This page describes how to use Identity and Access Management (IAM) to manage access to Vertex AI resources. To manage access to Vertex AI Workbench resources, see the access control pages for managed notebooks or user-managed notebooks.
Vertex AI uses IAM to manage access to resources. You can manage access at the project level or resource level. To grant access to resources at the project level, assign one or more roles to a principal (user, group, or service account). To grant access to a specific resource, set an IAM policy on that resource; the resource must support resource-level policies. The policy defines which roles are assigned to which principals.
There are different types of IAM roles that can be used in Vertex AI:
Predefined roles let you grant a set of related permissions to your Vertex AI resources at the project level.
Basic roles (Owner, Editor, and Viewer) provide access control to your Vertex AI resources at the project level, and are common to all Google Cloud services.
Custom roles enable you to choose a specific set of permissions, create your own role with those permissions, and grant the role to users in your organization.
To add, update, or remove these roles in your Vertex AI project, see the documentation on granting, changing, and revoking access.
Predefined roles for Vertex AI
Role | Permissions |
---|---|
Vertex AI Administrator( Grants full access to all resources in Vertex AI Contains 3 owner permissions |
aiplatform.*
resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Feature Store EntityType owner( Provides full access to all permissions for a particular entity type resource. Lowest-level resources where you can grant this role:
Contains 1 owner permission |
aiplatform.entityTypes.delete aiplatform. aiplatform. aiplatform.entityTypes.get aiplatform. aiplatform. aiplatform.
manage_accounts
aiplatform. aiplatform. aiplatform.entityTypes.update aiplatform. aiplatform.features.*
aiplatform. resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Feature Store Admin( Grants full access to all resources in Vertex AI Feature Store Lowest-level resources where you can grant this role:
Contains 2 owner permissions |
aiplatform.entityTypes.*
aiplatform.features.*
aiplatform.featurestores.*
aiplatform.operations.list resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Feature Store Data Viewer( This role provides permissions to read Feature data. Lowest-level resources where you can grant this role:
|
aiplatform. aiplatform.entityTypes.get aiplatform. aiplatform. aiplatform.features.get aiplatform.features.list aiplatform. resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Feature Store Data Writer( This role provides permissions to read and write Feature data. Lowest-level resources where you can grant this role:
|
aiplatform. aiplatform. aiplatform.entityTypes.get aiplatform. aiplatform. aiplatform. aiplatform. aiplatform.features.get aiplatform.features.list aiplatform. resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Feature Store Instance Creator( Administrator of Featurestore resources, but not the child resources under Featurestores. Lowest-level resources where you can grant this role:
|
aiplatform. aiplatform. aiplatform.featurestores.get aiplatform.featurestores.list aiplatform. |
Vertex AI Feature Store Resource Viewer( Viewer of all resources in Vertex AI Feature Store but cannot make changes. Lowest-level resources where you can grant this role:
|
aiplatform.entityTypes.get aiplatform.entityTypes.list aiplatform.features.get aiplatform.features.list aiplatform.featurestores.get aiplatform.featurestores.list aiplatform.operations.list resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Feature Store User Beta( Deprecated. Use featurestoreAdmin instead. Contains 2 owner permissions |
aiplatform.entityTypes.*
aiplatform.features.*
aiplatform.featurestores.*
aiplatform.operations.list resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Migration Service User( Grants access to use migration service in Vertex AI |
aiplatform.
|
Vertex AI Tensorboard Web App User Beta( Grants access to the Vertex AI Tensorboard web app. Using the web app will incur charges. Contains 1 owner permission |
manage_accounts
aiplatform. |
Vertex AI User( Grants access to use all resource in Vertex AI |
aiplatform.annotationSpecs.*
aiplatform.annotations.*
aiplatform.artifacts.*
aiplatform.
aiplatform.contexts.*
aiplatform.customJobs.*
aiplatform.dataItems.*
aiplatform.dataLabelingJobs.*
aiplatform.datasets.*
aiplatform.
aiplatform.
aiplatform. aiplatform.edgeDevices.*
aiplatform.endpoints.*
aiplatform.entityTypes.create aiplatform.entityTypes.delete aiplatform. aiplatform. aiplatform.entityTypes.get aiplatform. aiplatform.entityTypes.list aiplatform. aiplatform. aiplatform.entityTypes.update aiplatform. aiplatform.executions.*
aiplatform.features.*
aiplatform. aiplatform. aiplatform. aiplatform. aiplatform.featurestores.get aiplatform. aiplatform.featurestores.list aiplatform. aiplatform. aiplatform. aiplatform.humanInTheLoops.*
aiplatform.
aiplatform.indexEndpoints.*
aiplatform.indexes.*
aiplatform.locations.*
aiplatform.metadataSchemas.*
aiplatform.metadataStores.*
aiplatform.
aiplatform.
aiplatform.modelEvaluations.*
aiplatform.models.*
aiplatform.nasJobs.*
aiplatform.nasTrialDetails.*
aiplatform.operations.list aiplatform.pipelineJobs.*
aiplatform.specialistPools.*
aiplatform.studies.*
aiplatform.
aiplatform.tensorboardRuns.*
aiplatform.
aiplatform.tensorboards.create aiplatform.tensorboards.delete aiplatform.tensorboards.get aiplatform.tensorboards.list aiplatform.tensorboards.update aiplatform.trainingPipelines.*
aiplatform.trials.*
resourcemanager.projects.get resourcemanager.projects.list |
Vertex AI Viewer( Grants access to view all resource in Vertex AI |
aiplatform.annotationSpecs.get aiplatform. aiplatform.annotations.get aiplatform.annotations.list aiplatform.artifacts.get aiplatform.artifacts.list aiplatform. aiplatform. aiplatform.contexts.get aiplatform.contexts.list aiplatform. aiplatform.customJobs.get aiplatform.customJobs.list aiplatform.dataItems.get aiplatform.dataItems.list aiplatform. aiplatform. aiplatform.datasets.get aiplatform.datasets.list aiplatform. aiplatform. aiplatform. aiplatform. aiplatform. aiplatform. aiplatform.edgeDevices.get aiplatform.edgeDevices.list aiplatform.endpoints.get aiplatform.endpoints.list aiplatform.entityTypes.get aiplatform.entityTypes.list aiplatform.executions.get aiplatform.executions.list aiplatform. aiplatform.features.get aiplatform.features.list aiplatform.featurestores.get aiplatform.featurestores.list aiplatform.humanInTheLoops.get aiplatform. aiplatform. aiplatform. aiplatform.indexEndpoints.get aiplatform.indexEndpoints.list aiplatform. aiplatform.indexes.get aiplatform.indexes.list aiplatform.locations.*
aiplatform.metadataSchemas.get aiplatform. aiplatform.metadataStores.get aiplatform.metadataStores.list aiplatform. aiplatform. aiplatform.
aiplatform.
aiplatform. aiplatform. aiplatform.models.get aiplatform.models.list aiplatform.nasJobs.get aiplatform.nasJobs.list aiplatform.nasTrialDetails.*
aiplatform.operations.list aiplatform.pipelineJobs.get aiplatform.pipelineJobs.list aiplatform.specialistPools.get aiplatform. aiplatform. aiplatform.studies.get aiplatform.studies.list aiplatform. aiplatform. aiplatform.tensorboardRuns.get aiplatform. aiplatform. aiplatform. aiplatform. aiplatform. aiplatform.tensorboards.get aiplatform.tensorboards.list aiplatform. aiplatform. aiplatform.trials.get aiplatform.trials.list resourcemanager.projects.get resourcemanager.projects.list |
Basic roles
The older Google Cloud basic roles are common to all Google Cloud services. These roles are Owner, Editor, and Viewer.
The basic roles provide permissions across Google Cloud, not just for Vertex AI. For this reason, you should use Vertex AI roles whenever possible.
Custom roles
If the predefined IAM roles for Vertex AI don't meet your needs, you can define custom roles. Custom roles enable you to choose a specific set of permissions, create your own role with those permissions, and grant the role to users in your organization. For more information, see Understanding IAM custom roles.
Project-level versus resource-level policies
Setting a policy at the resource level doesn't affect project-level policies. A resource inherits all policies from its ancestry. You can use these two levels of granularity to customize permissions. For example, you can grant users read permissions at the project level so that they can read all resources in the project, and then you can grant users write permissions per resource (at the resource level).
Not all Vertex AI predefined roles and resources support resource-level policies. To see which roles can be used on which resources, view the descriptions for each role.
Supported resources
Vertex AI supports Vertex AI Feature Store featurestore and entity type resources. For more information, see Control access to Vertex AI Feature Store resources.
After granting or revoking access to a resource, those changes take time to propagate. For more information, see the IAM frequently asked questions.
About service accounts and service agents
Service accounts
A service account is a special account used by an application or a virtual machine (VM) instance, not a person. You can create and assign permissions to service accounts to provide specific permissions to a resource or application.
For information about using a service account to customize the permissions available to a custom training container or a container that serves online predictions for a custom-trained model, read Using a custom service account.
Service accounts are identified by an email address.
Service agents
Service agents are Google-managed service accounts that are automatically provided; they enable a service to access resources on your behalf. Vertex AI uses these service agents:
Name | Used for | Email address |
---|---|---|
Vertex AI Service Agent | Vertex AI functionality | service-PROJECT_NUMBER@gcp-sa-aiplatform.iam.gserviceaccount.com |
Vertex AI Custom Code Service Agent | Custom training code | service-PROJECT_NUMBER@gcp-sa-aiplatform-cc.iam.gserviceaccount.com |
The Vertex AI Custom Code Service Agent is created only if you run custom training code to train a custom-trained model.
When created, each service agent is granted one of the following predefined roles for your project. Each service agent is granted the role that matches its name.
Role | Permissions |
---|---|
Vertex AI Service Agent( Gives Vertex AI the permissions it needs to function. Contains 3 owner permissions |
aiplatform.annotationSpecs.*
aiplatform.annotations.*
aiplatform.artifacts.*
aiplatform.
aiplatform.contexts.*
aiplatform.customJobs.*
aiplatform.dataItems.*
aiplatform.dataLabelingJobs.*
aiplatform.datasets.*
aiplatform.
aiplatform.
aiplatform. aiplatform.edgeDevices.*
aiplatform.endpoints.*
aiplatform.entityTypes.create aiplatform.entityTypes.delete aiplatform. aiplatform. aiplatform.entityTypes.get aiplatform. aiplatform.entityTypes.list aiplatform. aiplatform. aiplatform.entityTypes.update aiplatform. aiplatform.executions.*
aiplatform.features.*
aiplatform. aiplatform. aiplatform. aiplatform. aiplatform.featurestores.get aiplatform. aiplatform.featurestores.list aiplatform. aiplatform. aiplatform. aiplatform.humanInTheLoops.*
aiplatform.
aiplatform.indexEndpoints.*
aiplatform.indexes.*
aiplatform.locations.*
aiplatform.metadataSchemas.*
aiplatform.metadataStores.*
aiplatform.
aiplatform.
aiplatform.modelEvaluations.*
aiplatform.models.*
aiplatform.nasJobs.*
aiplatform.nasTrialDetails.*
aiplatform.operations.list aiplatform.pipelineJobs.*
aiplatform.specialistPools.*
aiplatform.studies.*
aiplatform.
aiplatform.tensorboardRuns.*
aiplatform.
aiplatform.tensorboards.create aiplatform.tensorboards.delete aiplatform.tensorboards.get aiplatform.tensorboards.list aiplatform.tensorboards.update aiplatform.trainingPipelines.*
aiplatform.trials.*
artifactregistry. artifactregistry. artifactregistry. artifactregistry. artifactregistry. artifactregistry.tags.get artifactregistry.versions.get automl.datasets.export automl.datasets.get automl.datasets.list automl.modelEvaluations.list automl.models.get automl.models.list automl.operations.get automl.tableSpecs.get bigquery.datasets.create bigquery.datasets.get bigquery.jobs.create bigquery.jobs.get bigquery.models.create bigquery.models.export bigquery.models.getData bigquery.readsessions.create bigquery.readsessions.getData bigquery.tables.create bigquery.tables.export bigquery.tables.get bigquery.tables.getData bigquery.tables.update bigquery.tables.updateData bigtable.tables.get bigtable.tables.list bigtable.tables.readRows compute.addresses.get compute.addresses.list compute.addresses.use compute.addresses.useInternal compute.disks.create manage_accounts compute.disks.createTagBinding compute.disks.delete compute.disks.get compute.disks.setLabels compute.disks.use compute.disks.useReadOnly compute.instances.create
manage_accounts
compute. compute.instances.delete compute.instances.get compute.instances.setLabels compute.instances.setMetadata compute. compute.instances.setTags compute.machineTypes.get compute.subnetworks.use compute. dataflow.jobs.*
dataflow.messages.list dataflow.metrics.get dataflow.snapshots.*
datalabeling. datalabeling.datasets.export datalabeling.datasets.get datalabeling.datasets.list datalabeling.operations.get iam.serviceAccounts.actAs
manage_accounts
iam. logging.logEntries.create logging.logEntries.route ml.models.list ml.operations.get ml.versions.get ml.versions.list monitoring. notebooks.instances.create notebooks.instances.delete notebooks.instances.get resourcemanager.projects.get resourcemanager.projects.list serviceusage.services.use storage.buckets.create storage.buckets.delete storage.buckets.get storage.buckets.list storage.objects.create storage.objects.delete storage.objects.get storage.objects.list storage.objects.update |
Vertex AI Custom Code Service Agent( Gives Vertex AI Custom Code the proper permissions. Contains 5 owner permissions |
aiplatform.annotationSpecs.*
aiplatform.annotations.*
aiplatform.artifacts.*
aiplatform.
aiplatform.contexts.*
aiplatform.customJobs.*
aiplatform.dataItems.*
aiplatform.dataLabelingJobs.*
aiplatform.datasets.*
aiplatform.
aiplatform.
aiplatform. aiplatform.edgeDevices.*
aiplatform.endpoints.*
aiplatform.entityTypes.create aiplatform.entityTypes.delete aiplatform. aiplatform. aiplatform.entityTypes.get aiplatform. aiplatform.entityTypes.list aiplatform. aiplatform. aiplatform.entityTypes.update aiplatform. aiplatform.executions.*
aiplatform.features.*
aiplatform. aiplatform. aiplatform. aiplatform. aiplatform.featurestores.get aiplatform. aiplatform.featurestores.list aiplatform. aiplatform. aiplatform. aiplatform.humanInTheLoops.*
aiplatform.
aiplatform.indexEndpoints.*
aiplatform.indexes.*
aiplatform.locations.*
aiplatform.metadataSchemas.*
aiplatform.metadataStores.*
aiplatform.
aiplatform.
aiplatform.modelEvaluations.*
aiplatform.models.*
aiplatform.nasJobs.*
aiplatform.nasTrialDetails.*
aiplatform.operations.list aiplatform.pipelineJobs.*
aiplatform.specialistPools.*
aiplatform.studies.*
aiplatform.
aiplatform.tensorboardRuns.*
aiplatform.
aiplatform.tensorboards.create aiplatform.tensorboards.delete aiplatform.tensorboards.get aiplatform.tensorboards.list aiplatform.tensorboards.update aiplatform.trainingPipelines.*
aiplatform.trials.*
artifactregistry. artifactregistry. artifactregistry. artifactregistry.tags.get artifactregistry.versions.get bigquery.datasets.create bigquery.datasets.get bigquery.jobs.create bigquery.jobs.get bigquery.readsessions.create bigquery.readsessions.getData bigquery.tables.create bigquery.tables.export bigquery.tables.get bigquery.tables.getData bigquery.tables.update bigquery.tables.updateData iam.serviceAccounts.get
manage_accounts
iam.
manage_accounts
iam.
manage_accounts
iam. iam.serviceAccounts.list manage_accounts iam.serviceAccounts.signBlob manage_accounts iam.serviceAccounts.signJwt logging.logEntries.create logging.logEntries.route resourcemanager.projects.get resourcemanager.projects.list serviceusage.services.use storage.buckets.create storage.buckets.delete storage.buckets.get storage.buckets.list storage.objects.create storage.objects.delete storage.objects.get storage.objects.list storage.objects.update |
Grant Vertex AI service agents access to other resources
Sometimes you need to grant additional roles to a Vertex AI service agent. For example, if you need Vertex AI to access a Cloud Storage bucket in a different project, you will need to grant one or more additional roles to the service agent.
Role addition requirements for BigQuery
The following table describes the required additional roles needed to be added to the Vertex AI Service Agent for BigQuery tables or view in a different project or backed by an external data source.
The term home project refers to the project where the Vertex AI dataset or model is located. The term different project refers to any other project.
Table type | Table project | Data source project | Role addition required |
---|---|---|---|
Native BigQuery table | Home project | N/A | None. |
Native BigQuery table | Different project | N/A | BigQuery Data Viewer for different project. Learn more. |
BigQuery view | Home project | N/A | None. |
BigQuery view | Different project | N/A | BigQuery Data Viewer for different project. Learn more. |
External BigQuery data source backed by Bigtable | Home project | Home project | Bigtable Reader for home project. Learn more. |
External BigQuery data source backed by Bigtable | Home project | Different project | Bigtable Reader for different project. Learn more. |
External BigQuery data source backed by Bigtable | Different project | Different project | BigQuery Reader and Bigtable Reader for different project. Learn more. |
External BigQuery data source backed by Cloud Storage | Home project | Home project | None. |
External BigQuery data source backed by Cloud Storage | Home project | Different project | Storage Object Viewer for different project. Learn more. |
External BigQuery data source backed by Cloud Storage | Different project | Different project | Storage Object Viewer and BigQuery Data Viewer for different project. Learn more. |
External BigQuery data source backed by Google Sheets | Home project | N/A | Share your Sheets file with the Vertex AI service account. Learn more. |
External BigQuery data source backed by Google Sheets | Different project | N/A | BigQuery Reader for different project and share your Sheets file with the Vertex AI service account. |
Role addition requirements for Cloud Storage
If you are accessing data in a Cloud Storage bucket in a different
project, you must give the Storage > Storage Object Viewer
role to
Vertex AI in that project. Learn more.
If you are using a Cloud Storage bucket to receive data from your local
computer for an import operation, and the bucket is in a different project than
Cloud project, you must give the Storage > Storage Object Creator
role to Vertex AI in that project. Learn more.
Grant access to Vertex AI to resources in your home project
To grant additional roles to a service agent for Vertex AI in your home project:
Go to the IAM page of the Google Cloud console for your home project.
Select the Include Google-provided role grants checkbox.
Determine the service agent you want to grant the permissions to and click the pencil icon.
You can filter for Principal:@gcp-sa-aiplatform-cc.iam.gserviceaccount.com to find the Vertex AI service agents.
Grant the required roles to the service account and save your changes.
Grant access to Vertex AI to resources in a different project
When you use data sources or destinations in a different project, you must give the Vertex AI service account permissions in that project. The Vertex AI service account is created after you start the first asynchronous job (for example, creating an endpoint). You can also explicitly create the Vertex AI service account by using gcloud CLI following these instructions. This gcloud command will create both the default service account and the custom code service account, though only the default service account will be returned in the response.
To add permissions to Vertex AI in a different project:
Go to the IAM page of the Google Cloud console for your home project (the project where you are using Vertex AI).
Select the Include Google-provided role grants checkbox.
Determine the service agent you want to grant the permissions to and copy its email address (listed under Principal).
You can filter for Principal:@gcp-sa-aiplatform-cc.iam.gserviceaccount.com to find the Vertex AI service agents.
Change projects to the project where you need to grant the permissions.
Click Add, and enter the email address in New principals.
Add all required roles and click Save.
Provide access to Google Sheets
If you use an external BigQuery data source backed by Google Sheets, you must share your sheet with the Vertex AI service account. The Vertex AI service account is created after you start the first asynchronous job (for example, creating an endpoint). You can also explicitly create the Vertex AI service account by using gcloud CLI by following this instruction.
To authorize Vertex AI to access your Sheets file:
Go to the IAM page of the Google Cloud console.
Look for the service account with the name
Vertex AI Service Agent
and copy its email address (listed under Principal).Open your Sheets file and share it with that address.
What's next
- Learn more about IAM.
- Learn about specific IAM permissions and the operations they support.
- Get an overview of Vertex AI.