.*

aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list

aiplatform.trials.*

aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store EntityType owner

(roles/aiplatform.entityTypeOwner)

Provides full access to all permissions for a particular entity type resource.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.getIamPolicy

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.setIamPolicy

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store Admin

(roles/aiplatform.featurestoreAdmin)

Grants full access to all resources in Vertex AI Feature Store

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.*

aiplatform.entityTypes.create
aiplatform.entityTypes.delete
aiplatform.entityTypes.deleteFeatureValues
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.get
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.importFeatureValues
aiplatform.entityTypes.list
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.setIamPolicy
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.entityTypes.update
aiplatform.entityTypes.writeFeatureValues

aiplatform.featureOnlineStores.*

aiplatform.featureOnlineStores.create
aiplatform.featureOnlineStores.delete
aiplatform.featureOnlineStores.get
aiplatform.featureOnlineStores.list
aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.create

aiplatform.featureViews.delete

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.*

aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.create
aiplatform.featurestores.delete
aiplatform.featurestores.exportFeatures
aiplatform.featurestores.get
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.importFeatures
aiplatform.featurestores.list
aiplatform.featurestores.readFeatures
aiplatform.featurestores.setIamPolicy
aiplatform.featurestores.update
aiplatform.featurestores.writeFeatures

aiplatform.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store Data Viewer

(roles/aiplatform.featurestoreDataViewer)

This role provides permissions to read Feature data.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.features.get

aiplatform.features.list

aiplatform.featurestores.batchReadFeatureValues

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store Data Writer

(roles/aiplatform.featurestoreDataWriter)

This role provides permissions to read and write Feature data.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.