Skip to content

Instantly share code, notes, and snippets.

@jeffmccune

jeffmccune/README.md

Last active June 29, 2021 23:45
Show Gist options
  • Save jeffmccune/10f63aedb2f3eb9e77d970c2bac7411c to your computer and use it in GitHub Desktop.
Save jeffmccune/10f63aedb2f3eb9e77d970c2bac7411c to your computer and use it in GitHub Desktop.
Download ZIP
Lookup a GCP role given a permission
Raw
README.md

Lookup a GCP role given a permission

The GCP docs generally list necessary permissions. For example the private service access docs state the servicenetworking.services.addPeering permission is needed, but doesn't mention which role has this permission.

Use this script to find the roles which grant a specific permission.

gcloud iam roles list '--format=value(name)' > roles.lst
xargs -n1 gcloud iam roles describe --format=json < roles.lst | tee roles.all

Then find the roles:

PERMISSION="servicenetworking.services.addPeering"
jq -rc 'select(.includedPermissions[]? | contains("'"${PERMISSION}"'")) | .name' roles.all | sort -u

Output:

roles/cloudtpu.serviceAgent
roles/composer.serviceAgent
roles/compute.networkAdmin
roles/container.serviceAgent
roles/dataflow.serviceAgent
roles/owner
Raw
roles.all
This file has been truncated, but you can view the full file.
{
"description": "Ability to view or act on access approval requests and view configuration",
"etag": "AA==",
"includedPermissions": [
"accessapproval.requests.approve",
"accessapproval.requests.dismiss",
"accessapproval.requests.get",
"accessapproval.requests.list",
"accessapproval.settings.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accessapproval.approver",
"stage": "BETA",
"title": "Access Approval Approver"
}
{
"description": "Ability update the Access Approval configuration",
"etag": "AA==",
"includedPermissions": [
"accessapproval.settings.delete",
"accessapproval.settings.get",
"accessapproval.settings.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accessapproval.configEditor",
"stage": "BETA",
"title": "Access Approval Config Editor"
}
{
"description": "Ability to view access approval requests and configuration",
"etag": "AA==",
"includedPermissions": [
"accessapproval.requests.get",
"accessapproval.requests.list",
"accessapproval.settings.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accessapproval.viewer",
"stage": "BETA",
"title": "Access Approval Viewer"
}
{
"description": "Create, edit, and change Cloud access bindings.",
"etag": "AA==",
"includedPermissions": [
"accesscontextmanager.gcpUserAccessBindings.create",
"accesscontextmanager.gcpUserAccessBindings.delete",
"accesscontextmanager.gcpUserAccessBindings.get",
"accesscontextmanager.gcpUserAccessBindings.list",
"accesscontextmanager.gcpUserAccessBindings.update"
],
"name": "roles/accesscontextmanager.gcpAccessAdmin",
"stage": "GA",
"title": "Cloud Access Binding Admin"
}
{
"description": "Read access to Cloud access bindings.",
"etag": "AA==",
"includedPermissions": [
"accesscontextmanager.gcpUserAccessBindings.get",
"accesscontextmanager.gcpUserAccessBindings.list"
],
"name": "roles/accesscontextmanager.gcpAccessReader",
"stage": "GA",
"title": "Cloud Access Binding Reader"
}
{
"description": "Full access to policies, access levels, and access zones",
"etag": "AA==",
"includedPermissions": [
"accesscontextmanager.accessLevels.create",
"accesscontextmanager.accessLevels.delete",
"accesscontextmanager.accessLevels.get",
"accesscontextmanager.accessLevels.list",
"accesscontextmanager.accessLevels.replaceAll",
"accesscontextmanager.accessLevels.update",
"accesscontextmanager.accessPolicies.create",
"accesscontextmanager.accessPolicies.delete",
"accesscontextmanager.accessPolicies.get",
"accesscontextmanager.accessPolicies.getIamPolicy",
"accesscontextmanager.accessPolicies.list",
"accesscontextmanager.accessPolicies.setIamPolicy",
"accesscontextmanager.accessPolicies.update",
"accesscontextmanager.accessZones.create",
"accesscontextmanager.accessZones.delete",
"accesscontextmanager.accessZones.get",
"accesscontextmanager.accessZones.list",
"accesscontextmanager.accessZones.update",
"accesscontextmanager.policies.create",
"accesscontextmanager.policies.delete",
"accesscontextmanager.policies.get",
"accesscontextmanager.policies.getIamPolicy",
"accesscontextmanager.policies.list",
"accesscontextmanager.policies.setIamPolicy",
"accesscontextmanager.policies.update",
"accesscontextmanager.servicePerimeters.commit",
"accesscontextmanager.servicePerimeters.create",
"accesscontextmanager.servicePerimeters.delete",
"accesscontextmanager.servicePerimeters.get",
"accesscontextmanager.servicePerimeters.list",
"accesscontextmanager.servicePerimeters.replaceAll",
"accesscontextmanager.servicePerimeters.update",
"cloudasset.assets.searchAllResources",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accesscontextmanager.policyAdmin",
"stage": "GA",
"title": "Access Context Manager Admin"
}
{
"description": "Edit access to policies. Create, edit, and change access levels and access zones.",
"etag": "AA==",
"includedPermissions": [
"accesscontextmanager.accessLevels.create",
"accesscontextmanager.accessLevels.delete",
"accesscontextmanager.accessLevels.get",
"accesscontextmanager.accessLevels.list",
"accesscontextmanager.accessLevels.replaceAll",
"accesscontextmanager.accessLevels.update",
"accesscontextmanager.accessPolicies.create",
"accesscontextmanager.accessPolicies.delete",
"accesscontextmanager.accessPolicies.get",
"accesscontextmanager.accessPolicies.getIamPolicy",
"accesscontextmanager.accessPolicies.list",
"accesscontextmanager.accessPolicies.update",
"accesscontextmanager.accessZones.create",
"accesscontextmanager.accessZones.delete",
"accesscontextmanager.accessZones.get",
"accesscontextmanager.accessZones.list",
"accesscontextmanager.accessZones.update",
"accesscontextmanager.policies.create",
"accesscontextmanager.policies.delete",
"accesscontextmanager.policies.get",
"accesscontextmanager.policies.getIamPolicy",
"accesscontextmanager.policies.list",
"accesscontextmanager.policies.update",
"accesscontextmanager.servicePerimeters.commit",
"accesscontextmanager.servicePerimeters.create",
"accesscontextmanager.servicePerimeters.delete",
"accesscontextmanager.servicePerimeters.get",
"accesscontextmanager.servicePerimeters.list",
"accesscontextmanager.servicePerimeters.replaceAll",
"accesscontextmanager.servicePerimeters.update",
"cloudasset.assets.searchAllResources",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accesscontextmanager.policyEditor",
"stage": "GA",
"title": "Access Context Manager Editor"
}
{
"description": "Read access to policies, access levels, and access zones.",
"etag": "AA==",
"includedPermissions": [
"accesscontextmanager.accessLevels.get",
"accesscontextmanager.accessLevels.list",
"accesscontextmanager.accessPolicies.get",
"accesscontextmanager.accessPolicies.getIamPolicy",
"accesscontextmanager.accessPolicies.list",
"accesscontextmanager.accessZones.get",
"accesscontextmanager.accessZones.list",
"accesscontextmanager.policies.get",
"accesscontextmanager.policies.getIamPolicy",
"accesscontextmanager.policies.list",
"accesscontextmanager.servicePerimeters.get",
"accesscontextmanager.servicePerimeters.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accesscontextmanager.policyReader",
"stage": "GA",
"title": "Access Context Manager Reader"
}
{
"etag": "AA==",
"includedPermissions": [
"accesscontextmanager.accessLevels.get",
"accesscontextmanager.accessLevels.list",
"accesscontextmanager.policies.get",
"accesscontextmanager.policies.getIamPolicy",
"accesscontextmanager.policies.list",
"accesscontextmanager.servicePerimeters.get",
"accesscontextmanager.servicePerimeters.list",
"logging.exclusions.get",
"logging.exclusions.list",
"logging.logEntries.list",
"logging.logMetrics.get",
"logging.logMetrics.list",
"logging.logServiceIndexes.list",
"logging.logServices.list",
"logging.logs.list",
"logging.sinks.get",
"logging.sinks.list",
"logging.usage.get",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/accesscontextmanager.vpcScTroubleshooterViewer",
"stage": "GA",
"title": "VPC Service Controls Troubleshooter Viewer"
}
{
"description": "Access to edit and deploy an action",
"etag": "AA==",
"includedPermissions": [
"actions.agent.claimContentProvider",
"actions.agent.get",
"actions.agent.update",
"actions.agentVersions.create",
"actions.agentVersions.delete",
"actions.agentVersions.deploy",
"actions.agentVersions.get",
"actions.agentVersions.list",
"firebase.projects.get",
"firebase.projects.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.use"
],
"name": "roles/actions.Admin",
"stage": "GA",
"title": "Actions Admin"
}
{
"description": "Access to view an action",
"etag": "AA==",
"includedPermissions": [
"actions.agent.get",
"actions.agentVersions.get",
"actions.agentVersions.list",
"firebase.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.use"
],
"name": "roles/actions.Viewer",
"stage": "GA",
"title": "Actions Viewer"
}
{
"description": "Grants full access to all resources in Vertex AI",
"etag": "AA==",
"includedPermissions": [
"aiplatform.annotationSpecs.create",
"aiplatform.annotationSpecs.delete",
"aiplatform.annotationSpecs.get",
"aiplatform.annotationSpecs.list",
"aiplatform.annotationSpecs.update",
"aiplatform.annotations.create",
"aiplatform.annotations.delete",
"aiplatform.annotations.get",
"aiplatform.annotations.list",
"aiplatform.annotations.update",
"aiplatform.artifacts.create",
"aiplatform.artifacts.get",
"aiplatform.artifacts.list",
"aiplatform.artifacts.update",
"aiplatform.batchPredictionJobs.cancel",
"aiplatform.batchPredictionJobs.create",
"aiplatform.batchPredictionJobs.delete",
"aiplatform.batchPredictionJobs.get",
"aiplatform.batchPredictionJobs.list",
"aiplatform.contexts.addContextArtifactsAndExecutions",
"aiplatform.contexts.addContextChildren",
"aiplatform.contexts.create",
"aiplatform.contexts.delete",
"aiplatform.contexts.get",
"aiplatform.contexts.list",
"aiplatform.contexts.queryContextLineageSubgraph",
"aiplatform.contexts.update",
"aiplatform.customJobs.cancel",
"aiplatform.customJobs.create",
"aiplatform.customJobs.delete",
"aiplatform.customJobs.get",
"aiplatform.customJobs.list",
"aiplatform.dataItems.create",
"aiplatform.dataItems.delete",
"aiplatform.dataItems.get",
"aiplatform.dataItems.list",
"aiplatform.dataItems.update",
"aiplatform.dataLabelingJobs.cancel",
"aiplatform.dataLabelingJobs.create",
"aiplatform.dataLabelingJobs.delete",
"aiplatform.dataLabelingJobs.get",
"aiplatform.dataLabelingJobs.list",
"aiplatform.datasets.create",
"aiplatform.datasets.delete",
"aiplatform.datasets.export",
"aiplatform.datasets.get",
"aiplatform.datasets.import",
"aiplatform.datasets.list",
"aiplatform.datasets.update",
"aiplatform.edgeDeploymentJobs.create",
"aiplatform.edgeDeploymentJobs.delete",
"aiplatform.edgeDeploymentJobs.get",
"aiplatform.edgeDeploymentJobs.list",
"aiplatform.edgeDeviceDebugInfo.get",
"aiplatform.edgeDevices.create",
"aiplatform.edgeDevices.delete",
"aiplatform.edgeDevices.get",
"aiplatform.edgeDevices.list",
"aiplatform.edgeDevices.update",
"aiplatform.endpoints.create",
"aiplatform.endpoints.delete",
"aiplatform.endpoints.deploy",
"aiplatform.endpoints.explain",
"aiplatform.endpoints.get",
"aiplatform.endpoints.list",
"aiplatform.endpoints.predict",
"aiplatform.endpoints.undeploy",
"aiplatform.endpoints.update",
"aiplatform.entityTypes.create",
"aiplatform.entityTypes.delete",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.importFeatureValues",
"aiplatform.entityTypes.list",
"aiplatform.entityTypes.readFeatureValues",
"aiplatform.entityTypes.streamingReadFeatureValues",
"aiplatform.entityTypes.update",
"aiplatform.executions.addExecutionEvents",
"aiplatform.executions.create",
"aiplatform.executions.get",
"aiplatform.executions.list",
"aiplatform.executions.queryExecutionInputsAndOutputs",
"aiplatform.executions.update",
"aiplatform.features.create",
"aiplatform.features.delete",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.features.update",
"aiplatform.featurestores.batchReadFeatureValues",
"aiplatform.featurestores.create",
"aiplatform.featurestores.delete",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.featurestores.importFeatures",
"aiplatform.featurestores.list",
"aiplatform.featurestores.readFeatures",
"aiplatform.featurestores.update",
"aiplatform.featurestores.writeFeatures",
"aiplatform.humanInTheLoops.create",
"aiplatform.humanInTheLoops.delete",
"aiplatform.humanInTheLoops.get",
"aiplatform.humanInTheLoops.list",
"aiplatform.humanInTheLoops.send",
"aiplatform.humanInTheLoops.update",
"aiplatform.hyperparameterTuningJobs.cancel",
"aiplatform.hyperparameterTuningJobs.create",
"aiplatform.hyperparameterTuningJobs.delete",
"aiplatform.hyperparameterTuningJobs.get",
"aiplatform.hyperparameterTuningJobs.list",
"aiplatform.indexEndpoints.create",
"aiplatform.indexEndpoints.delete",
"aiplatform.indexEndpoints.deploy",
"aiplatform.indexEndpoints.get",
"aiplatform.indexEndpoints.list",
"aiplatform.indexEndpoints.undeploy",
"aiplatform.indexEndpoints.update",
"aiplatform.indexes.create",
"aiplatform.indexes.delete",
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.indexes.update",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.create",
"aiplatform.metadataSchemas.get",
"aiplatform.metadataSchemas.list",
"aiplatform.metadataStores.create",
"aiplatform.metadataStores.delete",
"aiplatform.metadataStores.get",
"aiplatform.metadataStores.list",
"aiplatform.migratableResources.migrate",
"aiplatform.migratableResources.search",
"aiplatform.modelDeploymentMonitoringJobs.create",
"aiplatform.modelDeploymentMonitoringJobs.delete",
"aiplatform.modelDeploymentMonitoringJobs.get",
"aiplatform.modelDeploymentMonitoringJobs.list",
"aiplatform.modelDeploymentMonitoringJobs.pause",
"aiplatform.modelDeploymentMonitoringJobs.resume",
"aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies",
"aiplatform.modelDeploymentMonitoringJobs.update",
"aiplatform.modelEvaluationSlices.get",
"aiplatform.modelEvaluationSlices.list",
"aiplatform.modelEvaluations.exportEvaluatedDataItems",
"aiplatform.modelEvaluations.get",
"aiplatform.modelEvaluations.list",
"aiplatform.models.delete",
"aiplatform.models.export",
"aiplatform.models.get",
"aiplatform.models.list",
"aiplatform.models.update",
"aiplatform.models.upload",
"aiplatform.nasJobs.cancel",
"aiplatform.nasJobs.create",
"aiplatform.nasJobs.delete",
"aiplatform.nasJobs.get",
"aiplatform.nasJobs.list",
"aiplatform.operations.list",
"aiplatform.pipelineJobs.cancel",
"aiplatform.pipelineJobs.create",
"aiplatform.pipelineJobs.delete",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.specialistPools.create",
"aiplatform.specialistPools.delete",
"aiplatform.specialistPools.get",
"aiplatform.specialistPools.list",
"aiplatform.specialistPools.update",
"aiplatform.studies.create",
"aiplatform.studies.delete",
"aiplatform.studies.get",
"aiplatform.studies.list",
"aiplatform.studies.update",
"aiplatform.tensorboardExperiments.create",
"aiplatform.tensorboardExperiments.delete",
"aiplatform.tensorboardExperiments.get",
"aiplatform.tensorboardExperiments.list",
"aiplatform.tensorboardExperiments.update",
"aiplatform.tensorboardRuns.create",
"aiplatform.tensorboardRuns.delete",
"aiplatform.tensorboardRuns.get",
"aiplatform.tensorboardRuns.list",
"aiplatform.tensorboardRuns.update",
"aiplatform.tensorboardRuns.write",
"aiplatform.tensorboardTimeSeries.create",
"aiplatform.tensorboardTimeSeries.delete",
"aiplatform.tensorboardTimeSeries.get",
"aiplatform.tensorboardTimeSeries.list",
"aiplatform.tensorboardTimeSeries.read",
"aiplatform.tensorboardTimeSeries.update",
"aiplatform.tensorboards.create",
"aiplatform.tensorboards.delete",
"aiplatform.tensorboards.get",
"aiplatform.tensorboards.list",
"aiplatform.tensorboards.update",
"aiplatform.trainingPipelines.cancel",
"aiplatform.trainingPipelines.create",
"aiplatform.trainingPipelines.delete",
"aiplatform.trainingPipelines.get",
"aiplatform.trainingPipelines.list",
"aiplatform.trials.create",
"aiplatform.trials.delete",
"aiplatform.trials.get",
"aiplatform.trials.list",
"aiplatform.trials.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/aiplatform.admin",
"stage": "BETA",
"title": "Vertex AI Administrator"
}
{
"description": "Gives Vertex AI Custom Code the proper permissions.",
"etag": "AA==",
"includedPermissions": [
"aiplatform.annotationSpecs.create",
"aiplatform.annotationSpecs.delete",
"aiplatform.annotationSpecs.get",
"aiplatform.annotationSpecs.list",
"aiplatform.annotationSpecs.update",
"aiplatform.annotations.create",
"aiplatform.annotations.delete",
"aiplatform.annotations.get",
"aiplatform.annotations.list",
"aiplatform.annotations.update",
"aiplatform.artifacts.create",
"aiplatform.artifacts.get",
"aiplatform.artifacts.list",
"aiplatform.artifacts.update",
"aiplatform.batchPredictionJobs.cancel",
"aiplatform.batchPredictionJobs.create",
"aiplatform.batchPredictionJobs.delete",
"aiplatform.batchPredictionJobs.get",
"aiplatform.batchPredictionJobs.list",
"aiplatform.contexts.addContextArtifactsAndExecutions",
"aiplatform.contexts.addContextChildren",
"aiplatform.contexts.create",
"aiplatform.contexts.delete",
"aiplatform.contexts.get",
"aiplatform.contexts.list",
"aiplatform.contexts.queryContextLineageSubgraph",
"aiplatform.contexts.update",
"aiplatform.customJobs.cancel",
"aiplatform.customJobs.create",
"aiplatform.customJobs.delete",
"aiplatform.customJobs.get",
"aiplatform.customJobs.list",
"aiplatform.dataItems.create",
"aiplatform.dataItems.delete",
"aiplatform.dataItems.get",
"aiplatform.dataItems.list",
"aiplatform.dataItems.update",
"aiplatform.dataLabelingJobs.cancel",
"aiplatform.dataLabelingJobs.create",
"aiplatform.dataLabelingJobs.delete",
"aiplatform.dataLabelingJobs.get",
"aiplatform.dataLabelingJobs.list",
"aiplatform.datasets.create",
"aiplatform.datasets.delete",
"aiplatform.datasets.export",
"aiplatform.datasets.get",
"aiplatform.datasets.import",
"aiplatform.datasets.list",
"aiplatform.datasets.update",
"aiplatform.edgeDeploymentJobs.create",
"aiplatform.edgeDeploymentJobs.delete",
"aiplatform.edgeDeploymentJobs.get",
"aiplatform.edgeDeploymentJobs.list",
"aiplatform.edgeDeviceDebugInfo.get",
"aiplatform.edgeDevices.create",
"aiplatform.edgeDevices.delete",
"aiplatform.edgeDevices.get",
"aiplatform.edgeDevices.list",
"aiplatform.edgeDevices.update",
"aiplatform.endpoints.create",
"aiplatform.endpoints.delete",
"aiplatform.endpoints.deploy",
"aiplatform.endpoints.explain",
"aiplatform.endpoints.get",
"aiplatform.endpoints.list",
"aiplatform.endpoints.predict",
"aiplatform.endpoints.undeploy",
"aiplatform.endpoints.update",
"aiplatform.entityTypes.create",
"aiplatform.entityTypes.delete",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.importFeatureValues",
"aiplatform.entityTypes.list",
"aiplatform.entityTypes.readFeatureValues",
"aiplatform.entityTypes.streamingReadFeatureValues",
"aiplatform.entityTypes.update",
"aiplatform.executions.addExecutionEvents",
"aiplatform.executions.create",
"aiplatform.executions.get",
"aiplatform.executions.list",
"aiplatform.executions.queryExecutionInputsAndOutputs",
"aiplatform.executions.update",
"aiplatform.features.create",
"aiplatform.features.delete",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.features.update",
"aiplatform.featurestores.batchReadFeatureValues",
"aiplatform.featurestores.create",
"aiplatform.featurestores.delete",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.featurestores.importFeatures",
"aiplatform.featurestores.list",
"aiplatform.featurestores.readFeatures",
"aiplatform.featurestores.update",
"aiplatform.featurestores.writeFeatures",
"aiplatform.humanInTheLoops.create",
"aiplatform.humanInTheLoops.delete",
"aiplatform.humanInTheLoops.get",
"aiplatform.humanInTheLoops.list",
"aiplatform.humanInTheLoops.send",
"aiplatform.humanInTheLoops.update",
"aiplatform.hyperparameterTuningJobs.cancel",
"aiplatform.hyperparameterTuningJobs.create",
"aiplatform.hyperparameterTuningJobs.delete",
"aiplatform.hyperparameterTuningJobs.get",
"aiplatform.hyperparameterTuningJobs.list",
"aiplatform.indexEndpoints.create",
"aiplatform.indexEndpoints.delete",
"aiplatform.indexEndpoints.deploy",
"aiplatform.indexEndpoints.get",
"aiplatform.indexEndpoints.list",
"aiplatform.indexEndpoints.undeploy",
"aiplatform.indexEndpoints.update",
"aiplatform.indexes.create",
"aiplatform.indexes.delete",
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.indexes.update",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.create",
"aiplatform.metadataSchemas.get",
"aiplatform.metadataSchemas.list",
"aiplatform.metadataStores.create",
"aiplatform.metadataStores.delete",
"aiplatform.metadataStores.get",
"aiplatform.metadataStores.list",
"aiplatform.modelDeploymentMonitoringJobs.create",
"aiplatform.modelDeploymentMonitoringJobs.delete",
"aiplatform.modelDeploymentMonitoringJobs.get",
"aiplatform.modelDeploymentMonitoringJobs.list",
"aiplatform.modelDeploymentMonitoringJobs.pause",
"aiplatform.modelDeploymentMonitoringJobs.resume",
"aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies",
"aiplatform.modelDeploymentMonitoringJobs.update",
"aiplatform.modelEvaluationSlices.get",
"aiplatform.modelEvaluationSlices.list",
"aiplatform.modelEvaluations.exportEvaluatedDataItems",
"aiplatform.modelEvaluations.get",
"aiplatform.modelEvaluations.list",
"aiplatform.models.delete",
"aiplatform.models.export",
"aiplatform.models.get",
"aiplatform.models.list",
"aiplatform.models.update",
"aiplatform.models.upload",
"aiplatform.nasJobs.cancel",
"aiplatform.nasJobs.create",
"aiplatform.nasJobs.delete",
"aiplatform.nasJobs.get",
"aiplatform.nasJobs.list",
"aiplatform.operations.list",
"aiplatform.pipelineJobs.cancel",
"aiplatform.pipelineJobs.create",
"aiplatform.pipelineJobs.delete",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.specialistPools.create",
"aiplatform.specialistPools.delete",
"aiplatform.specialistPools.get",
"aiplatform.specialistPools.list",
"aiplatform.specialistPools.update",
"aiplatform.studies.create",
"aiplatform.studies.delete",
"aiplatform.studies.get",
"aiplatform.studies.list",
"aiplatform.studies.update",
"aiplatform.tensorboardExperiments.create",
"aiplatform.tensorboardExperiments.delete",
"aiplatform.tensorboardExperiments.get",
"aiplatform.tensorboardExperiments.list",
"aiplatform.tensorboardExperiments.update",
"aiplatform.tensorboardRuns.create",
"aiplatform.tensorboardRuns.delete",
"aiplatform.tensorboardRuns.get",
"aiplatform.tensorboardRuns.list",
"aiplatform.tensorboardRuns.update",
"aiplatform.tensorboardRuns.write",
"aiplatform.tensorboardTimeSeries.create",
"aiplatform.tensorboardTimeSeries.delete",
"aiplatform.tensorboardTimeSeries.get",
"aiplatform.tensorboardTimeSeries.list",
"aiplatform.tensorboardTimeSeries.read",
"aiplatform.tensorboardTimeSeries.update",
"aiplatform.tensorboards.create",
"aiplatform.tensorboards.delete",
"aiplatform.tensorboards.get",
"aiplatform.tensorboards.list",
"aiplatform.tensorboards.update",
"aiplatform.trainingPipelines.cancel",
"aiplatform.trainingPipelines.create",
"aiplatform.trainingPipelines.delete",
"aiplatform.trainingPipelines.get",
"aiplatform.trainingPipelines.list",
"aiplatform.trials.create",
"aiplatform.trials.delete",
"aiplatform.trials.get",
"aiplatform.trials.list",
"aiplatform.trials.update",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.tags.get",
"artifactregistry.versions.get",
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.readsessions.create",
"bigquery.tables.create",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.update",
"bigquery.tables.updateData",
"iam.serviceAccounts.get",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
"iam.serviceAccounts.implicitDelegation",
"iam.serviceAccounts.list",
"iam.serviceAccounts.signBlob",
"iam.serviceAccounts.signJwt",
"logging.logEntries.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.use",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.get",
"storage.buckets.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/aiplatform.customCodeServiceAgent",
"stage": "GA",
"title": "Vertex AI Custom Code Service Agent"
}
{
"description": "Grants full access to all resources in Vertex AI Feature Store",
"etag": "AA==",
"includedPermissions": [
"aiplatform.entityTypes.create",
"aiplatform.entityTypes.delete",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.importFeatureValues",
"aiplatform.entityTypes.list",
"aiplatform.entityTypes.readFeatureValues",
"aiplatform.entityTypes.streamingReadFeatureValues",
"aiplatform.entityTypes.update",
"aiplatform.features.create",
"aiplatform.features.delete",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.features.update",
"aiplatform.featurestores.batchReadFeatureValues",
"aiplatform.featurestores.create",
"aiplatform.featurestores.delete",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.featurestores.importFeatures",
"aiplatform.featurestores.list",
"aiplatform.featurestores.readFeatures",
"aiplatform.featurestores.update",
"aiplatform.featurestores.writeFeatures",
"aiplatform.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/aiplatform.featurestoreAdmin",
"stage": "BETA",
"title": "Vertex AI Feature Store Admin"
}
{
"description": "Deprecated. Use featurestoreAdmin instead.",
"etag": "AA==",
"includedPermissions": [
"aiplatform.entityTypes.create",
"aiplatform.entityTypes.delete",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.importFeatureValues",
"aiplatform.entityTypes.list",
"aiplatform.entityTypes.readFeatureValues",
"aiplatform.entityTypes.streamingReadFeatureValues",
"aiplatform.entityTypes.update",
"aiplatform.features.create",
"aiplatform.features.delete",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.features.update",
"aiplatform.featurestores.batchReadFeatureValues",
"aiplatform.featurestores.create",
"aiplatform.featurestores.delete",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.featurestores.importFeatures",
"aiplatform.featurestores.list",
"aiplatform.featurestores.readFeatures",
"aiplatform.featurestores.update",
"aiplatform.featurestores.writeFeatures",
"aiplatform.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/aiplatform.featurestoreUser",
"stage": "BETA",
"title": "Vertex AI Feature Store User"
}
{
"description": "Grants access to use migration service in Vertex AI",
"etag": "AA==",
"includedPermissions": [
"aiplatform.migratableResources.migrate",
"aiplatform.migratableResources.search"
],
"name": "roles/aiplatform.migrator",
"stage": "BETA",
"title": "Vertex AI Migration Service User"
}
{
"description": "Gives Vertex AI the permissions it needs to function.",
"etag": "AA==",
"includedPermissions": [
"aiplatform.artifacts.create",
"aiplatform.artifacts.get",
"aiplatform.artifacts.list",
"aiplatform.artifacts.update",
"aiplatform.batchPredictionJobs.create",
"aiplatform.batchPredictionJobs.get",
"aiplatform.batchPredictionJobs.list",
"aiplatform.contexts.addContextArtifactsAndExecutions",
"aiplatform.contexts.addContextChildren",
"aiplatform.contexts.create",
"aiplatform.contexts.delete",
"aiplatform.contexts.get",
"aiplatform.contexts.list",
"aiplatform.contexts.queryContextLineageSubgraph",
"aiplatform.contexts.update",
"aiplatform.customJobs.cancel",
"aiplatform.customJobs.create",
"aiplatform.customJobs.get",
"aiplatform.customJobs.list",
"aiplatform.datasets.create",
"aiplatform.datasets.get",
"aiplatform.datasets.import",
"aiplatform.datasets.update",
"aiplatform.endpoints.explain",
"aiplatform.endpoints.predict",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.executions.addExecutionEvents",
"aiplatform.executions.create",
"aiplatform.executions.get",
"aiplatform.executions.list",
"aiplatform.executions.queryExecutionInputsAndOutputs",
"aiplatform.executions.update",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.metadataSchemas.create",
"aiplatform.metadataSchemas.get",
"aiplatform.metadataSchemas.list",
"aiplatform.metadataStores.create",
"aiplatform.metadataStores.delete",
"aiplatform.metadataStores.get",
"aiplatform.metadataStores.list",
"artifactregistry.repositories.create",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.get",
"artifactregistry.versions.get",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.list",
"automl.modelEvaluations.list",
"automl.models.get",
"automl.models.list",
"automl.operations.get",
"automl.tableSpecs.get",
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.readsessions.create",
"bigquery.tables.create",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigtable.tables.get",
"bigtable.tables.list",
"bigtable.tables.readRows",
"datalabeling.annotateddatasets.get",
"datalabeling.datasets.export",
"datalabeling.datasets.get",
"datalabeling.datasets.list",
"datalabeling.operations.get",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.getAccessToken",
"logging.logEntries.create",
"ml.models.list",
"ml.operations.get",
"ml.versions.get",
"ml.versions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.use",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.get",
"storage.buckets.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/aiplatform.serviceAgent",
"stage": "GA",
"title": "Vertex AI Service Agent"
}
{
"description": "Grants access to use all resource in Vertex AI",
"etag": "AA==",
"includedPermissions": [
"aiplatform.annotationSpecs.create",
"aiplatform.annotationSpecs.delete",
"aiplatform.annotationSpecs.get",
"aiplatform.annotationSpecs.list",
"aiplatform.annotationSpecs.update",
"aiplatform.annotations.create",
"aiplatform.annotations.delete",
"aiplatform.annotations.get",
"aiplatform.annotations.list",
"aiplatform.annotations.update",
"aiplatform.artifacts.create",
"aiplatform.artifacts.get",
"aiplatform.artifacts.list",
"aiplatform.artifacts.update",
"aiplatform.batchPredictionJobs.cancel",
"aiplatform.batchPredictionJobs.create",
"aiplatform.batchPredictionJobs.delete",
"aiplatform.batchPredictionJobs.get",
"aiplatform.batchPredictionJobs.list",
"aiplatform.contexts.addContextArtifactsAndExecutions",
"aiplatform.contexts.addContextChildren",
"aiplatform.contexts.create",
"aiplatform.contexts.delete",
"aiplatform.contexts.get",
"aiplatform.contexts.list",
"aiplatform.contexts.queryContextLineageSubgraph",
"aiplatform.contexts.update",
"aiplatform.customJobs.cancel",
"aiplatform.customJobs.create",
"aiplatform.customJobs.delete",
"aiplatform.customJobs.get",
"aiplatform.customJobs.list",
"aiplatform.dataItems.create",
"aiplatform.dataItems.delete",
"aiplatform.dataItems.get",
"aiplatform.dataItems.list",
"aiplatform.dataItems.update",
"aiplatform.dataLabelingJobs.cancel",
"aiplatform.dataLabelingJobs.create",
"aiplatform.dataLabelingJobs.delete",
"aiplatform.dataLabelingJobs.get",
"aiplatform.dataLabelingJobs.list",
"aiplatform.datasets.create",
"aiplatform.datasets.delete",
"aiplatform.datasets.export",
"aiplatform.datasets.get",
"aiplatform.datasets.import",
"aiplatform.datasets.list",
"aiplatform.datasets.update",
"aiplatform.edgeDeploymentJobs.create",
"aiplatform.edgeDeploymentJobs.delete",
"aiplatform.edgeDeploymentJobs.get",
"aiplatform.edgeDeploymentJobs.list",
"aiplatform.edgeDeviceDebugInfo.get",
"aiplatform.edgeDevices.create",
"aiplatform.edgeDevices.delete",
"aiplatform.edgeDevices.get",
"aiplatform.edgeDevices.list",
"aiplatform.edgeDevices.update",
"aiplatform.endpoints.create",
"aiplatform.endpoints.delete",
"aiplatform.endpoints.deploy",
"aiplatform.endpoints.explain",
"aiplatform.endpoints.get",
"aiplatform.endpoints.list",
"aiplatform.endpoints.predict",
"aiplatform.endpoints.undeploy",
"aiplatform.endpoints.update",
"aiplatform.entityTypes.create",
"aiplatform.entityTypes.delete",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.importFeatureValues",
"aiplatform.entityTypes.list",
"aiplatform.entityTypes.readFeatureValues",
"aiplatform.entityTypes.streamingReadFeatureValues",
"aiplatform.entityTypes.update",
"aiplatform.executions.addExecutionEvents",
"aiplatform.executions.create",
"aiplatform.executions.get",
"aiplatform.executions.list",
"aiplatform.executions.queryExecutionInputsAndOutputs",
"aiplatform.executions.update",
"aiplatform.features.create",
"aiplatform.features.delete",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.features.update",
"aiplatform.featurestores.batchReadFeatureValues",
"aiplatform.featurestores.create",
"aiplatform.featurestores.delete",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.featurestores.importFeatures",
"aiplatform.featurestores.list",
"aiplatform.featurestores.readFeatures",
"aiplatform.featurestores.update",
"aiplatform.featurestores.writeFeatures",
"aiplatform.humanInTheLoops.create",
"aiplatform.humanInTheLoops.delete",
"aiplatform.humanInTheLoops.get",
"aiplatform.humanInTheLoops.list",
"aiplatform.humanInTheLoops.send",
"aiplatform.humanInTheLoops.update",
"aiplatform.hyperparameterTuningJobs.cancel",
"aiplatform.hyperparameterTuningJobs.create",
"aiplatform.hyperparameterTuningJobs.delete",
"aiplatform.hyperparameterTuningJobs.get",
"aiplatform.hyperparameterTuningJobs.list",
"aiplatform.indexEndpoints.create",
"aiplatform.indexEndpoints.delete",
"aiplatform.indexEndpoints.deploy",
"aiplatform.indexEndpoints.get",
"aiplatform.indexEndpoints.list",
"aiplatform.indexEndpoints.undeploy",
"aiplatform.indexEndpoints.update",
"aiplatform.indexes.create",
"aiplatform.indexes.delete",
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.indexes.update",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.create",
"aiplatform.metadataSchemas.get",
"aiplatform.metadataSchemas.list",
"aiplatform.metadataStores.create",
"aiplatform.metadataStores.delete",
"aiplatform.metadataStores.get",
"aiplatform.metadataStores.list",
"aiplatform.modelDeploymentMonitoringJobs.create",
"aiplatform.modelDeploymentMonitoringJobs.delete",
"aiplatform.modelDeploymentMonitoringJobs.get",
"aiplatform.modelDeploymentMonitoringJobs.list",
"aiplatform.modelDeploymentMonitoringJobs.pause",
"aiplatform.modelDeploymentMonitoringJobs.resume",
"aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies",
"aiplatform.modelDeploymentMonitoringJobs.update",
"aiplatform.modelEvaluationSlices.get",
"aiplatform.modelEvaluationSlices.list",
"aiplatform.modelEvaluations.exportEvaluatedDataItems",
"aiplatform.modelEvaluations.get",
"aiplatform.modelEvaluations.list",
"aiplatform.models.delete",
"aiplatform.models.export",
"aiplatform.models.get",
"aiplatform.models.list",
"aiplatform.models.update",
"aiplatform.models.upload",
"aiplatform.nasJobs.cancel",
"aiplatform.nasJobs.create",
"aiplatform.nasJobs.delete",
"aiplatform.nasJobs.get",
"aiplatform.nasJobs.list",
"aiplatform.operations.list",
"aiplatform.pipelineJobs.cancel",
"aiplatform.pipelineJobs.create",
"aiplatform.pipelineJobs.delete",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.specialistPools.create",
"aiplatform.specialistPools.delete",
"aiplatform.specialistPools.get",
"aiplatform.specialistPools.list",
"aiplatform.specialistPools.update",
"aiplatform.studies.create",
"aiplatform.studies.delete",
"aiplatform.studies.get",
"aiplatform.studies.list",
"aiplatform.studies.update",
"aiplatform.tensorboardExperiments.create",
"aiplatform.tensorboardExperiments.delete",
"aiplatform.tensorboardExperiments.get",
"aiplatform.tensorboardExperiments.list",
"aiplatform.tensorboardExperiments.update",
"aiplatform.tensorboardRuns.create",
"aiplatform.tensorboardRuns.delete",
"aiplatform.tensorboardRuns.get",
"aiplatform.tensorboardRuns.list",
"aiplatform.tensorboardRuns.update",
"aiplatform.tensorboardRuns.write",
"aiplatform.tensorboardTimeSeries.create",
"aiplatform.tensorboardTimeSeries.delete",
"aiplatform.tensorboardTimeSeries.get",
"aiplatform.tensorboardTimeSeries.list",
"aiplatform.tensorboardTimeSeries.read",
"aiplatform.tensorboardTimeSeries.update",
"aiplatform.tensorboards.create",
"aiplatform.tensorboards.delete",
"aiplatform.tensorboards.get",
"aiplatform.tensorboards.list",
"aiplatform.tensorboards.update",
"aiplatform.trainingPipelines.cancel",
"aiplatform.trainingPipelines.create",
"aiplatform.trainingPipelines.delete",
"aiplatform.trainingPipelines.get",
"aiplatform.trainingPipelines.list",
"aiplatform.trials.create",
"aiplatform.trials.delete",
"aiplatform.trials.get",
"aiplatform.trials.list",
"aiplatform.trials.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/aiplatform.user",
"stage": "BETA",
"title": "Vertex AI User"
}
{
"description": "Grants access to view all resource in Vertex AI",
"etag": "AA==",
"includedPermissions": [
"aiplatform.annotationSpecs.get",
"aiplatform.annotationSpecs.list",
"aiplatform.annotations.get",
"aiplatform.annotations.list",
"aiplatform.artifacts.get",
"aiplatform.artifacts.list",
"aiplatform.batchPredictionJobs.get",
"aiplatform.batchPredictionJobs.list",
"aiplatform.contexts.get",
"aiplatform.contexts.list",
"aiplatform.contexts.queryContextLineageSubgraph",
"aiplatform.customJobs.get",
"aiplatform.customJobs.list",
"aiplatform.dataItems.get",
"aiplatform.dataItems.list",
"aiplatform.dataLabelingJobs.get",
"aiplatform.dataLabelingJobs.list",
"aiplatform.datasets.get",
"aiplatform.datasets.list",
"aiplatform.edgeDeploymentJobs.get",
"aiplatform.edgeDeploymentJobs.list",
"aiplatform.edgeDeviceDebugInfo.get",
"aiplatform.edgeDevices.get",
"aiplatform.edgeDevices.list",
"aiplatform.endpoints.get",
"aiplatform.endpoints.list",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.list",
"aiplatform.executions.get",
"aiplatform.executions.list",
"aiplatform.executions.queryExecutionInputsAndOutputs",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.featurestores.get",
"aiplatform.featurestores.list",
"aiplatform.humanInTheLoops.get",
"aiplatform.humanInTheLoops.list",
"aiplatform.hyperparameterTuningJobs.get",
"aiplatform.hyperparameterTuningJobs.list",
"aiplatform.indexEndpoints.get",
"aiplatform.indexEndpoints.list",
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.get",
"aiplatform.metadataSchemas.list",
"aiplatform.metadataStores.get",
"aiplatform.metadataStores.list",
"aiplatform.modelDeploymentMonitoringJobs.get",
"aiplatform.modelDeploymentMonitoringJobs.list",
"aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies",
"aiplatform.modelEvaluationSlices.get",
"aiplatform.modelEvaluationSlices.list",
"aiplatform.modelEvaluations.get",
"aiplatform.modelEvaluations.list",
"aiplatform.models.get",
"aiplatform.models.list",
"aiplatform.nasJobs.get",
"aiplatform.nasJobs.list",
"aiplatform.operations.list",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.specialistPools.get",
"aiplatform.specialistPools.list",
"aiplatform.specialistPools.update",
"aiplatform.studies.get",
"aiplatform.studies.list",
"aiplatform.tensorboardExperiments.get",
"aiplatform.tensorboardExperiments.list",
"aiplatform.tensorboardRuns.get",
"aiplatform.tensorboardRuns.list",
"aiplatform.tensorboardTimeSeries.get",
"aiplatform.tensorboardTimeSeries.list",
"aiplatform.tensorboardTimeSeries.read",
"aiplatform.tensorboards.get",
"aiplatform.tensorboards.list",
"aiplatform.trainingPipelines.get",
"aiplatform.trainingPipelines.list",
"aiplatform.trials.get",
"aiplatform.trials.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/aiplatform.viewer",
"stage": "BETA",
"title": "Vertex AI Viewer"
}
{
"description": "Full access to manage devices.",
"etag": "AA==",
"includedPermissions": [
"androidmanagement.enterprises.manage",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/androidmanagement.user",
"stage": "GA",
"title": "Android Management User"
}
{
"description": "Gives the Anthos service agent access to Cloud Platformresources.",
"etag": "AA==",
"includedPermissions": [
"gkehub.features.get",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.get",
"gkehub.memberships.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/anthos.serviceAgent",
"stage": "GA",
"title": "Anthos Service Agent"
}
{
"description": "Gives the Anthos Audit service agent access toCloud Platform resources.",
"etag": "AA==",
"includedPermissions": [
"gkehub.features.get",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.get",
"gkehub.memberships.list"
],
"name": "roles/anthosaudit.serviceAgent",
"stage": "GA",
"title": "Anthos Audit Service Agent"
}
{
"description": "Gives the Anthos Config Management service agent access toCloud Platform resources.",
"etag": "AA==",
"includedPermissions": [
"gkehub.features.get",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.get",
"gkehub.memberships.list"
],
"name": "roles/anthosconfigmanagement.serviceAgent",
"stage": "GA",
"title": "Anthos Config Management Service Agent"
}
{
"description": "Gives the Anthos Identity service agent access toCloud Platform resources.",
"etag": "AA==",
"includedPermissions": [
"gkehub.features.get",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.get",
"gkehub.memberships.list"
],
"name": "roles/anthosidentityservice.serviceAgent",
"stage": "GA",
"title": "Anthos Identity Service Agent"
}
{
"description": "Gives the Anthos Service Mesh service agent access to Cloud Platform resources.",
"etag": "AA==",
"includedPermissions": [
"container.clusters.get",
"container.configMaps.get",
"container.configMaps.list",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.list",
"container.deployments.get",
"container.deployments.list",
"container.events.get",
"container.events.list",
"container.namespaces.get",
"container.namespaces.list",
"container.pods.get",
"container.pods.list",
"container.services.get",
"container.services.list",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"gkehub.features.get",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.get",
"gkehub.memberships.list"
],
"name": "roles/anthosservicemesh.serviceAgent",
"stage": "GA",
"title": "Anthos Service Mesh Service Agent"
}
{
"description": "Full access to ApiGateway and related resources.",
"etag": "AA==",
"includedPermissions": [
"apigateway.apiconfigs.create",
"apigateway.apiconfigs.delete",
"apigateway.apiconfigs.get",
"apigateway.apiconfigs.getIamPolicy",
"apigateway.apiconfigs.list",
"apigateway.apiconfigs.setIamPolicy",
"apigateway.apiconfigs.update",
"apigateway.apis.create",
"apigateway.apis.delete",
"apigateway.apis.get",
"apigateway.apis.getIamPolicy",
"apigateway.apis.list",
"apigateway.apis.setIamPolicy",
"apigateway.apis.update",
"apigateway.gateways.create",
"apigateway.gateways.delete",
"apigateway.gateways.get",
"apigateway.gateways.getIamPolicy",
"apigateway.gateways.list",
"apigateway.gateways.setIamPolicy",
"apigateway.gateways.update",
"apigateway.locations.get",
"apigateway.locations.list",
"apigateway.operations.cancel",
"apigateway.operations.delete",
"apigateway.operations.get",
"apigateway.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigateway.admin",
"stage": "GA",
"title": "ApiGateway Admin"
}
{
"description": "Read-only access to ApiGateway and related resources.",
"etag": "AA==",
"includedPermissions": [
"apigateway.apiconfigs.get",
"apigateway.apiconfigs.getIamPolicy",
"apigateway.apiconfigs.list",
"apigateway.apis.get",
"apigateway.apis.getIamPolicy",
"apigateway.apis.list",
"apigateway.gateways.get",
"apigateway.gateways.getIamPolicy",
"apigateway.gateways.list",
"apigateway.locations.get",
"apigateway.locations.list",
"apigateway.operations.get",
"apigateway.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigateway.viewer",
"stage": "GA",
"title": "ApiGateway Viewer"
}
{
"description": "Full access to all apigee resource features",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproductattributes.createOrUpdateAll",
"apigee.apiproductattributes.delete",
"apigee.apiproductattributes.get",
"apigee.apiproductattributes.list",
"apigee.apiproductattributes.update",
"apigee.apiproducts.create",
"apigee.apiproducts.delete",
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.apiproducts.update",
"apigee.appkeys.create",
"apigee.appkeys.delete",
"apigee.appkeys.get",
"apigee.appkeys.manage",
"apigee.apps.get",
"apigee.apps.list",
"apigee.archivedeployments.create",
"apigee.archivedeployments.delete",
"apigee.archivedeployments.download",
"apigee.archivedeployments.get",
"apigee.archivedeployments.list",
"apigee.archivedeployments.update",
"apigee.archivedeployments.upload",
"apigee.caches.delete",
"apigee.caches.list",
"apigee.canaryevaluations.create",
"apigee.canaryevaluations.get",
"apigee.datacollectors.create",
"apigee.datacollectors.delete",
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.datacollectors.update",
"apigee.datastores.create",
"apigee.datastores.delete",
"apigee.datastores.get",
"apigee.datastores.list",
"apigee.datastores.update",
"apigee.deployments.create",
"apigee.deployments.delete",
"apigee.deployments.get",
"apigee.deployments.list",
"apigee.deployments.update",
"apigee.developerappattributes.createOrUpdateAll",
"apigee.developerappattributes.delete",
"apigee.developerappattributes.get",
"apigee.developerappattributes.list",
"apigee.developerappattributes.update",
"apigee.developerapps.create",
"apigee.developerapps.delete",
"apigee.developerapps.get",
"apigee.developerapps.list",
"apigee.developerapps.manage",
"apigee.developerattributes.createOrUpdateAll",
"apigee.developerattributes.delete",
"apigee.developerattributes.get",
"apigee.developerattributes.list",
"apigee.developerattributes.update",
"apigee.developerbalances.get",
"apigee.developerbalances.update",
"apigee.developermonetizationconfigs.get",
"apigee.developermonetizationconfigs.update",
"apigee.developers.create",
"apigee.developers.delete",
"apigee.developers.get",
"apigee.developers.list",
"apigee.developers.update",
"apigee.developersubscriptions.create",
"apigee.developersubscriptions.get",
"apigee.developersubscriptions.list",
"apigee.developersubscriptions.update",
"apigee.envgroupattachments.create",
"apigee.envgroupattachments.delete",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.create",
"apigee.envgroups.delete",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.envgroups.update",
"apigee.environments.create",
"apigee.environments.delete",
"apigee.environments.get",
"apigee.environments.getDataLocation",
"apigee.environments.getIamPolicy",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.environments.manageRuntime",
"apigee.environments.setIamPolicy",
"apigee.environments.update",
"apigee.exports.create",
"apigee.exports.get",
"apigee.exports.list",
"apigee.flowhooks.attachSharedFlow",
"apigee.flowhooks.detachSharedFlow",
"apigee.flowhooks.getSharedFlow",
"apigee.flowhooks.list",
"apigee.hostqueries.create",
"apigee.hostqueries.get",
"apigee.hostqueries.list",
"apigee.hoststats.get",
"apigee.ingressconfigs.get",
"apigee.instanceattachments.create",
"apigee.instanceattachments.delete",
"apigee.instanceattachments.get",
"apigee.instanceattachments.list",
"apigee.instances.create",
"apigee.instances.delete",
"apigee.instances.get",
"apigee.instances.list",
"apigee.instances.reportStatus",
"apigee.keystorealiases.create",
"apigee.keystorealiases.delete",
"apigee.keystorealiases.exportCertificate",
"apigee.keystorealiases.generateCSR",
"apigee.keystorealiases.get",
"apigee.keystorealiases.list",
"apigee.keystorealiases.update",
"apigee.keystores.create",
"apigee.keystores.delete",
"apigee.keystores.export",
"apigee.keystores.get",
"apigee.keystores.list",
"apigee.keyvaluemaps.create",
"apigee.keyvaluemaps.delete",
"apigee.keyvaluemaps.list",
"apigee.maskconfigs.get",
"apigee.maskconfigs.update",
"apigee.operations.get",
"apigee.operations.list",
"apigee.organizations.create",
"apigee.organizations.delete",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.organizations.update",
"apigee.portals.create",
"apigee.portals.delete",
"apigee.portals.get",
"apigee.portals.list",
"apigee.portals.update",
"apigee.projects.update",
"apigee.proxies.create",
"apigee.proxies.delete",
"apigee.proxies.get",
"apigee.proxies.list",
"apigee.proxyrevisions.delete",
"apigee.proxyrevisions.deploy",
"apigee.proxyrevisions.get",
"apigee.proxyrevisions.list",
"apigee.proxyrevisions.undeploy",
"apigee.proxyrevisions.update",
"apigee.queries.create",
"apigee.queries.get",
"apigee.queries.list",
"apigee.rateplans.create",
"apigee.rateplans.delete",
"apigee.rateplans.get",
"apigee.rateplans.list",
"apigee.rateplans.update",
"apigee.references.create",
"apigee.references.delete",
"apigee.references.get",
"apigee.references.list",
"apigee.references.update",
"apigee.reports.create",
"apigee.reports.delete",
"apigee.reports.get",
"apigee.reports.list",
"apigee.reports.update",
"apigee.resourcefiles.create",
"apigee.resourcefiles.delete",
"apigee.resourcefiles.get",
"apigee.resourcefiles.list",
"apigee.resourcefiles.update",
"apigee.runtimeconfigs.get",
"apigee.sharedflowrevisions.delete",
"apigee.sharedflowrevisions.deploy",
"apigee.sharedflowrevisions.get",
"apigee.sharedflowrevisions.list",
"apigee.sharedflowrevisions.undeploy",
"apigee.sharedflowrevisions.update",
"apigee.sharedflows.create",
"apigee.sharedflows.delete",
"apigee.sharedflows.get",
"apigee.sharedflows.list",
"apigee.targetservers.create",
"apigee.targetservers.delete",
"apigee.targetservers.get",
"apigee.targetservers.list",
"apigee.targetservers.update",
"apigee.tracesessions.create",
"apigee.tracesessions.delete",
"apigee.tracesessions.get",
"apigee.tracesessions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/apigee.admin",
"stage": "GA",
"title": "Apigee Organization Admin"
}
{
"description": "Curated set of permissions for Apigee Universal Data Collection Agent to manage analytics for an Apigee Organization",
"etag": "AA==",
"includedPermissions": [
"apigee.environments.getDataLocation",
"apigee.runtimeconfigs.get"
],
"name": "roles/apigee.analyticsAgent",
"stage": "GA",
"title": "Apigee Analytics Agent"
}
{
"description": "Analytics editor for an Apigee Organization",
"etag": "AA==",
"includedPermissions": [
"apigee.datacollectors.create",
"apigee.datacollectors.delete",
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.datacollectors.update",
"apigee.datastores.create",
"apigee.datastores.delete",
"apigee.datastores.get",
"apigee.datastores.list",
"apigee.datastores.update",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.environments.get",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.exports.create",
"apigee.exports.get",
"apigee.exports.list",
"apigee.hostqueries.create",
"apigee.hostqueries.get",
"apigee.hostqueries.list",
"apigee.hoststats.get",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.queries.create",
"apigee.queries.get",
"apigee.queries.list",
"apigee.reports.create",
"apigee.reports.delete",
"apigee.reports.get",
"apigee.reports.list",
"apigee.reports.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigee.analyticsEditor",
"stage": "GA",
"title": "Apigee Analytics Editor"
}
{
"description": "Analytics viewer for an Apigee Organization",
"etag": "AA==",
"includedPermissions": [
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.datastores.get",
"apigee.datastores.list",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.environments.get",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.exports.get",
"apigee.exports.list",
"apigee.hostqueries.get",
"apigee.hostqueries.list",
"apigee.hoststats.get",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.queries.get",
"apigee.queries.list",
"apigee.reports.get",
"apigee.reports.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigee.analyticsViewer",
"stage": "GA",
"title": "Apigee Analytics Viewer"
}
{
"description": "Full read/write access to all apigee API resources",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproductattributes.createOrUpdateAll",
"apigee.apiproductattributes.delete",
"apigee.apiproductattributes.get",
"apigee.apiproductattributes.list",
"apigee.apiproductattributes.update",
"apigee.apiproducts.create",
"apigee.apiproducts.delete",
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.apiproducts.update",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.environments.get",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.keyvaluemaps.list",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.proxies.create",
"apigee.proxies.delete",
"apigee.proxies.get",
"apigee.proxies.list",
"apigee.proxyrevisions.delete",
"apigee.proxyrevisions.deploy",
"apigee.proxyrevisions.get",
"apigee.proxyrevisions.list",
"apigee.proxyrevisions.undeploy",
"apigee.proxyrevisions.update",
"apigee.sharedflowrevisions.delete",
"apigee.sharedflowrevisions.deploy",
"apigee.sharedflowrevisions.get",
"apigee.sharedflowrevisions.list",
"apigee.sharedflowrevisions.undeploy",
"apigee.sharedflowrevisions.update",
"apigee.sharedflows.create",
"apigee.sharedflows.delete",
"apigee.sharedflows.get",
"apigee.sharedflows.list",
"apigee.tracesessions.create",
"apigee.tracesessions.delete",
"apigee.tracesessions.get",
"apigee.tracesessions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigee.apiAdmin",
"stage": "GA",
"title": "Apigee API Admin"
}
{
"description": "Reader of apigee resources",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproductattributes.get",
"apigee.apiproductattributes.list",
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.environments.get",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.keyvaluemaps.list",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.proxies.get",
"apigee.proxies.list",
"apigee.proxyrevisions.deploy",
"apigee.proxyrevisions.get",
"apigee.proxyrevisions.list",
"apigee.proxyrevisions.undeploy",
"apigee.sharedflowrevisions.deploy",
"apigee.sharedflowrevisions.get",
"apigee.sharedflowrevisions.list",
"apigee.sharedflowrevisions.undeploy",
"apigee.sharedflows.get",
"apigee.sharedflows.list",
"apigee.tracesessions.get",
"apigee.tracesessions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigee.apiReader",
"stage": "GA",
"title": "Apigee API Reader"
}
{
"description": "Developer admin of apigee resources",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproductattributes.get",
"apigee.apiproductattributes.list",
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.appkeys.create",
"apigee.appkeys.delete",
"apigee.appkeys.get",
"apigee.appkeys.manage",
"apigee.apps.get",
"apigee.apps.list",
"apigee.datacollectors.create",
"apigee.datacollectors.delete",
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.datacollectors.update",
"apigee.developerappattributes.createOrUpdateAll",
"apigee.developerappattributes.delete",
"apigee.developerappattributes.get",
"apigee.developerappattributes.list",
"apigee.developerappattributes.update",
"apigee.developerapps.create",
"apigee.developerapps.delete",
"apigee.developerapps.get",
"apigee.developerapps.list",
"apigee.developerapps.manage",
"apigee.developerattributes.createOrUpdateAll",
"apigee.developerattributes.delete",
"apigee.developerattributes.get",
"apigee.developerattributes.list",
"apigee.developerattributes.update",
"apigee.developerbalances.get",
"apigee.developerbalances.update",
"apigee.developermonetizationconfigs.get",
"apigee.developermonetizationconfigs.update",
"apigee.developers.create",
"apigee.developers.delete",
"apigee.developers.get",
"apigee.developers.list",
"apigee.developers.update",
"apigee.developersubscriptions.create",
"apigee.developersubscriptions.get",
"apigee.developersubscriptions.list",
"apigee.developersubscriptions.update",
"apigee.environments.get",
"apigee.environments.getStats",
"apigee.hoststats.get",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.rateplans.get",
"apigee.rateplans.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/apigee.developerAdmin",
"stage": "GA",
"title": "Apigee Developer Admin"
}
{
"description": "Full read/write access to apigee environment resources, including deployments.",
"etag": "AA==",
"includedPermissions": [
"apigee.archivedeployments.create",
"apigee.archivedeployments.delete",
"apigee.archivedeployments.download",
"apigee.archivedeployments.get",
"apigee.archivedeployments.list",
"apigee.archivedeployments.update",
"apigee.archivedeployments.upload",
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.deployments.create",
"apigee.deployments.delete",
"apigee.deployments.get",
"apigee.deployments.list",
"apigee.deployments.update",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.environments.get",
"apigee.environments.getIamPolicy",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.environments.setIamPolicy",
"apigee.flowhooks.attachSharedFlow",
"apigee.flowhooks.detachSharedFlow",
"apigee.flowhooks.getSharedFlow",
"apigee.flowhooks.list",
"apigee.ingressconfigs.get",
"apigee.keystorealiases.create",
"apigee.keystorealiases.delete",
"apigee.keystorealiases.exportCertificate",
"apigee.keystorealiases.generateCSR",
"apigee.keystorealiases.get",
"apigee.keystorealiases.list",
"apigee.keystorealiases.update",
"apigee.keystores.create",
"apigee.keystores.delete",
"apigee.keystores.export",
"apigee.keystores.get",
"apigee.keystores.list",
"apigee.keyvaluemaps.create",
"apigee.keyvaluemaps.delete",
"apigee.keyvaluemaps.list",
"apigee.maskconfigs.get",
"apigee.maskconfigs.update",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.proxies.get",
"apigee.proxies.list",
"apigee.proxyrevisions.deploy",
"apigee.proxyrevisions.get",
"apigee.proxyrevisions.list",
"apigee.proxyrevisions.undeploy",
"apigee.references.create",
"apigee.references.delete",
"apigee.references.get",
"apigee.references.list",
"apigee.references.update",
"apigee.resourcefiles.create",
"apigee.resourcefiles.delete",
"apigee.resourcefiles.get",
"apigee.resourcefiles.list",
"apigee.resourcefiles.update",
"apigee.sharedflowrevisions.deploy",
"apigee.sharedflowrevisions.get",
"apigee.sharedflowrevisions.list",
"apigee.sharedflowrevisions.undeploy",
"apigee.sharedflows.get",
"apigee.sharedflows.list",
"apigee.targetservers.create",
"apigee.targetservers.delete",
"apigee.targetservers.get",
"apigee.targetservers.list",
"apigee.targetservers.update",
"apigee.tracesessions.create",
"apigee.tracesessions.delete",
"apigee.tracesessions.get",
"apigee.tracesessions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/apigee.environmentAdmin",
"stage": "GA",
"title": "Apigee Environment Admin"
}
{
"description": "All permissions related to monetization",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.developerbalances.get",
"apigee.developerbalances.update",
"apigee.developermonetizationconfigs.get",
"apigee.developermonetizationconfigs.update",
"apigee.developersubscriptions.create",
"apigee.developersubscriptions.get",
"apigee.developersubscriptions.list",
"apigee.developersubscriptions.update",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.rateplans.create",
"apigee.rateplans.delete",
"apigee.rateplans.get",
"apigee.rateplans.list",
"apigee.rateplans.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigee.monetizationAdmin",
"stage": "GA",
"title": "Apigee Monetization Admin"
}
{
"description": "Portal admin for an Apigee Organization",
"etag": "AA==",
"includedPermissions": [
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.portals.create",
"apigee.portals.delete",
"apigee.portals.get",
"apigee.portals.list",
"apigee.portals.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/apigee.portalAdmin",
"stage": "GA",
"title": "Apigee Portal Admin"
}
{
"description": "Viewer of all apigee resources",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproductattributes.get",
"apigee.apiproductattributes.list",
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.appkeys.get",
"apigee.apps.get",
"apigee.apps.list",
"apigee.archivedeployments.download",
"apigee.archivedeployments.get",
"apigee.archivedeployments.list",
"apigee.caches.list",
"apigee.canaryevaluations.get",
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.datastores.get",
"apigee.datastores.list",
"apigee.deployments.get",
"apigee.deployments.list",
"apigee.developerappattributes.get",
"apigee.developerappattributes.list",
"apigee.developerapps.get",
"apigee.developerapps.list",
"apigee.developerattributes.get",
"apigee.developerattributes.list",
"apigee.developerbalances.get",
"apigee.developermonetizationconfigs.get",
"apigee.developers.get",
"apigee.developers.list",
"apigee.developersubscriptions.get",
"apigee.developersubscriptions.list",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.environments.get",
"apigee.environments.getDataLocation",
"apigee.environments.getIamPolicy",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.exports.get",
"apigee.exports.list",
"apigee.flowhooks.getSharedFlow",
"apigee.flowhooks.list",
"apigee.hostqueries.get",
"apigee.hostqueries.list",
"apigee.hoststats.get",
"apigee.ingressconfigs.get",
"apigee.instanceattachments.get",
"apigee.instanceattachments.list",
"apigee.instances.get",
"apigee.instances.list",
"apigee.keystorealiases.get",
"apigee.keystorealiases.list",
"apigee.keystores.get",
"apigee.keystores.list",
"apigee.keyvaluemaps.list",
"apigee.maskconfigs.get",
"apigee.operations.get",
"apigee.operations.list",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.portals.get",
"apigee.portals.list",
"apigee.proxies.get",
"apigee.proxies.list",
"apigee.proxyrevisions.get",
"apigee.proxyrevisions.list",
"apigee.queries.get",
"apigee.queries.list",
"apigee.rateplans.get",
"apigee.rateplans.list",
"apigee.references.get",
"apigee.references.list",
"apigee.reports.get",
"apigee.reports.list",
"apigee.resourcefiles.get",
"apigee.resourcefiles.list",
"apigee.runtimeconfigs.get",
"apigee.sharedflowrevisions.get",
"apigee.sharedflowrevisions.list",
"apigee.sharedflows.get",
"apigee.sharedflows.list",
"apigee.targetservers.get",
"apigee.targetservers.list",
"apigee.tracesessions.get",
"apigee.tracesessions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/apigee.readOnlyAdmin",
"stage": "GA",
"title": "Apigee Read-only Admin"
}
{
"description": "Curated set of permissions for a runtime agent to access Apigee Organization resources",
"etag": "AA==",
"includedPermissions": [
"apigee.canaryevaluations.create",
"apigee.canaryevaluations.get",
"apigee.ingressconfigs.get",
"apigee.instances.reportStatus",
"apigee.operations.get",
"apigee.operations.list",
"apigee.organizations.get",
"apigee.runtimeconfigs.get"
],
"name": "roles/apigee.runtimeAgent",
"stage": "GA",
"title": "Apigee Runtime Agent"
}
{
"description": "Service agent that grants access to Apigee resources - API Products, Developers, Developer Apps, and App Keys.",
"etag": "AA==",
"includedPermissions": [
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.appkeys.create",
"apigee.appkeys.delete",
"apigee.appkeys.manage",
"apigee.apps.get",
"apigee.canaryevaluations.create",
"apigee.canaryevaluations.get",
"apigee.developerapps.create",
"apigee.developerapps.delete",
"apigee.developerapps.get",
"apigee.developerapps.list",
"apigee.developerapps.manage",
"apigee.developers.create",
"apigee.developers.get",
"apigee.environments.get",
"apigee.environments.getDataLocation",
"apigee.environments.manageRuntime",
"apigee.ingressconfigs.get",
"apigee.instances.reportStatus",
"apigee.operations.get",
"apigee.operations.list",
"apigee.organizations.get",
"apigee.proxyrevisions.get",
"apigee.runtimeconfigs.get",
"cloudtrace.traces.patch",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create"
],
"name": "roles/apigee.serviceAgent",
"stage": "GA",
"title": "Apigee Service Agent"
}
{
"description": "Curated set of permissions for a Synchronizer to manage environments in an Apigee Organization",
"etag": "AA==",
"includedPermissions": [
"apigee.environments.get",
"apigee.environments.manageRuntime",
"apigee.ingressconfigs.get"
],
"name": "roles/apigee.synchronizerManager",
"stage": "GA",
"title": "Apigee Synchronizer Manager"
}
{
"description": "Admin of Apigee Connect",
"etag": "AA==",
"includedPermissions": [
"apigeeconnect.connections.list"
],
"name": "roles/apigeeconnect.Admin",
"stage": "GA",
"title": "Apigee Connect Admin"
}
{
"description": "Ability to set up Apigee Connect agent between external clusters and Google.",
"etag": "AA==",
"includedPermissions": [
"apigeeconnect.endpoints.connect"
],
"name": "roles/apigeeconnect.Agent",
"stage": "GA",
"title": "Apigee Connect Agent"
}
{
"description": "Give the App Development Experience service agent access toCloud Platform resources.",
"etag": "AA==",
"includedPermissions": [
"container.clusters.get",
"container.clusters.update",
"gkehub.features.get",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.get",
"gkehub.memberships.list"
],
"name": "roles/appdevelopmentexperience.serviceAgent",
"stage": "GA",
"title": "App Development Experience Service Agent"
}
{
"description": "Full management of App Engine apps (but not storage).",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"appengine.applications.update",
"appengine.instances.delete",
"appengine.instances.get",
"appengine.instances.list",
"appengine.operations.get",
"appengine.operations.list",
"appengine.runtimes.actAsAdmin",
"appengine.services.delete",
"appengine.services.get",
"appengine.services.list",
"appengine.services.update",
"appengine.versions.create",
"appengine.versions.delete",
"appengine.versions.get",
"appengine.versions.list",
"appengine.versions.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/appengine.appAdmin",
"stage": "GA",
"title": "App Engine Admin"
}
{
"description": "Ability to create the App Engine resource for the project.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/appengine.appCreator",
"stage": "GA",
"title": "App Engine Creator"
}
{
"description": "Ability to view App Engine app status.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"appengine.instances.get",
"appengine.instances.list",
"appengine.operations.get",
"appengine.operations.list",
"appengine.services.get",
"appengine.services.list",
"appengine.versions.get",
"appengine.versions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/appengine.appViewer",
"stage": "GA",
"title": "App Engine Viewer"
}
{
"description": "Ability to view App Engine app status and deployed source code.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"appengine.instances.get",
"appengine.instances.list",
"appengine.operations.get",
"appengine.operations.list",
"appengine.services.get",
"appengine.services.list",
"appengine.versions.get",
"appengine.versions.getFileContents",
"appengine.versions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/appengine.codeViewer",
"stage": "GA",
"title": "App Engine Code Viewer"
}
{
"description": "Necessary permissions to deploy new code to App Engine, and remove old versions.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"appengine.instances.get",
"appengine.instances.list",
"appengine.operations.get",
"appengine.operations.list",
"appengine.services.get",
"appengine.services.list",
"appengine.versions.create",
"appengine.versions.delete",
"appengine.versions.get",
"appengine.versions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/appengine.deployer",
"stage": "GA",
"title": "App Engine Deployer"
}
{
"description": "Can view and change traffic splits, scaling settings, and delete old versions; can't create new versions.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"appengine.instances.delete",
"appengine.instances.get",
"appengine.instances.list",
"appengine.operations.get",
"appengine.operations.list",
"appengine.services.delete",
"appengine.services.get",
"appengine.services.list",
"appengine.services.update",
"appengine.versions.delete",
"appengine.versions.get",
"appengine.versions.list",
"appengine.versions.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/appengine.serviceAdmin",
"stage": "GA",
"title": "App Engine Service Admin"
}
{
"description": "Can edit and manage App Engine Flexible Environment apps. Includes access to service accounts.",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.get",
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"compute.addresses.create",
"compute.addresses.delete",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.use",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.update",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.disks.list",
"compute.firewalls.create",
"compute.firewalls.delete",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.firewalls.update",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.globalAddresses.create",
"compute.globalAddresses.delete",
"compute.globalAddresses.get",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalOperations.get",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.update",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.get",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.update",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.useReadOnly",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getGuestAttributes",
"compute.instances.getSerialPortOutput",
"compute.instances.list",
"compute.instances.reset",
"compute.instances.setLabels",
"compute.instances.setMetadata",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.stop",
"compute.instances.use",
"compute.machineTypes.get",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionOperations.get",
"compute.regions.get",
"compute.subnetworks.delete",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"deploymentmanager.compositeTypes.get",
"deploymentmanager.deployments.create",
"deploymentmanager.deployments.delete",
"deploymentmanager.deployments.get",
"deploymentmanager.deployments.list",
"deploymentmanager.deployments.update",
"deploymentmanager.manifests.get",
"deploymentmanager.manifests.list",
"deploymentmanager.operations.get",
"deploymentmanager.operations.list",
"deploymentmanager.typeProviders.create",
"deploymentmanager.typeProviders.get",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.signBlob",
"iam.serviceAccounts.signJwt",
"logging.logEntries.create",
"logging.logMetrics.create",
"logging.logMetrics.delete",
"logging.logMetrics.get",
"logging.logMetrics.update",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.setIamPolicy",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list"
],
"name": "roles/appengineflex.serviceAgent",
"stage": "GA",
"title": "App Engine flexible environment Service Agent"
}
{
"description": "Administrator access to create and manage repositories.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.delete",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.create",
"artifactregistry.repositories.delete",
"artifactregistry.repositories.deleteArtifacts",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.getIamPolicy",
"artifactregistry.repositories.list",
"artifactregistry.repositories.setIamPolicy",
"artifactregistry.repositories.update",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.delete",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.delete",
"artifactregistry.versions.get",
"artifactregistry.versions.list"
],
"name": "roles/artifactregistry.admin",
"stage": "BETA",
"title": "Artifact Registry Administrator"
}
{
"description": "Access to read repository items.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.versions.get",
"artifactregistry.versions.list"
],
"name": "roles/artifactregistry.reader",
"stage": "BETA",
"title": "Artifact Registry Reader"
}
{
"description": "Access to manage artifacts in repositories.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.delete",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.deleteArtifacts",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.delete",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.delete",
"artifactregistry.versions.get",
"artifactregistry.versions.list"
],
"name": "roles/artifactregistry.repoAdmin",
"stage": "BETA",
"title": "Artifact Registry Repository Administrator"
}
{
"description": "Gives the Artifact Registry service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"pubsub.topics.publish"
],
"name": "roles/artifactregistry.serviceAgent",
"stage": "GA",
"title": "Artifact Registry Service Agent"
}
{
"description": "Access to read and write repository items.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.get",
"artifactregistry.versions.list"
],
"name": "roles/artifactregistry.writer",
"stage": "BETA",
"title": "Artifact Registry Writer"
}
{
"description": "Grants full access to Assured Workloads resources, CRM resources - project/folder and Organization Policy administration",
"etag": "AA==",
"includedPermissions": [
"assuredworkloads.operations.get",
"assuredworkloads.operations.list",
"assuredworkloads.workload.create",
"assuredworkloads.workload.delete",
"assuredworkloads.workload.get",
"assuredworkloads.workload.list",
"assuredworkloads.workload.update",
"orgpolicy.policy.get",
"orgpolicy.policy.set",
"resourcemanager.folders.create",
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/assuredworkloads.admin",
"stage": "GA",
"title": "Assured Workloads Administrator"
}
{
"description": "Grants read, write access to Assured Workloads resources, CRM resources - project/folder and Organization Policy administration",
"etag": "AA==",
"includedPermissions": [
"assuredworkloads.operations.get",
"assuredworkloads.operations.list",
"assuredworkloads.workload.create",
"assuredworkloads.workload.delete",
"assuredworkloads.workload.get",
"assuredworkloads.workload.list",
"assuredworkloads.workload.update",
"orgpolicy.policy.get",
"orgpolicy.policy.set",
"resourcemanager.folders.create",
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/assuredworkloads.editor",
"stage": "GA",
"title": "Assured Workloads Editor"
}
{
"description": "Grants read access to all Assured Workloads resources and CRM resources - project/folder",
"etag": "AA==",
"includedPermissions": [
"assuredworkloads.operations.get",
"assuredworkloads.operations.list",
"assuredworkloads.workload.get",
"assuredworkloads.workload.list",
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/assuredworkloads.reader",
"stage": "GA",
"title": "Assured Workloads Reader"
}
{
"description": "Gives the Assured Workloads service account access to create KMS keyrings and keys, and to monitor Assured Workloads.",
"etag": "AA==",
"includedPermissions": [
"cloudasset.assets.exportResource",
"cloudasset.feeds.create",
"cloudasset.feeds.delete",
"cloudasset.feeds.get",
"cloudasset.feeds.update",
"cloudkms.cryptoKeys.create",
"cloudkms.keyRings.create",
"serviceusage.services.enable",
"serviceusage.services.use"
],
"name": "roles/assuredworkloads.serviceAgent",
"stage": "GA",
"title": "Assured Workloads Service Agent"
}
{
"description": "Full access to all AutoML resources",
"etag": "AA==",
"includedPermissions": [
"automl.annotationSpecs.create",
"automl.annotationSpecs.delete",
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotationSpecs.update",
"automl.annotations.approve",
"automl.annotations.create",
"automl.annotations.list",
"automl.annotations.manipulate",
"automl.annotations.reject",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.columnSpecs.update",
"automl.datasets.create",
"automl.datasets.delete",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.getIamPolicy",
"automl.datasets.import",
"automl.datasets.list",
"automl.datasets.setIamPolicy",
"automl.datasets.update",
"automl.examples.delete",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.create",
"automl.humanAnnotationTasks.delete",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.getIamPolicy",
"automl.locations.list",
"automl.locations.setIamPolicy",
"automl.modelEvaluations.create",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.create",
"automl.models.delete",
"automl.models.deploy",
"automl.models.export",
"automl.models.get",
"automl.models.getIamPolicy",
"automl.models.list",
"automl.models.predict",
"automl.models.setIamPolicy",
"automl.models.undeploy",
"automl.operations.cancel",
"automl.operations.delete",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"automl.tableSpecs.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.list"
],
"name": "roles/automl.admin",
"stage": "BETA",
"title": "AutoML Admin"
}
{
"description": "Editor of all AutoML resources",
"etag": "AA==",
"includedPermissions": [
"automl.annotationSpecs.create",
"automl.annotationSpecs.delete",
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotationSpecs.update",
"automl.annotations.approve",
"automl.annotations.create",
"automl.annotations.list",
"automl.annotations.manipulate",
"automl.annotations.reject",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.columnSpecs.update",
"automl.datasets.create",
"automl.datasets.delete",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.import",
"automl.datasets.list",
"automl.datasets.update",
"automl.examples.delete",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.create",
"automl.humanAnnotationTasks.delete",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.list",
"automl.modelEvaluations.create",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.create",
"automl.models.delete",
"automl.models.deploy",
"automl.models.export",
"automl.models.get",
"automl.models.list",
"automl.models.predict",
"automl.models.undeploy",
"automl.operations.cancel",
"automl.operations.delete",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"automl.tableSpecs.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.list"
],
"name": "roles/automl.editor",
"stage": "BETA",
"title": "AutoML Editor"
}
{
"description": "Predict using models",
"etag": "AA==",
"includedPermissions": [
"automl.models.predict",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/automl.predictor",
"stage": "BETA",
"title": "AutoML Predictor"
}
{
"description": "AutoML service agent can act as Cloud Storage admin and export BigQuery tables, which can be backed by Cloud Storage and Cloud Bigtable.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.tables.create",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigtable.tables.get",
"bigtable.tables.list",
"bigtable.tables.readRows",
"serviceusage.services.use",
"storage.buckets.get",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/automl.serviceAgent",
"stage": "GA",
"title": "AutoML Service Agent"
}
{
"description": "Viewer of all AutoML resources",
"etag": "AA==",
"includedPermissions": [
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotations.list",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.datasets.get",
"automl.datasets.list",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.list",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.get",
"automl.models.list",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.list"
],
"name": "roles/automl.viewer",
"stage": "BETA",
"title": "AutoML Viewer"
}
{
"description": "Full access to all Recommendations AI resources.",
"etag": "AA==",
"includedPermissions": [
"automlrecommendations.apiKeys.create",
"automlrecommendations.apiKeys.delete",
"automlrecommendations.apiKeys.list",
"automlrecommendations.catalogItems.create",
"automlrecommendations.catalogItems.delete",
"automlrecommendations.catalogItems.get",
"automlrecommendations.catalogItems.list",
"automlrecommendations.catalogItems.update",
"automlrecommendations.catalogs.getStats",
"automlrecommendations.catalogs.list",
"automlrecommendations.catalogs.update",
"automlrecommendations.eventStores.getStats",
"automlrecommendations.events.create",
"automlrecommendations.events.list",
"automlrecommendations.events.purge",
"automlrecommendations.events.rejoin",
"automlrecommendations.placements.create",
"automlrecommendations.placements.delete",
"automlrecommendations.placements.getStats",
"automlrecommendations.placements.list",
"automlrecommendations.recommendations.create",
"automlrecommendations.recommendations.delete",
"automlrecommendations.recommendations.list",
"automlrecommendations.recommendations.pause",
"automlrecommendations.recommendations.resume",
"automlrecommendations.recommendations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"retail.catalogs.list",
"retail.catalogs.update",
"retail.operations.get",
"retail.operations.list",
"retail.placements.predict",
"retail.products.create",
"retail.products.delete",
"retail.products.export",
"retail.products.get",
"retail.products.import",
"retail.products.list",
"retail.products.update",
"retail.userEvents.create",
"retail.userEvents.import",
"retail.userEvents.purge",
"retail.userEvents.rejoin",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/automlrecommendations.admin",
"stage": "BETA",
"title": "Recommendations AI Admin"
}
{
"description": "Viewer of all Recommendations AI resources.",
"etag": "AA==",
"includedPermissions": [
"automlrecommendations.apiKeys.list",
"automlrecommendations.catalogItems.get",
"automlrecommendations.catalogItems.list",
"automlrecommendations.catalogs.getStats",
"automlrecommendations.catalogs.list",
"automlrecommendations.eventStores.getStats",
"automlrecommendations.events.list",
"automlrecommendations.placements.getStats",
"automlrecommendations.placements.list",
"automlrecommendations.recommendations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"retail.catalogs.list",
"retail.operations.get",
"retail.operations.list",
"retail.placements.predict",
"retail.products.export",
"retail.products.get",
"retail.products.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/automlrecommendations.adminViewer",
"stage": "BETA",
"title": "Recommendations AI Admin Viewer"
}
{
"description": "Editor of all Recommendations AI resources.",
"etag": "AA==",
"includedPermissions": [
"automlrecommendations.apiKeys.create",
"automlrecommendations.apiKeys.list",
"automlrecommendations.catalogItems.create",
"automlrecommendations.catalogItems.delete",
"automlrecommendations.catalogItems.get",
"automlrecommendations.catalogItems.list",
"automlrecommendations.catalogItems.update",
"automlrecommendations.catalogs.getStats",
"automlrecommendations.catalogs.list",
"automlrecommendations.eventStores.getStats",
"automlrecommendations.events.create",
"automlrecommendations.events.list",
"automlrecommendations.placements.create",
"automlrecommendations.placements.getStats",
"automlrecommendations.placements.list",
"automlrecommendations.recommendations.create",
"automlrecommendations.recommendations.list",
"automlrecommendations.recommendations.pause",
"automlrecommendations.recommendations.resume",
"automlrecommendations.recommendations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"retail.catalogs.list",
"retail.catalogs.update",
"retail.operations.get",
"retail.operations.list",
"retail.placements.predict",
"retail.products.create",
"retail.products.delete",
"retail.products.export",
"retail.products.get",
"retail.products.import",
"retail.products.list",
"retail.products.update",
"retail.userEvents.create",
"retail.userEvents.import",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/automlrecommendations.editor",
"stage": "BETA",
"title": "Recommendations AI Editor"
}
{
"description": "Recommendations AI service uploads catalog feeds from Cloud Storage, reports results to the customer Cloud Storage bucket, writes logs to customer projects, and writes and reads Stackdriver metrics for customer projects.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.jobs.update",
"bigquery.tables.create",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.list",
"bigquery.tables.updateData",
"cloudnotifications.activities.list",
"logging.logEntries.create",
"monitoring.alertPolicies.get",
"monitoring.alertPolicies.list",
"monitoring.dashboards.get",
"monitoring.dashboards.list",
"monitoring.groups.get",
"monitoring.groups.list",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.notificationChannelDescriptors.get",
"monitoring.notificationChannelDescriptors.list",
"monitoring.notificationChannels.get",
"monitoring.notificationChannels.list",
"monitoring.publicWidgets.get",
"monitoring.publicWidgets.list",
"monitoring.services.get",
"monitoring.services.list",
"monitoring.slos.get",
"monitoring.slos.list",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"monitoring.uptimeCheckConfigs.get",
"monitoring.uptimeCheckConfigs.list",
"opsconfigmonitoring.resourceMetadata.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"stackdriver.projects.get",
"storage.buckets.create",
"storage.buckets.get",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/automlrecommendations.serviceAgent",
"stage": "GA",
"title": "Recommendations AI Service Agent"
}
{
"description": "Viewer of all Recommendations AI resources except automlrecommendations.apiKeys. To have all read access use Recommendations AI Admin Viewer role instead.",
"etag": "AA==",
"includedPermissions": [
"automlrecommendations.catalogItems.get",
"automlrecommendations.catalogItems.list",
"automlrecommendations.catalogs.getStats",
"automlrecommendations.catalogs.list",
"automlrecommendations.eventStores.getStats",
"automlrecommendations.events.list",
"automlrecommendations.placements.getStats",
"automlrecommendations.placements.list",
"automlrecommendations.recommendations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"retail.catalogs.list",
"retail.operations.get",
"retail.operations.list",
"retail.placements.predict",
"retail.products.export",
"retail.products.get",
"retail.products.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/automlrecommendations.viewer",
"stage": "BETA",
"title": "Recommendations AI Viewer"
}
{
"description": "Access to write metrics for autoscaling site",
"etag": "AA==",
"includedPermissions": [
"autoscaling.sites.writeMetrics"
],
"name": "roles/autoscaling.metricsWriter",
"stage": "BETA",
"title": "Autoscaling Metrics Writer"
}
{
"description": "Access to read recommendations from autoscaling site",
"etag": "AA==",
"includedPermissions": [
"autoscaling.sites.readRecommendations"
],
"name": "roles/autoscaling.recommendationsReader",
"stage": "BETA",
"title": "Autoscaling Recommendations Reader"
}
{
"description": "Full access to all autoscaling site features",
"etag": "AA==",
"includedPermissions": [
"autoscaling.sites.getIamPolicy",
"autoscaling.sites.readRecommendations",
"autoscaling.sites.setIamPolicy",
"autoscaling.sites.writeMetrics",
"autoscaling.sites.writeState",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/autoscaling.sitesAdmin",
"stage": "BETA",
"title": "Autoscaling Site Admin"
}
{
"description": "Access to write state for autoscaling site",
"etag": "AA==",
"includedPermissions": [
"autoscaling.sites.writeState"
],
"name": "roles/autoscaling.stateWriter",
"stage": "BETA",
"title": "Autoscaling State Writer"
}
{
"description": "Enable Access Transparency for Organization",
"etag": "AA==",
"includedPermissions": [
"axt.labels.get",
"axt.labels.set",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/axt.admin",
"stage": "GA",
"title": "Access Transparency Admin"
}
{
"description": "Administrator of Bare Metal Solution resources",
"etag": "AA==",
"name": "roles/baremetalsolution.admin",
"stage": "GA",
"title": "Admin"
}
{
"description": "Editor of Bare Metal Solution resources",
"etag": "AA==",
"name": "roles/baremetalsolution.editor",
"stage": "GA",
"title": "Editor"
}
{
"description": "Viewer of Bare Metal Solution resources",
"etag": "AA==",
"name": "roles/baremetalsolution.viewer",
"stage": "GA",
"title": "Viewer"
}
{
"description": "Administer all BigQuery resources and data",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.bireservations.update",
"bigquery.capacityCommitments.create",
"bigquery.capacityCommitments.delete",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.capacityCommitments.update",
"bigquery.config.get",
"bigquery.config.update",
"bigquery.connections.create",
"bigquery.connections.delete",
"bigquery.connections.get",
"bigquery.connections.getIamPolicy",
"bigquery.connections.list",
"bigquery.connections.setIamPolicy",
"bigquery.connections.update",
"bigquery.connections.updateTag",
"bigquery.connections.use",
"bigquery.datasets.create",
"bigquery.datasets.delete",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.setIamPolicy",
"bigquery.datasets.update",
"bigquery.datasets.updateTag",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.jobs.listAll",
"bigquery.jobs.update",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"bigquery.reservationAssignments.create",
"bigquery.reservationAssignments.delete",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.create",
"bigquery.reservations.delete",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.reservations.update",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.rowAccessPolicies.create",
"bigquery.rowAccessPolicies.delete",
"bigquery.rowAccessPolicies.getIamPolicy",
"bigquery.rowAccessPolicies.list",
"bigquery.rowAccessPolicies.setIamPolicy",
"bigquery.rowAccessPolicies.update",
"bigquery.savedqueries.create",
"bigquery.savedqueries.delete",
"bigquery.savedqueries.get",
"bigquery.savedqueries.list",
"bigquery.savedqueries.update",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.setCategory",
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"bigquery.transfers.get",
"bigquery.transfers.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.admin",
"stage": "GA",
"title": "BigQuery Admin"
}
{
"etag": "AA==",
"includedPermissions": [
"bigquery.connections.create",
"bigquery.connections.delete",
"bigquery.connections.get",
"bigquery.connections.getIamPolicy",
"bigquery.connections.list",
"bigquery.connections.setIamPolicy",
"bigquery.connections.update",
"bigquery.connections.updateTag",
"bigquery.connections.use"
],
"name": "roles/bigquery.connectionAdmin",
"stage": "GA",
"title": "BigQuery Connection Admin"
}
{
"etag": "AA==",
"includedPermissions": [
"bigquery.connections.get",
"bigquery.connections.getIamPolicy",
"bigquery.connections.list",
"bigquery.connections.use"
],
"name": "roles/bigquery.connectionUser",
"stage": "GA",
"title": "BigQuery Connection User"
}
{
"description": "Access to edit all the contents of datasets",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.updateTag",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.dataEditor",
"stage": "GA",
"title": "BigQuery Data Editor"
}
{
"description": "Full access to datasets and all of their contents",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.delete",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.setIamPolicy",
"bigquery.datasets.update",
"bigquery.datasets.updateTag",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.rowAccessPolicies.create",
"bigquery.rowAccessPolicies.delete",
"bigquery.rowAccessPolicies.getIamPolicy",
"bigquery.rowAccessPolicies.list",
"bigquery.rowAccessPolicies.setIamPolicy",
"bigquery.rowAccessPolicies.update",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.setCategory",
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.dataOwner",
"stage": "GA",
"title": "BigQuery Data Owner"
}
{
"description": "Access to view datasets and all of their contents",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.dataViewer",
"stage": "GA",
"title": "BigQuery Data Viewer"
}
{
"description": "Access to view filtered table data defined by a row access policy",
"etag": "AA==",
"includedPermissions": [
"bigquery.rowAccessPolicies.getFilteredData"
],
"name": "roles/bigquery.filteredDataViewer",
"stage": "GA",
"title": "BigQuery Filtered Data Viewer"
}
{
"description": "Access to run jobs",
"etag": "AA==",
"includedPermissions": [
"bigquery.jobs.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.jobUser",
"stage": "GA",
"title": "BigQuery Job User"
}
{
"description": "Access to view table and dataset metadata",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.tables.get",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.metadataViewer",
"stage": "GA",
"title": "BigQuery Metadata Viewer"
}
{
"description": "Access to create and use read sessions",
"etag": "AA==",
"includedPermissions": [
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.readSessionUser",
"stage": "GA",
"title": "BigQuery Read Session User"
}
{
"description": "Administer all BigQuery resources.",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.bireservations.update",
"bigquery.capacityCommitments.create",
"bigquery.capacityCommitments.delete",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.capacityCommitments.update",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.jobs.listAll",
"bigquery.reservationAssignments.create",
"bigquery.reservationAssignments.delete",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.create",
"bigquery.reservations.delete",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.reservations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.resourceAdmin",
"stage": "GA",
"title": "BigQuery Resource Admin"
}
{
"description": "Manage all BigQuery resources, but cannot make purchasing decisions.",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.jobs.listAll",
"bigquery.reservationAssignments.create",
"bigquery.reservationAssignments.delete",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.create",
"bigquery.reservations.delete",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.reservations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.resourceEditor",
"stage": "GA",
"title": "BigQuery Resource Editor"
}
{
"description": "View all BigQuery resources but cannot make changes or purchasing decisions.",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.jobs.listAll",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.get",
"bigquery.reservations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.resourceViewer",
"stage": "GA",
"title": "BigQuery Resource Viewer"
}
{
"description": "When applied to a project, access to run queries, create datasets, read dataset metadata, and list tables. When applied to a dataset, access to read dataset metadata and list tables within the dataset.",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.config.get",
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.jobs.create",
"bigquery.jobs.list",
"bigquery.models.list",
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.routines.list",
"bigquery.savedqueries.get",
"bigquery.savedqueries.list",
"bigquery.tables.list",
"bigquery.transfers.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquery.user",
"stage": "GA",
"title": "BigQuery User"
}
{
"description": "Gives BigQuery Connection Service access to Cloud SQL instances in user projects.",
"etag": "AA==",
"includedPermissions": [
"cloudsql.instances.connect",
"cloudsql.instances.get",
"logging.logEntries.create",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create"
],
"name": "roles/bigqueryconnection.serviceAgent",
"stage": "GA",
"title": "BigQuery Connection Service Agent"
}
{
"description": "Gives BigQuery Data Transfer Service access to start bigquery jobs in consumer project. ",
"etag": "AA==",
"includedPermissions": [
"bigquery.jobs.create",
"iam.serviceAccounts.getAccessToken",
"logging.logEntries.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/bigquerydatatransfer.serviceAgent",
"stage": "GA",
"title": "BigQuery Data Transfer Service Agent"
}
{
"description": "Full access to all Bigtable resources and ability to assign Bigtable IAM roles.",
"etag": "AA==",
"includedPermissions": [
"bigtable.appProfiles.create",
"bigtable.appProfiles.delete",
"bigtable.appProfiles.get",
"bigtable.appProfiles.list",
"bigtable.appProfiles.update",
"bigtable.backups.create",
"bigtable.backups.delete",
"bigtable.backups.get",
"bigtable.backups.getIamPolicy",
"bigtable.backups.list",
"bigtable.backups.restore",
"bigtable.backups.setIamPolicy",
"bigtable.backups.update",
"bigtable.clusters.create",
"bigtable.clusters.delete",
"bigtable.clusters.get",
"bigtable.clusters.list",
"bigtable.clusters.update",
"bigtable.instances.create",
"bigtable.instances.delete",
"bigtable.instances.get",
"bigtable.instances.getIamPolicy",
"bigtable.instances.list",
"bigtable.instances.setIamPolicy",
"bigtable.instances.update",
"bigtable.keyvisualizer.get",
"bigtable.keyvisualizer.list",
"bigtable.locations.list",
"bigtable.tables.checkConsistency",
"bigtable.tables.create",
"bigtable.tables.delete",
"bigtable.tables.generateConsistencyToken",
"bigtable.tables.get",
"bigtable.tables.getIamPolicy",
"bigtable.tables.list",
"bigtable.tables.mutateRows",
"bigtable.tables.readRows",
"bigtable.tables.sampleRowKeys",
"bigtable.tables.setIamPolicy",
"bigtable.tables.update",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.timeSeries.list",
"resourcemanager.projects.get"
],
"name": "roles/bigtable.admin",
"stage": "GA",
"title": "Bigtable Administrator"
}
{
"description": "Read access to data in existing tables; read access to metadata for instances, clusters, and tables, including column families.",
"etag": "AA==",
"includedPermissions": [
"bigtable.appProfiles.get",
"bigtable.appProfiles.list",
"bigtable.backups.get",
"bigtable.backups.list",
"bigtable.clusters.get",
"bigtable.clusters.list",
"bigtable.instances.get",
"bigtable.instances.list",
"bigtable.keyvisualizer.get",
"bigtable.keyvisualizer.list",
"bigtable.locations.list",
"bigtable.tables.checkConsistency",
"bigtable.tables.generateConsistencyToken",
"bigtable.tables.get",
"bigtable.tables.list",
"bigtable.tables.readRows",
"bigtable.tables.sampleRowKeys",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.timeSeries.list",
"resourcemanager.projects.get"
],
"name": "roles/bigtable.reader",
"stage": "GA",
"title": "Bigtable Reader"
}
{
"description": "Read and write access to data in existing tables; read access to metadata for instances, clusters, and tables, including column families.",
"etag": "AA==",
"includedPermissions": [
"bigtable.appProfiles.get",
"bigtable.appProfiles.list",
"bigtable.backups.get",
"bigtable.backups.list",
"bigtable.clusters.get",
"bigtable.clusters.list",
"bigtable.instances.get",
"bigtable.instances.list",
"bigtable.keyvisualizer.get",
"bigtable.keyvisualizer.list",
"bigtable.locations.list",
"bigtable.tables.checkConsistency",
"bigtable.tables.generateConsistencyToken",
"bigtable.tables.get",
"bigtable.tables.list",
"bigtable.tables.mutateRows",
"bigtable.tables.readRows",
"bigtable.tables.sampleRowKeys",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.timeSeries.list",
"resourcemanager.projects.get"
],
"name": "roles/bigtable.user",
"stage": "GA",
"title": "Bigtable User"
}
{
"description": "Read access to metadata for instances, clusters, and tables, including column families.",
"etag": "AA==",
"includedPermissions": [
"bigtable.appProfiles.get",
"bigtable.appProfiles.list",
"bigtable.backups.get",
"bigtable.backups.list",
"bigtable.clusters.get",
"bigtable.clusters.list",
"bigtable.instances.get",
"bigtable.instances.list",
"bigtable.locations.list",
"bigtable.tables.checkConsistency",
"bigtable.tables.generateConsistencyToken",
"bigtable.tables.get",
"bigtable.tables.list",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.timeSeries.list",
"resourcemanager.projects.get"
],
"name": "roles/bigtable.viewer",
"stage": "GA",
"title": "Bigtable Viewer"
}
{
"description": "Authorized to see and manage all aspects of billing accounts.",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.close",
"billing.accounts.get",
"billing.accounts.getIamPolicy",
"billing.accounts.getPaymentInfo",
"billing.accounts.getPricing",
"billing.accounts.getSpendingInformation",
"billing.accounts.getUsageExportSpec",
"billing.accounts.list",
"billing.accounts.move",
"billing.accounts.redeemPromotion",
"billing.accounts.removeFromOrganization",
"billing.accounts.reopen",
"billing.accounts.setIamPolicy",
"billing.accounts.update",
"billing.accounts.updatePaymentInfo",
"billing.accounts.updateUsageExportSpec",
"billing.budgets.create",
"billing.budgets.delete",
"billing.budgets.get",
"billing.budgets.list",
"billing.budgets.update",
"billing.credits.list",
"billing.resourceAssociations.create",
"billing.resourceAssociations.delete",
"billing.resourceAssociations.list",
"billing.subscriptions.create",
"billing.subscriptions.get",
"billing.subscriptions.list",
"billing.subscriptions.update",
"cloudnotifications.activities.list",
"commerceoffercatalog.offers.get",
"consumerprocurement.accounts.create",
"consumerprocurement.accounts.delete",
"consumerprocurement.accounts.get",
"consumerprocurement.accounts.list",
"consumerprocurement.orders.cancel",
"consumerprocurement.orders.get",
"consumerprocurement.orders.list",
"consumerprocurement.orders.modify",
"consumerprocurement.orders.place",
"dataprocessing.datasources.get",
"dataprocessing.datasources.list",
"dataprocessing.groupcontrols.get",
"dataprocessing.groupcontrols.list",
"logging.logEntries.list",
"logging.logServiceIndexes.list",
"logging.logServices.list",
"logging.logs.list",
"logging.privateLogEntries.list",
"recommender.commitmentUtilizationInsights.get",
"recommender.commitmentUtilizationInsights.list",
"recommender.commitmentUtilizationInsights.update",
"recommender.usageCommitmentRecommendations.get",
"recommender.usageCommitmentRecommendations.list",
"recommender.usageCommitmentRecommendations.update",
"resourcemanager.projects.createBillingAssignment",
"resourcemanager.projects.deleteBillingAssignment"
],
"name": "roles/billing.admin",
"stage": "GA",
"title": "Billing Account Administrator"
}
{
"description": "Can view and export cost information of billing accounts.",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.get",
"billing.accounts.getIamPolicy",
"billing.accounts.getSpendingInformation",
"billing.accounts.getUsageExportSpec",
"billing.accounts.list",
"billing.accounts.updateUsageExportSpec",
"billing.budgets.create",
"billing.budgets.delete",
"billing.budgets.get",
"billing.budgets.list",
"billing.budgets.update",
"billing.resourceAssociations.list"
],
"name": "roles/billing.costsManager",
"stage": "GA",
"title": "Billing Account Costs Manager"
}
{
"description": "Creator of billing accounts.",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.create",
"resourcemanager.organizations.get"
],
"name": "roles/billing.creator",
"stage": "GA",
"title": "Billing Account Creator"
}
{
"description": "Can assign a project's billing account or disable its billing.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.createBillingAssignment",
"resourcemanager.projects.deleteBillingAssignment"
],
"name": "roles/billing.projectManager",
"stage": "GA",
"title": "Project Billing Manager"
}
{
"description": "Can associate projects with billing accounts",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.get",
"billing.accounts.getIamPolicy",
"billing.accounts.list",
"billing.accounts.redeemPromotion",
"billing.credits.list",
"billing.resourceAssociations.create"
],
"name": "roles/billing.user",
"stage": "GA",
"title": "Billing Account User"
}
{
"description": "Can view information about billing accounts.",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.get",
"billing.accounts.getIamPolicy",
"billing.accounts.getPaymentInfo",
"billing.accounts.getPricing",
"billing.accounts.getSpendingInformation",
"billing.accounts.getUsageExportSpec",
"billing.accounts.list",
"billing.budgets.get",
"billing.budgets.list",
"billing.credits.list",
"billing.resourceAssociations.list",
"billing.subscriptions.get",
"billing.subscriptions.list",
"commerceoffercatalog.offers.get",
"consumerprocurement.accounts.get",
"consumerprocurement.accounts.list",
"consumerprocurement.orders.get",
"consumerprocurement.orders.list",
"dataprocessing.datasources.get",
"dataprocessing.datasources.list",
"dataprocessing.groupcontrols.get",
"dataprocessing.groupcontrols.list",
"recommender.commitmentUtilizationInsights.get",
"recommender.commitmentUtilizationInsights.list",
"recommender.usageCommitmentRecommendations.get",
"recommender.usageCommitmentRecommendations.list"
],
"name": "roles/billing.viewer",
"stage": "GA",
"title": "Billing Account Viewer"
}
{
"description": "Adminstrator of Binary Authorization Attestors",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.attestors.create",
"binaryauthorization.attestors.delete",
"binaryauthorization.attestors.get",
"binaryauthorization.attestors.getIamPolicy",
"binaryauthorization.attestors.list",
"binaryauthorization.attestors.setIamPolicy",
"binaryauthorization.attestors.update",
"binaryauthorization.attestors.verifyImageAttested",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.attestorsAdmin",
"stage": "GA",
"title": "Binary Authorization Attestor Admin"
}
{
"description": "Editor of Binary Authorization Attestors",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.attestors.create",
"binaryauthorization.attestors.delete",
"binaryauthorization.attestors.get",
"binaryauthorization.attestors.list",
"binaryauthorization.attestors.update",
"binaryauthorization.attestors.verifyImageAttested",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.attestorsEditor",
"stage": "GA",
"title": "Binary Authorization Attestor Editor"
}
{
"description": "Caller of Binary Authorization Attestors VerifyImageAttested",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.attestors.get",
"binaryauthorization.attestors.list",
"binaryauthorization.attestors.verifyImageAttested",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.attestorsVerifier",
"stage": "GA",
"title": "Binary Authorization Attestor Image Verifier"
}
{
"description": "Viewer of Binary Authorization Attestors",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.attestors.get",
"binaryauthorization.attestors.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.attestorsViewer",
"stage": "GA",
"title": "Binary Authorization Attestor Viewer"
}
{
"description": "Administrator of Binary Authorization Policy",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.continuousValidationConfig.get",
"binaryauthorization.continuousValidationConfig.getIamPolicy",
"binaryauthorization.continuousValidationConfig.setIamPolicy",
"binaryauthorization.continuousValidationConfig.update",
"binaryauthorization.policy.get",
"binaryauthorization.policy.getIamPolicy",
"binaryauthorization.policy.setIamPolicy",
"binaryauthorization.policy.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.policyAdmin",
"stage": "GA",
"title": "Binary Authorization Policy Administrator"
}
{
"description": "Editor of Binary Authorization Policy",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.continuousValidationConfig.get",
"binaryauthorization.continuousValidationConfig.update",
"binaryauthorization.policy.get",
"binaryauthorization.policy.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.policyEditor",
"stage": "GA",
"title": "Binary Authorization Policy Editor"
}
{
"description": "Viewer of Binary Authorization Policy",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.continuousValidationConfig.get",
"binaryauthorization.policy.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.policyViewer",
"stage": "GA",
"title": "Binary Authorization Policy Viewer"
}
{
"description": "Can read Notes and Occurrences from the Container Analysis Service to find and verify signatures.",
"etag": "AA==",
"includedPermissions": [
"binaryauthorization.attestors.get",
"binaryauthorization.attestors.list",
"binaryauthorization.attestors.verifyImageAttested",
"containeranalysis.notes.get",
"containeranalysis.notes.list",
"containeranalysis.notes.listOccurrences",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/binaryauthorization.serviceAgent",
"stage": "GA",
"title": "Binary Authorization Service Agent"
}
{
"description": "Access to browse GCP resources.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/browser",
"stage": "GA",
"title": "Browser"
}
{
"description": "Can view and modify bot configurations",
"etag": "AA==",
"includedPermissions": [
"chat.bots.get",
"chat.bots.update"
],
"name": "roles/chat.owner",
"stage": "GA",
"title": "Chat Bots Owner"
}
{
"description": "Can view bot configurations",
"etag": "AA==",
"includedPermissions": [
"chat.bots.get"
],
"name": "roles/chat.reader",
"stage": "GA",
"title": "Chat Bots Viewer"
}
{
"description": "Admins can view and modify Chronicle service details.",
"etag": "AA==",
"includedPermissions": [
"chroniclesm.gcpAssociations.create",
"chroniclesm.gcpAssociations.delete",
"chroniclesm.gcpAssociations.get",
"chroniclesm.gcpSettings.get",
"chroniclesm.gcpSettings.update"
],
"name": "roles/chroniclesm.admin",
"stage": "GA",
"title": "Chronicle Service Admin"
}
{
"description": "Viewers can see Chronicle service details but not change them.",
"etag": "AA==",
"includedPermissions": [
"chroniclesm.gcpAssociations.get",
"chroniclesm.gcpSettings.get"
],
"name": "roles/chroniclesm.viewer",
"stage": "GA",
"title": "Chronicle Service Viewer"
}
{
"description": "Full access to cloud assets metadata",
"etag": "AA==",
"includedPermissions": [
"cloudasset.assets.analyzeIamPolicy",
"cloudasset.assets.analyzeMove",
"cloudasset.assets.exportAccessLevel",
"cloudasset.assets.exportAccessPolicy",
"cloudasset.assets.exportAllAccessPolicy",
"cloudasset.assets.exportAppengineApplications",
"cloudasset.assets.exportAppengineServices",
"cloudasset.assets.exportAppengineVersions",
"cloudasset.assets.exportBigqueryDatasets",
"cloudasset.assets.exportBigqueryTables",
"cloudasset.assets.exportBigtableCluster",
"cloudasset.assets.exportBigtableInstance",
"cloudasset.assets.exportBigtableTable",
"cloudasset.assets.exportCloudbillingBillingAccounts",
"cloudasset.assets.exportCloudkmsCryptoKeyVersions",
"cloudasset.assets.exportCloudkmsCryptoKeys",
"cloudasset.assets.exportCloudkmsImportJobs",
"cloudasset.assets.exportCloudkmsKeyRings",
"cloudasset.assets.exportCloudresourcemanagerFolders",
"cloudasset.assets.exportCloudresourcemanagerOrganizations",
"cloudasset.assets.exportCloudresourcemanagerProjects",
"cloudasset.assets.exportComputeAddress",
"cloudasset.assets.exportComputeAutoscalers",
"cloudasset.assets.exportComputeBackendBuckets",
"cloudasset.assets.exportComputeBackendServices",
"cloudasset.assets.exportComputeDisks",
"cloudasset.assets.exportComputeFirewalls",
"cloudasset.assets.exportComputeForwardingRules",
"cloudasset.assets.exportComputeGlobalAddress",
"cloudasset.assets.exportComputeGlobalForwardingRules",
"cloudasset.assets.exportComputeHealthChecks",
"cloudasset.assets.exportComputeHttpHealthChecks",
"cloudasset.assets.exportComputeHttpsHealthChecks",
"cloudasset.assets.exportComputeImages",
"cloudasset.assets.exportComputeInstanceGroupManagers",
"cloudasset.assets.exportComputeInstanceGroups",
"cloudasset.assets.exportComputeInstanceTemplates",
"cloudasset.assets.exportComputeInstances",
"cloudasset.assets.exportComputeInterconnect",
"cloudasset.assets.exportComputeInterconnectAttachment",
"cloudasset.assets.exportComputeLicenses",
"cloudasset.assets.exportComputeNetworks",
"cloudasset.assets.exportComputeProjects",
"cloudasset.assets.exportComputeRegionAutoscaler",
"cloudasset.assets.exportComputeRegionBackendServices",
"cloudasset.assets.exportComputeRegionDisk",
"cloudasset.assets.exportComputeRegionInstanceGroup",
"cloudasset.assets.exportComputeRegionInstanceGroupManager",
"cloudasset.assets.exportComputeRouters",
"cloudasset.assets.exportComputeRoutes",
"cloudasset.assets.exportComputeSecurityPolicy",
"cloudasset.assets.exportComputeSnapshots",
"cloudasset.assets.exportComputeSslCertificates",
"cloudasset.assets.exportComputeSubnetworks",
"cloudasset.assets.exportComputeTargetHttpProxies",
"cloudasset.assets.exportComputeTargetHttpsProxies",
"cloudasset.assets.exportComputeTargetInstances",
"cloudasset.assets.exportComputeTargetPools",
"cloudasset.assets.exportComputeTargetSslProxies",
"cloudasset.assets.exportComputeTargetTcpProxies",
"cloudasset.assets.exportComputeTargetVpnGateways",
"cloudasset.assets.exportComputeUrlMaps",
"cloudasset.assets.exportComputeVpnTunnels",
"cloudasset.assets.exportContainerClusterrole",
"cloudasset.assets.exportContainerClusterrolebinding",
"cloudasset.assets.exportContainerClusters",
"cloudasset.assets.exportContainerNamespace",
"cloudasset.assets.exportContainerNode",
"cloudasset.assets.exportContainerNodepool",
"cloudasset.assets.exportContainerPod",
"cloudasset.assets.exportContainerRole",
"cloudasset.assets.exportContainerRolebinding",
"cloudasset.assets.exportContainerregistryImage",
"cloudasset.assets.exportDatafusionInstance",
"cloudasset.assets.exportDataprocClusters",
"cloudasset.assets.exportDataprocJobs",
"cloudasset.assets.exportDnsManagedZones",
"cloudasset.assets.exportDnsPolicies",
"cloudasset.assets.exportIamPolicy",
"cloudasset.assets.exportIamRoles",
"cloudasset.assets.exportIamServiceAccountKeys",
"cloudasset.assets.exportIamServiceAccounts",
"cloudasset.assets.exportManagedidentitiesDomain",
"cloudasset.assets.exportOrgPolicy",
"cloudasset.assets.exportPubsubSubscriptions",
"cloudasset.assets.exportPubsubTopics",
"cloudasset.assets.exportResource",
"cloudasset.assets.exportServicePerimeter",
"cloudasset.assets.exportServicemanagementServices",
"cloudasset.assets.exportSpannerDatabases",
"cloudasset.assets.exportSpannerInstances",
"cloudasset.assets.exportSqladminInstances",
"cloudasset.assets.exportStorageBuckets",
"cloudasset.assets.listAccessPolicy",
"cloudasset.assets.listCloudkmsCryptoKeys",
"cloudasset.assets.listIamPolicy",
"cloudasset.assets.listOSInventories",
"cloudasset.assets.listOrgPolicy",
"cloudasset.assets.listResource",
"cloudasset.assets.searchAllIamPolicies",
"cloudasset.assets.searchAllResources",
"cloudasset.feeds.create",
"cloudasset.feeds.delete",
"cloudasset.feeds.get",
"cloudasset.feeds.list",
"cloudasset.feeds.update",
"recommender.cloudAssetInsights.get",
"recommender.cloudAssetInsights.list",
"recommender.cloudAssetInsights.update",
"recommender.locations.get",
"recommender.locations.list"
],
"name": "roles/cloudasset.owner",
"stage": "GA",
"title": "Cloud Asset Owner"
}
{
"description": "Gives Cloud Asset service agent permissions to Cloud Storage and BigQuery for exporting Assets, and permission to publish to Cloud Pub/Sub topics for Asset Real Time Feed.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.get",
"bigquery.tables.update",
"bigquery.tables.updateData",
"pubsub.topics.publish",
"storage.buckets.create",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get"
],
"name": "roles/cloudasset.serviceAgent",
"stage": "GA",
"title": "Cloud Asset Service Agent"
}
{
"description": "Read only access to cloud assets metadata",
"etag": "AA==",
"includedPermissions": [
"cloudasset.assets.analyzeIamPolicy",
"cloudasset.assets.analyzeMove",
"cloudasset.assets.exportAccessLevel",
"cloudasset.assets.exportAccessPolicy",
"cloudasset.assets.exportAllAccessPolicy",
"cloudasset.assets.exportAppengineApplications",
"cloudasset.assets.exportAppengineServices",
"cloudasset.assets.exportAppengineVersions",
"cloudasset.assets.exportBigqueryDatasets",
"cloudasset.assets.exportBigqueryTables",
"cloudasset.assets.exportBigtableCluster",
"cloudasset.assets.exportBigtableInstance",
"cloudasset.assets.exportBigtableTable",
"cloudasset.assets.exportCloudbillingBillingAccounts",
"cloudasset.assets.exportCloudkmsCryptoKeyVersions",
"cloudasset.assets.exportCloudkmsCryptoKeys",
"cloudasset.assets.exportCloudkmsImportJobs",
"cloudasset.assets.exportCloudkmsKeyRings",
"cloudasset.assets.exportCloudresourcemanagerFolders",
"cloudasset.assets.exportCloudresourcemanagerOrganizations",
"cloudasset.assets.exportCloudresourcemanagerProjects",
"cloudasset.assets.exportComputeAddress",
"cloudasset.assets.exportComputeAutoscalers",
"cloudasset.assets.exportComputeBackendBuckets",
"cloudasset.assets.exportComputeBackendServices",
"cloudasset.assets.exportComputeDisks",
"cloudasset.assets.exportComputeFirewalls",
"cloudasset.assets.exportComputeForwardingRules",
"cloudasset.assets.exportComputeGlobalAddress",
"cloudasset.assets.exportComputeGlobalForwardingRules",
"cloudasset.assets.exportComputeHealthChecks",
"cloudasset.assets.exportComputeHttpHealthChecks",
"cloudasset.assets.exportComputeHttpsHealthChecks",
"cloudasset.assets.exportComputeImages",
"cloudasset.assets.exportComputeInstanceGroupManagers",
"cloudasset.assets.exportComputeInstanceGroups",
"cloudasset.assets.exportComputeInstanceTemplates",
"cloudasset.assets.exportComputeInstances",
"cloudasset.assets.exportComputeInterconnect",
"cloudasset.assets.exportComputeInterconnectAttachment",
"cloudasset.assets.exportComputeLicenses",
"cloudasset.assets.exportComputeNetworks",
"cloudasset.assets.exportComputeProjects",
"cloudasset.assets.exportComputeRegionAutoscaler",
"cloudasset.assets.exportComputeRegionBackendServices",
"cloudasset.assets.exportComputeRegionDisk",
"cloudasset.assets.exportComputeRegionInstanceGroup",
"cloudasset.assets.exportComputeRegionInstanceGroupManager",
"cloudasset.assets.exportComputeRouters",
"cloudasset.assets.exportComputeRoutes",
"cloudasset.assets.exportComputeSecurityPolicy",
"cloudasset.assets.exportComputeSnapshots",
"cloudasset.assets.exportComputeSslCertificates",
"cloudasset.assets.exportComputeSubnetworks",
"cloudasset.assets.exportComputeTargetHttpProxies",
"cloudasset.assets.exportComputeTargetHttpsProxies",
"cloudasset.assets.exportComputeTargetInstances",
"cloudasset.assets.exportComputeTargetPools",
"cloudasset.assets.exportComputeTargetSslProxies",
"cloudasset.assets.exportComputeTargetTcpProxies",
"cloudasset.assets.exportComputeTargetVpnGateways",
"cloudasset.assets.exportComputeUrlMaps",
"cloudasset.assets.exportComputeVpnTunnels",
"cloudasset.assets.exportContainerClusterrole",
"cloudasset.assets.exportContainerClusterrolebinding",
"cloudasset.assets.exportContainerClusters",
"cloudasset.assets.exportContainerNamespace",
"cloudasset.assets.exportContainerNode",
"cloudasset.assets.exportContainerNodepool",
"cloudasset.assets.exportContainerPod",
"cloudasset.assets.exportContainerRole",
"cloudasset.assets.exportContainerRolebinding",
"cloudasset.assets.exportContainerregistryImage",
"cloudasset.assets.exportDatafusionInstance",
"cloudasset.assets.exportDataprocClusters",
"cloudasset.assets.exportDataprocJobs",
"cloudasset.assets.exportDnsManagedZones",
"cloudasset.assets.exportDnsPolicies",
"cloudasset.assets.exportIamPolicy",
"cloudasset.assets.exportIamRoles",
"cloudasset.assets.exportIamServiceAccountKeys",
"cloudasset.assets.exportIamServiceAccounts",
"cloudasset.assets.exportManagedidentitiesDomain",
"cloudasset.assets.exportOrgPolicy",
"cloudasset.assets.exportPubsubSubscriptions",
"cloudasset.assets.exportPubsubTopics",
"cloudasset.assets.exportResource",
"cloudasset.assets.exportServicePerimeter",
"cloudasset.assets.exportServicemanagementServices",
"cloudasset.assets.exportSpannerDatabases",
"cloudasset.assets.exportSpannerInstances",
"cloudasset.assets.exportSqladminInstances",
"cloudasset.assets.exportStorageBuckets",
"cloudasset.assets.listAccessPolicy",
"cloudasset.assets.listCloudkmsCryptoKeys",
"cloudasset.assets.listIamPolicy",
"cloudasset.assets.listOSInventories",
"cloudasset.assets.listOrgPolicy",
"cloudasset.assets.listResource",
"cloudasset.assets.searchAllIamPolicies",
"cloudasset.assets.searchAllResources",
"recommender.cloudAssetInsights.get",
"recommender.cloudAssetInsights.list",
"recommender.locations.get",
"recommender.locations.list"
],
"name": "roles/cloudasset.viewer",
"stage": "GA",
"title": "Cloud Asset Viewer"
}
{
"description": "Can perform builds",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudbuild.builds.update",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"logging.logEntries.create",
"pubsub.topics.create",
"pubsub.topics.publish",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"source.repos.get",
"source.repos.list",
"storage.buckets.create",
"storage.buckets.get",
"storage.buckets.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/cloudbuild.builds.builder",
"stage": "GA",
"title": "Cloud Build Service Account"
}
{
"description": "Can create and cancel builds",
"etag": "AA==",
"includedPermissions": [
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudbuild.builds.update",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudbuild.builds.editor",
"stage": "GA",
"title": "Cloud Build Editor"
}
{
"description": "Can view builds",
"etag": "AA==",
"includedPermissions": [
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudbuild.builds.viewer",
"stage": "GA",
"title": "Cloud Build Viewer"
}
{
"description": "Gives Cloud Build service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudbuild.builds.update",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.networks.get",
"compute.subnetworks.get",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"iam.serviceAccounts.get",
"iam.serviceAccounts.getAccessToken",
"logging.logEntries.create",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.publish",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.use",
"source.repos.get",
"source.repos.list",
"storage.buckets.create",
"storage.buckets.get",
"storage.buckets.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/cloudbuild.serviceAgent",
"stage": "GA",
"title": "Cloud Build Service Agent"
}
{
"description": "Full access to Firebase Remote Config resources.",
"etag": "AA==",
"includedPermissions": [
"cloudconfig.configs.get",
"cloudconfig.configs.update",
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudconfig.admin",
"stage": "GA",
"title": "Firebase Remote Config Admin"
}
{
"description": "Read access to Firebase Remote Config resources.",
"etag": "AA==",
"includedPermissions": [
"cloudconfig.configs.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudconfig.viewer",
"stage": "GA",
"title": "Firebase Remote Config Viewer"
}
{
"description": "Cloud Debugger agents are allowed to register and provide debug snapshot data.",
"etag": "AA==",
"includedPermissions": [
"clouddebugger.breakpoints.list",
"clouddebugger.breakpoints.listActive",
"clouddebugger.breakpoints.update",
"clouddebugger.debuggees.create"
],
"name": "roles/clouddebugger.agent",
"stage": "BETA",
"title": "Cloud Debugger Agent"
}
{
"description": "User Access to Cloud Debugger. Can create, delete and view snapshots and logpoints.",
"etag": "AA==",
"includedPermissions": [
"clouddebugger.breakpoints.create",
"clouddebugger.breakpoints.delete",
"clouddebugger.breakpoints.get",
"clouddebugger.breakpoints.list",
"clouddebugger.debuggees.list"
],
"name": "roles/clouddebugger.user",
"stage": "BETA",
"title": "Cloud Debugger User"
}
{
"description": "Gives Cloud Deploy Service Account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"iam.serviceAccounts.actAs",
"logging.logEntries.create",
"pubsub.topics.get",
"pubsub.topics.publish",
"servicemanagement.services.report",
"serviceusage.services.use",
"storage.buckets.create",
"storage.buckets.get"
],
"name": "roles/clouddeploy.serviceAgent",
"stage": "GA",
"title": "Cloud Deploy Service Agent"
}
{
"description": "Full access to functions, operations and locations.",
"etag": "AA==",
"includedPermissions": [
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudfunctions.functions.call",
"cloudfunctions.functions.create",
"cloudfunctions.functions.delete",
"cloudfunctions.functions.get",
"cloudfunctions.functions.getIamPolicy",
"cloudfunctions.functions.invoke",
"cloudfunctions.functions.list",
"cloudfunctions.functions.setIamPolicy",
"cloudfunctions.functions.sourceCodeGet",
"cloudfunctions.functions.sourceCodeSet",
"cloudfunctions.functions.update",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"eventarc.events.receiveAuditLogWritten",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.setIamPolicy",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.delete",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.invoke",
"run.routes.list",
"run.services.create",
"run.services.delete",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"run.services.setIamPolicy",
"run.services.update",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudfunctions.admin",
"stage": "GA",
"title": "Cloud Functions Admin"
}
{
"description": "Read and write access to all functions-related resources.",
"etag": "AA==",
"includedPermissions": [
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudfunctions.functions.call",
"cloudfunctions.functions.create",
"cloudfunctions.functions.delete",
"cloudfunctions.functions.get",
"cloudfunctions.functions.invoke",
"cloudfunctions.functions.list",
"cloudfunctions.functions.sourceCodeGet",
"cloudfunctions.functions.sourceCodeSet",
"cloudfunctions.functions.update",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.delete",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.invoke",
"run.routes.list",
"run.services.create",
"run.services.delete",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"run.services.update",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudfunctions.developer",
"stage": "GA",
"title": "Cloud Functions Developer"
}
{
"description": "Ability to invoke HTTP functions with restricted access.",
"etag": "AA==",
"includedPermissions": [
"cloudfunctions.functions.invoke"
],
"name": "roles/cloudfunctions.invoker",
"stage": "GA",
"title": "Cloud Functions Invoker"
}
{
"description": "Gives Cloud Functions service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.delete",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.create",
"artifactregistry.repositories.delete",
"artifactregistry.repositories.deleteArtifacts",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.getIamPolicy",
"artifactregistry.repositories.list",
"artifactregistry.repositories.setIamPolicy",
"artifactregistry.repositories.update",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.delete",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.delete",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"clientauthconfig.clients.list",
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudbuild.builds.update",
"cloudfunctions.functions.invoke",
"compute.globalOperations.get",
"compute.networks.access",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"firebasedatabase.instances.get",
"firebasedatabase.instances.update",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
"iam.serviceAccounts.signBlob",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.getIamPolicy",
"pubsub.subscriptions.list",
"pubsub.subscriptions.setIamPolicy",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.get",
"pubsub.topics.list",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.delete",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.invoke",
"run.routes.list",
"run.services.create",
"run.services.delete",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"run.services.update",
"serviceusage.quotas.get",
"serviceusage.services.disable",
"serviceusage.services.enable",
"serviceusage.services.use",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.get",
"storage.buckets.update",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"vpcaccess.connectors.get",
"vpcaccess.connectors.use"
],
"name": "roles/cloudfunctions.serviceAgent",
"stage": "GA",
"title": "Cloud Functions Service Agent"
}
{
"description": "Read-only access to functions and locations.",
"etag": "AA==",
"includedPermissions": [
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudfunctions.functions.get",
"cloudfunctions.functions.list",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.list",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudfunctions.viewer",
"stage": "GA",
"title": "Cloud Functions Viewer"
}
{
"description": "Full control of all Cloud IoT resources and permissions.",
"etag": "AA==",
"includedPermissions": [
"cloudiot.devices.bindGateway",
"cloudiot.devices.create",
"cloudiot.devices.delete",
"cloudiot.devices.get",
"cloudiot.devices.list",
"cloudiot.devices.sendCommand",
"cloudiot.devices.unbindGateway",
"cloudiot.devices.update",
"cloudiot.devices.updateConfig",
"cloudiot.registries.create",
"cloudiot.registries.delete",
"cloudiot.registries.get",
"cloudiot.registries.getIamPolicy",
"cloudiot.registries.list",
"cloudiot.registries.setIamPolicy",
"cloudiot.registries.update",
"cloudiottoken.tokensettings.get",
"cloudiottoken.tokensettings.update"
],
"name": "roles/cloudiot.admin",
"stage": "GA",
"title": "Cloud IoT Admin"
}
{
"description": "Access to update the device configuration, but not to create or delete devices.",
"etag": "AA==",
"includedPermissions": [
"cloudiot.devices.get",
"cloudiot.devices.list",
"cloudiot.devices.sendCommand",
"cloudiot.devices.updateConfig",
"cloudiot.registries.get",
"cloudiot.registries.list",
"cloudiottoken.tokensettings.get"
],
"name": "roles/cloudiot.deviceController",
"stage": "GA",
"title": "Cloud IoT Device Controller"
}
{
"description": "Read-write access to all Cloud IoT resources.",
"etag": "AA==",
"includedPermissions": [
"cloudiot.devices.bindGateway",
"cloudiot.devices.create",
"cloudiot.devices.delete",
"cloudiot.devices.get",
"cloudiot.devices.list",
"cloudiot.devices.sendCommand",
"cloudiot.devices.unbindGateway",
"cloudiot.devices.update",
"cloudiot.devices.updateConfig",
"cloudiot.registries.create",
"cloudiot.registries.delete",
"cloudiot.registries.get",
"cloudiot.registries.list",
"cloudiot.registries.update",
"cloudiottoken.tokensettings.get",
"cloudiottoken.tokensettings.update"
],
"name": "roles/cloudiot.editor",
"stage": "GA",
"title": "Cloud IoT Editor"
}
{
"description": "Access to create and delete devices from registries, but not to modify the registries, and enable devices to publish to topics associated with IoT registry.",
"etag": "AA==",
"includedPermissions": [
"cloudiot.devices.bindGateway",
"cloudiot.devices.create",
"cloudiot.devices.delete",
"cloudiot.devices.get",
"cloudiot.devices.list",
"cloudiot.devices.sendCommand",
"cloudiot.devices.unbindGateway",
"cloudiot.devices.update",
"cloudiot.devices.updateConfig",
"cloudiot.registries.get",
"cloudiot.registries.list",
"cloudiottoken.tokensettings.get"
],
"name": "roles/cloudiot.provisioner",
"stage": "GA",
"title": "Cloud IoT Provisioner"
}
{
"description": "Grants the ability to manage Cloud IoT Core resources, including publishing data to Cloud Pub/Sub and writing device activity logs to Stackdriver. Warning: If this role is removed from the Cloud IoT service account, Cloud IoT Core will be unable to publish data or write device activity logs.",
"etag": "AA==",
"includedPermissions": [
"logging.logEntries.create",
"pubsub.topics.publish"
],
"name": "roles/cloudiot.serviceAgent",
"stage": "GA",
"title": "Cloud IoT Core Service Agent"
}
{
"description": "Read-only access to all Cloud IoT resources.",
"etag": "AA==",
"includedPermissions": [
"cloudiot.devices.get",
"cloudiot.devices.list",
"cloudiot.registries.get",
"cloudiot.registries.list",
"cloudiottoken.tokensettings.get"
],
"name": "roles/cloudiot.viewer",
"stage": "GA",
"title": "Cloud IoT Viewer"
}
{
"description": "Access to Cloud Talent Solution Self-Service Tools.",
"etag": "AA==",
"includedPermissions": [
"cloudjobdiscovery.tools.access",
"iam.serviceAccounts.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudjobdiscovery.admin",
"stage": "GA",
"title": "Admin"
}
{
"description": "Write access to all job data in Cloud Talent Solution.",
"etag": "AA==",
"includedPermissions": [
"cloudjobdiscovery.companies.create",
"cloudjobdiscovery.companies.delete",
"cloudjobdiscovery.companies.get",
"cloudjobdiscovery.companies.list",
"cloudjobdiscovery.companies.update",
"cloudjobdiscovery.events.create",
"cloudjobdiscovery.jobs.create",
"cloudjobdiscovery.jobs.delete",
"cloudjobdiscovery.jobs.get",
"cloudjobdiscovery.jobs.search",
"cloudjobdiscovery.jobs.update",
"cloudjobdiscovery.tenants.create",
"cloudjobdiscovery.tenants.delete",
"cloudjobdiscovery.tenants.get",
"cloudjobdiscovery.tenants.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudjobdiscovery.jobsEditor",
"stage": "GA",
"title": "Job Editor"
}
{
"description": "Read access to all job data in Cloud Talent Solution.",
"etag": "AA==",
"includedPermissions": [
"cloudjobdiscovery.companies.get",
"cloudjobdiscovery.companies.list",
"cloudjobdiscovery.jobs.get",
"cloudjobdiscovery.jobs.search",
"cloudjobdiscovery.tenants.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudjobdiscovery.jobsViewer",
"stage": "GA",
"title": "Job Viewer"
}
{
"description": "Write access to all profile data in Cloud Talent Solution.",
"etag": "AA==",
"includedPermissions": [
"cloudjobdiscovery.events.create",
"cloudjobdiscovery.profiles.create",
"cloudjobdiscovery.profiles.delete",
"cloudjobdiscovery.profiles.get",
"cloudjobdiscovery.profiles.search",
"cloudjobdiscovery.profiles.update",
"cloudjobdiscovery.tenants.create",
"cloudjobdiscovery.tenants.delete",
"cloudjobdiscovery.tenants.get",
"cloudjobdiscovery.tenants.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudjobdiscovery.profilesEditor",
"stage": "GA",
"title": "Profile Editor"
}
{
"description": "Read access to all profile data in Cloud Talent Solution.",
"etag": "AA==",
"includedPermissions": [
"cloudjobdiscovery.profiles.get",
"cloudjobdiscovery.profiles.search",
"cloudjobdiscovery.tenants.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudjobdiscovery.profilesViewer",
"stage": "GA",
"title": "Profile Viewer"
}
{
"description": "Enables management of crypto resources.",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.create",
"cloudkms.cryptoKeyVersions.destroy",
"cloudkms.cryptoKeyVersions.get",
"cloudkms.cryptoKeyVersions.list",
"cloudkms.cryptoKeyVersions.restore",
"cloudkms.cryptoKeyVersions.update",
"cloudkms.cryptoKeys.create",
"cloudkms.cryptoKeys.get",
"cloudkms.cryptoKeys.getIamPolicy",
"cloudkms.cryptoKeys.list",
"cloudkms.cryptoKeys.setIamPolicy",
"cloudkms.cryptoKeys.update",
"cloudkms.importJobs.create",
"cloudkms.importJobs.get",
"cloudkms.importJobs.getIamPolicy",
"cloudkms.importJobs.list",
"cloudkms.importJobs.setIamPolicy",
"cloudkms.importJobs.useToImport",
"cloudkms.keyRings.create",
"cloudkms.keyRings.get",
"cloudkms.keyRings.getIamPolicy",
"cloudkms.keyRings.list",
"cloudkms.keyRings.setIamPolicy",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.admin",
"stage": "GA",
"title": "Cloud KMS Admin"
}
{
"description": "Enables Decrypt operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.useToDecrypt",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.cryptoKeyDecrypter",
"stage": "GA",
"title": "Cloud KMS CryptoKey Decrypter"
}
{
"description": "Enables Encrypt operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.useToEncrypt",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.cryptoKeyEncrypter",
"stage": "GA",
"title": "Cloud KMS CryptoKey Encrypter"
}
{
"description": "Enables Encrypt and Decrypt operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.useToDecrypt",
"cloudkms.cryptoKeyVersions.useToEncrypt",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.cryptoKeyEncrypterDecrypter",
"stage": "GA",
"title": "Cloud KMS CryptoKey Encrypter/Decrypter"
}
{
"description": "Enables ImportCryptoKeyVersion, CreateImportJob, ListImportJobs, and GetImportJob operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.importJobs.create",
"cloudkms.importJobs.get",
"cloudkms.importJobs.list",
"cloudkms.importJobs.useToImport",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.importer",
"stage": "GA",
"title": "Cloud KMS Importer"
}
{
"description": "Enables GetPublicKey operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.viewPublicKey",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.publicKeyViewer",
"stage": "GA",
"title": "Cloud KMS CryptoKey Public Key Viewer"
}
{
"description": "Gives Cloud KMS service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"cloudasset.assets.listCloudkmsCryptoKeys"
],
"name": "roles/cloudkms.serviceAgent",
"stage": "GA",
"title": "Cloud KMS Service Agent"
}
{
"description": "Enables Sign operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.useToSign",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.signer",
"stage": "GA",
"title": "Cloud KMS CryptoKey Signer"
}
{
"description": "Enables Sign, Verify, and GetPublicKey operations",
"etag": "AA==",
"includedPermissions": [
"cloudkms.cryptoKeyVersions.useToSign",
"cloudkms.cryptoKeyVersions.viewPublicKey",
"cloudkms.locations.get",
"cloudkms.locations.list",
"resourcemanager.projects.get"
],
"name": "roles/cloudkms.signerVerifier",
"stage": "GA",
"title": "Cloud KMS CryptoKey Signer/Verifier"
}
{
"description": "Ability to create and manage Compute VMs to run Velostrata Infrastructure",
"etag": "AA==",
"includedPermissions": [
"cloudmigration.velostrataendpoints.connect",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.list",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.globalOperations.get",
"compute.images.get",
"compute.images.list",
"compute.images.useReadOnly",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getSerialPortOutput",
"compute.instances.list",
"compute.instances.reset",
"compute.instances.setDiskAutoDelete",
"compute.instances.setLabels",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.update",
"compute.instances.updateNetworkInterface",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.use",
"compute.licenseCodes.get",
"compute.licenseCodes.list",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.get",
"compute.licenses.list",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networks.get",
"compute.networks.list",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.nodeGroups.get",
"compute.nodeGroups.list",
"compute.nodeTemplates.list",
"compute.projects.get",
"compute.regionOperations.get",
"compute.regions.get",
"compute.regions.list",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.zoneOperations.get",
"compute.zones.get",
"compute.zones.list",
"gkehub.endpoints.connect",
"iam.serviceAccounts.get",
"iam.serviceAccounts.list",
"resourcemanager.projects.get",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.get",
"storage.buckets.list",
"storage.buckets.update"
],
"name": "roles/cloudmigration.inframanager",
"stage": "BETA",
"title": "Velostrata Manager"
}
{
"description": "Ability to access migration storage",
"etag": "AA==",
"includedPermissions": [
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/cloudmigration.storageaccess",
"stage": "BETA",
"title": "Velostrata Storage Access"
}
{
"description": "Ability to set up connection between Velostrata Manager and Google",
"etag": "AA==",
"includedPermissions": [
"cloudmigration.velostrataendpoints.connect",
"gkehub.endpoints.connect"
],
"name": "roles/cloudmigration.velostrataconnect",
"stage": "BETA",
"title": "Velostrata Manager Connection Agent"
}
{
"description": "Grants Cloud Optimization Service Account access to read and write data in the user project.",
"etag": "AA==",
"includedPermissions": [
"storage.buckets.get",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/cloudoptimization.serviceAgent",
"stage": "GA",
"title": "Cloud Optimization Service Agent"
}
{
"description": "Can browse catalogs in the target resource context.",
"etag": "AA==",
"includedPermissions": [
"cloudprivatecatalog.targets.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudprivatecatalog.consumer",
"stage": "BETA",
"title": "Catalog Consumer"
}
{
"description": "Can manage catalog and view its associations.",
"etag": "AA==",
"includedPermissions": [
"cloudprivatecatalog.targets.get",
"cloudprivatecatalogproducer.associations.create",
"cloudprivatecatalogproducer.associations.delete",
"cloudprivatecatalogproducer.associations.get",
"cloudprivatecatalogproducer.associations.list",
"cloudprivatecatalogproducer.catalogAssociations.create",
"cloudprivatecatalogproducer.catalogAssociations.delete",
"cloudprivatecatalogproducer.catalogAssociations.get",
"cloudprivatecatalogproducer.catalogAssociations.list",
"cloudprivatecatalogproducer.catalogs.create",
"cloudprivatecatalogproducer.catalogs.delete",
"cloudprivatecatalogproducer.catalogs.get",
"cloudprivatecatalogproducer.catalogs.getIamPolicy",
"cloudprivatecatalogproducer.catalogs.list",
"cloudprivatecatalogproducer.catalogs.setIamPolicy",
"cloudprivatecatalogproducer.catalogs.undelete",
"cloudprivatecatalogproducer.catalogs.update",
"cloudprivatecatalogproducer.producerCatalogs.attachProduct",
"cloudprivatecatalogproducer.producerCatalogs.create",
"cloudprivatecatalogproducer.producerCatalogs.delete",
"cloudprivatecatalogproducer.producerCatalogs.detachProduct",
"cloudprivatecatalogproducer.producerCatalogs.get",
"cloudprivatecatalogproducer.producerCatalogs.getIamPolicy",
"cloudprivatecatalogproducer.producerCatalogs.list",
"cloudprivatecatalogproducer.producerCatalogs.setIamPolicy",
"cloudprivatecatalogproducer.producerCatalogs.update",
"cloudprivatecatalogproducer.products.create",
"cloudprivatecatalogproducer.products.delete",
"cloudprivatecatalogproducer.products.get",
"cloudprivatecatalogproducer.products.getIamPolicy",
"cloudprivatecatalogproducer.products.list",
"cloudprivatecatalogproducer.products.setIamPolicy",
"cloudprivatecatalogproducer.products.update",
"cloudprivatecatalogproducer.targets.associate",
"cloudprivatecatalogproducer.targets.unassociate",
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudprivatecatalogproducer.admin",
"stage": "BETA",
"title": "Catalog Admin"
}
{
"description": "Can manage associations between a catalog and a target resource.",
"etag": "AA==",
"includedPermissions": [
"cloudprivatecatalog.targets.get",
"cloudprivatecatalogproducer.associations.create",
"cloudprivatecatalogproducer.associations.delete",
"cloudprivatecatalogproducer.associations.get",
"cloudprivatecatalogproducer.associations.list",
"cloudprivatecatalogproducer.catalogAssociations.create",
"cloudprivatecatalogproducer.catalogAssociations.delete",
"cloudprivatecatalogproducer.catalogAssociations.get",
"cloudprivatecatalogproducer.catalogAssociations.list",
"cloudprivatecatalogproducer.catalogs.get",
"cloudprivatecatalogproducer.catalogs.list",
"cloudprivatecatalogproducer.producerCatalogs.get",
"cloudprivatecatalogproducer.producerCatalogs.list",
"cloudprivatecatalogproducer.targets.associate",
"cloudprivatecatalogproducer.targets.unassociate",
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudprivatecatalogproducer.manager",
"stage": "BETA",
"title": "Catalog Manager"
}
{
"description": "Can manage catalog org settings.",
"etag": "AA==",
"includedPermissions": [
"cloudprivatecatalog.targets.get",
"cloudprivatecatalogproducer.associations.create",
"cloudprivatecatalogproducer.associations.delete",
"cloudprivatecatalogproducer.associations.get",
"cloudprivatecatalogproducer.associations.list",
"cloudprivatecatalogproducer.catalogAssociations.create",
"cloudprivatecatalogproducer.catalogAssociations.delete",
"cloudprivatecatalogproducer.catalogAssociations.get",
"cloudprivatecatalogproducer.catalogAssociations.list",
"cloudprivatecatalogproducer.catalogs.create",
"cloudprivatecatalogproducer.catalogs.delete",
"cloudprivatecatalogproducer.catalogs.get",
"cloudprivatecatalogproducer.catalogs.getIamPolicy",
"cloudprivatecatalogproducer.catalogs.list",
"cloudprivatecatalogproducer.catalogs.setIamPolicy",
"cloudprivatecatalogproducer.catalogs.undelete",
"cloudprivatecatalogproducer.catalogs.update",
"cloudprivatecatalogproducer.producerCatalogs.attachProduct",
"cloudprivatecatalogproducer.producerCatalogs.create",
"cloudprivatecatalogproducer.producerCatalogs.delete",
"cloudprivatecatalogproducer.producerCatalogs.detachProduct",
"cloudprivatecatalogproducer.producerCatalogs.get",
"cloudprivatecatalogproducer.producerCatalogs.getIamPolicy",
"cloudprivatecatalogproducer.producerCatalogs.list",
"cloudprivatecatalogproducer.producerCatalogs.setIamPolicy",
"cloudprivatecatalogproducer.producerCatalogs.update",
"cloudprivatecatalogproducer.products.create",
"cloudprivatecatalogproducer.products.delete",
"cloudprivatecatalogproducer.products.get",
"cloudprivatecatalogproducer.products.getIamPolicy",
"cloudprivatecatalogproducer.products.list",
"cloudprivatecatalogproducer.products.setIamPolicy",
"cloudprivatecatalogproducer.products.update",
"cloudprivatecatalogproducer.settings.get",
"cloudprivatecatalogproducer.settings.update",
"cloudprivatecatalogproducer.targets.associate",
"cloudprivatecatalogproducer.targets.unassociate",
"resourcemanager.folders.get",
"resourcemanager.folders.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudprivatecatalogproducer.orgAdmin",
"stage": "BETA",
"title": "Catalog Org Admin"
}
{
"description": "Cloud Profiler agents are allowed to register and provide the profiling data.",
"etag": "AA==",
"includedPermissions": [
"cloudprofiler.profiles.create",
"cloudprofiler.profiles.update"
],
"name": "roles/cloudprofiler.agent",
"stage": "GA",
"title": "Cloud Profiler Agent"
}
{
"description": "Cloud Profiler users are allowed to query and view the profiling data.",
"etag": "AA==",
"includedPermissions": [
"cloudprofiler.profiles.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudprofiler.user",
"stage": "GA",
"title": "Cloud Profiler User"
}
{
"description": "Full access to jobs and executions.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"cloudscheduler.jobs.create",
"cloudscheduler.jobs.delete",
"cloudscheduler.jobs.enable",
"cloudscheduler.jobs.fullView",
"cloudscheduler.jobs.get",
"cloudscheduler.jobs.list",
"cloudscheduler.jobs.pause",
"cloudscheduler.jobs.run",
"cloudscheduler.jobs.update",
"cloudscheduler.locations.get",
"cloudscheduler.locations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudscheduler.admin",
"stage": "GA",
"title": "Cloud Scheduler Admin"
}
{
"description": "Access to run jobs.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"cloudscheduler.jobs.fullView",
"cloudscheduler.jobs.run",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudscheduler.jobRunner",
"stage": "GA",
"title": "Cloud Scheduler Job Runner"
}
{
"description": "Grants Cloud Scheduler Service Account access to manage resources.",
"etag": "AA==",
"includedPermissions": [
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
"logging.logEntries.create",
"pubsub.topics.publish"
],
"name": "roles/cloudscheduler.serviceAgent",
"stage": "GA",
"title": "Cloud Scheduler Service Agent"
}
{
"description": "Get and list access to jobs, executions, and locations.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"cloudscheduler.jobs.fullView",
"cloudscheduler.jobs.get",
"cloudscheduler.jobs.list",
"cloudscheduler.locations.get",
"cloudscheduler.locations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudscheduler.viewer",
"stage": "GA",
"title": "Cloud Scheduler Viewer"
}
{
"description": "Full access to all Web Security Scanner resources",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"cloudsecurityscanner.crawledurls.list",
"cloudsecurityscanner.results.get",
"cloudsecurityscanner.results.list",
"cloudsecurityscanner.scanruns.get",
"cloudsecurityscanner.scanruns.getSummary",
"cloudsecurityscanner.scanruns.list",
"cloudsecurityscanner.scanruns.stop",
"cloudsecurityscanner.scans.create",
"cloudsecurityscanner.scans.delete",
"cloudsecurityscanner.scans.get",
"cloudsecurityscanner.scans.list",
"cloudsecurityscanner.scans.run",
"cloudsecurityscanner.scans.update",
"compute.addresses.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudsecurityscanner.editor",
"stage": "GA",
"title": "Web Security Scanner Editor"
}
{
"description": "Read access to Scan and ScanRun, plus the ability to start scans",
"etag": "AA==",
"includedPermissions": [
"cloudsecurityscanner.crawledurls.list",
"cloudsecurityscanner.scanruns.get",
"cloudsecurityscanner.scanruns.list",
"cloudsecurityscanner.scanruns.stop",
"cloudsecurityscanner.scans.get",
"cloudsecurityscanner.scans.list",
"cloudsecurityscanner.scans.run"
],
"name": "roles/cloudsecurityscanner.runner",
"stage": "GA",
"title": "Web Security Scanner Runner"
}
{
"description": "Read access to all Web Security Scanner resources",
"etag": "AA==",
"includedPermissions": [
"cloudsecurityscanner.crawledurls.list",
"cloudsecurityscanner.results.get",
"cloudsecurityscanner.results.list",
"cloudsecurityscanner.scanruns.get",
"cloudsecurityscanner.scanruns.getSummary",
"cloudsecurityscanner.scanruns.list",
"cloudsecurityscanner.scans.get",
"cloudsecurityscanner.scans.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudsecurityscanner.viewer",
"stage": "GA",
"title": "Web Security Scanner Viewer"
}
{
"description": "Full control of Cloud SQL resources.",
"etag": "AA==",
"includedPermissions": [
"cloudsql.backupRuns.create",
"cloudsql.backupRuns.delete",
"cloudsql.backupRuns.get",
"cloudsql.backupRuns.list",
"cloudsql.databases.create",
"cloudsql.databases.delete",
"cloudsql.databases.get",
"cloudsql.databases.list",
"cloudsql.databases.update",
"cloudsql.instances.addServerCa",
"cloudsql.instances.clone",
"cloudsql.instances.connect",
"cloudsql.instances.create",
"cloudsql.instances.delete",
"cloudsql.instances.demoteMaster",
"cloudsql.instances.export",
"cloudsql.instances.failover",
"cloudsql.instances.get",
"cloudsql.instances.import",
"cloudsql.instances.list",
"cloudsql.instances.listServerCas",
"cloudsql.instances.login",
"cloudsql.instances.promoteReplica",
"cloudsql.instances.resetSslConfig",
"cloudsql.instances.restart",
"cloudsql.instances.restoreBackup",
"cloudsql.instances.rotateServerCa",
"cloudsql.instances.startReplica",
"cloudsql.instances.stopReplica",
"cloudsql.instances.truncateLog",
"cloudsql.instances.update",
"cloudsql.sslCerts.create",
"cloudsql.sslCerts.createEphemeral",
"cloudsql.sslCerts.delete",
"cloudsql.sslCerts.get",
"cloudsql.sslCerts.list",
"cloudsql.users.create",
"cloudsql.users.delete",
"cloudsql.users.list",
"cloudsql.users.update",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.get",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.list",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.update",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.get",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.list",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudsql.admin",
"stage": "GA",
"title": "Cloud SQL Admin"
}
{
"description": "Connectivity access to Cloud SQL instances.",
"etag": "AA==",
"includedPermissions": [
"cloudsql.instances.connect",
"cloudsql.instances.get"
],
"name": "roles/cloudsql.client",
"stage": "GA",
"title": "Cloud SQL Client"
}
{
"description": "Full control of existing Cloud SQL instances excluding modifying users, SSL certificates or deleting resources.",
"etag": "AA==",
"includedPermissions": [
"cloudsql.backupRuns.create",
"cloudsql.backupRuns.get",
"cloudsql.backupRuns.list",
"cloudsql.databases.create",
"cloudsql.databases.get",
"cloudsql.databases.list",
"cloudsql.databases.update",
"cloudsql.instances.addServerCa",
"cloudsql.instances.connect",
"cloudsql.instances.export",
"cloudsql.instances.failover",
"cloudsql.instances.get",
"cloudsql.instances.list",
"cloudsql.instances.listServerCas",
"cloudsql.instances.restart",
"cloudsql.instances.rotateServerCa",
"cloudsql.instances.truncateLog",
"cloudsql.instances.update",
"cloudsql.sslCerts.get",
"cloudsql.sslCerts.list",
"cloudsql.users.list",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.get",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.list",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.update",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.get",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.list",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudsql.editor",
"stage": "GA",
"title": "Cloud SQL Editor"
}
{
"description": "Role allowing access to a Cloud SQL instance",
"etag": "AA==",
"includedPermissions": [
"cloudsql.instances.get",
"cloudsql.instances.login"
],
"name": "roles/cloudsql.instanceUser",
"stage": "GA",
"title": "Cloud SQL Instance User"
}
{
"description": "Grants Cloud SQL access to services and APIs in the user project",
"etag": "AA==",
"includedPermissions": [
"cloudsql.instances.get"
],
"name": "roles/cloudsql.serviceAgent",
"stage": "GA",
"title": "Cloud SQL Service Agent"
}
{
"description": "Read-only access to Cloud SQL resources.",
"etag": "AA==",
"includedPermissions": [
"cloudsql.backupRuns.get",
"cloudsql.backupRuns.list",
"cloudsql.databases.get",
"cloudsql.databases.list",
"cloudsql.instances.export",
"cloudsql.instances.get",
"cloudsql.instances.list",
"cloudsql.instances.listServerCas",
"cloudsql.sslCerts.get",
"cloudsql.sslCerts.list",
"cloudsql.users.list",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.get",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.list",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.get",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/cloudsql.viewer",
"stage": "GA",
"title": "Cloud SQL Viewer"
}
{
"description": "Allows management of a support account without giving access to support cases.",
"etag": "AA==",
"includedPermissions": [
"cloudsupport.accounts.create",
"cloudsupport.accounts.delete",
"cloudsupport.accounts.get",
"cloudsupport.accounts.getIamPolicy",
"cloudsupport.accounts.getUserRoles",
"cloudsupport.accounts.list",
"cloudsupport.accounts.purchase",
"cloudsupport.accounts.setIamPolicy",
"cloudsupport.accounts.update",
"cloudsupport.accounts.updateUserRoles",
"cloudsupport.operations.get",
"cloudsupport.properties.get",
"resourcemanager.organizations.get"
],
"name": "roles/cloudsupport.admin",
"stage": "GA",
"title": "Support Account Administrator"
}
{
"description": "Full read-write access to technical support cases (applicable for GCP Customer Care and Maps support).",
"etag": "AA==",
"includedPermissions": [
"cloudsupport.properties.get",
"cloudsupport.techCases.create",
"cloudsupport.techCases.escalate",
"cloudsupport.techCases.get",
"cloudsupport.techCases.list",
"cloudsupport.techCases.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudsupport.techSupportEditor",
"stage": "GA",
"title": "Tech Support Editor"
}
{
"description": "Read-only access to technical support cases (applicable for GCP Customer Care and Maps support).",
"etag": "AA==",
"includedPermissions": [
"cloudsupport.properties.get",
"cloudsupport.techCases.get",
"cloudsupport.techCases.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudsupport.techSupportViewer",
"stage": "GA",
"title": "Tech Support Viewer"
}
{
"description": "Read-only access to details of a support account. This does not allow viewing cases.",
"etag": "AA==",
"includedPermissions": [
"cloudsupport.accounts.get",
"cloudsupport.accounts.getUserRoles",
"cloudsupport.accounts.list",
"cloudsupport.properties.get"
],
"name": "roles/cloudsupport.viewer",
"stage": "GA",
"title": "Support Account Viewer"
}
{
"description": "Full access to queues and tasks.",
"etag": "AA==",
"includedPermissions": [
"cloudtasks.locations.get",
"cloudtasks.locations.list",
"cloudtasks.queues.create",
"cloudtasks.queues.delete",
"cloudtasks.queues.get",
"cloudtasks.queues.getIamPolicy",
"cloudtasks.queues.list",
"cloudtasks.queues.pause",
"cloudtasks.queues.purge",
"cloudtasks.queues.resume",
"cloudtasks.queues.setIamPolicy",
"cloudtasks.queues.update",
"cloudtasks.tasks.create",
"cloudtasks.tasks.delete",
"cloudtasks.tasks.fullView",
"cloudtasks.tasks.get",
"cloudtasks.tasks.list",
"cloudtasks.tasks.run",
"monitoring.timeSeries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtasks.admin",
"stage": "BETA",
"title": "Cloud Tasks Admin"
}
{
"description": "Access to create tasks.",
"etag": "AA==",
"includedPermissions": [
"cloudtasks.tasks.create",
"cloudtasks.tasks.fullView",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtasks.enqueuer",
"stage": "BETA",
"title": "Cloud Tasks Enqueuer"
}
{
"description": "Admin access to queues.",
"etag": "AA==",
"includedPermissions": [
"cloudtasks.locations.get",
"cloudtasks.locations.list",
"cloudtasks.queues.create",
"cloudtasks.queues.delete",
"cloudtasks.queues.get",
"cloudtasks.queues.getIamPolicy",
"cloudtasks.queues.list",
"cloudtasks.queues.pause",
"cloudtasks.queues.purge",
"cloudtasks.queues.resume",
"cloudtasks.queues.setIamPolicy",
"cloudtasks.queues.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtasks.queueAdmin",
"stage": "BETA",
"title": "Cloud Tasks Queue Admin"
}
{
"description": "Grants Cloud Tasks Service Account access to manage resources.",
"etag": "AA==",
"includedPermissions": [
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
"logging.logEntries.create"
],
"name": "roles/cloudtasks.serviceAgent",
"stage": "GA",
"title": "Cloud Tasks Service Agent"
}
{
"description": "Access to delete tasks.",
"etag": "AA==",
"includedPermissions": [
"cloudtasks.tasks.delete",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtasks.taskDeleter",
"stage": "BETA",
"title": "Cloud Tasks Task Deleter"
}
{
"description": "Access to run tasks.",
"etag": "AA==",
"includedPermissions": [
"cloudtasks.tasks.fullView",
"cloudtasks.tasks.run",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtasks.taskRunner",
"stage": "BETA",
"title": "Cloud Tasks Task Runner"
}
{
"description": "Get and list access to tasks, queues, and locations.",
"etag": "AA==",
"includedPermissions": [
"cloudtasks.locations.get",
"cloudtasks.locations.list",
"cloudtasks.queues.get",
"cloudtasks.queues.list",
"cloudtasks.tasks.fullView",
"cloudtasks.tasks.get",
"cloudtasks.tasks.list",
"monitoring.timeSeries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtasks.viewer",
"stage": "BETA",
"title": "Cloud Tasks Viewer"
}
{
"description": "Full access to all Test Lab features",
"etag": "AA==",
"includedPermissions": [
"cloudtestservice.environmentcatalog.get",
"cloudtestservice.matrices.create",
"cloudtestservice.matrices.get",
"cloudtestservice.matrices.update",
"cloudtoolresults.executions.create",
"cloudtoolresults.executions.get",
"cloudtoolresults.executions.list",
"cloudtoolresults.executions.update",
"cloudtoolresults.histories.create",
"cloudtoolresults.histories.get",
"cloudtoolresults.histories.list",
"cloudtoolresults.settings.create",
"cloudtoolresults.settings.get",
"cloudtoolresults.settings.update",
"cloudtoolresults.steps.create",
"cloudtoolresults.steps.get",
"cloudtoolresults.steps.list",
"cloudtoolresults.steps.update",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"storage.buckets.create",
"storage.buckets.get",
"storage.buckets.update",
"storage.objects.create",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/cloudtestservice.testAdmin",
"stage": "GA",
"title": "Firebase Test Lab Admin"
}
{
"description": "Read access to Test Lab features",
"etag": "AA==",
"includedPermissions": [
"cloudtestservice.environmentcatalog.get",
"cloudtestservice.matrices.get",
"cloudtoolresults.executions.get",
"cloudtoolresults.executions.list",
"cloudtoolresults.histories.get",
"cloudtoolresults.histories.list",
"cloudtoolresults.settings.get",
"cloudtoolresults.steps.get",
"cloudtoolresults.steps.list",
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/cloudtestservice.testViewer",
"stage": "GA",
"title": "Firebase Test Lab Viewer"
}
{
"description": "Give Cloud TPUs service account access to managed resources",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.get",
"compute.firewallPolicies.list",
"compute.firewallPolicies.use",
"compute.firewalls.create",
"compute.firewalls.delete",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.firewalls.update",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.get",
"compute.securityPolicies.list",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setIamPolicy",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"iam.serviceAccounts.list",
"logging.logEntries.create",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create",
"networksecurity.authorizationPolicies.create",
"networksecurity.authorizationPolicies.delete",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.getIamPolicy",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.setIamPolicy",
"networksecurity.authorizationPolicies.update",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.create",
"networksecurity.clientTlsPolicies.delete",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.getIamPolicy",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.setIamPolicy",
"networksecurity.clientTlsPolicies.update",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.cancel",
"networksecurity.operations.delete",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.create",
"networksecurity.serverTlsPolicies.delete",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.getIamPolicy",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.setIamPolicy",
"networksecurity.serverTlsPolicies.update",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.create",
"networkservices.endpointConfigSelectors.delete",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.getIamPolicy",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.setIamPolicy",
"networkservices.endpointConfigSelectors.update",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.create",
"networkservices.httpFilters.delete",
"networkservices.httpFilters.get",
"networkservices.httpFilters.getIamPolicy",
"networkservices.httpFilters.list",
"networkservices.httpFilters.setIamPolicy",
"networkservices.httpFilters.update",
"networkservices.httpFilters.use",
"networkservices.httpfilters.create",
"networkservices.httpfilters.delete",
"networkservices.httpfilters.get",
"networkservices.httpfilters.getIamPolicy",
"networkservices.httpfilters.list",
"networkservices.httpfilters.setIamPolicy",
"networkservices.httpfilters.update",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.cancel",
"networkservices.operations.delete",
"networkservices.operations.get",
"networkservices.operations.list",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.getIamPolicy",
"pubsub.schemas.list",
"pubsub.schemas.setIamPolicy",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.getIamPolicy",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.setIamPolicy",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.getIamPolicy",
"pubsub.subscriptions.list",
"pubsub.subscriptions.setIamPolicy",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.getIamPolicy",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.setIamPolicy",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.operations.get",
"servicenetworking.services.addPeering",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/cloudtpu.serviceAgent",
"stage": "GA",
"title": "Cloud TPU V2 API Service Agent"
}
{
"description": "Admin access to Stackdriver Trace.",
"etag": "AA==",
"includedPermissions": [
"cloudtrace.insights.get",
"cloudtrace.insights.list",
"cloudtrace.stats.get",
"cloudtrace.tasks.create",
"cloudtrace.tasks.delete",
"cloudtrace.tasks.get",
"cloudtrace.tasks.list",
"cloudtrace.traces.get",
"cloudtrace.traces.list",
"cloudtrace.traces.patch",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtrace.admin",
"stage": "GA",
"title": "Cloud Trace Admin"
}
{
"description": "Agent access to Stackdriver Trace. Can write trace data.",
"etag": "AA==",
"includedPermissions": [
"cloudtrace.traces.patch"
],
"name": "roles/cloudtrace.agent",
"stage": "GA",
"title": "Cloud Trace Agent"
}
{
"description": "User access to Stackdriver Trace. Can view traces, insights and stats. Can create, list, view, and delete tasks.",
"etag": "AA==",
"includedPermissions": [
"cloudtrace.insights.get",
"cloudtrace.insights.list",
"cloudtrace.stats.get",
"cloudtrace.tasks.create",
"cloudtrace.tasks.delete",
"cloudtrace.tasks.get",
"cloudtrace.tasks.list",
"cloudtrace.traces.get",
"cloudtrace.traces.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtrace.user",
"stage": "GA",
"title": "Cloud Trace User"
}
{
"description": "Full access to all Cloud Translation resources",
"etag": "AA==",
"includedPermissions": [
"automl.models.get",
"automl.models.predict",
"cloudtranslate.generalModels.batchDocPredict",
"cloudtranslate.generalModels.batchPredict",
"cloudtranslate.generalModels.docPredict",
"cloudtranslate.generalModels.get",
"cloudtranslate.generalModels.predict",
"cloudtranslate.glossaries.batchDocPredict",
"cloudtranslate.glossaries.batchPredict",
"cloudtranslate.glossaries.create",
"cloudtranslate.glossaries.delete",
"cloudtranslate.glossaries.docPredict",
"cloudtranslate.glossaries.get",
"cloudtranslate.glossaries.list",
"cloudtranslate.glossaries.predict",
"cloudtranslate.languageDetectionModels.predict",
"cloudtranslate.locations.get",
"cloudtranslate.locations.list",
"cloudtranslate.operations.cancel",
"cloudtranslate.operations.delete",
"cloudtranslate.operations.get",
"cloudtranslate.operations.list",
"cloudtranslate.operations.wait",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtranslate.admin",
"stage": "GA",
"title": "Cloud Translation API Admin"
}
{
"description": "Editor of all Cloud Translation resources",
"etag": "AA==",
"includedPermissions": [
"automl.models.get",
"automl.models.predict",
"cloudtranslate.generalModels.batchDocPredict",
"cloudtranslate.generalModels.batchPredict",
"cloudtranslate.generalModels.docPredict",
"cloudtranslate.generalModels.get",
"cloudtranslate.generalModels.predict",
"cloudtranslate.glossaries.batchDocPredict",
"cloudtranslate.glossaries.batchPredict",
"cloudtranslate.glossaries.create",
"cloudtranslate.glossaries.delete",
"cloudtranslate.glossaries.docPredict",
"cloudtranslate.glossaries.get",
"cloudtranslate.glossaries.list",
"cloudtranslate.glossaries.predict",
"cloudtranslate.languageDetectionModels.predict",
"cloudtranslate.locations.get",
"cloudtranslate.locations.list",
"cloudtranslate.operations.cancel",
"cloudtranslate.operations.delete",
"cloudtranslate.operations.get",
"cloudtranslate.operations.list",
"cloudtranslate.operations.wait",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtranslate.editor",
"stage": "GA",
"title": "Cloud Translation API Editor"
}
{
"description": "Gives Cloud Translation Service Account access to consumer resources.",
"etag": "AA==",
"includedPermissions": [
"storage.buckets.get",
"storage.objects.create",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/cloudtranslate.serviceAgent",
"stage": "GA",
"title": "Cloud Translation API Service Agent"
}
{
"description": "User of Cloud Translation and AutoML models",
"etag": "AA==",
"includedPermissions": [
"automl.models.get",
"automl.models.predict",
"cloudtranslate.generalModels.batchDocPredict",
"cloudtranslate.generalModels.batchPredict",
"cloudtranslate.generalModels.docPredict",
"cloudtranslate.generalModels.get",
"cloudtranslate.generalModels.predict",
"cloudtranslate.glossaries.batchDocPredict",
"cloudtranslate.glossaries.batchPredict",
"cloudtranslate.glossaries.docPredict",
"cloudtranslate.glossaries.get",
"cloudtranslate.glossaries.list",
"cloudtranslate.glossaries.predict",
"cloudtranslate.languageDetectionModels.predict",
"cloudtranslate.locations.get",
"cloudtranslate.locations.list",
"cloudtranslate.operations.get",
"cloudtranslate.operations.list",
"cloudtranslate.operations.wait",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtranslate.user",
"stage": "GA",
"title": "Cloud Translation API User"
}
{
"description": "Viewer of all Translation resources",
"etag": "AA==",
"includedPermissions": [
"automl.models.get",
"cloudtranslate.generalModels.get",
"cloudtranslate.glossaries.get",
"cloudtranslate.glossaries.list",
"cloudtranslate.locations.get",
"cloudtranslate.locations.list",
"cloudtranslate.operations.get",
"cloudtranslate.operations.list",
"cloudtranslate.operations.wait",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/cloudtranslate.viewer",
"stage": "GA",
"title": "Cloud Translation API Viewer"
}
{
"description": "Full access to API keys",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/codelabapikeys.admin",
"stage": "BETA",
"title": "Codelab ApiKeys Admin"
}
{
"description": "This role can view and edit all properties of API keys.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/codelabapikeys.editor",
"stage": "BETA",
"title": "Codelab API Keys Editor"
}
{
"description": "This role can view all properties except change history of API keys.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/codelabapikeys.viewer",
"stage": "BETA",
"title": "Codelab API Keys Viewer"
}
{
"description": "Allows viewing offers",
"etag": "AA==",
"includedPermissions": [
"commerceoffercatalog.offers.get"
],
"name": "roles/commerceoffercatalog.offersViewer",
"stage": "BETA",
"title": "Commerce Offer Catalog Offers Viewer"
}
{
"description": "Allows managing private offers",
"etag": "AA==",
"includedPermissions": [
"commerceprice.privateoffers.create",
"commerceprice.privateoffers.delete",
"commerceprice.privateoffers.get",
"commerceprice.privateoffers.list",
"commerceprice.privateoffers.publish",
"commerceprice.privateoffers.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/commercepricemanagement.privateOffersAdmin",
"stage": "BETA",
"title": "Commerce Price Management Private Offers Admin"
}
{
"description": "Allows viewing offers, free trials, skus",
"etag": "AA==",
"includedPermissions": [
"commerceprice.privateoffers.get",
"commerceprice.privateoffers.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/commercepricemanagement.viewer",
"stage": "BETA",
"title": "Commerce Price Management Viewer"
}
{
"description": "Full control of Composer resources.",
"etag": "AA==",
"includedPermissions": [
"composer.environments.create",
"composer.environments.delete",
"composer.environments.get",
"composer.environments.list",
"composer.environments.update",
"composer.imageversions.list",
"composer.operations.delete",
"composer.operations.get",
"composer.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/composer.admin",
"stage": "GA",
"title": "Composer Administrator"
}
{
"description": "Full control of Cloud Composer environments and Cloud Storage objects.",
"etag": "AA==",
"includedPermissions": [
"composer.environments.create",
"composer.environments.delete",
"composer.environments.get",
"composer.environments.list",
"composer.environments.update",
"composer.imageversions.list",
"composer.operations.delete",
"composer.operations.get",
"composer.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/composer.environmentAndStorageObjectAdmin",
"stage": "GA",
"title": "Environment and Storage Object Administrator"
}
{
"description": "Read access to Cloud Composer environments and Cloud Storage objects.",
"etag": "AA==",
"includedPermissions": [
"composer.environments.get",
"composer.environments.list",
"composer.imageversions.list",
"composer.operations.get",
"composer.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/composer.environmentAndStorageObjectViewer",
"stage": "GA",
"title": "Environment User and Storage Object Viewer"
}
{
"description": "Cloud Composer API service agent can manage environments.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"appengine.applications.update",
"appengine.instances.delete",
"appengine.instances.get",
"appengine.instances.list",
"appengine.operations.get",
"appengine.operations.list",
"appengine.runtimes.actAsAdmin",
"appengine.services.delete",
"appengine.services.get",
"appengine.services.list",
"appengine.services.update",
"appengine.versions.create",
"appengine.versions.delete",
"appengine.versions.get",
"appengine.versions.list",
"appengine.versions.update",
"artifactregistry.repositories.create",
"artifactregistry.repositories.delete",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.repositories.update",
"cloudnotifications.activities.list",
"cloudsql.backupRuns.create",
"cloudsql.backupRuns.delete",
"cloudsql.backupRuns.get",
"cloudsql.backupRuns.list",
"cloudsql.databases.create",
"cloudsql.databases.delete",
"cloudsql.databases.get",
"cloudsql.databases.list",
"cloudsql.databases.update",
"cloudsql.instances.addServerCa",
"cloudsql.instances.clone",
"cloudsql.instances.connect",
"cloudsql.instances.create",
"cloudsql.instances.delete",
"cloudsql.instances.demoteMaster",
"cloudsql.instances.export",
"cloudsql.instances.failover",
"cloudsql.instances.get",
"cloudsql.instances.import",
"cloudsql.instances.list",
"cloudsql.instances.listServerCas",
"cloudsql.instances.login",
"cloudsql.instances.promoteReplica",
"cloudsql.instances.resetSslConfig",
"cloudsql.instances.restart",
"cloudsql.instances.restoreBackup",
"cloudsql.instances.rotateServerCa",
"cloudsql.instances.startReplica",
"cloudsql.instances.stopReplica",
"cloudsql.instances.truncateLog",
"cloudsql.instances.update",
"cloudsql.sslCerts.create",
"cloudsql.sslCerts.createEphemeral",
"cloudsql.sslCerts.delete",
"cloudsql.sslCerts.get",
"cloudsql.sslCerts.list",
"cloudsql.users.create",
"cloudsql.users.delete",
"cloudsql.users.list",
"cloudsql.users.update",
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.get",
"compute.firewallPolicies.list",
"compute.firewallPolicies.use",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.sendDiagnosticInterrupt",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.get",
"compute.securityPolicies.list",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setIamPolicy",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.approve",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.create",
"container.clusterRoleBindings.delete",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoleBindings.update",
"container.clusterRoles.bind",
"container.clusterRoles.create",
"container.clusterRoles.delete",
"container.clusterRoles.escalate",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusterRoles.update",
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.getCredentials",
"container.clusters.list",
"container.clusters.update",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.create",
"container.controllerRevisions.delete",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.controllerRevisions.update",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.hostServiceAgent.use",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.create",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.create",
"container.mutatingWebhookConfigurations.delete",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.mutatingWebhookConfigurations.update",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.create",
"container.podSecurityPolicies.delete",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podSecurityPolicies.update",
"container.podSecurityPolicies.use",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.create",
"container.roleBindings.delete",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roleBindings.update",
"container.roles.bind",
"container.roles.create",
"container.roles.delete",
"container.roles.escalate",
"container.roles.get",
"container.roles.list",
"container.roles.update",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.createToken",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.create",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.create",
"container.validatingWebhookConfigurations.delete",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.validatingWebhookConfigurations.update",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"deploymentmanager.compositeTypes.create",
"deploymentmanager.compositeTypes.delete",
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.compositeTypes.update",
"deploymentmanager.deployments.cancelPreview",
"deploymentmanager.deployments.create",
"deploymentmanager.deployments.delete",
"deploymentmanager.deployments.get",
"deploymentmanager.deployments.list",
"deploymentmanager.deployments.stop",
"deploymentmanager.deployments.update",
"deploymentmanager.manifests.get",
"deploymentmanager.manifests.list",
"deploymentmanager.operations.get",
"deploymentmanager.operations.list",
"deploymentmanager.resources.get",
"deploymentmanager.resources.list",
"deploymentmanager.typeProviders.create",
"deploymentmanager.typeProviders.delete",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.typeProviders.update",
"deploymentmanager.types.create",
"deploymentmanager.types.delete",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"deploymentmanager.types.update",
"firebase.projects.get",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"iam.serviceAccounts.list",
"logging.buckets.create",
"logging.buckets.delete",
"logging.buckets.get",
"logging.buckets.list",
"logging.buckets.undelete",
"logging.buckets.update",
"logging.cmekSettings.get",
"logging.cmekSettings.update",
"logging.exclusions.create",
"logging.exclusions.delete",
"logging.exclusions.get",
"logging.exclusions.list",
"logging.exclusions.update",
"logging.locations.get",
"logging.locations.list",
"logging.logEntries.create",
"logging.logMetrics.create",
"logging.logMetrics.delete",
"logging.logMetrics.get",
"logging.logMetrics.list",
"logging.logMetrics.update",
"logging.logServiceIndexes.list",
"logging.logServices.list",
"logging.logs.list",
"logging.operations.cancel",
"logging.operations.get",
"logging.operations.list",
"logging.sinks.create",
"logging.sinks.delete",
"logging.sinks.get",
"logging.sinks.list",
"logging.sinks.update",
"logging.views.create",
"logging.views.delete",
"logging.views.get",
"logging.views.list",
"logging.views.update",
"monitoring.alertPolicies.get",
"monitoring.alertPolicies.list",
"monitoring.dashboards.get",
"monitoring.dashboards.list",
"monitoring.groups.get",
"monitoring.groups.list",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.notificationChannelDescriptors.get",
"monitoring.notificationChannelDescriptors.list",
"monitoring.notificationChannels.get",
"monitoring.notificationChannels.list",
"monitoring.publicWidgets.get",
"monitoring.publicWidgets.list",
"monitoring.services.get",
"monitoring.services.list",
"monitoring.slos.get",
"monitoring.slos.list",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"monitoring.uptimeCheckConfigs.get",
"monitoring.uptimeCheckConfigs.list",
"networksecurity.authorizationPolicies.create",
"networksecurity.authorizationPolicies.delete",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.getIamPolicy",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.setIamPolicy",
"networksecurity.authorizationPolicies.update",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.create",
"networksecurity.clientTlsPolicies.delete",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.getIamPolicy",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.setIamPolicy",
"networksecurity.clientTlsPolicies.update",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.cancel",
"networksecurity.operations.delete",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.create",
"networksecurity.serverTlsPolicies.delete",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.getIamPolicy",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.setIamPolicy",
"networksecurity.serverTlsPolicies.update",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.create",
"networkservices.endpointConfigSelectors.delete",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.getIamPolicy",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.setIamPolicy",
"networkservices.endpointConfigSelectors.update",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.create",
"networkservices.httpFilters.delete",
"networkservices.httpFilters.get",
"networkservices.httpFilters.getIamPolicy",
"networkservices.httpFilters.list",
"networkservices.httpFilters.setIamPolicy",
"networkservices.httpFilters.update",
"networkservices.httpFilters.use",
"networkservices.httpfilters.create",
"networkservices.httpfilters.delete",
"networkservices.httpfilters.get",
"networkservices.httpfilters.getIamPolicy",
"networkservices.httpfilters.list",
"networkservices.httpfilters.setIamPolicy",
"networkservices.httpfilters.update",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.cancel",
"networkservices.operations.delete",
"networkservices.operations.get",
"networkservices.operations.list",
"opsconfigmonitoring.resourceMetadata.list",
"orgpolicy.policy.get",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.getIamPolicy",
"pubsub.schemas.list",
"pubsub.schemas.setIamPolicy",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.getIamPolicy",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.setIamPolicy",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.getIamPolicy",
"pubsub.subscriptions.list",
"pubsub.subscriptions.setIamPolicy",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.getIamPolicy",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.setIamPolicy",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.get",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.list",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.update",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.get",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.list",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.operations.get",
"servicenetworking.services.addPeering",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"stackdriver.projects.get",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/composer.serviceAgent",
"stage": "GA",
"title": "Cloud Composer API Service Agent"
}
{
"description": "Role that should be assigned to Composer Agent service account in Shared VPC host project",
"etag": "AA==",
"includedPermissions": [
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.get",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.removePeering",
"compute.networks.updatePeering",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.regions.get",
"compute.regions.list",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.zones.get",
"compute.zones.list"
],
"name": "roles/composer.sharedVpcAgent",
"stage": "GA",
"title": "Composer Shared VPC Agent"
}
{
"description": "Read and use access to Composer resources.",
"etag": "AA==",
"includedPermissions": [
"composer.environments.get",
"composer.environments.list",
"composer.imageversions.list",
"composer.operations.get",
"composer.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/composer.user",
"stage": "GA",
"title": "Composer User"
}
{
"description": "Worker access to Composer. Intended for service accounts.",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.delete",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.create",
"artifactregistry.repositories.delete",
"artifactregistry.repositories.deleteArtifacts",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.getIamPolicy",
"artifactregistry.repositories.list",
"artifactregistry.repositories.setIamPolicy",
"artifactregistry.repositories.update",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.delete",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.delete",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudbuild.builds.update",
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.approve",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.create",
"container.clusterRoleBindings.delete",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoleBindings.update",
"container.clusterRoles.bind",
"container.clusterRoles.create",
"container.clusterRoles.delete",
"container.clusterRoles.escalate",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusterRoles.update",
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.getCredentials",
"container.clusters.list",
"container.clusters.update",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.create",
"container.controllerRevisions.delete",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.controllerRevisions.update",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.hostServiceAgent.use",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.create",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.create",
"container.mutatingWebhookConfigurations.delete",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.mutatingWebhookConfigurations.update",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.create",
"container.podSecurityPolicies.delete",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podSecurityPolicies.update",
"container.podSecurityPolicies.use",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.create",
"container.roleBindings.delete",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roleBindings.update",
"container.roles.bind",
"container.roles.create",
"container.roles.delete",
"container.roles.escalate",
"container.roles.get",
"container.roles.list",
"container.roles.update",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.createToken",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.create",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.create",
"container.validatingWebhookConfigurations.delete",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.validatingWebhookConfigurations.update",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"logging.logEntries.create",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.list",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.list",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"source.repos.get",
"source.repos.list",
"storage.buckets.create",
"storage.buckets.get",
"storage.buckets.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/composer.worker",
"stage": "GA",
"title": "Composer Worker"
}
{
"description": "Full control of all Compute Engine resources.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.commitments.create",
"compute.commitments.get",
"compute.commitments.list",
"compute.commitments.updateReservations",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.addAssociation",
"compute.firewallPolicies.cloneRules",
"compute.firewallPolicies.copyRules",
"compute.firewallPolicies.create",
"compute.firewallPolicies.delete",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewallPolicies.move",
"compute.firewallPolicies.removeAssociation",
"compute.firewallPolicies.setIamPolicy",
"compute.firewallPolicies.update",
"compute.firewallPolicies.use",
"compute.firewalls.create",
"compute.firewalls.delete",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.firewalls.update",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.delete",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalOperations.setIamPolicy",
"compute.globalPublicDelegatedPrefixes.create",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.globalPublicDelegatedPrefixes.use",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.maintenancePolicies.create",
"compute.maintenancePolicies.delete",
"compute.maintenancePolicies.get",
"compute.maintenancePolicies.getIamPolicy",
"compute.maintenancePolicies.list",
"compute.maintenancePolicies.setIamPolicy",
"compute.maintenancePolicies.use",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.nodeGroups.addNodes",
"compute.nodeGroups.create",
"compute.nodeGroups.delete",
"compute.nodeGroups.deleteNodes",
"compute.nodeGroups.get",
"compute.nodeGroups.getIamPolicy",
"compute.nodeGroups.list",
"compute.nodeGroups.setIamPolicy",
"compute.nodeGroups.setNodeTemplate",
"compute.nodeGroups.update",
"compute.nodeTemplates.create",
"compute.nodeTemplates.delete",
"compute.nodeTemplates.get",
"compute.nodeTemplates.getIamPolicy",
"compute.nodeTemplates.list",
"compute.nodeTemplates.setIamPolicy",
"compute.nodeTypes.get",
"compute.nodeTypes.list",
"compute.organizations.administerXpn",
"compute.organizations.disableXpnHost",
"compute.organizations.disableXpnResource",
"compute.organizations.enableXpnHost",
"compute.organizations.enableXpnResource",
"compute.organizations.listAssociations",
"compute.organizations.setFirewallPolicy",
"compute.organizations.setSecurityPolicy",
"compute.oslogin.updateExternalUser",
"compute.packetMirrorings.update",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.projects.setDefaultNetworkTier",
"compute.projects.setDefaultServiceAccount",
"compute.projects.setUsageExportBucket",
"compute.publicAdvertisedPrefixes.create",
"compute.publicAdvertisedPrefixes.delete",
"compute.publicAdvertisedPrefixes.get",
"compute.publicAdvertisedPrefixes.list",
"compute.publicAdvertisedPrefixes.update",
"compute.publicAdvertisedPrefixes.updatePolicy",
"compute.publicAdvertisedPrefixes.use",
"compute.publicDelegatedPrefixes.create",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.publicDelegatedPrefixes.use",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.delete",
"compute.regionOperations.get",
"compute.regionOperations.getIamPolicy",
"compute.regionOperations.list",
"compute.regionOperations.setIamPolicy",
"compute.regionSslCertificates.create",
"compute.regionSslCertificates.delete",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.create",
"compute.reservations.delete",
"compute.reservations.get",
"compute.reservations.list",
"compute.reservations.resize",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.addAssociation",
"compute.securityPolicies.copyRules",
"compute.securityPolicies.create",
"compute.securityPolicies.delete",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.securityPolicies.move",
"compute.securityPolicies.removeAssociation",
"compute.securityPolicies.setIamPolicy",
"compute.securityPolicies.update",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.create",
"compute.sslCertificates.delete",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setIamPolicy",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.delete",
"compute.zoneOperations.get",
"compute.zoneOperations.getIamPolicy",
"compute.zoneOperations.list",
"compute.zoneOperations.setIamPolicy",
"compute.zones.get",
"compute.zones.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.admin",
"stage": "GA",
"title": "Compute Admin"
}
{
"description": "Read and use image resources.",
"etag": "AA==",
"includedPermissions": [
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.list",
"compute.images.useReadOnly",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.imageUser",
"stage": "GA",
"title": "Compute Image User"
}
{
"description": "Full control of Compute Engine instance resources.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.use",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.list",
"compute.disks.resize",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.use",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.list",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.licenses.get",
"compute.licenses.list",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.get",
"compute.networks.list",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.instanceAdmin",
"stage": "GA",
"title": "Compute Instance Admin (beta)"
}
{
"description": "Full control of Compute Engine instances, instance groups, disks, snapshots, and images. Read access to all Compute Engine networking resources.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.use",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.use",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscGet",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.get",
"compute.networks.list",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.list",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.urlMaps.get",
"compute.urlMaps.list",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.instanceAdmin.v1",
"stage": "GA",
"title": "Compute Instance Admin (v1)"
}
{
"description": "Full control of Compute Engine resources related to load balancer.",
"etag": "AA==",
"includedPermissions": [
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instances.get",
"compute.instances.list",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.get",
"compute.networks.list",
"compute.networks.use",
"compute.projects.get",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionSslCertificates.create",
"compute.regionSslCertificates.delete",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.securityPolicies.get",
"compute.securityPolicies.list",
"compute.securityPolicies.use",
"compute.sslCertificates.create",
"compute.sslCertificates.delete",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.loadBalancerAdmin",
"stage": "BETA",
"title": "Compute Load Balancer Admin"
}
{
"description": "Full control of Compute Engine networking resources.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.get",
"compute.firewallPolicies.list",
"compute.firewallPolicies.use",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instances.get",
"compute.instances.getGuestAttributes",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.updateSecurity",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.get",
"compute.securityPolicies.list",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setIamPolicy",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"networksecurity.authorizationPolicies.create",
"networksecurity.authorizationPolicies.delete",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.getIamPolicy",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.setIamPolicy",
"networksecurity.authorizationPolicies.update",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.create",
"networksecurity.clientTlsPolicies.delete",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.getIamPolicy",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.setIamPolicy",
"networksecurity.clientTlsPolicies.update",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.cancel",
"networksecurity.operations.delete",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.create",
"networksecurity.serverTlsPolicies.delete",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.getIamPolicy",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.setIamPolicy",
"networksecurity.serverTlsPolicies.update",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.create",
"networkservices.endpointConfigSelectors.delete",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.getIamPolicy",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.setIamPolicy",
"networkservices.endpointConfigSelectors.update",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.create",
"networkservices.httpFilters.delete",
"networkservices.httpFilters.get",
"networkservices.httpFilters.getIamPolicy",
"networkservices.httpFilters.list",
"networkservices.httpFilters.setIamPolicy",
"networkservices.httpFilters.update",
"networkservices.httpFilters.use",
"networkservices.httpfilters.create",
"networkservices.httpfilters.delete",
"networkservices.httpfilters.get",
"networkservices.httpfilters.getIamPolicy",
"networkservices.httpfilters.list",
"networkservices.httpfilters.setIamPolicy",
"networkservices.httpfilters.update",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.cancel",
"networkservices.operations.delete",
"networkservices.operations.get",
"networkservices.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.operations.get",
"servicenetworking.services.addPeering",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/compute.networkAdmin",
"stage": "GA",
"title": "Compute Network Admin"
}
{
"description": "Access to use Compute Engine networking resources.",
"etag": "AA==",
"includedPermissions": [
"compute.addresses.createInternal",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.useInternal",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.use",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.use",
"compute.networks.access",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.regions.get",
"compute.regions.list",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.use",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zones.get",
"compute.zones.list",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.get",
"networkservices.httpFilters.list",
"networkservices.httpFilters.use",
"networkservices.httpfilters.get",
"networkservices.httpfilters.list",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.get",
"networkservices.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.networkUser",
"stage": "GA",
"title": "Compute Network User"
}
{
"description": "Read-only access to Compute Engine networking resources.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscGet",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instances.get",
"compute.instances.getGuestAttributes",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.projects.get",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.list",
"compute.regions.get",
"compute.regions.list",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.urlMaps.get",
"compute.urlMaps.list",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zones.get",
"compute.zones.list",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.list",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.list",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.list",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.list",
"networkservices.httpFilters.get",
"networkservices.httpFilters.list",
"networkservices.httpfilters.get",
"networkservices.httpfilters.list",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.get",
"networkservices.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/compute.networkViewer",
"stage": "GA",
"title": "Compute Network Viewer"
}
{
"description": "Full control of Compute Engine Organization Firewall Policies.",
"etag": "AA==",
"includedPermissions": [
"compute.firewallPolicies.cloneRules",
"compute.firewallPolicies.create",
"compute.firewallPolicies.delete",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewallPolicies.move",
"compute.firewallPolicies.setIamPolicy",
"compute.firewallPolicies.update",
"compute.firewallPolicies.use",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalOperations.setIamPolicy",
"compute.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.orgFirewallPolicyAdmin",
"stage": "GA",
"title": "Compute Organization Firewall Policy Admin"
}
{
"description": "View or use Compute Engine Firewall Policies to associate with the organization or folders.",
"etag": "AA==",
"includedPermissions": [
"compute.firewallPolicies.get",
"compute.firewallPolicies.list",
"compute.firewallPolicies.use",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.orgFirewallPolicyUser",
"stage": "GA",
"title": "Compute Organization Firewall Policy User"
}
{
"description": "Full control of Compute Engine Organization Security Policies.",
"etag": "AA==",
"includedPermissions": [
"compute.firewallPolicies.addAssociation",
"compute.firewallPolicies.cloneRules",
"compute.firewallPolicies.copyRules",
"compute.firewallPolicies.create",
"compute.firewallPolicies.delete",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewallPolicies.move",
"compute.firewallPolicies.removeAssociation",
"compute.firewallPolicies.setIamPolicy",
"compute.firewallPolicies.update",
"compute.firewallPolicies.use",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalOperations.setIamPolicy",
"compute.projects.get",
"compute.securityPolicies.addAssociation",
"compute.securityPolicies.copyRules",
"compute.securityPolicies.create",
"compute.securityPolicies.delete",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.securityPolicies.move",
"compute.securityPolicies.removeAssociation",
"compute.securityPolicies.setIamPolicy",
"compute.securityPolicies.update",
"compute.securityPolicies.use",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.orgSecurityPolicyAdmin",
"stage": "GA",
"title": "Compute Organization Security Policy Admin"
}
{
"description": "View or use Compute Engine Security Policies to associate with the organization or folders.",
"etag": "AA==",
"includedPermissions": [
"compute.firewallPolicies.addAssociation",
"compute.firewallPolicies.get",
"compute.firewallPolicies.list",
"compute.firewallPolicies.removeAssociation",
"compute.firewallPolicies.use",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalOperations.setIamPolicy",
"compute.projects.get",
"compute.securityPolicies.addAssociation",
"compute.securityPolicies.get",
"compute.securityPolicies.list",
"compute.securityPolicies.removeAssociation",
"compute.securityPolicies.use",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.orgSecurityPolicyUser",
"stage": "GA",
"title": "Compute Organization Security Policy User"
}
{
"description": "Full control of Compute Engine Firewall Policy associations to the organization or folders.",
"etag": "AA==",
"includedPermissions": [
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalOperations.setIamPolicy",
"compute.organizations.listAssociations",
"compute.organizations.setFirewallPolicy",
"compute.organizations.setSecurityPolicy",
"compute.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.orgSecurityResourceAdmin",
"stage": "GA",
"title": "Compute Organization Resource Admin"
}
{
"description": "Access to log in to a Compute Engine instance as an administrator user.",
"etag": "AA==",
"includedPermissions": [
"compute.instances.get",
"compute.instances.list",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.osAdminLogin",
"stage": "GA",
"title": "Compute OS Admin Login"
}
{
"description": "Access to log in to a Compute Engine instance as a standard (non-administrator) user.",
"etag": "AA==",
"includedPermissions": [
"compute.instances.get",
"compute.instances.list",
"compute.instances.osLogin",
"compute.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.osLogin",
"stage": "GA",
"title": "Compute OS Login"
}
{
"description": "Access for an external user to set OS Login information associated with this organization. This role does not grant access to instances. External users must be granted one of the required OS Login IAM roles (https://cloud.google.com/compute/docs/instances/managing-instance-access#configure_users) in order to allow access to instances using SSH.",
"etag": "AA==",
"includedPermissions": [
"compute.oslogin.updateExternalUser"
],
"name": "roles/compute.osLoginExternalUser",
"stage": "GA",
"title": "Compute OS Login External User"
}
{
"description": "Specify resources to be mirrored.",
"etag": "AA==",
"includedPermissions": [
"compute.instances.updateSecurity",
"compute.networks.mirror",
"compute.projects.get",
"compute.subnetworks.mirror",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.packetMirroringAdmin",
"stage": "GA",
"title": "Compute packet mirroring admin"
}
{
"description": "Use Compute Engine packet mirrorings.",
"etag": "AA==",
"includedPermissions": [
"compute.packetMirrorings.update",
"compute.projects.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.packetMirroringUser",
"stage": "GA",
"title": "Compute packet mirroring user"
}
{
"description": "Full control of public IP address management for Compute Engine.",
"etag": "AA==",
"includedPermissions": [
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalPublicDelegatedPrefixes.create",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.globalPublicDelegatedPrefixes.use",
"compute.publicAdvertisedPrefixes.create",
"compute.publicAdvertisedPrefixes.delete",
"compute.publicAdvertisedPrefixes.get",
"compute.publicAdvertisedPrefixes.list",
"compute.publicAdvertisedPrefixes.update",
"compute.publicAdvertisedPrefixes.updatePolicy",
"compute.publicAdvertisedPrefixes.use",
"compute.publicDelegatedPrefixes.create",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.publicDelegatedPrefixes.use",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/compute.publicIpAdmin",
"stage": "GA",
"title": "Compute Public IP Admin"
}
{
"description": "Full control of Compute Engine security resources.",
"etag": "AA==",
"includedPermissions": [
"compute.firewallPolicies.addAssociation",
"compute.firewallPolicies.cloneRules",
"compute.firewallPolicies.copyRules",
"compute.firewallPolicies.create",
"compute.firewallPolicies.delete",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewallPolicies.move",
"compute.firewallPolicies.removeAssociation",
"compute.firewallPolicies.setIamPolicy",
"compute.firewallPolicies.update",
"compute.firewallPolicies.use",
"compute.firewalls.create",
"compute.firewalls.delete",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.firewalls.update",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.instances.getEffectiveFirewalls",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.updatePolicy",
"compute.packetMirrorings.update",
"compute.projects.get",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.create",
"compute.regionSslCertificates.delete",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regions.get",
"compute.regions.list",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.addAssociation",
"compute.securityPolicies.copyRules",
"compute.securityPolicies.create",
"compute.securityPolicies.delete",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.securityPolicies.move",
"compute.securityPolicies.removeAssociation",
"compute.securityPolicies.setIamPolicy",
"compute.securityPolicies.update",
"compute.securityPolicies.use",
"compute.sslCertificates.create",
"compute.sslCertificates.delete",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.securityAdmin",
"stage": "GA",
"title": "Compute Security Admin"
}
{
"description": "Gives Compute Engine Service Account access to assert service account authority. Includes access to service accounts.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"compute.instanceGroupManagers.get",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.getOpenIdToken",
"iam.serviceAccounts.signJwt",
"logging.logEntries.create",
"monitoring.alertPolicies.get",
"monitoring.alertPolicies.list",
"monitoring.dashboards.get",
"monitoring.dashboards.list",
"monitoring.groups.get",
"monitoring.groups.list",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.notificationChannelDescriptors.get",
"monitoring.notificationChannelDescriptors.list",
"monitoring.notificationChannels.get",
"monitoring.notificationChannels.list",
"monitoring.publicWidgets.get",
"monitoring.publicWidgets.list",
"monitoring.services.get",
"monitoring.services.list",
"monitoring.slos.get",
"monitoring.slos.list",
"monitoring.timeSeries.list",
"monitoring.uptimeCheckConfigs.get",
"monitoring.uptimeCheckConfigs.list",
"opsconfigmonitoring.resourceMetadata.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"stackdriver.projects.get"
],
"name": "roles/compute.serviceAgent",
"stage": "GA",
"title": "Compute Engine Service Agent"
}
{
"description": "Full control of Compute Engine storage resources.",
"etag": "AA==",
"includedPermissions": [
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.projects.get",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regions.get",
"compute.regions.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.storageAdmin",
"stage": "GA",
"title": "Compute Storage Admin"
}
{
"description": "Read-only access to get and list information about all Compute Engine resources, including instances, disks, and firewalls. Allows getting and listing information about disks, images, and snapshots, but does not allow reading the data stored on them.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.commitments.get",
"compute.commitments.list",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscGet",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.maintenancePolicies.get",
"compute.maintenancePolicies.getIamPolicy",
"compute.maintenancePolicies.list",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.nodeGroups.get",
"compute.nodeGroups.getIamPolicy",
"compute.nodeGroups.list",
"compute.nodeTemplates.get",
"compute.nodeTemplates.getIamPolicy",
"compute.nodeTemplates.list",
"compute.nodeTypes.get",
"compute.nodeTypes.list",
"compute.organizations.listAssociations",
"compute.projects.get",
"compute.publicAdvertisedPrefixes.get",
"compute.publicAdvertisedPrefixes.list",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionOperations.get",
"compute.regionOperations.getIamPolicy",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.urlMaps.get",
"compute.urlMaps.list",
"compute.urlMaps.validate",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zoneOperations.get",
"compute.zoneOperations.getIamPolicy",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/compute.viewer",
"stage": "GA",
"title": "Compute Viewer"
}
{
"description": "Can administer shared VPC network (XPN).",
"etag": "AA==",
"includedPermissions": [
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.organizations.administerXpn",
"compute.organizations.disableXpnHost",
"compute.organizations.disableXpnResource",
"compute.organizations.enableXpnHost",
"compute.organizations.enableXpnResource",
"compute.projects.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.setIamPolicy",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/compute.xpnAdmin",
"stage": "GA",
"title": "Compute Shared VPC Admin"
}
{
"description": "Gives Compute Scanning Service Account access to viewGoogle Compute Engine Images",
"etag": "AA==",
"includedPermissions": [
"compute.images.get",
"compute.images.list",
"compute.images.useReadOnly",
"compute.instances.get",
"compute.instances.getGuestAttributes",
"compute.instances.list",
"compute.zones.get",
"compute.zones.list",
"containeranalysis.notes.attachOccurrence",
"containeranalysis.notes.create",
"containeranalysis.notes.delete",
"containeranalysis.notes.get",
"containeranalysis.notes.list",
"containeranalysis.notes.update",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/computescanning.serviceAgent",
"stage": "GA",
"title": "Compute Scanning Service Agent"
}
{
"description": "Allows managing entitlements and enabling, disabling, and inspecting service states for a consumer project",
"etag": "AA==",
"includedPermissions": [
"consumerprocurement.entitlements.get",
"consumerprocurement.entitlements.list",
"consumerprocurement.freeTrials.create",
"consumerprocurement.freeTrials.get",
"consumerprocurement.freeTrials.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.operations.get",
"serviceusage.services.disable",
"serviceusage.services.enable",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/consumerprocurement.entitlementManager",
"stage": "BETA",
"title": "Consumer Procurement Entitlement Manager"
}
{
"description": "Allows inspecting entitlements and service states for a consumer project",
"etag": "AA==",
"includedPermissions": [
"consumerprocurement.entitlements.get",
"consumerprocurement.entitlements.list",
"consumerprocurement.freeTrials.get",
"consumerprocurement.freeTrials.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/consumerprocurement.entitlementViewer",
"stage": "BETA",
"title": "Consumer Procurement Entitlement Viewer"
}
{
"description": "Allows managing purchases",
"etag": "AA==",
"includedPermissions": [
"commerceoffercatalog.offers.get",
"consumerprocurement.accounts.create",
"consumerprocurement.accounts.delete",
"consumerprocurement.accounts.get",
"consumerprocurement.accounts.list",
"consumerprocurement.orders.cancel",
"consumerprocurement.orders.get",
"consumerprocurement.orders.list",
"consumerprocurement.orders.modify",
"consumerprocurement.orders.place"
],
"name": "roles/consumerprocurement.orderAdmin",
"stage": "BETA",
"title": "Consumer Procurement Order Administrator"
}
{
"description": "Allows inspecting purchases",
"etag": "AA==",
"includedPermissions": [
"commerceoffercatalog.offers.get",
"consumerprocurement.accounts.get",
"consumerprocurement.accounts.list",
"consumerprocurement.orders.get",
"consumerprocurement.orders.list"
],
"name": "roles/consumerprocurement.orderViewer",
"stage": "BETA",
"title": "Consumer Procurement Order Viewer"
}
{
"description": "Grants read and write access to all Contact Center AI Insights resources.",
"etag": "AA==",
"includedPermissions": [
"contactcenterinsights.analyses.create",
"contactcenterinsights.analyses.delete",
"contactcenterinsights.analyses.get",
"contactcenterinsights.analyses.list",
"contactcenterinsights.conversations.create",
"contactcenterinsights.conversations.delete",
"contactcenterinsights.conversations.get",
"contactcenterinsights.conversations.list",
"contactcenterinsights.conversations.update",
"contactcenterinsights.issueModels.create",
"contactcenterinsights.issueModels.delete",
"contactcenterinsights.issueModels.deploy",
"contactcenterinsights.issueModels.get",
"contactcenterinsights.issueModels.list",
"contactcenterinsights.issueModels.undeploy",
"contactcenterinsights.issueModels.update",
"contactcenterinsights.issues.get",
"contactcenterinsights.issues.list",
"contactcenterinsights.issues.update",
"contactcenterinsights.operations.get",
"contactcenterinsights.operations.list",
"contactcenterinsights.phraseMatchers.create",
"contactcenterinsights.phraseMatchers.delete",
"contactcenterinsights.phraseMatchers.get",
"contactcenterinsights.phraseMatchers.list",
"contactcenterinsights.phraseMatchers.update",
"contactcenterinsights.settings.get",
"contactcenterinsights.settings.update"
],
"name": "roles/contactcenterinsights.editor",
"stage": "BETA",
"title": "Contact Center AI Insights editor"
}
{
"description": "Allows Contact Center AI to read and write APIs including BigQuery, Dialogflow, and Storage.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.tables.create",
"bigquery.tables.get",
"bigquery.tables.update",
"bigquery.tables.updateData",
"dialogflow.conversationDatasets.create",
"dialogflow.conversationDatasets.delete",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.import",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.create",
"dialogflow.conversationModels.delete",
"dialogflow.conversationModels.deploy",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationModels.undeploy",
"dialogflow.documents.create",
"dialogflow.documents.delete",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.operations.get",
"dialogflow.participants.suggest",
"dialogflow.sessions.detectIntent",
"pubsub.topics.get",
"pubsub.topics.publish",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/contactcenterinsights.serviceAgent",
"stage": "GA",
"title": "Contact Center AI Insights Service Agent"
}
{
"description": "Grants read access to all Contact Center AI Insights resources.",
"etag": "AA==",
"includedPermissions": [
"contactcenterinsights.analyses.get",
"contactcenterinsights.analyses.list",
"contactcenterinsights.conversations.get",
"contactcenterinsights.conversations.list",
"contactcenterinsights.issueModels.get",
"contactcenterinsights.issueModels.list",
"contactcenterinsights.issues.get",
"contactcenterinsights.issues.list",
"contactcenterinsights.operations.get",
"contactcenterinsights.operations.list",
"contactcenterinsights.phraseMatchers.get",
"contactcenterinsights.phraseMatchers.list",
"contactcenterinsights.settings.get"
],
"name": "roles/contactcenterinsights.viewer",
"stage": "BETA",
"title": "Contact Center AI Insights viewer"
}
{
"description": "Full management of Kubernetes Clusters and their Kubernetes API objects.",
"etag": "AA==",
"includedPermissions": [
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.approve",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.create",
"container.clusterRoleBindings.delete",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoleBindings.update",
"container.clusterRoles.bind",
"container.clusterRoles.create",
"container.clusterRoles.delete",
"container.clusterRoles.escalate",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusterRoles.update",
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.getCredentials",
"container.clusters.list",
"container.clusters.update",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.create",
"container.controllerRevisions.delete",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.controllerRevisions.update",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.hostServiceAgent.use",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.create",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.create",
"container.mutatingWebhookConfigurations.delete",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.mutatingWebhookConfigurations.update",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.create",
"container.podSecurityPolicies.delete",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podSecurityPolicies.update",
"container.podSecurityPolicies.use",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.create",
"container.roleBindings.delete",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roleBindings.update",
"container.roles.bind",
"container.roles.create",
"container.roles.delete",
"container.roles.escalate",
"container.roles.get",
"container.roles.list",
"container.roles.update",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.createToken",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.create",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.create",
"container.validatingWebhookConfigurations.delete",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.validatingWebhookConfigurations.update",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/container.admin",
"stage": "GA",
"title": "Kubernetes Engine Admin"
}
{
"description": "Management of Kubernetes Clusters.",
"etag": "AA==",
"includedPermissions": [
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.list",
"container.clusters.update",
"container.operations.get",
"container.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/container.clusterAdmin",
"stage": "GA",
"title": "Kubernetes Engine Cluster Admin"
}
{
"description": "Get and list access to GKE Clusters.",
"etag": "AA==",
"includedPermissions": [
"container.clusters.get",
"container.clusters.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/container.clusterViewer",
"stage": "GA",
"title": "Kubernetes Engine Cluster Viewer"
}
{
"description": "Full access to Kubernetes API objects inside Kubernetes Clusters.",
"etag": "AA==",
"includedPermissions": [
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusters.get",
"container.clusters.list",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.create",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roles.get",
"container.roles.list",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.createToken",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.create",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/container.developer",
"stage": "GA",
"title": "Kubernetes Engine Developer"
}
{
"description": "Allows the Kubernetes Engine service account in the host project to configure shared network resources for cluster management. Also gives access to inspect the firewall rules in the host project, and configure Cloud DNS resources.",
"etag": "AA==",
"includedPermissions": [
"compute.firewalls.get",
"container.hostServiceAgent.use",
"dns.networks.bindDNSResponsePolicy",
"dns.networks.bindPrivateDNSPolicy",
"dns.networks.bindPrivateDNSZone"
],
"name": "roles/container.hostServiceAgentUser",
"stage": "GA",
"title": "Kubernetes Engine Host Service Agent User"
}
{
"description": "Gives Kubernetes Engine account access to manage cluster resources. Includes access to service accounts.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.tables.create",
"bigquery.tables.get",
"bigquery.tables.update",
"bigquery.tables.updateData",
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.addAssociation",
"compute.firewallPolicies.cloneRules",
"compute.firewallPolicies.copyRules",
"compute.firewallPolicies.create",
"compute.firewallPolicies.delete",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewallPolicies.move",
"compute.firewallPolicies.removeAssociation",
"compute.firewallPolicies.setIamPolicy",
"compute.firewallPolicies.update",
"compute.firewallPolicies.use",
"compute.firewalls.create",
"compute.firewalls.delete",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.firewalls.update",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.nodeGroups.get",
"compute.packetMirrorings.update",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.create",
"compute.regionSslCertificates.delete",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.addAssociation",
"compute.securityPolicies.copyRules",
"compute.securityPolicies.create",
"compute.securityPolicies.delete",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.securityPolicies.move",
"compute.securityPolicies.removeAssociation",
"compute.securityPolicies.setIamPolicy",
"compute.securityPolicies.update",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.create",
"compute.sslCertificates.delete",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setIamPolicy",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.approve",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.create",
"container.clusterRoleBindings.delete",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoleBindings.update",
"container.clusterRoles.bind",
"container.clusterRoles.create",
"container.clusterRoles.delete",
"container.clusterRoles.escalate",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusterRoles.update",
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.getCredentials",
"container.clusters.list",
"container.clusters.update",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.create",
"container.controllerRevisions.delete",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.controllerRevisions.update",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.hostServiceAgent.use",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.create",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.create",
"container.mutatingWebhookConfigurations.delete",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.mutatingWebhookConfigurations.update",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.create",
"container.podSecurityPolicies.delete",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podSecurityPolicies.update",
"container.podSecurityPolicies.use",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.create",
"container.roleBindings.delete",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roleBindings.update",
"container.roles.bind",
"container.roles.create",
"container.roles.delete",
"container.roles.escalate",
"container.roles.get",
"container.roles.list",
"container.roles.update",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.createToken",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.create",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.create",
"container.validatingWebhookConfigurations.delete",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.validatingWebhookConfigurations.update",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"dns.changes.create",
"dns.changes.get",
"dns.changes.list",
"dns.dnsKeys.get",
"dns.dnsKeys.list",
"dns.managedZoneOperations.get",
"dns.managedZoneOperations.list",
"dns.managedZones.create",
"dns.managedZones.delete",
"dns.managedZones.get",
"dns.managedZones.list",
"dns.managedZones.update",
"dns.networks.bindDNSResponsePolicy",
"dns.networks.bindPrivateDNSPolicy",
"dns.networks.bindPrivateDNSZone",
"dns.networks.targetWithPeeringZone",
"dns.policies.create",
"dns.policies.delete",
"dns.policies.get",
"dns.policies.list",
"dns.policies.update",
"dns.projects.get",
"dns.resourceRecordSets.create",
"dns.resourceRecordSets.delete",
"dns.resourceRecordSets.get",
"dns.resourceRecordSets.list",
"dns.resourceRecordSets.update",
"dns.responsePolicies.create",
"dns.responsePolicies.delete",
"dns.responsePolicies.get",
"dns.responsePolicies.list",
"dns.responsePolicies.update",
"dns.responsePolicyRules.create",
"dns.responsePolicyRules.delete",
"dns.responsePolicyRules.get",
"dns.responsePolicyRules.list",
"dns.responsePolicyRules.update",
"file.backups.create",
"file.backups.delete",
"file.backups.get",
"file.backups.list",
"file.backups.update",
"file.instances.create",
"file.instances.delete",
"file.instances.get",
"file.instances.list",
"file.instances.restore",
"file.instances.update",
"file.locations.get",
"file.locations.list",
"file.operations.cancel",
"file.operations.delete",
"file.operations.get",
"file.operations.list",
"file.snapshots.create",
"file.snapshots.delete",
"file.snapshots.get",
"file.snapshots.list",
"file.snapshots.update",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"logging.logEntries.create",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"networksecurity.authorizationPolicies.create",
"networksecurity.authorizationPolicies.delete",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.getIamPolicy",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.setIamPolicy",
"networksecurity.authorizationPolicies.update",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.create",
"networksecurity.clientTlsPolicies.delete",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.getIamPolicy",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.setIamPolicy",
"networksecurity.clientTlsPolicies.update",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.cancel",
"networksecurity.operations.delete",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.create",
"networksecurity.serverTlsPolicies.delete",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.getIamPolicy",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.setIamPolicy",
"networksecurity.serverTlsPolicies.update",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.create",
"networkservices.endpointConfigSelectors.delete",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.getIamPolicy",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.setIamPolicy",
"networkservices.endpointConfigSelectors.update",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.create",
"networkservices.httpFilters.delete",
"networkservices.httpFilters.get",
"networkservices.httpFilters.getIamPolicy",
"networkservices.httpFilters.list",
"networkservices.httpFilters.setIamPolicy",
"networkservices.httpFilters.update",
"networkservices.httpFilters.use",
"networkservices.httpfilters.create",
"networkservices.httpfilters.delete",
"networkservices.httpfilters.get",
"networkservices.httpfilters.getIamPolicy",
"networkservices.httpfilters.list",
"networkservices.httpfilters.setIamPolicy",
"networkservices.httpfilters.update",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.cancel",
"networkservices.operations.delete",
"networkservices.operations.get",
"networkservices.operations.list",
"pubsub.topics.create",
"pubsub.topics.get",
"pubsub.topics.publish",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.operations.get",
"servicenetworking.services.addPeering",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"tpu.locations.get",
"tpu.locations.list",
"tpu.nodes.create",
"tpu.nodes.delete",
"tpu.nodes.get",
"tpu.nodes.list",
"tpu.operations.get",
"tpu.operations.list",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/container.serviceAgent",
"stage": "GA",
"title": "Kubernetes Engine Service Agent"
}
{
"description": "Read-only access to Kubernetes Engine resources.",
"etag": "AA==",
"includedPermissions": [
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.auditSinks.get",
"container.auditSinks.list",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.bindings.get",
"container.bindings.list",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusters.get",
"container.clusters.list",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.get",
"container.configMaps.list",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodes.get",
"container.csiNodes.list",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpoints.get",
"container.endpoints.list",
"container.events.get",
"container.events.list",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.leases.get",
"container.leases.list",
"container.limitRanges.get",
"container.limitRanges.list",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.petSets.get",
"container.petSets.list",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podPresets.get",
"container.podPresets.list",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podTemplates.get",
"container.podTemplates.list",
"container.pods.get",
"container.pods.getStatus",
"container.pods.list",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roles.get",
"container.roles.list",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.tokenReviews.create",
"container.updateInfos.get",
"container.updateInfos.list",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshots.get",
"container.volumeSnapshots.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/container.viewer",
"stage": "GA",
"title": "Kubernetes Engine Viewer"
}
{
"description": "Gives Container Analysis API the access it needs to function",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.list",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.list",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/containeranalysis.ServiceAgent",
"stage": "GA",
"title": "Container Analysis Service Agent"
}
{
"description": "Access to all Container Analysis resources.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.notes.attachOccurrence",
"containeranalysis.notes.create",
"containeranalysis.notes.delete",
"containeranalysis.notes.get",
"containeranalysis.notes.getIamPolicy",
"containeranalysis.notes.list",
"containeranalysis.notes.setIamPolicy",
"containeranalysis.notes.update",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.getIamPolicy",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.setIamPolicy",
"containeranalysis.occurrences.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/containeranalysis.admin",
"stage": "GA",
"title": "Container Analysis Admin"
}
{
"description": "Can attach Container Analysis Occurrences to Notes.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.notes.attachOccurrence",
"containeranalysis.notes.get"
],
"name": "roles/containeranalysis.notes.attacher",
"stage": "GA",
"title": "Container Analysis Notes Attacher"
}
{
"description": "Can edit Container Analysis Notes.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.notes.attachOccurrence",
"containeranalysis.notes.create",
"containeranalysis.notes.delete",
"containeranalysis.notes.get",
"containeranalysis.notes.list",
"containeranalysis.notes.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/containeranalysis.notes.editor",
"stage": "GA",
"title": "Container Analysis Notes Editor"
}
{
"description": "Can view all Container Analysis Occurrences attached to a Note.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.notes.get",
"containeranalysis.notes.listOccurrences"
],
"name": "roles/containeranalysis.notes.occurrences.viewer",
"stage": "GA",
"title": "Container Analysis Occurrences for Notes Viewer"
}
{
"description": "Can view Container Analysis Notes.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.notes.get",
"containeranalysis.notes.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/containeranalysis.notes.viewer",
"stage": "GA",
"title": "Container Analysis Notes Viewer"
}
{
"description": "Can edit Container Analysis Occurrences.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/containeranalysis.occurrences.editor",
"stage": "GA",
"title": "Container Analysis Occurrences Editor"
}
{
"description": "Can view Container Analysis Occurrences.",
"etag": "AA==",
"includedPermissions": [
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/containeranalysis.occurrences.viewer",
"stage": "GA",
"title": "Container Analysis Occurrences Viewer"
}
{
"description": "Access for Container Registry",
"etag": "AA==",
"includedPermissions": [
"pubsub.topics.publish",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list"
],
"name": "roles/containerregistry.ServiceAgent",
"stage": "GA",
"title": "Container Registry Service Agent"
}
{
"description": "Gives Container Scanner the access it needs to analyzecontainers for vulnerabilities and create occurrences using the Container Analysis API",
"etag": "AA==",
"includedPermissions": [
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.list",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/containerscanning.ServiceAgent",
"stage": "GA",
"title": "Container Scanner Service Agent"
}
{
"description": "Gives Container Threat Detection service account access to enable/disable Container Threat Detection and manage the Container Threat Detection Agent on Google Kubernetes Engine clusters.",
"etag": "AA==",
"includedPermissions": [
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.auditSinks.get",
"container.auditSinks.list",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.bindings.get",
"container.bindings.list",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.clusterRoleBindings.create",
"container.clusterRoleBindings.delete",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoleBindings.update",
"container.clusterRoles.bind",
"container.clusterRoles.create",
"container.clusterRoles.delete",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusterRoles.update",
"container.clusters.get",
"container.clusters.list",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.get",
"container.configMaps.list",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodes.get",
"container.csiNodes.list",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpoints.get",
"container.endpoints.list",
"container.events.get",
"container.events.list",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.leases.get",
"container.leases.list",
"container.limitRanges.get",
"container.limitRanges.list",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.petSets.get",
"container.petSets.list",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podPresets.get",
"container.podPresets.list",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podTemplates.get",
"container.podTemplates.list",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.list",
"container.pods.portForward",
"container.pods.update",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.roleBindings.create",
"container.roleBindings.delete",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roleBindings.update",
"container.roles.get",
"container.roles.list",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.list",
"container.secrets.update",
"container.serviceAccounts.create",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.tokenReviews.create",
"container.updateInfos.get",
"container.updateInfos.list",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshots.get",
"container.volumeSnapshots.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/containerthreatdetection.serviceAgent",
"stage": "GA",
"title": "Container Threat Detection Service Agent"
}
{
"description": "Gives the Content Warehouse service account to manage customer resources",
"etag": "AA==",
"includedPermissions": [
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/contentwarehouse.serviceAgent",
"stage": "GA",
"title": "Content Warehouse Service Agent"
}
{
"description": "Full access to all DataCatalog resources",
"etag": "AA==",
"includedPermissions": [
"bigquery.connections.updateTag",
"bigquery.datasets.get",
"bigquery.datasets.updateTag",
"bigquery.models.getMetadata",
"bigquery.models.updateTag",
"bigquery.routines.updateTag",
"bigquery.tables.get",
"bigquery.tables.updateTag",
"datacatalog.categories.getIamPolicy",
"datacatalog.categories.setIamPolicy",
"datacatalog.entries.create",
"datacatalog.entries.delete",
"datacatalog.entries.get",
"datacatalog.entries.getIamPolicy",
"datacatalog.entries.list",
"datacatalog.entries.setIamPolicy",
"datacatalog.entries.update",
"datacatalog.entries.updateTag",
"datacatalog.entryGroups.create",
"datacatalog.entryGroups.delete",
"datacatalog.entryGroups.get",
"datacatalog.entryGroups.getIamPolicy",
"datacatalog.entryGroups.list",
"datacatalog.entryGroups.setIamPolicy",
"datacatalog.entryGroups.update",
"datacatalog.tagTemplates.create",
"datacatalog.tagTemplates.delete",
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getIamPolicy",
"datacatalog.tagTemplates.getTag",
"datacatalog.tagTemplates.setIamPolicy",
"datacatalog.tagTemplates.update",
"datacatalog.tagTemplates.use",
"datacatalog.taxonomies.create",
"datacatalog.taxonomies.delete",
"datacatalog.taxonomies.get",
"datacatalog.taxonomies.getIamPolicy",
"datacatalog.taxonomies.list",
"datacatalog.taxonomies.setIamPolicy",
"datacatalog.taxonomies.update",
"pubsub.topics.get",
"pubsub.topics.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.admin",
"stage": "GA",
"title": "Data Catalog Admin"
}
{
"description": "Manage taxonomies",
"etag": "AA==",
"includedPermissions": [
"datacatalog.categories.getIamPolicy",
"datacatalog.categories.setIamPolicy",
"datacatalog.taxonomies.create",
"datacatalog.taxonomies.delete",
"datacatalog.taxonomies.get",
"datacatalog.taxonomies.getIamPolicy",
"datacatalog.taxonomies.list",
"datacatalog.taxonomies.setIamPolicy",
"datacatalog.taxonomies.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.categoryAdmin",
"stage": "BETA",
"title": "Policy Tag Admin"
}
{
"description": "Read access to sub-resources tagged by a policy tag, for example, BigQuery columns",
"etag": "AA==",
"includedPermissions": [
"datacatalog.categories.fineGrainedGet"
],
"name": "roles/datacatalog.categoryFineGrainedReader",
"stage": "BETA",
"title": "Fine-Grained Reader"
}
{
"description": "Can create new entryGroups",
"etag": "AA==",
"includedPermissions": [
"datacatalog.entryGroups.create",
"datacatalog.entryGroups.get",
"datacatalog.entryGroups.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.entryGroupCreator",
"stage": "GA",
"title": "DataCatalog EntryGroup Creator"
}
{
"description": "Full access to entryGroups",
"etag": "AA==",
"includedPermissions": [
"datacatalog.entries.create",
"datacatalog.entries.delete",
"datacatalog.entries.get",
"datacatalog.entries.getIamPolicy",
"datacatalog.entries.list",
"datacatalog.entries.setIamPolicy",
"datacatalog.entries.update",
"datacatalog.entries.updateTag",
"datacatalog.entryGroups.create",
"datacatalog.entryGroups.delete",
"datacatalog.entryGroups.get",
"datacatalog.entryGroups.getIamPolicy",
"datacatalog.entryGroups.list",
"datacatalog.entryGroups.setIamPolicy",
"datacatalog.entryGroups.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.entryGroupOwner",
"stage": "GA",
"title": "DataCatalog entryGroup Owner"
}
{
"description": "Full access to entries",
"etag": "AA==",
"includedPermissions": [
"datacatalog.entries.create",
"datacatalog.entries.delete",
"datacatalog.entries.get",
"datacatalog.entries.getIamPolicy",
"datacatalog.entries.list",
"datacatalog.entries.setIamPolicy",
"datacatalog.entries.update",
"datacatalog.entries.updateTag",
"datacatalog.entryGroups.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.entryOwner",
"stage": "GA",
"title": "DataCatalog entry Owner"
}
{
"description": "Read access to entries",
"etag": "AA==",
"includedPermissions": [
"datacatalog.entries.get",
"datacatalog.entries.list",
"datacatalog.entryGroups.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.entryViewer",
"stage": "GA",
"title": "DataCatalog Entry Viewer"
}
{
"description": "Gives permission to modify tags on a GCP assets (BigQuery, Pub/Sub etc).",
"etag": "AA==",
"includedPermissions": [
"bigquery.connections.updateTag",
"bigquery.datasets.updateTag",
"bigquery.models.updateTag",
"bigquery.routines.updateTag",
"bigquery.tables.updateTag",
"datacatalog.entries.updateTag",
"pubsub.topics.updateTag"
],
"name": "roles/datacatalog.tagEditor",
"stage": "GA",
"title": "Data Catalog Tag Editor"
}
{
"description": "Access to create new tag templates",
"etag": "AA==",
"includedPermissions": [
"datacatalog.tagTemplates.create",
"datacatalog.tagTemplates.get"
],
"name": "roles/datacatalog.tagTemplateCreator",
"stage": "GA",
"title": "Data Catalog TagTemplate Creator"
}
{
"description": "Full acess to tag templates",
"etag": "AA==",
"includedPermissions": [
"datacatalog.tagTemplates.create",
"datacatalog.tagTemplates.delete",
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getIamPolicy",
"datacatalog.tagTemplates.getTag",
"datacatalog.tagTemplates.setIamPolicy",
"datacatalog.tagTemplates.update",
"datacatalog.tagTemplates.use",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.tagTemplateOwner",
"stage": "GA",
"title": "Data Catalog TagTemplate Owner"
}
{
"description": "Access to use templates to tag resources",
"etag": "AA==",
"includedPermissions": [
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getTag",
"datacatalog.tagTemplates.use",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.tagTemplateUser",
"stage": "GA",
"title": "Data Catalog TagTemplate User"
}
{
"description": "Read access to templates and tags created using the templates",
"etag": "AA==",
"includedPermissions": [
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.tagTemplateViewer",
"stage": "GA",
"title": "Data Catalog TagTemplate Viewer"
}
{
"description": "Grants metadata read permissions to cataloged GCP assets (BigQuery, Pub/Sub etc)",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.get",
"bigquery.models.getMetadata",
"bigquery.tables.get",
"datacatalog.entries.get",
"datacatalog.entries.list",
"datacatalog.entryGroups.get",
"datacatalog.entryGroups.list",
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getTag",
"datacatalog.taxonomies.get",
"datacatalog.taxonomies.list",
"pubsub.topics.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datacatalog.viewer",
"stage": "GA",
"title": "Data Catalog Viewer"
}
{
"description": "Minimal role for creating and managing dataflow jobs.",
"etag": "AA==",
"includedPermissions": [
"compute.machineTypes.get",
"dataflow.jobs.cancel",
"dataflow.jobs.create",
"dataflow.jobs.get",
"dataflow.jobs.list",
"dataflow.jobs.snapshot",
"dataflow.jobs.updateContents",
"dataflow.messages.list",
"dataflow.metrics.get",
"dataflow.snapshots.delete",
"dataflow.snapshots.get",
"dataflow.snapshots.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"storage.buckets.get",
"storage.objects.create",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/dataflow.admin",
"stage": "GA",
"title": "Dataflow Admin"
}
{
"description": "Full operational access to Dataflow jobs.",
"etag": "AA==",
"includedPermissions": [
"dataflow.jobs.cancel",
"dataflow.jobs.create",
"dataflow.jobs.get",
"dataflow.jobs.list",
"dataflow.jobs.snapshot",
"dataflow.jobs.updateContents",
"dataflow.messages.list",
"dataflow.metrics.get",
"dataflow.snapshots.delete",
"dataflow.snapshots.get",
"dataflow.snapshots.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dataflow.developer",
"stage": "GA",
"title": "Dataflow Developer"
}
{
"description": "Gives Cloud Dataflow service account access to managed resources. Includes access to service accounts.",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.bireservations.update",
"bigquery.capacityCommitments.create",
"bigquery.capacityCommitments.delete",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.capacityCommitments.update",
"bigquery.config.get",
"bigquery.config.update",
"bigquery.connections.create",
"bigquery.connections.delete",
"bigquery.connections.get",
"bigquery.connections.getIamPolicy",
"bigquery.connections.list",
"bigquery.connections.setIamPolicy",
"bigquery.connections.update",
"bigquery.connections.updateTag",
"bigquery.connections.use",
"bigquery.datasets.create",
"bigquery.datasets.delete",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.setIamPolicy",
"bigquery.datasets.update",
"bigquery.datasets.updateTag",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.jobs.listAll",
"bigquery.jobs.update",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"bigquery.reservationAssignments.create",
"bigquery.reservationAssignments.delete",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.create",
"bigquery.reservations.delete",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.reservations.update",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.rowAccessPolicies.create",
"bigquery.rowAccessPolicies.delete",
"bigquery.rowAccessPolicies.getIamPolicy",
"bigquery.rowAccessPolicies.list",
"bigquery.rowAccessPolicies.setIamPolicy",
"bigquery.rowAccessPolicies.update",
"bigquery.savedqueries.create",
"bigquery.savedqueries.delete",
"bigquery.savedqueries.get",
"bigquery.savedqueries.list",
"bigquery.savedqueries.update",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.setCategory",
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"bigquery.transfers.get",
"bigquery.transfers.update",
"clouddebugger.breakpoints.list",
"clouddebugger.breakpoints.listActive",
"clouddebugger.breakpoints.update",
"clouddebugger.debuggees.create",
"cloudnotifications.activities.list",
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.get",
"compute.firewallPolicies.list",
"compute.firewallPolicies.use",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.get",
"compute.securityPolicies.list",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setIamPolicy",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"firebase.projects.get",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"iam.serviceAccounts.getAccessToken",
"iam.serviceAccounts.implicitDelegation",
"iam.serviceAccounts.list",
"iam.serviceAccounts.signBlob",
"iam.serviceAccounts.signJwt",
"logging.buckets.create",
"logging.buckets.delete",
"logging.buckets.get",
"logging.buckets.list",
"logging.buckets.undelete",
"logging.buckets.update",
"logging.cmekSettings.get",
"logging.cmekSettings.update",
"logging.exclusions.create",
"logging.exclusions.delete",
"logging.exclusions.get",
"logging.exclusions.list",
"logging.exclusions.update",
"logging.locations.get",
"logging.locations.list",
"logging.logEntries.create",
"logging.logMetrics.create",
"logging.logMetrics.delete",
"logging.logMetrics.get",
"logging.logMetrics.list",
"logging.logMetrics.update",
"logging.logServiceIndexes.list",
"logging.logServices.list",
"logging.logs.list",
"logging.operations.cancel",
"logging.operations.get",
"logging.operations.list",
"logging.sinks.create",
"logging.sinks.delete",
"logging.sinks.get",
"logging.sinks.list",
"logging.sinks.update",
"logging.views.create",
"logging.views.delete",
"logging.views.get",
"logging.views.list",
"logging.views.update",
"monitoring.alertPolicies.get",
"monitoring.alertPolicies.list",
"monitoring.dashboards.get",
"monitoring.dashboards.list",
"monitoring.groups.get",
"monitoring.groups.list",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.notificationChannelDescriptors.get",
"monitoring.notificationChannelDescriptors.list",
"monitoring.notificationChannels.get",
"monitoring.notificationChannels.list",
"monitoring.publicWidgets.get",
"monitoring.publicWidgets.list",
"monitoring.services.get",
"monitoring.services.list",
"monitoring.slos.get",
"monitoring.slos.list",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"monitoring.uptimeCheckConfigs.get",
"monitoring.uptimeCheckConfigs.list",
"networksecurity.authorizationPolicies.create",
"networksecurity.authorizationPolicies.delete",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.getIamPolicy",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.setIamPolicy",
"networksecurity.authorizationPolicies.update",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.create",
"networksecurity.clientTlsPolicies.delete",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.getIamPolicy",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.setIamPolicy",
"networksecurity.clientTlsPolicies.update",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.cancel",
"networksecurity.operations.delete",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.create",
"networksecurity.serverTlsPolicies.delete",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.getIamPolicy",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.setIamPolicy",
"networksecurity.serverTlsPolicies.update",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.create",
"networkservices.endpointConfigSelectors.delete",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.getIamPolicy",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.setIamPolicy",
"networkservices.endpointConfigSelectors.update",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.create",
"networkservices.httpFilters.delete",
"networkservices.httpFilters.get",
"networkservices.httpFilters.getIamPolicy",
"networkservices.httpFilters.list",
"networkservices.httpFilters.setIamPolicy",
"networkservices.httpFilters.update",
"networkservices.httpFilters.use",
"networkservices.httpfilters.create",
"networkservices.httpfilters.delete",
"networkservices.httpfilters.get",
"networkservices.httpfilters.getIamPolicy",
"networkservices.httpfilters.list",
"networkservices.httpfilters.setIamPolicy",
"networkservices.httpfilters.update",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.cancel",
"networkservices.operations.delete",
"networkservices.operations.get",
"networkservices.operations.list",
"opsconfigmonitoring.resourceMetadata.list",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.getIamPolicy",
"pubsub.schemas.list",
"pubsub.schemas.setIamPolicy",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.getIamPolicy",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.setIamPolicy",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.getIamPolicy",
"pubsub.subscriptions.list",
"pubsub.subscriptions.setIamPolicy",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.getIamPolicy",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.setIamPolicy",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.operations.get",
"servicenetworking.services.addPeering",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"stackdriver.projects.get",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/dataflow.serviceAgent",
"stage": "GA",
"title": "Cloud Dataflow Service Agent"
}
{
"description": "Read only access to Dataflow jobs.",
"etag": "AA==",
"includedPermissions": [
"dataflow.jobs.get",
"dataflow.jobs.list",
"dataflow.messages.list",
"dataflow.metrics.get",
"dataflow.snapshots.get",
"dataflow.snapshots.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dataflow.viewer",
"stage": "GA",
"title": "Dataflow Viewer"
}
{
"description": "Worker access to Dataflow. Intended for service accounts.",
"etag": "AA==",
"includedPermissions": [
"compute.instanceGroupManagers.update",
"compute.instances.delete",
"compute.instances.setDiskAutoDelete",
"dataflow.jobs.get",
"logging.logEntries.create",
"storage.buckets.get",
"storage.objects.create",
"storage.objects.get"
],
"name": "roles/dataflow.worker",
"stage": "GA",
"title": "Dataflow Worker"
}
{
"description": "Full access to Cloud Data Fusion Instances, Namespaces and related resources.",
"etag": "AA==",
"includedPermissions": [
"datafusion.instances.create",
"datafusion.instances.delete",
"datafusion.instances.get",
"datafusion.instances.getIamPolicy",
"datafusion.instances.list",
"datafusion.instances.restart",
"datafusion.instances.runtime",
"datafusion.instances.setIamPolicy",
"datafusion.instances.update",
"datafusion.instances.upgrade",
"datafusion.locations.get",
"datafusion.locations.list",
"datafusion.operations.cancel",
"datafusion.operations.get",
"datafusion.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datafusion.admin",
"stage": "BETA",
"title": "Cloud Data Fusion Admin"
}
{
"description": "Access to Cloud Data Fusion runtime resources.",
"etag": "AA==",
"includedPermissions": [
"datafusion.instances.runtime"
],
"name": "roles/datafusion.runner",
"stage": "BETA",
"title": "Cloud Data Fusion Runner"
}
{
"description": "Gives Cloud Data Fusion service account access to Service Networking, Cloud Dataproc, Cloud Storage, BigQuery, Cloud Spanner, and Cloud Bigtable resources.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.delete",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.setIamPolicy",
"bigquery.datasets.update",
"bigquery.datasets.updateTag",
"bigquery.jobs.create",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.rowAccessPolicies.create",
"bigquery.rowAccessPolicies.delete",
"bigquery.rowAccessPolicies.getIamPolicy",
"bigquery.rowAccessPolicies.list",
"bigquery.rowAccessPolicies.setIamPolicy",
"bigquery.rowAccessPolicies.update",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.setCategory",
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"bigtable.appProfiles.create",
"bigtable.appProfiles.delete",
"bigtable.appProfiles.get",
"bigtable.appProfiles.list",
"bigtable.appProfiles.update",
"bigtable.backups.create",
"bigtable.backups.delete",
"bigtable.backups.get",
"bigtable.backups.getIamPolicy",
"bigtable.backups.list",
"bigtable.backups.restore",
"bigtable.backups.setIamPolicy",
"bigtable.backups.update",
"bigtable.clusters.create",
"bigtable.clusters.delete",
"bigtable.clusters.get",
"bigtable.clusters.list",
"bigtable.clusters.update",
"bigtable.instances.create",
"bigtable.instances.delete",
"bigtable.instances.get",
"bigtable.instances.getIamPolicy",
"bigtable.instances.list",
"bigtable.instances.setIamPolicy",
"bigtable.instances.update",
"bigtable.keyvisualizer.get",
"bigtable.keyvisualizer.list",
"bigtable.locations.list",
"bigtable.tables.checkConsistency",
"bigtable.tables.create",
"bigtable.tables.delete",
"bigtable.tables.generateConsistencyToken",
"bigtable.tables.get",
"bigtable.tables.getIamPolicy",
"bigtable.tables.list",
"bigtable.tables.mutateRows",
"bigtable.tables.readRows",
"bigtable.tables.sampleRowKeys",
"bigtable.tables.setIamPolicy",
"bigtable.tables.update",
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscGet",
"compute.globalOperations.get",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instances.get",
"compute.instances.getGuestAttributes",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networks.addPeering",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.removePeering",
"compute.networks.update",
"compute.projects.get",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.list",
"compute.regions.get",
"compute.regions.list",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.urlMaps.get",
"compute.urlMaps.list",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zones.get",
"compute.zones.list",
"dataproc.autoscalingPolicies.create",
"dataproc.autoscalingPolicies.delete",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.list",
"dataproc.autoscalingPolicies.update",
"dataproc.autoscalingPolicies.use",
"dataproc.clusters.create",
"dataproc.clusters.delete",
"dataproc.clusters.get",
"dataproc.clusters.list",
"dataproc.clusters.start",
"dataproc.clusters.stop",
"dataproc.clusters.update",
"dataproc.clusters.use",
"dataproc.jobs.cancel",
"dataproc.jobs.create",
"dataproc.jobs.delete",
"dataproc.jobs.get",
"dataproc.jobs.list",
"dataproc.jobs.update",
"dataproc.operations.delete",
"dataproc.operations.get",
"dataproc.operations.list",
"dataproc.workflowTemplates.create",
"dataproc.workflowTemplates.delete",
"dataproc.workflowTemplates.get",
"dataproc.workflowTemplates.instantiate",
"dataproc.workflowTemplates.instantiateInline",
"dataproc.workflowTemplates.list",
"dataproc.workflowTemplates.update",
"firebase.projects.get",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.list",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.list",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.list",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.list",
"networkservices.httpFilters.get",
"networkservices.httpFilters.list",
"networkservices.httpfilters.get",
"networkservices.httpfilters.list",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.get",
"networkservices.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicenetworking.services.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"spanner.databaseOperations.cancel",
"spanner.databaseOperations.delete",
"spanner.databaseOperations.get",
"spanner.databaseOperations.list",
"spanner.databases.beginOrRollbackReadWriteTransaction",
"spanner.databases.beginPartitionedDmlTransaction",
"spanner.databases.beginReadOnlyTransaction",
"spanner.databases.getDdl",
"spanner.databases.list",
"spanner.databases.partitionQuery",
"spanner.databases.partitionRead",
"spanner.databases.read",
"spanner.databases.select",
"spanner.databases.updateDdl",
"spanner.databases.write",
"spanner.instanceConfigs.get",
"spanner.instanceConfigs.list",
"spanner.instances.get",
"spanner.instances.list",
"spanner.sessions.create",
"spanner.sessions.delete",
"spanner.sessions.get",
"spanner.sessions.list",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics"
],
"name": "roles/datafusion.serviceAgent",
"stage": "GA",
"title": "Cloud Data Fusion API Service Agent"
}
{
"description": "Read-only access to Cloud Data Fusion Instances, Namespaces and related resources.",
"etag": "AA==",
"includedPermissions": [
"datafusion.instances.get",
"datafusion.instances.getIamPolicy",
"datafusion.instances.list",
"datafusion.instances.runtime",
"datafusion.locations.get",
"datafusion.locations.list",
"datafusion.operations.get",
"datafusion.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datafusion.viewer",
"stage": "BETA",
"title": "Cloud Data Fusion Viewer"
}
{
"description": "Full access to all DataLabeling resources",
"etag": "AA==",
"includedPermissions": [
"datalabeling.annotateddatasets.delete",
"datalabeling.annotateddatasets.get",
"datalabeling.annotateddatasets.label",
"datalabeling.annotateddatasets.list",
"datalabeling.annotationspecsets.create",
"datalabeling.annotationspecsets.delete",
"datalabeling.annotationspecsets.get",
"datalabeling.annotationspecsets.list",
"datalabeling.dataitems.get",
"datalabeling.dataitems.list",
"datalabeling.datasets.create",
"datalabeling.datasets.delete",
"datalabeling.datasets.export",
"datalabeling.datasets.get",
"datalabeling.datasets.import",
"datalabeling.datasets.list",
"datalabeling.examples.get",
"datalabeling.examples.list",
"datalabeling.instructions.create",
"datalabeling.instructions.delete",
"datalabeling.instructions.get",
"datalabeling.instructions.list",
"datalabeling.operations.cancel",
"datalabeling.operations.get",
"datalabeling.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datalabeling.admin",
"stage": "BETA",
"title": "DataLabeling Service Admin"
}
{
"description": "Editor of all DataLabeling resources",
"etag": "AA==",
"includedPermissions": [
"datalabeling.annotateddatasets.delete",
"datalabeling.annotateddatasets.get",
"datalabeling.annotateddatasets.label",
"datalabeling.annotateddatasets.list",
"datalabeling.annotationspecsets.create",
"datalabeling.annotationspecsets.delete",
"datalabeling.annotationspecsets.get",
"datalabeling.annotationspecsets.list",
"datalabeling.dataitems.get",
"datalabeling.dataitems.list",
"datalabeling.datasets.create",
"datalabeling.datasets.delete",
"datalabeling.datasets.export",
"datalabeling.datasets.get",
"datalabeling.datasets.import",
"datalabeling.datasets.list",
"datalabeling.examples.get",
"datalabeling.examples.list",
"datalabeling.instructions.create",
"datalabeling.instructions.delete",
"datalabeling.instructions.get",
"datalabeling.instructions.list",
"datalabeling.operations.cancel",
"datalabeling.operations.get",
"datalabeling.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datalabeling.editor",
"stage": "BETA",
"title": "DataLabeling Service Editor"
}
{
"description": "Gives DataLabeling service account read/write access to Cloud Storage, read/write BigQuery, update CMLE model versions, editor access to Annotation service and AutoML service.",
"etag": "AA==",
"includedPermissions": [
"automl.annotationSpecs.create",
"automl.annotationSpecs.delete",
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotationSpecs.update",
"automl.annotations.approve",
"automl.annotations.create",
"automl.annotations.list",
"automl.annotations.manipulate",
"automl.annotations.reject",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.columnSpecs.update",
"automl.datasets.create",
"automl.datasets.delete",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.import",
"automl.datasets.list",
"automl.datasets.update",
"automl.examples.delete",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.create",
"automl.humanAnnotationTasks.delete",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.list",
"automl.modelEvaluations.create",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.create",
"automl.models.delete",
"automl.models.deploy",
"automl.models.export",
"automl.models.get",
"automl.models.list",
"automl.models.predict",
"automl.models.undeploy",
"automl.operations.cancel",
"automl.operations.delete",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"automl.tableSpecs.update",
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.tables.create",
"bigquery.tables.get",
"bigquery.tables.getData",
"ml.jobs.create",
"ml.jobs.get",
"ml.jobs.getIamPolicy",
"ml.jobs.list",
"ml.locations.get",
"ml.locations.list",
"ml.models.create",
"ml.models.delete",
"ml.models.get",
"ml.models.getIamPolicy",
"ml.models.list",
"ml.models.predict",
"ml.models.setIamPolicy",
"ml.models.update",
"ml.operations.get",
"ml.operations.list",
"ml.projects.getConfig",
"ml.studies.create",
"ml.studies.delete",
"ml.studies.get",
"ml.studies.getIamPolicy",
"ml.studies.list",
"ml.studies.setIamPolicy",
"ml.trials.create",
"ml.trials.delete",
"ml.trials.get",
"ml.trials.list",
"ml.trials.update",
"ml.versions.create",
"ml.versions.delete",
"ml.versions.get",
"ml.versions.list",
"ml.versions.predict",
"ml.versions.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/datalabeling.serviceAgent",
"stage": "GA",
"title": "DataLabeling Service Agent"
}
{
"description": "Viewer of all DataLabeling resources",
"etag": "AA==",
"includedPermissions": [
"datalabeling.annotateddatasets.get",
"datalabeling.annotateddatasets.list",
"datalabeling.annotationspecsets.get",
"datalabeling.annotationspecsets.list",
"datalabeling.dataitems.get",
"datalabeling.dataitems.list",
"datalabeling.datasets.get",
"datalabeling.datasets.list",
"datalabeling.examples.get",
"datalabeling.examples.list",
"datalabeling.instructions.get",
"datalabeling.instructions.list",
"datalabeling.operations.get",
"datalabeling.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datalabeling.viewer",
"stage": "BETA",
"title": "DataLabeling Service Viewer"
}
{
"description": "Full access to all resources of Database Migration.",
"etag": "AA==",
"includedPermissions": [
"datamigration.connectionprofiles.create",
"datamigration.connectionprofiles.delete",
"datamigration.connectionprofiles.get",
"datamigration.connectionprofiles.getIamPolicy",
"datamigration.connectionprofiles.list",
"datamigration.connectionprofiles.setIamPolicy",
"datamigration.connectionprofiles.update",
"datamigration.locations.get",
"datamigration.locations.list",
"datamigration.migrationjobs.create",
"datamigration.migrationjobs.delete",
"datamigration.migrationjobs.generateSshScript",
"datamigration.migrationjobs.get",
"datamigration.migrationjobs.getIamPolicy",
"datamigration.migrationjobs.list",
"datamigration.migrationjobs.promote",
"datamigration.migrationjobs.restart",
"datamigration.migrationjobs.resume",
"datamigration.migrationjobs.setIamPolicy",
"datamigration.migrationjobs.start",
"datamigration.migrationjobs.stop",
"datamigration.migrationjobs.update",
"datamigration.migrationjobs.verify",
"datamigration.operations.cancel",
"datamigration.operations.delete",
"datamigration.operations.get",
"datamigration.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datamigration.admin",
"stage": "GA",
"title": "Database Migration Admin"
}
{
"description": "Use of Dataprep.",
"etag": "AA==",
"includedPermissions": [
"dataprep.projects.use",
"resourcemanager.projects.get",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/dataprep.projects.user",
"stage": "BETA",
"title": "Dataprep User"
}
{
"description": "Dataprep service identity. Includes access to service accounts.",
"etag": "AA==",
"includedPermissions": [
"bigquery.bireservations.get",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.config.get",
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.updateTag",
"bigquery.jobs.create",
"bigquery.jobs.list",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.savedqueries.get",
"bigquery.savedqueries.list",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"bigquery.transfers.get",
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.commitments.get",
"compute.commitments.list",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscGet",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.maintenancePolicies.get",
"compute.maintenancePolicies.getIamPolicy",
"compute.maintenancePolicies.list",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.nodeGroups.get",
"compute.nodeGroups.getIamPolicy",
"compute.nodeGroups.list",
"compute.nodeTemplates.get",
"compute.nodeTemplates.getIamPolicy",
"compute.nodeTemplates.list",
"compute.nodeTypes.get",
"compute.nodeTypes.list",
"compute.organizations.listAssociations",
"compute.projects.get",
"compute.publicAdvertisedPrefixes.get",
"compute.publicAdvertisedPrefixes.list",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionOperations.get",
"compute.regionOperations.getIamPolicy",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.urlMaps.get",
"compute.urlMaps.list",
"compute.urlMaps.validate",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zoneOperations.get",
"compute.zoneOperations.getIamPolicy",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"dataflow.jobs.cancel",
"dataflow.jobs.create",
"dataflow.jobs.get",
"dataflow.jobs.list",
"dataflow.jobs.snapshot",
"dataflow.jobs.updateContents",
"dataflow.messages.list",
"dataflow.metrics.get",
"dataflow.snapshots.delete",
"dataflow.snapshots.get",
"dataflow.snapshots.list",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"iam.serviceAccounts.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.buckets.get",
"storage.buckets.list",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/dataprep.serviceAgent",
"stage": "GA",
"title": "Dataprep Service Agent"
}
{
"description": "Full control of Dataproc resources.",
"etag": "AA==",
"includedPermissions": [
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networks.get",
"compute.networks.list",
"compute.projects.get",
"compute.regions.get",
"compute.regions.list",
"compute.zones.get",
"compute.zones.list",
"dataproc.autoscalingPolicies.create",
"dataproc.autoscalingPolicies.delete",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.getIamPolicy",
"dataproc.autoscalingPolicies.list",
"dataproc.autoscalingPolicies.setIamPolicy",
"dataproc.autoscalingPolicies.update",
"dataproc.autoscalingPolicies.use",
"dataproc.clusters.create",
"dataproc.clusters.delete",
"dataproc.clusters.get",
"dataproc.clusters.getIamPolicy",
"dataproc.clusters.list",
"dataproc.clusters.setIamPolicy",
"dataproc.clusters.start",
"dataproc.clusters.stop",
"dataproc.clusters.update",
"dataproc.clusters.use",
"dataproc.jobs.cancel",
"dataproc.jobs.create",
"dataproc.jobs.delete",
"dataproc.jobs.get",
"dataproc.jobs.getIamPolicy",
"dataproc.jobs.list",
"dataproc.jobs.setIamPolicy",
"dataproc.jobs.update",
"dataproc.operations.cancel",
"dataproc.operations.delete",
"dataproc.operations.get",
"dataproc.operations.getIamPolicy",
"dataproc.operations.list",
"dataproc.operations.setIamPolicy",
"dataproc.workflowTemplates.create",
"dataproc.workflowTemplates.delete",
"dataproc.workflowTemplates.get",
"dataproc.workflowTemplates.getIamPolicy",
"dataproc.workflowTemplates.instantiate",
"dataproc.workflowTemplates.instantiateInline",
"dataproc.workflowTemplates.list",
"dataproc.workflowTemplates.setIamPolicy",
"dataproc.workflowTemplates.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dataproc.admin",
"stage": "GA",
"title": "Dataproc Administrator"
}
{
"description": "Full control of Dataproc resources. Allows viewing all networks.",
"etag": "AA==",
"includedPermissions": [
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networks.get",
"compute.networks.list",
"compute.projects.get",
"compute.regions.get",
"compute.regions.list",
"compute.zones.get",
"compute.zones.list",
"dataproc.autoscalingPolicies.create",
"dataproc.autoscalingPolicies.delete",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.list",
"dataproc.autoscalingPolicies.update",
"dataproc.autoscalingPolicies.use",
"dataproc.clusters.create",
"dataproc.clusters.delete",
"dataproc.clusters.get",
"dataproc.clusters.list",
"dataproc.clusters.start",
"dataproc.clusters.stop",
"dataproc.clusters.update",
"dataproc.clusters.use",
"dataproc.jobs.cancel",
"dataproc.jobs.create",
"dataproc.jobs.delete",
"dataproc.jobs.get",
"dataproc.jobs.list",
"dataproc.jobs.update",
"dataproc.operations.delete",
"dataproc.operations.get",
"dataproc.operations.list",
"dataproc.workflowTemplates.create",
"dataproc.workflowTemplates.delete",
"dataproc.workflowTemplates.get",
"dataproc.workflowTemplates.instantiate",
"dataproc.workflowTemplates.instantiateInline",
"dataproc.workflowTemplates.list",
"dataproc.workflowTemplates.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dataproc.editor",
"stage": "GA",
"title": "Dataproc Editor"
}
{
"description": "Allows management of Dataproc resources. Intended for service accounts running Dataproc Hub instances.",
"etag": "AA==",
"includedPermissions": [
"compute.instances.get",
"compute.instances.setMetadata",
"compute.instances.setTags",
"compute.zoneOperations.get",
"compute.zones.list",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.list",
"dataproc.autoscalingPolicies.use",
"dataproc.clusters.create",
"dataproc.clusters.delete",
"dataproc.clusters.get",
"dataproc.clusters.list",
"dataproc.clusters.update",
"dataproc.operations.cancel",
"dataproc.operations.delete",
"dataproc.operations.get",
"dataproc.operations.list",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.get",
"iam.serviceAccounts.list",
"logging.buckets.get",
"logging.buckets.list",
"logging.exclusions.get",
"logging.exclusions.list",
"logging.locations.get",
"logging.locations.list",
"logging.logEntries.create",
"logging.logEntries.list",
"logging.logMetrics.get",
"logging.logMetrics.list",
"logging.logServiceIndexes.list",
"logging.logServices.list",
"logging.logs.list",
"logging.queries.create",
"logging.queries.delete",
"logging.queries.get",
"logging.queries.list",
"logging.queries.listShared",
"logging.queries.update",
"logging.sinks.get",
"logging.sinks.list",
"logging.usage.get",
"logging.views.get",
"logging.views.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"storage.buckets.get",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/dataproc.hubAgent",
"stage": "GA",
"title": "Dataproc Hub Agent"
}
{
"description": "Gives Cloud Dataproc service account access to Compute, and Storage resources and Service Accounts.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.use",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.list",
"compute.disks.resize",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.use",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.list",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.sendDiagnosticInterrupt",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.licenses.get",
"compute.licenses.list",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.get",
"compute.networks.list",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.nodeGroups.get",
"compute.nodeTypes.get",
"compute.projects.get",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.list",
"dataproc.autoscalingPolicies.use",
"dataproc.clusters.create",
"dataproc.clusters.delete",
"dataproc.clusters.get",
"dataproc.clusters.getIamPolicy",
"dataproc.clusters.list",
"dataproc.clusters.setIamPolicy",
"dataproc.clusters.start",
"dataproc.clusters.stop",
"dataproc.clusters.update",
"dataproc.clusters.use",
"dataproc.jobs.cancel",
"dataproc.jobs.create",
"dataproc.jobs.delete",
"dataproc.jobs.get",
"dataproc.jobs.getIamPolicy",
"dataproc.jobs.list",
"dataproc.jobs.setIamPolicy",
"dataproc.jobs.update",
"firebase.projects.get",
"iam.serviceAccounts.actAs",
"metastore.services.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/dataproc.serviceAgent",
"stage": "GA",
"title": "Dataproc Service Agent"
}
{
"description": "Read-only access to Dataproc resources.",
"etag": "AA==",
"includedPermissions": [
"compute.machineTypes.get",
"compute.regions.get",
"compute.regions.list",
"compute.zones.get",
"compute.zones.list",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.list",
"dataproc.clusters.get",
"dataproc.clusters.list",
"dataproc.jobs.get",
"dataproc.jobs.list",
"dataproc.operations.get",
"dataproc.operations.list",
"dataproc.workflowTemplates.get",
"dataproc.workflowTemplates.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dataproc.viewer",
"stage": "GA",
"title": "Dataproc Viewer"
}
{
"description": "Worker access to Dataproc. Intended for service accounts.",
"etag": "AA==",
"includedPermissions": [
"dataproc.agents.create",
"dataproc.agents.delete",
"dataproc.agents.get",
"dataproc.agents.list",
"dataproc.agents.update",
"dataproc.tasks.lease",
"dataproc.tasks.listInvalidatedLeases",
"dataproc.tasks.reportStatus",
"logging.logEntries.create",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create",
"storage.buckets.get",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/dataproc.worker",
"stage": "GA",
"title": "Dataproc Worker"
}
{
"description": "Data processing controls admin who can fully manage data processing controls settings and view all datasource data.",
"etag": "AA==",
"includedPermissions": [
"billing.accounts.get",
"billing.accounts.list",
"dataprocessing.datasources.get",
"dataprocessing.datasources.list",
"dataprocessing.datasources.update",
"dataprocessing.featurecontrols.list",
"dataprocessing.featurecontrols.update",
"dataprocessing.groupcontrols.get",
"dataprocessing.groupcontrols.list",
"dataprocessing.groupcontrols.update"
],
"name": "roles/dataprocessing.admin",
"stage": "GA",
"title": "Data Processing Controls Resource Admin"
}
{
"description": "Full access to manage imports and exports.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"datastore.databases.export",
"datastore.databases.import",
"datastore.operations.cancel",
"datastore.operations.get",
"datastore.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastore.importExportAdmin",
"stage": "GA",
"title": "Cloud Datastore Import Export Admin"
}
{
"description": "Full access to manage index definitions.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"datastore.indexes.create",
"datastore.indexes.delete",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.indexes.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastore.indexAdmin",
"stage": "GA",
"title": "Cloud Datastore Index Admin"
}
{
"description": "Full access to Cloud Datastore.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"datastore.databases.create",
"datastore.databases.delete",
"datastore.databases.export",
"datastore.databases.get",
"datastore.databases.getIamPolicy",
"datastore.databases.import",
"datastore.databases.list",
"datastore.databases.setIamPolicy",
"datastore.databases.update",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.create",
"datastore.indexes.delete",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.indexes.update",
"datastore.locations.get",
"datastore.locations.list",
"datastore.namespaces.get",
"datastore.namespaces.getIamPolicy",
"datastore.namespaces.list",
"datastore.namespaces.setIamPolicy",
"datastore.operations.cancel",
"datastore.operations.delete",
"datastore.operations.get",
"datastore.operations.list",
"datastore.statistics.get",
"datastore.statistics.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastore.owner",
"stage": "GA",
"title": "Cloud Datastore Owner"
}
{
"description": "Provides read/write access to data in a Cloud Datastore database. Intended for application developers and service accounts.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"datastore.databases.get",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.list",
"datastore.namespaces.get",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastore.user",
"stage": "GA",
"title": "Cloud Datastore User"
}
{
"description": "Read access to all Cloud Datastore resources.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"datastore.databases.get",
"datastore.databases.list",
"datastore.entities.get",
"datastore.entities.list",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.namespaces.get",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastore.viewer",
"stage": "GA",
"title": "Cloud Datastore Viewer"
}
{
"description": "Full access to all Datastream resources.",
"etag": "AA==",
"includedPermissions": [
"datastream.connectionProfiles.create",
"datastream.connectionProfiles.delete",
"datastream.connectionProfiles.destinationTypes",
"datastream.connectionProfiles.discover",
"datastream.connectionProfiles.get",
"datastream.connectionProfiles.getIamPolicy",
"datastream.connectionProfiles.list",
"datastream.connectionProfiles.listStaticServiceIps",
"datastream.connectionProfiles.setIamPolicy",
"datastream.connectionProfiles.sourceTypes",
"datastream.connectionProfiles.update",
"datastream.locations.fetchStaticIps",
"datastream.locations.get",
"datastream.locations.list",
"datastream.operations.cancel",
"datastream.operations.delete",
"datastream.operations.get",
"datastream.operations.list",
"datastream.privateConnections.create",
"datastream.privateConnections.delete",
"datastream.privateConnections.get",
"datastream.privateConnections.getIamPolicy",
"datastream.privateConnections.list",
"datastream.privateConnections.setIamPolicy",
"datastream.routes.create",
"datastream.routes.delete",
"datastream.routes.get",
"datastream.routes.getIamPolicy",
"datastream.routes.list",
"datastream.routes.setIamPolicy",
"datastream.streams.computeState",
"datastream.streams.create",
"datastream.streams.delete",
"datastream.streams.fetchErrors",
"datastream.streams.get",
"datastream.streams.getIamPolicy",
"datastream.streams.list",
"datastream.streams.pause",
"datastream.streams.resume",
"datastream.streams.setIamPolicy",
"datastream.streams.start",
"datastream.streams.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastream.admin",
"stage": "BETA",
"title": "Datastream Admin"
}
{
"description": "Read-only access to all Datastream resources.",
"etag": "AA==",
"includedPermissions": [
"datastream.connectionProfiles.destinationTypes",
"datastream.connectionProfiles.discover",
"datastream.connectionProfiles.get",
"datastream.connectionProfiles.getIamPolicy",
"datastream.connectionProfiles.list",
"datastream.connectionProfiles.listStaticServiceIps",
"datastream.connectionProfiles.sourceTypes",
"datastream.locations.fetchStaticIps",
"datastream.locations.get",
"datastream.locations.list",
"datastream.operations.get",
"datastream.operations.list",
"datastream.privateConnections.get",
"datastream.privateConnections.getIamPolicy",
"datastream.privateConnections.list",
"datastream.routes.get",
"datastream.routes.getIamPolicy",
"datastream.routes.list",
"datastream.streams.fetchErrors",
"datastream.streams.get",
"datastream.streams.getIamPolicy",
"datastream.streams.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/datastream.viewer",
"stage": "BETA",
"title": "Datastream Viewer"
}
{
"description": "Grants Data Studio Service Account access to manage resources.",
"etag": "AA==",
"includedPermissions": [
"bigquery.jobs.create"
],
"name": "roles/datastudio.serviceAgent",
"stage": "GA",
"title": "Data Studio Service Agent"
}
{
"description": "This role is managed by Dell EMC, not Google.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dellemccloudonefs.admin",
"stage": "BETA",
"title": "Dell EMC Cloud OneFS Admin"
}
{
"description": "This role is managed by Dell EMC, not Google.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dellemccloudonefs.user",
"stage": "BETA",
"title": "Dell EMC Cloud OneFS User"
}
{
"description": "This role is managed by Dell EMC, not Google.",
"etag": "AA==",
"includedPermissions": [
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dellemccloudonefs.viewer",
"stage": "BETA",
"title": "Dell EMC Cloud OneFS Viewer"
}
{
"description": "Read and Write access to all Deployment Manager resources.",
"etag": "AA==",
"includedPermissions": [
"deploymentmanager.compositeTypes.create",
"deploymentmanager.compositeTypes.delete",
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.compositeTypes.update",
"deploymentmanager.deployments.cancelPreview",
"deploymentmanager.deployments.create",
"deploymentmanager.deployments.delete",
"deploymentmanager.deployments.get",
"deploymentmanager.deployments.list",
"deploymentmanager.deployments.stop",
"deploymentmanager.deployments.update",
"deploymentmanager.manifests.get",
"deploymentmanager.manifests.list",
"deploymentmanager.operations.get",
"deploymentmanager.operations.list",
"deploymentmanager.resources.get",
"deploymentmanager.resources.list",
"deploymentmanager.typeProviders.create",
"deploymentmanager.typeProviders.delete",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.typeProviders.update",
"deploymentmanager.types.create",
"deploymentmanager.types.delete",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"deploymentmanager.types.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/deploymentmanager.editor",
"stage": "GA",
"title": "Deployment Manager Editor"
}
{
"description": "Read and Write access to all Type Registry resources.",
"etag": "AA==",
"includedPermissions": [
"deploymentmanager.compositeTypes.create",
"deploymentmanager.compositeTypes.delete",
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.compositeTypes.update",
"deploymentmanager.operations.get",
"deploymentmanager.typeProviders.create",
"deploymentmanager.typeProviders.delete",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.typeProviders.update",
"deploymentmanager.types.create",
"deploymentmanager.types.delete",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"deploymentmanager.types.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get"
],
"name": "roles/deploymentmanager.typeEditor",
"stage": "GA",
"title": "Deployment Manager Type Editor"
}
{
"description": "Read-only access to all Type Registry resources.",
"etag": "AA==",
"includedPermissions": [
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get"
],
"name": "roles/deploymentmanager.typeViewer",
"stage": "GA",
"title": "Deployment Manager Type Viewer"
}
{
"description": "Read-only access to all Deployment Manager resources.",
"etag": "AA==",
"includedPermissions": [
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.deployments.get",
"deploymentmanager.deployments.list",
"deploymentmanager.manifests.get",
"deploymentmanager.manifests.list",
"deploymentmanager.operations.get",
"deploymentmanager.operations.list",
"deploymentmanager.resources.get",
"deploymentmanager.resources.list",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/deploymentmanager.viewer",
"stage": "GA",
"title": "Deployment Manager Viewer"
}
{
"description": "An admin has access to all resources and can perform all administrative actions in an AAM project.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.aamAdmin",
"stage": "GA",
"title": "AAM Admin"
}
{
"description": "A Conversational Architect can label conversational data, approve taxonomy changes and design virtual agents for a customer's use cases.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.aamConversationalArchitect",
"stage": "GA",
"title": "AAM Conversational Architect"
}
{
"description": "A Dialog Designer can label conversational data and propose taxonomy changes for virtual agent modeling.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.aamDialogDesigner",
"stage": "GA",
"title": "AAM Dialog Designer"
}
{
"description": "A Dialog Designer Lead can label conversational data and approve taxonomy changes for virtual agent modeling.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.aamLeadDialogDesigner",
"stage": "GA",
"title": "AAM Lead Dialog Designer"
}
{
"description": "A user can view the taxonomy and data reports in an AAM project.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.aamViewer",
"stage": "GA",
"title": "AAM Viewer"
}
{
"description": "Can query for intent; read & write session properties; read & write agent properties.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.create",
"dialogflow.agents.delete",
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.import",
"dialogflow.agents.list",
"dialogflow.agents.restore",
"dialogflow.agents.search",
"dialogflow.agents.train",
"dialogflow.agents.update",
"dialogflow.agents.validate",
"dialogflow.answerrecords.delete",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.answerrecords.update",
"dialogflow.callMatchers.create",
"dialogflow.callMatchers.delete",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.create",
"dialogflow.contexts.delete",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.contexts.update",
"dialogflow.conversationDatasets.create",
"dialogflow.conversationDatasets.delete",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.import",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.create",
"dialogflow.conversationModels.delete",
"dialogflow.conversationModels.deploy",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationModels.undeploy",
"dialogflow.conversationProfiles.create",
"dialogflow.conversationProfiles.delete",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversationProfiles.update",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.create",
"dialogflow.documents.delete",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.create",
"dialogflow.entityTypes.createEntity",
"dialogflow.entityTypes.delete",
"dialogflow.entityTypes.deleteEntity",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.entityTypes.update",
"dialogflow.entityTypes.updateEntity",
"dialogflow.environments.create",
"dialogflow.environments.delete",
"dialogflow.environments.get",
"dialogflow.environments.getHistory",
"dialogflow.environments.list",
"dialogflow.environments.lookupHistory",
"dialogflow.environments.update",
"dialogflow.flows.create",
"dialogflow.flows.delete",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.flows.train",
"dialogflow.flows.update",
"dialogflow.flows.validate",
"dialogflow.fulfillments.get",
"dialogflow.fulfillments.update",
"dialogflow.intents.create",
"dialogflow.intents.delete",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.intents.update",
"dialogflow.knowledgeBases.create",
"dialogflow.knowledgeBases.delete",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.create",
"dialogflow.pages.delete",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.pages.update",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update",
"dialogflow.phoneNumberOrders.cancel",
"dialogflow.phoneNumberOrders.create",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumberOrders.update",
"dialogflow.phoneNumbers.delete",
"dialogflow.phoneNumbers.list",
"dialogflow.phoneNumbers.undelete",
"dialogflow.phoneNumbers.update",
"dialogflow.securitySettings.create",
"dialogflow.securitySettings.delete",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.securitySettings.update",
"dialogflow.sessionEntityTypes.create",
"dialogflow.sessionEntityTypes.delete",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.sessionEntityTypes.update",
"dialogflow.sessions.detectIntent",
"dialogflow.sessions.streamingDetectIntent",
"dialogflow.smartMessagingEntries.create",
"dialogflow.smartMessagingEntries.delete",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.create",
"dialogflow.transitionRouteGroups.delete",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.transitionRouteGroups.update",
"dialogflow.versions.create",
"dialogflow.versions.delete",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.versions.load",
"dialogflow.versions.update",
"dialogflow.webhooks.create",
"dialogflow.webhooks.delete",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"dialogflow.webhooks.update",
"resourcemanager.projects.get"
],
"name": "roles/dialogflow.admin",
"stage": "GA",
"title": "Dialogflow API Admin"
}
{
"description": "Can call all methods on sessions and conversations resources as well as their descendants.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.contexts.create",
"dialogflow.contexts.delete",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.contexts.update",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.messages.list",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update",
"dialogflow.sessionEntityTypes.create",
"dialogflow.sessionEntityTypes.delete",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.sessionEntityTypes.update",
"dialogflow.sessions.detectIntent",
"dialogflow.sessions.streamingDetectIntent"
],
"name": "roles/dialogflow.client",
"stage": "GA",
"title": "Dialogflow API Client"
}
{
"description": "Can edit agent in Dialogflow Console",
"etag": "AA==",
"includedPermissions": [
"actions.agentVersions.create",
"dialogflow.agents.create",
"dialogflow.agents.delete",
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.import",
"dialogflow.agents.list",
"dialogflow.agents.restore",
"dialogflow.agents.search",
"dialogflow.agents.searchResources",
"dialogflow.agents.train",
"dialogflow.agents.update",
"dialogflow.agents.validate",
"dialogflow.answerrecords.delete",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.answerrecords.update",
"dialogflow.callMatchers.create",
"dialogflow.callMatchers.delete",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.create",
"dialogflow.contexts.delete",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.contexts.update",
"dialogflow.conversationDatasets.create",
"dialogflow.conversationDatasets.delete",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.import",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.create",
"dialogflow.conversationModels.delete",
"dialogflow.conversationModels.deploy",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationModels.undeploy",
"dialogflow.conversationProfiles.create",
"dialogflow.conversationProfiles.delete",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversationProfiles.update",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.create",
"dialogflow.documents.delete",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.create",
"dialogflow.entityTypes.createEntity",
"dialogflow.entityTypes.delete",
"dialogflow.entityTypes.deleteEntity",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.entityTypes.update",
"dialogflow.entityTypes.updateEntity",
"dialogflow.environments.create",
"dialogflow.environments.delete",
"dialogflow.environments.get",
"dialogflow.environments.getHistory",
"dialogflow.environments.list",
"dialogflow.environments.lookupHistory",
"dialogflow.environments.update",
"dialogflow.flows.create",
"dialogflow.flows.delete",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.flows.train",
"dialogflow.flows.update",
"dialogflow.flows.validate",
"dialogflow.fulfillments.get",
"dialogflow.fulfillments.update",
"dialogflow.intents.create",
"dialogflow.intents.delete",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.intents.update",
"dialogflow.knowledgeBases.create",
"dialogflow.knowledgeBases.delete",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.create",
"dialogflow.pages.delete",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.pages.update",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update",
"dialogflow.phoneNumberOrders.cancel",
"dialogflow.phoneNumberOrders.create",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumberOrders.update",
"dialogflow.phoneNumbers.delete",
"dialogflow.phoneNumbers.list",
"dialogflow.phoneNumbers.undelete",
"dialogflow.phoneNumbers.update",
"dialogflow.securitySettings.create",
"dialogflow.securitySettings.delete",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.securitySettings.update",
"dialogflow.sessionEntityTypes.create",
"dialogflow.sessionEntityTypes.delete",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.sessionEntityTypes.update",
"dialogflow.sessions.detectIntent",
"dialogflow.sessions.streamingDetectIntent",
"dialogflow.smartMessagingEntries.create",
"dialogflow.smartMessagingEntries.delete",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.create",
"dialogflow.transitionRouteGroups.delete",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.transitionRouteGroups.update",
"dialogflow.versions.create",
"dialogflow.versions.delete",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.versions.load",
"dialogflow.versions.update",
"dialogflow.webhooks.create",
"dialogflow.webhooks.delete",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"dialogflow.webhooks.update",
"resourcemanager.projects.get"
],
"name": "roles/dialogflow.consoleAgentEditor",
"stage": "GA",
"title": "Dialogflow Console Agent Editor"
}
{
"description": "Can perform query of dialogflow suggestions in the simulator in web console.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update",
"dialogflow.sessions.detectIntent",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.consoleSimulatorUser",
"stage": "GA",
"title": "Dialogflow Console Simulator User"
}
{
"description": "Can edit allowlist for smart messaging associated with conversation model in the agent assist console",
"etag": "AA==",
"includedPermissions": [
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.operations.get",
"dialogflow.smartMessagingEntries.create",
"dialogflow.smartMessagingEntries.delete",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dialogflow.consoleSmartMessagingAllowlistEditor",
"stage": "GA",
"title": "Dialogflow Console Smart Messaging Allowlist Editor"
}
{
"description": "Can manage all the resources related to Dialogflow Conversations.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.conversationProfiles.create",
"dialogflow.conversationProfiles.delete",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversationProfiles.update",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update"
],
"name": "roles/dialogflow.conversationManager",
"stage": "GA",
"title": "Dialogflow Conversation Manager"
}
{
"description": "Can add, remove, enable and disable Dialogflow integrations.",
"etag": "AA==",
"name": "roles/dialogflow.integrationManager",
"stage": "GA",
"title": "Dialogflow Integration Manager"
}
{
"description": "Can read agent and session properties; cannot query for intent.",
"etag": "AA==",
"includedPermissions": [
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"resourcemanager.projects.get"
],
"name": "roles/dialogflow.reader",
"stage": "GA",
"title": "Dialogflow API Reader"
}
{
"description": "Gives Dialogflow Service Account access to resources on behalf of user project for intent detection in integrations (Facebook Messenger, Slack, Telephony, etc.).",
"etag": "AA==",
"includedPermissions": [
"cloudfunctions.functions.invoke",
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.list",
"dialogflow.agents.search",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.create",
"dialogflow.contexts.delete",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.contexts.update",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.environments.get",
"dialogflow.environments.list",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.fulfillments.get",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumbers.list",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.sessionEntityTypes.create",
"dialogflow.sessionEntityTypes.delete",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.sessionEntityTypes.update",
"dialogflow.sessions.detectIntent",
"dialogflow.sessions.streamingDetectIntent",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list",
"logging.logEntries.create",
"pubsub.topics.publish",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.services.use",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/dialogflow.serviceAgent",
"stage": "GA",
"title": "Dialogflow Service Agent"
}
{
"description": "Administer DLP including jobs and templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.analyzeRiskTemplates.create",
"dlp.analyzeRiskTemplates.delete",
"dlp.analyzeRiskTemplates.get",
"dlp.analyzeRiskTemplates.list",
"dlp.analyzeRiskTemplates.update",
"dlp.columnDataProfiles.get",
"dlp.columnDataProfiles.list",
"dlp.deidentifyTemplates.create",
"dlp.deidentifyTemplates.delete",
"dlp.deidentifyTemplates.get",
"dlp.deidentifyTemplates.list",
"dlp.deidentifyTemplates.update",
"dlp.estimates.cancel",
"dlp.estimates.create",
"dlp.estimates.delete",
"dlp.estimates.get",
"dlp.estimates.list",
"dlp.inspectFindings.list",
"dlp.inspectTemplates.create",
"dlp.inspectTemplates.delete",
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list",
"dlp.inspectTemplates.update",
"dlp.jobTriggers.create",
"dlp.jobTriggers.delete",
"dlp.jobTriggers.get",
"dlp.jobTriggers.hybridInspect",
"dlp.jobTriggers.list",
"dlp.jobTriggers.update",
"dlp.jobs.cancel",
"dlp.jobs.create",
"dlp.jobs.delete",
"dlp.jobs.get",
"dlp.jobs.hybridInspect",
"dlp.jobs.list",
"dlp.kms.encrypt",
"dlp.projectDataProfiles.get",
"dlp.projectDataProfiles.list",
"dlp.storedInfoTypes.create",
"dlp.storedInfoTypes.delete",
"dlp.storedInfoTypes.get",
"dlp.storedInfoTypes.list",
"dlp.storedInfoTypes.update",
"dlp.tableDataProfiles.get",
"dlp.tableDataProfiles.list",
"serviceusage.services.use"
],
"name": "roles/dlp.admin",
"stage": "GA",
"title": "DLP Administrator"
}
{
"description": "Edit DLP analyze risk templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.analyzeRiskTemplates.create",
"dlp.analyzeRiskTemplates.delete",
"dlp.analyzeRiskTemplates.get",
"dlp.analyzeRiskTemplates.list",
"dlp.analyzeRiskTemplates.update"
],
"name": "roles/dlp.analyzeRiskTemplatesEditor",
"stage": "GA",
"title": "DLP Analyze Risk Templates Editor"
}
{
"description": "Read DLP analyze risk templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.analyzeRiskTemplates.get",
"dlp.analyzeRiskTemplates.list"
],
"name": "roles/dlp.analyzeRiskTemplatesReader",
"stage": "GA",
"title": "DLP Analyze Risk Templates Reader"
}
{
"description": "Read DLP column profiles.",
"etag": "AA==",
"includedPermissions": [
"dlp.columnDataProfiles.get",
"dlp.columnDataProfiles.list"
],
"name": "roles/dlp.columnDataProfilesReader",
"stage": "GA",
"title": "DLP Column Data Profiles Reader"
}
{
"description": "Read DLP profiles.",
"etag": "AA==",
"includedPermissions": [
"dlp.columnDataProfiles.get",
"dlp.columnDataProfiles.list",
"dlp.projectDataProfiles.get",
"dlp.projectDataProfiles.list",
"dlp.tableDataProfiles.get",
"dlp.tableDataProfiles.list"
],
"name": "roles/dlp.dataProfilesReader",
"stage": "GA",
"title": "DLP Data Profiles Reader"
}
{
"description": "Edit DLP de-identify templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.deidentifyTemplates.create",
"dlp.deidentifyTemplates.delete",
"dlp.deidentifyTemplates.get",
"dlp.deidentifyTemplates.list",
"dlp.deidentifyTemplates.update"
],
"name": "roles/dlp.deidentifyTemplatesEditor",
"stage": "GA",
"title": "DLP De-identify Templates Editor"
}
{
"description": "Read DLP de-identify templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.deidentifyTemplates.get",
"dlp.deidentifyTemplates.list"
],
"name": "roles/dlp.deidentifyTemplatesReader",
"stage": "GA",
"title": "DLP De-identify Templates Reader"
}
{
"description": "Manage DLP Cost Estimates.",
"etag": "AA==",
"includedPermissions": [
"dlp.estimates.cancel",
"dlp.estimates.create",
"dlp.estimates.delete",
"dlp.estimates.get",
"dlp.estimates.list"
],
"name": "roles/dlp.estimatesAdmin",
"stage": "GA",
"title": "DLP Cost Estimation"
}
{
"description": "Read DLP stored findings.",
"etag": "AA==",
"includedPermissions": [
"dlp.inspectFindings.list"
],
"name": "roles/dlp.inspectFindingsReader",
"stage": "GA",
"title": "DLP Inspect Findings Reader"
}
{
"description": "Edit DLP inspect templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.inspectTemplates.create",
"dlp.inspectTemplates.delete",
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list",
"dlp.inspectTemplates.update"
],
"name": "roles/dlp.inspectTemplatesEditor",
"stage": "GA",
"title": "DLP Inspect Templates Editor"
}
{
"description": "Read DLP inspect templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list"
],
"name": "roles/dlp.inspectTemplatesReader",
"stage": "GA",
"title": "DLP Inspect Templates Reader"
}
{
"description": "Edit job triggers configurations.",
"etag": "AA==",
"includedPermissions": [
"dlp.jobTriggers.create",
"dlp.jobTriggers.delete",
"dlp.jobTriggers.get",
"dlp.jobTriggers.hybridInspect",
"dlp.jobTriggers.list",
"dlp.jobTriggers.update"
],
"name": "roles/dlp.jobTriggersEditor",
"stage": "GA",
"title": "DLP Job Triggers Editor"
}
{
"description": "Read job triggers.",
"etag": "AA==",
"includedPermissions": [
"dlp.jobTriggers.get",
"dlp.jobTriggers.list"
],
"name": "roles/dlp.jobTriggersReader",
"stage": "GA",
"title": "DLP Job Triggers Reader"
}
{
"description": "Edit and create jobs",
"etag": "AA==",
"includedPermissions": [
"dlp.jobs.cancel",
"dlp.jobs.create",
"dlp.jobs.delete",
"dlp.jobs.get",
"dlp.jobs.hybridInspect",
"dlp.jobs.list",
"dlp.kms.encrypt"
],
"name": "roles/dlp.jobsEditor",
"stage": "GA",
"title": "DLP Jobs Editor"
}
{
"description": "Read jobs",
"etag": "AA==",
"includedPermissions": [
"dlp.jobs.get",
"dlp.jobs.list"
],
"name": "roles/dlp.jobsReader",
"stage": "GA",
"title": "DLP Jobs Reader"
}
{
"description": "Read DLP project profiles.",
"etag": "AA==",
"includedPermissions": [
"dlp.projectDataProfiles.get",
"dlp.projectDataProfiles.list"
],
"name": "roles/dlp.projectDataProfilesReader",
"stage": "GA",
"title": "DLP Project Data Profiles Reader"
}
{
"description": "Read DLP entities, such as jobs and templates.",
"etag": "AA==",
"includedPermissions": [
"dlp.analyzeRiskTemplates.get",
"dlp.analyzeRiskTemplates.list",
"dlp.deidentifyTemplates.get",
"dlp.deidentifyTemplates.list",
"dlp.inspectFindings.list",
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list",
"dlp.jobTriggers.get",
"dlp.jobTriggers.list",
"dlp.jobs.get",
"dlp.jobs.list",
"dlp.storedInfoTypes.get",
"dlp.storedInfoTypes.list"
],
"name": "roles/dlp.reader",
"stage": "GA",
"title": "DLP Reader"
}
{
"description": "Gives DLP API service agent permissions for biquery, storage, datastore, pubsub and KMS.",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"bigquery.datasets.create",
"bigquery.datasets.delete",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.setIamPolicy",
"bigquery.datasets.update",
"bigquery.datasets.updateTag",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.jobs.update",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.rowAccessPolicies.create",
"bigquery.rowAccessPolicies.delete",
"bigquery.rowAccessPolicies.getIamPolicy",
"bigquery.rowAccessPolicies.list",
"bigquery.rowAccessPolicies.setIamPolicy",
"bigquery.rowAccessPolicies.update",
"bigquery.tables.create",
"bigquery.tables.delete",
"bigquery.tables.export",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.getIamPolicy",
"bigquery.tables.list",
"bigquery.tables.setCategory",
"bigquery.tables.setIamPolicy",
"bigquery.tables.update",
"bigquery.tables.updateData",
"bigquery.tables.updateTag",
"cloudkms.cryptoKeyVersions.useToDecrypt",
"cloudkms.locations.get",
"cloudkms.locations.list",
"datacatalog.tagTemplates.create",
"datacatalog.tagTemplates.delete",
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getIamPolicy",
"datacatalog.tagTemplates.getTag",
"datacatalog.tagTemplates.setIamPolicy",
"datacatalog.tagTemplates.update",
"datacatalog.tagTemplates.use",
"datastore.databases.get",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.list",
"datastore.namespaces.get",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"dlp.analyzeRiskTemplates.get",
"dlp.analyzeRiskTemplates.list",
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list",
"dlp.jobs.cancel",
"dlp.jobs.create",
"dlp.jobs.delete",
"dlp.jobs.get",
"dlp.jobs.hybridInspect",
"dlp.jobs.list",
"dlp.kms.encrypt",
"firebase.projects.get",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.getIamPolicy",
"pubsub.schemas.list",
"pubsub.schemas.setIamPolicy",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.getIamPolicy",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.setIamPolicy",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.getIamPolicy",
"pubsub.subscriptions.list",
"pubsub.subscriptions.setIamPolicy",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.getIamPolicy",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.setIamPolicy",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"serviceusage.services.use",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/dlp.serviceAgent",
"stage": "GA",
"title": "DLP API Service Agent"
}
{
"description": "Edit DLP stored info types.",
"etag": "AA==",
"includedPermissions": [
"dlp.storedInfoTypes.create",
"dlp.storedInfoTypes.delete",
"dlp.storedInfoTypes.get",
"dlp.storedInfoTypes.list",
"dlp.storedInfoTypes.update"
],
"name": "roles/dlp.storedInfoTypesEditor",
"stage": "GA",
"title": "DLP Stored InfoTypes Editor"
}
{
"description": "Read DLP stored info types.",
"etag": "AA==",
"includedPermissions": [
"dlp.storedInfoTypes.get",
"dlp.storedInfoTypes.list"
],
"name": "roles/dlp.storedInfoTypesReader",
"stage": "GA",
"title": "DLP Stored InfoTypes Reader"
}
{
"description": "Read DLP table profiles.",
"etag": "AA==",
"includedPermissions": [
"dlp.tableDataProfiles.get",
"dlp.tableDataProfiles.list"
],
"name": "roles/dlp.tableDataProfilesReader",
"stage": "GA",
"title": "DLP Table Data Profiles Reader"
}
{
"description": "Inspect, Redact, and De-identify Content",
"etag": "AA==",
"includedPermissions": [
"dlp.kms.encrypt",
"serviceusage.services.use"
],
"name": "roles/dlp.user",
"stage": "GA",
"title": "DLP User"
}
{
"description": "Full read-write access to DNS resources.",
"etag": "AA==",
"includedPermissions": [
"compute.networks.get",
"compute.networks.list",
"dns.changes.create",
"dns.changes.get",
"dns.changes.list",
"dns.dnsKeys.get",
"dns.dnsKeys.list",
"dns.managedZoneOperations.get",
"dns.managedZoneOperations.list",
"dns.managedZones.create",
"dns.managedZones.delete",
"dns.managedZones.get",
"dns.managedZones.list",
"dns.managedZones.update",
"dns.networks.bindDNSResponsePolicy",
"dns.networks.bindPrivateDNSPolicy",
"dns.networks.bindPrivateDNSZone",
"dns.networks.targetWithPeeringZone",
"dns.policies.create",
"dns.policies.delete",
"dns.policies.get",
"dns.policies.list",
"dns.policies.update",
"dns.projects.get",
"dns.resourceRecordSets.create",
"dns.resourceRecordSets.delete",
"dns.resourceRecordSets.get",
"dns.resourceRecordSets.list",
"dns.resourceRecordSets.update",
"dns.responsePolicies.create",
"dns.responsePolicies.delete",
"dns.responsePolicies.get",
"dns.responsePolicies.list",
"dns.responsePolicies.update",
"dns.responsePolicyRules.create",
"dns.responsePolicyRules.delete",
"dns.responsePolicyRules.get",
"dns.responsePolicyRules.list",
"dns.responsePolicyRules.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dns.admin",
"stage": "GA",
"title": "DNS Administrator"
}
{
"description": "Access to target networks with DNS peering zones",
"etag": "AA==",
"includedPermissions": [
"dns.networks.targetWithPeeringZone"
],
"name": "roles/dns.peer",
"stage": "GA",
"title": "DNS Peer"
}
{
"description": "Read-only access to DNS resources.",
"etag": "AA==",
"includedPermissions": [
"compute.networks.get",
"dns.changes.get",
"dns.changes.list",
"dns.dnsKeys.get",
"dns.dnsKeys.list",
"dns.managedZoneOperations.get",
"dns.managedZoneOperations.list",
"dns.managedZones.get",
"dns.managedZones.list",
"dns.policies.get",
"dns.policies.list",
"dns.projects.get",
"dns.resourceRecordSets.get",
"dns.resourceRecordSets.list",
"dns.responsePolicies.get",
"dns.responsePolicies.list",
"dns.responsePolicyRules.get",
"dns.responsePolicyRules.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/dns.reader",
"stage": "GA",
"title": "DNS Reader"
}
{
"description": "Grants full access to all resources in Cloud DocumentAI",
"etag": "AA==",
"includedPermissions": [
"documentai.evaluations.create",
"documentai.evaluations.get",
"documentai.evaluations.list",
"documentai.humanReviewConfigs.get",
"documentai.humanReviewConfigs.review",
"documentai.humanReviewConfigs.update",
"documentai.labelerPools.create",
"documentai.labelerPools.delete",
"documentai.labelerPools.get",
"documentai.labelerPools.list",
"documentai.labelerPools.update",
"documentai.locations.get",
"documentai.locations.list",
"documentai.operations.getLegacy",
"documentai.processorTypes.list",
"documentai.processorVersions.create",
"documentai.processorVersions.delete",
"documentai.processorVersions.get",
"documentai.processorVersions.list",
"documentai.processorVersions.processBatch",
"documentai.processorVersions.processOnline",
"documentai.processorVersions.update",
"documentai.processors.create",
"documentai.processors.delete",
"documentai.processors.fetchHumanReviewDetails",
"documentai.processors.get",
"documentai.processors.list",
"documentai.processors.processBatch",
"documentai.processors.processOnline",
"documentai.processors.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/documentai.admin",
"stage": "BETA",
"title": "Cloud DocumentAI Administrator."
}
{
"description": "Grants access to process documents in Cloud DocumentAI",
"etag": "AA==",
"includedPermissions": [
"documentai.humanReviewConfigs.review",
"documentai.operations.getLegacy",
"documentai.processorVersions.processBatch",
"documentai.processorVersions.processOnline",
"documentai.processors.processBatch",
"documentai.processors.processOnline"
],
"name": "roles/documentai.apiUser",
"stage": "BETA",
"title": "Cloud DocumentAI API User"
}
{
"description": "Grants access to use all resources in Cloud DocumentAI",
"etag": "AA==",
"includedPermissions": [
"documentai.evaluations.create",
"documentai.evaluations.get",
"documentai.evaluations.list",
"documentai.humanReviewConfigs.get",
"documentai.humanReviewConfigs.review",
"documentai.humanReviewConfigs.update",
"documentai.labelerPools.create",
"documentai.labelerPools.delete",
"documentai.labelerPools.get",
"documentai.labelerPools.list",
"documentai.labelerPools.update",
"documentai.locations.get",
"documentai.locations.list",
"documentai.operations.getLegacy",
"documentai.processorTypes.list",
"documentai.processorVersions.create",
"documentai.processorVersions.delete",
"documentai.processorVersions.get",
"documentai.processorVersions.list",
"documentai.processorVersions.processBatch",
"documentai.processorVersions.processOnline",
"documentai.processorVersions.update",
"documentai.processors.create",
"documentai.processors.delete",
"documentai.processors.fetchHumanReviewDetails",
"documentai.processors.get",
"documentai.processors.list",
"documentai.processors.processBatch",
"documentai.processors.processOnline",
"documentai.processors.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/documentai.editor",
"stage": "BETA",
"title": "Cloud DocumentAI Editor"
}
{
"description": "Grants access to view all resources and process documents in Cloud DocumentAI",
"etag": "AA==",
"includedPermissions": [
"documentai.evaluations.get",
"documentai.evaluations.list",
"documentai.humanReviewConfigs.get",
"documentai.humanReviewConfigs.review",
"documentai.labelerPools.get",
"documentai.labelerPools.list",
"documentai.locations.get",
"documentai.locations.list",
"documentai.operations.getLegacy",
"documentai.processorTypes.list",
"documentai.processorVersions.get",
"documentai.processorVersions.list",
"documentai.processorVersions.processBatch",
"documentai.processorVersions.processOnline",
"documentai.processors.fetchHumanReviewDetails",
"documentai.processors.get",
"documentai.processors.list",
"documentai.processors.processBatch",
"documentai.processors.processOnline",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/documentai.viewer",
"stage": "BETA",
"title": "Cloud DocumentAI Viewer"
}
{
"description": "Gives DocumentAI Core Service Account access to consumer resources.",
"etag": "AA==",
"includedPermissions": [
"automl.models.predict",
"storage.buckets.get",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/documentaicore.serviceAgent",
"stage": "GA",
"title": "DocumentAI Core Service Agent"
}
{
"description": "Full access to Cloud Domains Registrations and related resources.",
"etag": "AA==",
"includedPermissions": [
"domains.locations.get",
"domains.locations.list",
"domains.operations.cancel",
"domains.operations.get",
"domains.operations.list",
"domains.registrations.configureContact",
"domains.registrations.configureDns",
"domains.registrations.configureManagement",
"domains.registrations.create",
"domains.registrations.delete",
"domains.registrations.get",
"domains.registrations.getIamPolicy",
"domains.registrations.list",
"domains.registrations.setIamPolicy",
"domains.registrations.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/domains.admin",
"stage": "BETA",
"title": "Cloud Domains Admin"
}
{
"description": "Read-only access to Cloud Domains Registrations and related resources.",
"etag": "AA==",
"includedPermissions": [
"domains.locations.get",
"domains.locations.list",
"domains.operations.get",
"domains.operations.list",
"domains.registrations.get",
"domains.registrations.getIamPolicy",
"domains.registrations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/domains.viewer",
"stage": "BETA",
"title": "Cloud Domains Viewer"
}
{
"description": "Grants full access to the Early Access Center, including access to all DATA_READ and DATA_WRITE permissions. Including the ability to enroll into Early Access Campaigns.",
"etag": "AA==",
"includedPermissions": [
"earlyaccesscenter.campaigns.enroll",
"earlyaccesscenter.campaigns.get",
"earlyaccesscenter.campaigns.list",
"earlyaccesscenter.customerAllowlists.get",
"earlyaccesscenter.customerAllowlists.list"
],
"name": "roles/earlyaccesscenter.admin",
"stage": "GA",
"title": "Early Access Center Administrator"
}
{
"description": "Grants view access to the Early Access Center, including access to all DATA_READ but no DATA_WRITE permissions.",
"etag": "AA==",
"includedPermissions": [
"earlyaccesscenter.campaigns.get",
"earlyaccesscenter.campaigns.list",
"earlyaccesscenter.customerAllowlists.get",
"earlyaccesscenter.customerAllowlists.list"
],
"name": "roles/earlyaccesscenter.viewer",
"stage": "GA",
"title": "Early Access Center Viewer"
}
{
"description": "Full access to all Earth Engine resource features",
"etag": "AA==",
"includedPermissions": [
"earthengine.assets.create",
"earthengine.assets.delete",
"earthengine.assets.get",
"earthengine.assets.getIamPolicy",
"earthengine.assets.list",
"earthengine.assets.setIamPolicy",
"earthengine.assets.update",
"earthengine.computations.create",
"earthengine.exports.create",
"earthengine.filmstripthumbnails.create",
"earthengine.filmstripthumbnails.get",
"earthengine.imports.create",
"earthengine.maps.create",
"earthengine.maps.get",
"earthengine.operations.delete",
"earthengine.operations.get",
"earthengine.operations.list",
"earthengine.operations.update",
"earthengine.tables.create",
"earthengine.tables.get",
"earthengine.thumbnails.create",
"earthengine.thumbnails.get",
"earthengine.videothumbnails.create",
"earthengine.videothumbnails.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/earthengine.admin",
"stage": "BETA",
"title": "Earth Engine Resource Admin"
}
{
"description": "Publisher of Earth Engine Apps",
"etag": "AA==",
"includedPermissions": [
"iam.serviceAccounts.create",
"iam.serviceAccounts.disable",
"iam.serviceAccounts.enable",
"iam.serviceAccounts.get",
"iam.serviceAccounts.getIamPolicy",
"iam.serviceAccounts.setIamPolicy",
"resourcemanager.projects.get"
],
"name": "roles/earthengine.appsPublisher",
"stage": "BETA",
"title": "Earth Engine Apps Publisher"
}
{
"description": "Viewer of all Earth Engine resources",
"etag": "AA==",
"includedPermissions": [
"earthengine.assets.get",
"earthengine.assets.getIamPolicy",
"earthengine.assets.list",
"earthengine.computations.create",
"earthengine.filmstripthumbnails.get",
"earthengine.maps.get",
"earthengine.operations.get",
"earthengine.operations.list",
"earthengine.tables.get",
"earthengine.thumbnails.get",
"earthengine.videothumbnails.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/earthengine.viewer",
"stage": "BETA",
"title": "Earth Engine Resource Viewer"
}
{
"description": "Writer of all Earth Engine resources",
"etag": "AA==",
"includedPermissions": [
"earthengine.assets.create",
"earthengine.assets.delete",
"earthengine.assets.get",
"earthengine.assets.getIamPolicy",
"earthengine.assets.list",
"earthengine.assets.update",
"earthengine.computations.create",
"earthengine.exports.create",
"earthengine.filmstripthumbnails.create",
"earthengine.filmstripthumbnails.get",
"earthengine.imports.create",
"earthengine.maps.create",
"earthengine.maps.get",
"earthengine.operations.delete",
"earthengine.operations.get",
"earthengine.operations.list",
"earthengine.operations.update",
"earthengine.tables.create",
"earthengine.tables.get",
"earthengine.thumbnails.create",
"earthengine.thumbnails.get",
"earthengine.videothumbnails.create",
"earthengine.videothumbnails.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/earthengine.writer",
"stage": "BETA",
"title": "Earth Engine Resource Writer"
}
{
"description": "Edit access to all resources.",
"etag": "AA==",
"includedPermissions": [
"accessapproval.requests.get",
"accessapproval.requests.list",
"accessapproval.settings.get",
"accesscontextmanager.accessLevels.create",
"accesscontextmanager.accessLevels.delete",
"accesscontextmanager.accessLevels.get",
"accesscontextmanager.accessLevels.list",
"accesscontextmanager.accessLevels.replaceAll",
"accesscontextmanager.accessLevels.update",
"accesscontextmanager.accessPolicies.create",
"accesscontextmanager.accessPolicies.delete",
"accesscontextmanager.accessPolicies.get",
"accesscontextmanager.accessPolicies.getIamPolicy",
"accesscontextmanager.accessPolicies.list",
"accesscontextmanager.accessPolicies.update",
"accesscontextmanager.accessZones.create",
"accesscontextmanager.accessZones.delete",
"accesscontextmanager.accessZones.get",
"accesscontextmanager.accessZones.list",
"accesscontextmanager.accessZones.update",
"accesscontextmanager.gcpUserAccessBindings.create",
"accesscontextmanager.gcpUserAccessBindings.delete",
"accesscontextmanager.gcpUserAccessBindings.get",
"accesscontextmanager.gcpUserAccessBindings.list",
"accesscontextmanager.gcpUserAccessBindings.update",
"accesscontextmanager.policies.create",
"accesscontextmanager.policies.delete",
"accesscontextmanager.policies.get",
"accesscontextmanager.policies.getIamPolicy",
"accesscontextmanager.policies.list",
"accesscontextmanager.policies.update",
"accesscontextmanager.servicePerimeters.commit",
"accesscontextmanager.servicePerimeters.create",
"accesscontextmanager.servicePerimeters.delete",
"accesscontextmanager.servicePerimeters.get",
"accesscontextmanager.servicePerimeters.list",
"accesscontextmanager.servicePerimeters.replaceAll",
"accesscontextmanager.servicePerimeters.update",
"actions.agent.claimContentProvider",
"actions.agent.get",
"actions.agent.update",
"actions.agentVersions.create",
"actions.agentVersions.delete",
"actions.agentVersions.deploy",
"actions.agentVersions.get",
"actions.agentVersions.list",
"aiplatform.annotationSpecs.create",
"aiplatform.annotationSpecs.delete",
"aiplatform.annotationSpecs.get",
"aiplatform.annotationSpecs.list",
"aiplatform.annotationSpecs.update",
"aiplatform.annotations.create",
"aiplatform.annotations.delete",
"aiplatform.annotations.get",
"aiplatform.annotations.list",
"aiplatform.annotations.update",
"aiplatform.artifacts.create",
"aiplatform.artifacts.get",
"aiplatform.artifacts.list",
"aiplatform.artifacts.update",
"aiplatform.batchPredictionJobs.cancel",
"aiplatform.batchPredictionJobs.create",
"aiplatform.batchPredictionJobs.delete",
"aiplatform.batchPredictionJobs.get",
"aiplatform.batchPredictionJobs.list",
"aiplatform.contexts.addContextArtifactsAndExecutions",
"aiplatform.contexts.addContextChildren",
"aiplatform.contexts.create",
"aiplatform.contexts.delete",
"aiplatform.contexts.get",
"aiplatform.contexts.list",
"aiplatform.contexts.queryContextLineageSubgraph",
"aiplatform.contexts.update",
"aiplatform.customJobs.cancel",
"aiplatform.customJobs.create",
"aiplatform.customJobs.delete",
"aiplatform.customJobs.get",
"aiplatform.customJobs.list",
"aiplatform.dataItems.create",
"aiplatform.dataItems.delete",
"aiplatform.dataItems.get",
"aiplatform.dataItems.list",
"aiplatform.dataItems.update",
"aiplatform.dataLabelingJobs.cancel",
"aiplatform.dataLabelingJobs.create",
"aiplatform.dataLabelingJobs.delete",
"aiplatform.dataLabelingJobs.get",
"aiplatform.dataLabelingJobs.list",
"aiplatform.datasets.create",
"aiplatform.datasets.delete",
"aiplatform.datasets.export",
"aiplatform.datasets.get",
"aiplatform.datasets.import",
"aiplatform.datasets.list",
"aiplatform.datasets.update",
"aiplatform.edgeDeploymentJobs.create",
"aiplatform.edgeDeploymentJobs.delete",
"aiplatform.edgeDeploymentJobs.get",
"aiplatform.edgeDeploymentJobs.list",
"aiplatform.edgeDeviceDebugInfo.get",
"aiplatform.edgeDevices.create",
"aiplatform.edgeDevices.delete",
"aiplatform.edgeDevices.get",
"aiplatform.edgeDevices.list",
"aiplatform.edgeDevices.update",
"aiplatform.endpoints.create",
"aiplatform.endpoints.delete",
"aiplatform.endpoints.deploy",
"aiplatform.endpoints.explain",
"aiplatform.endpoints.get",
"aiplatform.endpoints.list",
"aiplatform.endpoints.predict",
"aiplatform.endpoints.undeploy",
"aiplatform.endpoints.update",
"aiplatform.entityTypes.create",
"aiplatform.entityTypes.delete",
"aiplatform.entityTypes.exportFeatureValues",
"aiplatform.entityTypes.get",
"aiplatform.entityTypes.importFeatureValues",
"aiplatform.entityTypes.list",
"aiplatform.entityTypes.readFeatureValues",
"aiplatform.entityTypes.streamingReadFeatureValues",
"aiplatform.entityTypes.update",
"aiplatform.executions.addExecutionEvents",
"aiplatform.executions.create",
"aiplatform.executions.get",
"aiplatform.executions.list",
"aiplatform.executions.queryExecutionInputsAndOutputs",
"aiplatform.executions.update",
"aiplatform.features.create",
"aiplatform.features.delete",
"aiplatform.features.get",
"aiplatform.features.list",
"aiplatform.features.update",
"aiplatform.featurestores.batchReadFeatureValues",
"aiplatform.featurestores.create",
"aiplatform.featurestores.delete",
"aiplatform.featurestores.exportFeatures",
"aiplatform.featurestores.get",
"aiplatform.featurestores.importFeatures",
"aiplatform.featurestores.list",
"aiplatform.featurestores.readFeatures",
"aiplatform.featurestores.update",
"aiplatform.featurestores.writeFeatures",
"aiplatform.humanInTheLoops.create",
"aiplatform.humanInTheLoops.delete",
"aiplatform.humanInTheLoops.get",
"aiplatform.humanInTheLoops.list",
"aiplatform.humanInTheLoops.send",
"aiplatform.humanInTheLoops.update",
"aiplatform.hyperparameterTuningJobs.cancel",
"aiplatform.hyperparameterTuningJobs.create",
"aiplatform.hyperparameterTuningJobs.delete",
"aiplatform.hyperparameterTuningJobs.get",
"aiplatform.hyperparameterTuningJobs.list",
"aiplatform.indexEndpoints.create",
"aiplatform.indexEndpoints.delete",
"aiplatform.indexEndpoints.deploy",
"aiplatform.indexEndpoints.get",
"aiplatform.indexEndpoints.list",
"aiplatform.indexEndpoints.undeploy",
"aiplatform.indexEndpoints.update",
"aiplatform.indexes.create",
"aiplatform.indexes.delete",
"aiplatform.indexes.get",
"aiplatform.indexes.list",
"aiplatform.indexes.update",
"aiplatform.locations.get",
"aiplatform.locations.list",
"aiplatform.metadataSchemas.create",
"aiplatform.metadataSchemas.get",
"aiplatform.metadataSchemas.list",
"aiplatform.metadataStores.create",
"aiplatform.metadataStores.delete",
"aiplatform.metadataStores.get",
"aiplatform.metadataStores.list",
"aiplatform.migratableResources.migrate",
"aiplatform.migratableResources.search",
"aiplatform.modelDeploymentMonitoringJobs.create",
"aiplatform.modelDeploymentMonitoringJobs.delete",
"aiplatform.modelDeploymentMonitoringJobs.get",
"aiplatform.modelDeploymentMonitoringJobs.list",
"aiplatform.modelDeploymentMonitoringJobs.pause",
"aiplatform.modelDeploymentMonitoringJobs.resume",
"aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies",
"aiplatform.modelDeploymentMonitoringJobs.update",
"aiplatform.modelEvaluationSlices.get",
"aiplatform.modelEvaluationSlices.list",
"aiplatform.modelEvaluations.exportEvaluatedDataItems",
"aiplatform.modelEvaluations.get",
"aiplatform.modelEvaluations.list",
"aiplatform.models.delete",
"aiplatform.models.export",
"aiplatform.models.get",
"aiplatform.models.list",
"aiplatform.models.update",
"aiplatform.models.upload",
"aiplatform.nasJobs.cancel",
"aiplatform.nasJobs.create",
"aiplatform.nasJobs.delete",
"aiplatform.nasJobs.get",
"aiplatform.nasJobs.list",
"aiplatform.operations.list",
"aiplatform.pipelineJobs.cancel",
"aiplatform.pipelineJobs.create",
"aiplatform.pipelineJobs.delete",
"aiplatform.pipelineJobs.get",
"aiplatform.pipelineJobs.list",
"aiplatform.specialistPools.create",
"aiplatform.specialistPools.delete",
"aiplatform.specialistPools.get",
"aiplatform.specialistPools.list",
"aiplatform.specialistPools.update",
"aiplatform.studies.create",
"aiplatform.studies.delete",
"aiplatform.studies.get",
"aiplatform.studies.list",
"aiplatform.studies.update",
"aiplatform.tensorboardExperiments.create",
"aiplatform.tensorboardExperiments.delete",
"aiplatform.tensorboardExperiments.get",
"aiplatform.tensorboardExperiments.list",
"aiplatform.tensorboardExperiments.update",
"aiplatform.tensorboardRuns.create",
"aiplatform.tensorboardRuns.delete",
"aiplatform.tensorboardRuns.get",
"aiplatform.tensorboardRuns.list",
"aiplatform.tensorboardRuns.update",
"aiplatform.tensorboardRuns.write",
"aiplatform.tensorboardTimeSeries.create",
"aiplatform.tensorboardTimeSeries.delete",
"aiplatform.tensorboardTimeSeries.get",
"aiplatform.tensorboardTimeSeries.list",
"aiplatform.tensorboardTimeSeries.read",
"aiplatform.tensorboardTimeSeries.update",
"aiplatform.tensorboards.create",
"aiplatform.tensorboards.delete",
"aiplatform.tensorboards.get",
"aiplatform.tensorboards.list",
"aiplatform.tensorboards.update",
"aiplatform.trainingPipelines.cancel",
"aiplatform.trainingPipelines.create",
"aiplatform.trainingPipelines.delete",
"aiplatform.trainingPipelines.get",
"aiplatform.trainingPipelines.list",
"aiplatform.trials.create",
"aiplatform.trials.delete",
"aiplatform.trials.get",
"aiplatform.trials.list",
"aiplatform.trials.update",
"androidmanagement.enterprises.manage",
"apigateway.apiconfigs.create",
"apigateway.apiconfigs.delete",
"apigateway.apiconfigs.get",
"apigateway.apiconfigs.getIamPolicy",
"apigateway.apiconfigs.list",
"apigateway.apiconfigs.update",
"apigateway.apis.create",
"apigateway.apis.delete",
"apigateway.apis.get",
"apigateway.apis.getIamPolicy",
"apigateway.apis.list",
"apigateway.apis.update",
"apigateway.gateways.create",
"apigateway.gateways.delete",
"apigateway.gateways.get",
"apigateway.gateways.getIamPolicy",
"apigateway.gateways.list",
"apigateway.gateways.update",
"apigateway.locations.get",
"apigateway.locations.list",
"apigateway.operations.cancel",
"apigateway.operations.delete",
"apigateway.operations.get",
"apigateway.operations.list",
"apigee.apiproductattributes.createOrUpdateAll",
"apigee.apiproductattributes.delete",
"apigee.apiproductattributes.get",
"apigee.apiproductattributes.list",
"apigee.apiproductattributes.update",
"apigee.apiproducts.create",
"apigee.apiproducts.delete",
"apigee.apiproducts.get",
"apigee.apiproducts.list",
"apigee.apiproducts.update",
"apigee.appkeys.create",
"apigee.appkeys.delete",
"apigee.appkeys.get",
"apigee.appkeys.manage",
"apigee.apps.get",
"apigee.apps.list",
"apigee.archivedeployments.create",
"apigee.archivedeployments.delete",
"apigee.archivedeployments.download",
"apigee.archivedeployments.get",
"apigee.archivedeployments.list",
"apigee.archivedeployments.update",
"apigee.archivedeployments.upload",
"apigee.caches.delete",
"apigee.caches.list",
"apigee.canaryevaluations.create",
"apigee.canaryevaluations.get",
"apigee.datacollectors.create",
"apigee.datacollectors.delete",
"apigee.datacollectors.get",
"apigee.datacollectors.list",
"apigee.datacollectors.update",
"apigee.datastores.create",
"apigee.datastores.delete",
"apigee.datastores.get",
"apigee.datastores.list",
"apigee.datastores.update",
"apigee.deployments.create",
"apigee.deployments.delete",
"apigee.deployments.get",
"apigee.deployments.list",
"apigee.deployments.update",
"apigee.developerappattributes.createOrUpdateAll",
"apigee.developerappattributes.delete",
"apigee.developerappattributes.get",
"apigee.developerappattributes.list",
"apigee.developerappattributes.update",
"apigee.developerapps.create",
"apigee.developerapps.delete",
"apigee.developerapps.get",
"apigee.developerapps.list",
"apigee.developerapps.manage",
"apigee.developerattributes.createOrUpdateAll",
"apigee.developerattributes.delete",
"apigee.developerattributes.get",
"apigee.developerattributes.list",
"apigee.developerattributes.update",
"apigee.developerbalances.get",
"apigee.developerbalances.update",
"apigee.developermonetizationconfigs.get",
"apigee.developermonetizationconfigs.update",
"apigee.developers.create",
"apigee.developers.delete",
"apigee.developers.get",
"apigee.developers.list",
"apigee.developers.update",
"apigee.developersubscriptions.create",
"apigee.developersubscriptions.get",
"apigee.developersubscriptions.list",
"apigee.developersubscriptions.update",
"apigee.envgroupattachments.create",
"apigee.envgroupattachments.delete",
"apigee.envgroupattachments.get",
"apigee.envgroupattachments.list",
"apigee.envgroups.create",
"apigee.envgroups.delete",
"apigee.envgroups.get",
"apigee.envgroups.list",
"apigee.envgroups.update",
"apigee.environments.create",
"apigee.environments.delete",
"apigee.environments.get",
"apigee.environments.getDataLocation",
"apigee.environments.getIamPolicy",
"apigee.environments.getStats",
"apigee.environments.list",
"apigee.environments.manageRuntime",
"apigee.environments.update",
"apigee.exports.create",
"apigee.exports.get",
"apigee.exports.list",
"apigee.flowhooks.attachSharedFlow",
"apigee.flowhooks.detachSharedFlow",
"apigee.flowhooks.getSharedFlow",
"apigee.flowhooks.list",
"apigee.hostqueries.create",
"apigee.hostqueries.get",
"apigee.hostqueries.list",
"apigee.hoststats.get",
"apigee.ingressconfigs.get",
"apigee.instanceattachments.create",
"apigee.instanceattachments.delete",
"apigee.instanceattachments.get",
"apigee.instanceattachments.list",
"apigee.instances.create",
"apigee.instances.delete",
"apigee.instances.get",
"apigee.instances.list",
"apigee.instances.reportStatus",
"apigee.keystorealiases.create",
"apigee.keystorealiases.delete",
"apigee.keystorealiases.exportCertificate",
"apigee.keystorealiases.generateCSR",
"apigee.keystorealiases.get",
"apigee.keystorealiases.list",
"apigee.keystorealiases.update",
"apigee.keystores.create",
"apigee.keystores.delete",
"apigee.keystores.export",
"apigee.keystores.get",
"apigee.keystores.list",
"apigee.keyvaluemaps.create",
"apigee.keyvaluemaps.delete",
"apigee.keyvaluemaps.list",
"apigee.maskconfigs.get",
"apigee.maskconfigs.update",
"apigee.operations.get",
"apigee.operations.list",
"apigee.organizations.create",
"apigee.organizations.delete",
"apigee.organizations.get",
"apigee.organizations.list",
"apigee.organizations.update",
"apigee.portals.create",
"apigee.portals.delete",
"apigee.portals.get",
"apigee.portals.list",
"apigee.portals.update",
"apigee.projects.update",
"apigee.proxies.create",
"apigee.proxies.delete",
"apigee.proxies.get",
"apigee.proxies.list",
"apigee.proxyrevisions.delete",
"apigee.proxyrevisions.deploy",
"apigee.proxyrevisions.get",
"apigee.proxyrevisions.list",
"apigee.proxyrevisions.undeploy",
"apigee.proxyrevisions.update",
"apigee.queries.create",
"apigee.queries.get",
"apigee.queries.list",
"apigee.rateplans.create",
"apigee.rateplans.delete",
"apigee.rateplans.get",
"apigee.rateplans.list",
"apigee.rateplans.update",
"apigee.references.create",
"apigee.references.delete",
"apigee.references.get",
"apigee.references.list",
"apigee.references.update",
"apigee.reports.create",
"apigee.reports.delete",
"apigee.reports.get",
"apigee.reports.list",
"apigee.reports.update",
"apigee.resourcefiles.create",
"apigee.resourcefiles.delete",
"apigee.resourcefiles.get",
"apigee.resourcefiles.list",
"apigee.resourcefiles.update",
"apigee.runtimeconfigs.get",
"apigee.sharedflowrevisions.delete",
"apigee.sharedflowrevisions.deploy",
"apigee.sharedflowrevisions.get",
"apigee.sharedflowrevisions.list",
"apigee.sharedflowrevisions.undeploy",
"apigee.sharedflowrevisions.update",
"apigee.sharedflows.create",
"apigee.sharedflows.delete",
"apigee.sharedflows.get",
"apigee.sharedflows.list",
"apigee.targetservers.create",
"apigee.targetservers.delete",
"apigee.targetservers.get",
"apigee.targetservers.list",
"apigee.targetservers.update",
"apigee.tracesessions.create",
"apigee.tracesessions.delete",
"apigee.tracesessions.get",
"apigee.tracesessions.list",
"apigeeconnect.connections.list",
"apigeeconnect.endpoints.connect",
"apikeys.keys.create",
"apikeys.keys.delete",
"apikeys.keys.get",
"apikeys.keys.list",
"apikeys.keys.lookup",
"apikeys.keys.update",
"appengine.applications.get",
"appengine.applications.update",
"appengine.instances.delete",
"appengine.instances.get",
"appengine.instances.list",
"appengine.memcache.addKey",
"appengine.memcache.flush",
"appengine.memcache.get",
"appengine.memcache.getKey",
"appengine.memcache.list",
"appengine.memcache.update",
"appengine.operations.get",
"appengine.operations.list",
"appengine.runtimes.actAsAdmin",
"appengine.services.delete",
"appengine.services.get",
"appengine.services.list",
"appengine.services.update",
"appengine.versions.create",
"appengine.versions.delete",
"appengine.versions.get",
"appengine.versions.list",
"appengine.versions.update",
"artifactregistry.files.get",
"artifactregistry.files.list",
"artifactregistry.packages.delete",
"artifactregistry.packages.get",
"artifactregistry.packages.list",
"artifactregistry.repositories.create",
"artifactregistry.repositories.delete",
"artifactregistry.repositories.deleteArtifacts",
"artifactregistry.repositories.downloadArtifacts",
"artifactregistry.repositories.get",
"artifactregistry.repositories.getIamPolicy",
"artifactregistry.repositories.list",
"artifactregistry.repositories.update",
"artifactregistry.repositories.uploadArtifacts",
"artifactregistry.tags.create",
"artifactregistry.tags.delete",
"artifactregistry.tags.get",
"artifactregistry.tags.list",
"artifactregistry.tags.update",
"artifactregistry.versions.delete",
"artifactregistry.versions.get",
"artifactregistry.versions.list",
"assuredworkloads.operations.get",
"assuredworkloads.operations.list",
"assuredworkloads.workload.delete",
"assuredworkloads.workload.get",
"assuredworkloads.workload.list",
"assuredworkloads.workload.update",
"automl.annotationSpecs.create",
"automl.annotationSpecs.delete",
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotationSpecs.update",
"automl.annotations.approve",
"automl.annotations.create",
"automl.annotations.list",
"automl.annotations.manipulate",
"automl.annotations.reject",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.columnSpecs.update",
"automl.datasets.create",
"automl.datasets.delete",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.getIamPolicy",
"automl.datasets.import",
"automl.datasets.list",
"automl.datasets.update",
"automl.examples.delete",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.create",
"automl.humanAnnotationTasks.delete",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.getIamPolicy",
"automl.locations.list",
"automl.modelEvaluations.create",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.create",
"automl.models.delete",
"automl.models.deploy",
"automl.models.export",
"automl.models.get",
"automl.models.getIamPolicy",
"automl.models.list",
"automl.models.predict",
"automl.models.undeploy",
"automl.operations.cancel",
"automl.operations.delete",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"automl.tableSpecs.update",
"automlrecommendations.apiKeys.create",
"automlrecommendations.apiKeys.delete",
"automlrecommendations.apiKeys.list",
"automlrecommendations.catalogItems.create",
"automlrecommendations.catalogItems.delete",
"automlrecommendations.catalogItems.get",
"automlrecommendations.catalogItems.list",
"automlrecommendations.catalogItems.update",
"automlrecommendations.catalogs.getStats",
"automlrecommendations.catalogs.list",
"automlrecommendations.catalogs.update",
"automlrecommendations.eventStores.getStats",
"automlrecommendations.events.create",
"automlrecommendations.events.list",
"automlrecommendations.placements.create",
"automlrecommendations.placements.getStats",
"automlrecommendations.placements.list",
"automlrecommendations.recommendations.create",
"automlrecommendations.recommendations.delete",
"automlrecommendations.recommendations.list",
"automlrecommendations.recommendations.pause",
"automlrecommendations.recommendations.resume",
"automlrecommendations.recommendations.update",
"autoscaling.sites.getIamPolicy",
"autoscaling.sites.readRecommendations",
"autoscaling.sites.writeMetrics",
"autoscaling.sites.writeState",
"bigquery.bireservations.get",
"bigquery.bireservations.update",
"bigquery.capacityCommitments.get",
"bigquery.capacityCommitments.list",
"bigquery.capacityCommitments.update",
"bigquery.config.get",
"bigquery.connections.create",
"bigquery.connections.delete",
"bigquery.connections.get",
"bigquery.connections.getIamPolicy",
"bigquery.connections.list",
"bigquery.connections.update",
"bigquery.connections.updateTag",
"bigquery.connections.use",
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.datasets.getIamPolicy",
"bigquery.datasets.updateTag",
"bigquery.jobs.create",
"bigquery.jobs.get",
"bigquery.jobs.list",
"bigquery.models.create",
"bigquery.models.delete",
"bigquery.models.export",
"bigquery.models.getData",
"bigquery.models.getMetadata",
"bigquery.models.list",
"bigquery.models.updateData",
"bigquery.models.updateMetadata",
"bigquery.models.updateTag",
"bigquery.readsessions.create",
"bigquery.readsessions.getData",
"bigquery.readsessions.update",
"bigquery.reservationAssignments.create",
"bigquery.reservationAssignments.delete",
"bigquery.reservationAssignments.list",
"bigquery.reservationAssignments.search",
"bigquery.reservations.create",
"bigquery.reservations.delete",
"bigquery.reservations.get",
"bigquery.reservations.list",
"bigquery.reservations.update",
"bigquery.routines.create",
"bigquery.routines.delete",
"bigquery.routines.get",
"bigquery.routines.list",
"bigquery.routines.update",
"bigquery.routines.updateTag",
"bigquery.rowAccessPolicies.create",
"bigquery.rowAccessPolicies.delete",
"bigquery.rowAccessPolicies.getIamPolicy",
"bigquery.rowAccessPolicies.list",
"bigquery.rowAccessPolicies.update",
"bigquery.savedqueries.create",
"bigquery.savedqueries.delete",
"bigquery.savedqueries.get",
"bigquery.savedqueries.list",
"bigquery.savedqueries.update",
"bigquery.tables.getIamPolicy",
"bigquery.transfers.get",
"bigquery.transfers.update",
"bigtable.appProfiles.create",
"bigtable.appProfiles.delete",
"bigtable.appProfiles.get",
"bigtable.appProfiles.list",
"bigtable.appProfiles.update",
"bigtable.backups.create",
"bigtable.backups.delete",
"bigtable.backups.get",
"bigtable.backups.getIamPolicy",
"bigtable.backups.list",
"bigtable.backups.restore",
"bigtable.backups.update",
"bigtable.clusters.create",
"bigtable.clusters.delete",
"bigtable.clusters.get",
"bigtable.clusters.list",
"bigtable.clusters.update",
"bigtable.instances.create",
"bigtable.instances.delete",
"bigtable.instances.get",
"bigtable.instances.getIamPolicy",
"bigtable.instances.list",
"bigtable.instances.update",
"bigtable.keyvisualizer.get",
"bigtable.keyvisualizer.list",
"bigtable.locations.list",
"bigtable.tables.checkConsistency",
"bigtable.tables.create",
"bigtable.tables.delete",
"bigtable.tables.generateConsistencyToken",
"bigtable.tables.get",
"bigtable.tables.getIamPolicy",
"bigtable.tables.list",
"bigtable.tables.mutateRows",
"bigtable.tables.readRows",
"bigtable.tables.sampleRowKeys",
"bigtable.tables.update",
"billing.resourceCosts.get",
"binaryauthorization.attestors.create",
"binaryauthorization.attestors.delete",
"binaryauthorization.attestors.get",
"binaryauthorization.attestors.getIamPolicy",
"binaryauthorization.attestors.list",
"binaryauthorization.attestors.update",
"binaryauthorization.attestors.verifyImageAttested",
"binaryauthorization.continuousValidationConfig.get",
"binaryauthorization.continuousValidationConfig.getIamPolicy",
"binaryauthorization.continuousValidationConfig.update",
"binaryauthorization.policy.get",
"binaryauthorization.policy.getIamPolicy",
"binaryauthorization.policy.update",
"chat.bots.get",
"chat.bots.update",
"chroniclesm.gcpAssociations.get",
"chroniclesm.gcpSettings.get",
"chroniclesm.gcpSettings.update",
"clientauthconfig.brands.create",
"clientauthconfig.brands.delete",
"clientauthconfig.brands.get",
"clientauthconfig.brands.list",
"clientauthconfig.brands.update",
"clientauthconfig.clients.create",
"clientauthconfig.clients.createSecret",
"clientauthconfig.clients.delete",
"clientauthconfig.clients.get",
"clientauthconfig.clients.getWithSecret",
"clientauthconfig.clients.list",
"clientauthconfig.clients.listWithSecrets",
"clientauthconfig.clients.undelete",
"clientauthconfig.clients.update",
"cloudasset.assets.analyzeIamPolicy",
"cloudasset.assets.analyzeMove",
"cloudasset.assets.exportAppengineApplications",
"cloudasset.assets.exportAppengineServices",
"cloudasset.assets.exportAppengineVersions",
"cloudasset.assets.exportBigqueryDatasets",
"cloudasset.assets.exportBigqueryTables",
"cloudasset.assets.exportCloudbillingBillingAccounts",
"cloudasset.assets.exportCloudkmsCryptoKeyVersions",
"cloudasset.assets.exportCloudkmsCryptoKeys",
"cloudasset.assets.exportCloudkmsKeyRings",
"cloudasset.assets.exportCloudresourcemanagerFolders",
"cloudasset.assets.exportCloudresourcemanagerOrganizations",
"cloudasset.assets.exportCloudresourcemanagerProjects",
"cloudasset.assets.exportComputeAddress",
"cloudasset.assets.exportComputeAutoscalers",
"cloudasset.assets.exportComputeBackendBuckets",
"cloudasset.assets.exportComputeBackendServices",
"cloudasset.assets.exportComputeDisks",
"cloudasset.assets.exportComputeFirewalls",
"cloudasset.assets.exportComputeForwardingRules",
"cloudasset.assets.exportComputeGlobalForwardingRules",
"cloudasset.assets.exportComputeHealthChecks",
"cloudasset.assets.exportComputeHttpHealthChecks",
"cloudasset.assets.exportComputeHttpsHealthChecks",
"cloudasset.assets.exportComputeImages",
"cloudasset.assets.exportComputeInstanceGroupManagers",
"cloudasset.assets.exportComputeInstanceGroups",
"cloudasset.assets.exportComputeInstanceTemplates",
"cloudasset.assets.exportComputeInstances",
"cloudasset.assets.exportComputeInterconnect",
"cloudasset.assets.exportComputeInterconnectAttachment",
"cloudasset.assets.exportComputeLicenses",
"cloudasset.assets.exportComputeNetworks",
"cloudasset.assets.exportComputeProjects",
"cloudasset.assets.exportComputeRegionBackendServices",
"cloudasset.assets.exportComputeRouters",
"cloudasset.assets.exportComputeRoutes",
"cloudasset.assets.exportComputeSecurityPolicy",
"cloudasset.assets.exportComputeSnapshots",
"cloudasset.assets.exportComputeSslCertificates",
"cloudasset.assets.exportComputeSubnetworks",
"cloudasset.assets.exportComputeTargetHttpProxies",
"cloudasset.assets.exportComputeTargetHttpsProxies",
"cloudasset.assets.exportComputeTargetInstances",
"cloudasset.assets.exportComputeTargetPools",
"cloudasset.assets.exportComputeTargetSslProxies",
"cloudasset.assets.exportComputeTargetTcpProxies",
"cloudasset.assets.exportComputeTargetVpnGateways",
"cloudasset.assets.exportComputeUrlMaps",
"cloudasset.assets.exportComputeVpnTunnels",
"cloudasset.assets.exportContainerClusters",
"cloudasset.assets.exportDataprocClusters",
"cloudasset.assets.exportDataprocJobs",
"cloudasset.assets.exportDnsManagedZones",
"cloudasset.assets.exportDnsPolicies",
"cloudasset.assets.exportIamRoles",
"cloudasset.assets.exportIamServiceAccountKeys",
"cloudasset.assets.exportIamServiceAccounts",
"cloudasset.assets.exportPubsubSubscriptions",
"cloudasset.assets.exportPubsubTopics",
"cloudasset.assets.exportServicemanagementServices",
"cloudasset.assets.exportSpannerDatabases",
"cloudasset.assets.exportSpannerInstances",
"cloudasset.assets.exportSqladminInstances",
"cloudasset.assets.exportStorageBuckets",
"cloudasset.assets.searchAllIamPolicies",
"cloudasset.assets.searchAllResources",
"cloudbuild.builds.create",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudbuild.builds.update",
"cloudconfig.configs.get",
"cloudconfig.configs.update",
"clouddebugger.breakpoints.create",
"clouddebugger.breakpoints.delete",
"clouddebugger.breakpoints.get",
"clouddebugger.breakpoints.list",
"clouddebugger.breakpoints.listActive",
"clouddebugger.breakpoints.update",
"clouddebugger.debuggees.create",
"clouddebugger.debuggees.list",
"cloudfunctions.functions.call",
"cloudfunctions.functions.create",
"cloudfunctions.functions.delete",
"cloudfunctions.functions.get",
"cloudfunctions.functions.getIamPolicy",
"cloudfunctions.functions.invoke",
"cloudfunctions.functions.list",
"cloudfunctions.functions.sourceCodeGet",
"cloudfunctions.functions.sourceCodeSet",
"cloudfunctions.functions.update",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"cloudiot.devices.bindGateway",
"cloudiot.devices.create",
"cloudiot.devices.delete",
"cloudiot.devices.get",
"cloudiot.devices.list",
"cloudiot.devices.sendCommand",
"cloudiot.devices.unbindGateway",
"cloudiot.devices.update",
"cloudiot.devices.updateConfig",
"cloudiot.registries.create",
"cloudiot.registries.delete",
"cloudiot.registries.get",
"cloudiot.registries.getIamPolicy",
"cloudiot.registries.list",
"cloudiot.registries.update",
"cloudiottoken.tokensettings.get",
"cloudiottoken.tokensettings.update",
"cloudjobdiscovery.companies.create",
"cloudjobdiscovery.companies.delete",
"cloudjobdiscovery.companies.get",
"cloudjobdiscovery.companies.list",
"cloudjobdiscovery.companies.update",
"cloudjobdiscovery.events.create",
"cloudjobdiscovery.jobs.create",
"cloudjobdiscovery.jobs.delete",
"cloudjobdiscovery.jobs.get",
"cloudjobdiscovery.jobs.search",
"cloudjobdiscovery.jobs.update",
"cloudjobdiscovery.profiles.create",
"cloudjobdiscovery.profiles.delete",
"cloudjobdiscovery.profiles.get",
"cloudjobdiscovery.profiles.search",
"cloudjobdiscovery.profiles.update",
"cloudjobdiscovery.tenants.create",
"cloudjobdiscovery.tenants.delete",
"cloudjobdiscovery.tenants.get",
"cloudjobdiscovery.tenants.update",
"cloudjobdiscovery.tools.access",
"cloudkms.cryptoKeyVersions.create",
"cloudkms.cryptoKeyVersions.get",
"cloudkms.cryptoKeyVersions.list",
"cloudkms.cryptoKeyVersions.update",
"cloudkms.cryptoKeys.create",
"cloudkms.cryptoKeys.get",
"cloudkms.cryptoKeys.getIamPolicy",
"cloudkms.cryptoKeys.list",
"cloudkms.cryptoKeys.update",
"cloudkms.importJobs.create",
"cloudkms.importJobs.get",
"cloudkms.importJobs.getIamPolicy",
"cloudkms.importJobs.list",
"cloudkms.importJobs.useToImport",
"cloudkms.keyRings.create",
"cloudkms.keyRings.get",
"cloudkms.keyRings.getIamPolicy",
"cloudkms.keyRings.list",
"cloudkms.locations.get",
"cloudkms.locations.list",
"cloudmessaging.messages.create",
"cloudnotifications.activities.list",
"cloudprivatecatalog.targets.get",
"cloudprivatecatalogproducer.associations.create",
"cloudprivatecatalogproducer.associations.delete",
"cloudprivatecatalogproducer.associations.get",
"cloudprivatecatalogproducer.associations.list",
"cloudprivatecatalogproducer.catalogAssociations.create",
"cloudprivatecatalogproducer.catalogAssociations.delete",
"cloudprivatecatalogproducer.catalogAssociations.get",
"cloudprivatecatalogproducer.catalogAssociations.list",
"cloudprivatecatalogproducer.catalogs.create",
"cloudprivatecatalogproducer.catalogs.delete",
"cloudprivatecatalogproducer.catalogs.get",
"cloudprivatecatalogproducer.catalogs.getIamPolicy",
"cloudprivatecatalogproducer.catalogs.list",
"cloudprivatecatalogproducer.catalogs.undelete",
"cloudprivatecatalogproducer.catalogs.update",
"cloudprivatecatalogproducer.producerCatalogs.attachProduct",
"cloudprivatecatalogproducer.producerCatalogs.create",
"cloudprivatecatalogproducer.producerCatalogs.delete",
"cloudprivatecatalogproducer.producerCatalogs.detachProduct",
"cloudprivatecatalogproducer.producerCatalogs.get",
"cloudprivatecatalogproducer.producerCatalogs.getIamPolicy",
"cloudprivatecatalogproducer.producerCatalogs.list",
"cloudprivatecatalogproducer.producerCatalogs.update",
"cloudprivatecatalogproducer.products.create",
"cloudprivatecatalogproducer.products.delete",
"cloudprivatecatalogproducer.products.get",
"cloudprivatecatalogproducer.products.getIamPolicy",
"cloudprivatecatalogproducer.products.list",
"cloudprivatecatalogproducer.products.update",
"cloudprivatecatalogproducer.settings.get",
"cloudprivatecatalogproducer.settings.update",
"cloudprivatecatalogproducer.targets.associate",
"cloudprivatecatalogproducer.targets.unassociate",
"cloudprofiler.profiles.create",
"cloudprofiler.profiles.list",
"cloudprofiler.profiles.update",
"cloudscheduler.jobs.create",
"cloudscheduler.jobs.delete",
"cloudscheduler.jobs.enable",
"cloudscheduler.jobs.fullView",
"cloudscheduler.jobs.get",
"cloudscheduler.jobs.list",
"cloudscheduler.jobs.pause",
"cloudscheduler.jobs.run",
"cloudscheduler.jobs.update",
"cloudscheduler.locations.get",
"cloudscheduler.locations.list",
"cloudsecurityscanner.crawledurls.list",
"cloudsecurityscanner.results.get",
"cloudsecurityscanner.results.list",
"cloudsecurityscanner.scanruns.get",
"cloudsecurityscanner.scanruns.getSummary",
"cloudsecurityscanner.scanruns.list",
"cloudsecurityscanner.scanruns.stop",
"cloudsecurityscanner.scans.create",
"cloudsecurityscanner.scans.delete",
"cloudsecurityscanner.scans.get",
"cloudsecurityscanner.scans.list",
"cloudsecurityscanner.scans.run",
"cloudsecurityscanner.scans.update",
"cloudsql.backupRuns.create",
"cloudsql.backupRuns.delete",
"cloudsql.backupRuns.get",
"cloudsql.backupRuns.list",
"cloudsql.databases.create",
"cloudsql.databases.delete",
"cloudsql.databases.get",
"cloudsql.databases.list",
"cloudsql.databases.update",
"cloudsql.instances.addServerCa",
"cloudsql.instances.clone",
"cloudsql.instances.connect",
"cloudsql.instances.create",
"cloudsql.instances.delete",
"cloudsql.instances.demoteMaster",
"cloudsql.instances.export",
"cloudsql.instances.failover",
"cloudsql.instances.get",
"cloudsql.instances.import",
"cloudsql.instances.list",
"cloudsql.instances.listServerCas",
"cloudsql.instances.login",
"cloudsql.instances.promoteReplica",
"cloudsql.instances.resetSslConfig",
"cloudsql.instances.restart",
"cloudsql.instances.restoreBackup",
"cloudsql.instances.rotateServerCa",
"cloudsql.instances.startReplica",
"cloudsql.instances.stopReplica",
"cloudsql.instances.truncateLog",
"cloudsql.instances.update",
"cloudsql.sslCerts.create",
"cloudsql.sslCerts.createEphemeral",
"cloudsql.sslCerts.delete",
"cloudsql.sslCerts.get",
"cloudsql.sslCerts.list",
"cloudsql.users.create",
"cloudsql.users.delete",
"cloudsql.users.list",
"cloudsql.users.update",
"cloudsupport.accounts.get",
"cloudsupport.accounts.getIamPolicy",
"cloudsupport.accounts.getUserRoles",
"cloudsupport.accounts.list",
"cloudsupport.accounts.update",
"cloudsupport.accounts.updateUserRoles",
"cloudsupport.operations.get",
"cloudsupport.properties.get",
"cloudsupport.techCases.create",
"cloudsupport.techCases.escalate",
"cloudsupport.techCases.get",
"cloudsupport.techCases.list",
"cloudsupport.techCases.update",
"cloudtasks.locations.get",
"cloudtasks.locations.list",
"cloudtasks.queues.create",
"cloudtasks.queues.delete",
"cloudtasks.queues.get",
"cloudtasks.queues.list",
"cloudtasks.queues.pause",
"cloudtasks.queues.purge",
"cloudtasks.queues.resume",
"cloudtasks.queues.update",
"cloudtasks.tasks.create",
"cloudtasks.tasks.delete",
"cloudtasks.tasks.fullView",
"cloudtasks.tasks.get",
"cloudtasks.tasks.list",
"cloudtasks.tasks.run",
"cloudtestservice.environmentcatalog.get",
"cloudtestservice.matrices.create",
"cloudtestservice.matrices.get",
"cloudtestservice.matrices.update",
"cloudtoolresults.executions.create",
"cloudtoolresults.executions.get",
"cloudtoolresults.executions.list",
"cloudtoolresults.executions.update",
"cloudtoolresults.histories.create",
"cloudtoolresults.histories.get",
"cloudtoolresults.histories.list",
"cloudtoolresults.settings.create",
"cloudtoolresults.settings.get",
"cloudtoolresults.settings.update",
"cloudtoolresults.steps.create",
"cloudtoolresults.steps.get",
"cloudtoolresults.steps.list",
"cloudtoolresults.steps.update",
"cloudtrace.insights.get",
"cloudtrace.insights.list",
"cloudtrace.stats.get",
"cloudtrace.tasks.create",
"cloudtrace.tasks.delete",
"cloudtrace.tasks.get",
"cloudtrace.tasks.list",
"cloudtrace.traces.get",
"cloudtrace.traces.list",
"cloudtrace.traces.patch",
"cloudtranslate.generalModels.batchDocPredict",
"cloudtranslate.generalModels.batchPredict",
"cloudtranslate.generalModels.docPredict",
"cloudtranslate.generalModels.get",
"cloudtranslate.generalModels.predict",
"cloudtranslate.glossaries.batchDocPredict",
"cloudtranslate.glossaries.batchPredict",
"cloudtranslate.glossaries.create",
"cloudtranslate.glossaries.delete",
"cloudtranslate.glossaries.docPredict",
"cloudtranslate.glossaries.get",
"cloudtranslate.glossaries.list",
"cloudtranslate.glossaries.predict",
"cloudtranslate.languageDetectionModels.predict",
"cloudtranslate.locations.get",
"cloudtranslate.locations.list",
"cloudtranslate.operations.cancel",
"cloudtranslate.operations.delete",
"cloudtranslate.operations.get",
"cloudtranslate.operations.list",
"cloudtranslate.operations.wait",
"commerceoffercatalog.offers.get",
"commerceprice.privateoffers.create",
"commerceprice.privateoffers.delete",
"commerceprice.privateoffers.get",
"commerceprice.privateoffers.list",
"commerceprice.privateoffers.publish",
"commerceprice.privateoffers.update",
"composer.environments.create",
"composer.environments.delete",
"composer.environments.get",
"composer.environments.list",
"composer.environments.update",
"composer.imageversions.list",
"composer.operations.delete",
"composer.operations.get",
"composer.operations.list",
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.create",
"compute.addresses.createInternal",
"compute.addresses.delete",
"compute.addresses.deleteInternal",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.setLabels",
"compute.addresses.use",
"compute.addresses.useInternal",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.create",
"compute.backendBuckets.delete",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendBuckets.update",
"compute.backendBuckets.use",
"compute.backendServices.create",
"compute.backendServices.delete",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.backendServices.setSecurityPolicy",
"compute.backendServices.update",
"compute.backendServices.use",
"compute.commitments.create",
"compute.commitments.get",
"compute.commitments.list",
"compute.commitments.updateReservations",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.create",
"compute.externalVpnGateways.delete",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.externalVpnGateways.setLabels",
"compute.externalVpnGateways.use",
"compute.firewallPolicies.addAssociation",
"compute.firewallPolicies.cloneRules",
"compute.firewallPolicies.copyRules",
"compute.firewallPolicies.create",
"compute.firewallPolicies.delete",
"compute.firewallPolicies.get",
"compute.firewallPolicies.getIamPolicy",
"compute.firewallPolicies.list",
"compute.firewallPolicies.move",
"compute.firewallPolicies.removeAssociation",
"compute.firewallPolicies.update",
"compute.firewallPolicies.use",
"compute.firewalls.create",
"compute.firewalls.delete",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.firewalls.update",
"compute.forwardingRules.create",
"compute.forwardingRules.delete",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.forwardingRules.pscCreate",
"compute.forwardingRules.pscDelete",
"compute.forwardingRules.pscSetLabels",
"compute.forwardingRules.pscSetTarget",
"compute.forwardingRules.pscUpdate",
"compute.forwardingRules.setLabels",
"compute.forwardingRules.setTarget",
"compute.forwardingRules.update",
"compute.globalAddresses.create",
"compute.globalAddresses.createInternal",
"compute.globalAddresses.delete",
"compute.globalAddresses.deleteInternal",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.setLabels",
"compute.globalAddresses.use",
"compute.globalForwardingRules.create",
"compute.globalForwardingRules.delete",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscCreate",
"compute.globalForwardingRules.pscDelete",
"compute.globalForwardingRules.pscGet",
"compute.globalForwardingRules.pscSetLabels",
"compute.globalForwardingRules.pscSetTarget",
"compute.globalForwardingRules.pscUpdate",
"compute.globalForwardingRules.setLabels",
"compute.globalForwardingRules.setTarget",
"compute.globalForwardingRules.update",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.delete",
"compute.globalOperations.get",
"compute.globalOperations.getIamPolicy",
"compute.globalOperations.list",
"compute.globalPublicDelegatedPrefixes.create",
"compute.globalPublicDelegatedPrefixes.delete",
"compute.globalPublicDelegatedPrefixes.get",
"compute.globalPublicDelegatedPrefixes.list",
"compute.globalPublicDelegatedPrefixes.update",
"compute.globalPublicDelegatedPrefixes.updatePolicy",
"compute.globalPublicDelegatedPrefixes.use",
"compute.healthChecks.create",
"compute.healthChecks.delete",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.healthChecks.update",
"compute.healthChecks.use",
"compute.healthChecks.useReadOnly",
"compute.httpHealthChecks.create",
"compute.httpHealthChecks.delete",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpHealthChecks.update",
"compute.httpHealthChecks.use",
"compute.httpHealthChecks.useReadOnly",
"compute.httpsHealthChecks.create",
"compute.httpsHealthChecks.delete",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.httpsHealthChecks.update",
"compute.httpsHealthChecks.use",
"compute.httpsHealthChecks.useReadOnly",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.create",
"compute.interconnectAttachments.delete",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectAttachments.setLabels",
"compute.interconnectAttachments.update",
"compute.interconnectAttachments.use",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.create",
"compute.interconnects.delete",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.interconnects.setLabels",
"compute.interconnects.update",
"compute.interconnects.use",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.maintenancePolicies.create",
"compute.maintenancePolicies.delete",
"compute.maintenancePolicies.get",
"compute.maintenancePolicies.getIamPolicy",
"compute.maintenancePolicies.list",
"compute.maintenancePolicies.use",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.use",
"compute.networks.access",
"compute.networks.addPeering",
"compute.networks.create",
"compute.networks.delete",
"compute.networks.get",
"compute.networks.getEffectiveFirewalls",
"compute.networks.list",
"compute.networks.listPeeringRoutes",
"compute.networks.mirror",
"compute.networks.removePeering",
"compute.networks.switchToCustomMode",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.networks.updatePolicy",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.nodeGroups.addNodes",
"compute.nodeGroups.create",
"compute.nodeGroups.delete",
"compute.nodeGroups.deleteNodes",
"compute.nodeGroups.get",
"compute.nodeGroups.getIamPolicy",
"compute.nodeGroups.list",
"compute.nodeGroups.setNodeTemplate",
"compute.nodeGroups.update",
"compute.nodeTemplates.create",
"compute.nodeTemplates.delete",
"compute.nodeTemplates.get",
"compute.nodeTemplates.getIamPolicy",
"compute.nodeTemplates.list",
"compute.nodeTypes.get",
"compute.nodeTypes.list",
"compute.organizations.listAssociations",
"compute.organizations.setFirewallPolicy",
"compute.organizations.setSecurityPolicy",
"compute.packetMirrorings.update",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.projects.setDefaultNetworkTier",
"compute.projects.setDefaultServiceAccount",
"compute.projects.setUsageExportBucket",
"compute.publicAdvertisedPrefixes.create",
"compute.publicAdvertisedPrefixes.delete",
"compute.publicAdvertisedPrefixes.get",
"compute.publicAdvertisedPrefixes.list",
"compute.publicAdvertisedPrefixes.update",
"compute.publicAdvertisedPrefixes.updatePolicy",
"compute.publicAdvertisedPrefixes.use",
"compute.publicDelegatedPrefixes.create",
"compute.publicDelegatedPrefixes.delete",
"compute.publicDelegatedPrefixes.get",
"compute.publicDelegatedPrefixes.list",
"compute.publicDelegatedPrefixes.update",
"compute.publicDelegatedPrefixes.updatePolicy",
"compute.publicDelegatedPrefixes.use",
"compute.regionBackendServices.create",
"compute.regionBackendServices.delete",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionBackendServices.setSecurityPolicy",
"compute.regionBackendServices.update",
"compute.regionBackendServices.use",
"compute.regionHealthCheckServices.create",
"compute.regionHealthCheckServices.delete",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthCheckServices.update",
"compute.regionHealthCheckServices.use",
"compute.regionHealthChecks.create",
"compute.regionHealthChecks.delete",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionHealthChecks.update",
"compute.regionHealthChecks.use",
"compute.regionHealthChecks.useReadOnly",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.create",
"compute.regionNotificationEndpoints.delete",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionNotificationEndpoints.update",
"compute.regionNotificationEndpoints.use",
"compute.regionOperations.delete",
"compute.regionOperations.get",
"compute.regionOperations.getIamPolicy",
"compute.regionOperations.list",
"compute.regionSslCertificates.create",
"compute.regionSslCertificates.delete",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.create",
"compute.regionTargetHttpProxies.delete",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpProxies.setUrlMap",
"compute.regionTargetHttpProxies.use",
"compute.regionTargetHttpsProxies.create",
"compute.regionTargetHttpsProxies.delete",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionTargetHttpsProxies.setSslCertificates",
"compute.regionTargetHttpsProxies.setUrlMap",
"compute.regionTargetHttpsProxies.use",
"compute.regionUrlMaps.create",
"compute.regionUrlMaps.delete",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.invalidateCache",
"compute.regionUrlMaps.list",
"compute.regionUrlMaps.update",
"compute.regionUrlMaps.use",
"compute.regionUrlMaps.validate",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.create",
"compute.reservations.delete",
"compute.reservations.get",
"compute.reservations.list",
"compute.reservations.resize",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.create",
"compute.routers.delete",
"compute.routers.get",
"compute.routers.list",
"compute.routers.update",
"compute.routers.use",
"compute.routes.create",
"compute.routes.delete",
"compute.routes.get",
"compute.routes.list",
"compute.securityPolicies.addAssociation",
"compute.securityPolicies.copyRules",
"compute.securityPolicies.create",
"compute.securityPolicies.delete",
"compute.securityPolicies.get",
"compute.securityPolicies.getIamPolicy",
"compute.securityPolicies.list",
"compute.securityPolicies.move",
"compute.securityPolicies.removeAssociation",
"compute.securityPolicies.update",
"compute.securityPolicies.use",
"compute.serviceAttachments.create",
"compute.serviceAttachments.delete",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.serviceAttachments.update",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.create",
"compute.sslCertificates.delete",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.create",
"compute.sslPolicies.delete",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.sslPolicies.update",
"compute.sslPolicies.use",
"compute.subnetworks.create",
"compute.subnetworks.delete",
"compute.subnetworks.expandIpCidrRange",
"compute.subnetworks.get",
"compute.subnetworks.getIamPolicy",
"compute.subnetworks.list",
"compute.subnetworks.mirror",
"compute.subnetworks.setPrivateIpGoogleAccess",
"compute.subnetworks.update",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.create",
"compute.targetGrpcProxies.delete",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetGrpcProxies.update",
"compute.targetGrpcProxies.use",
"compute.targetHttpProxies.create",
"compute.targetHttpProxies.delete",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpProxies.setUrlMap",
"compute.targetHttpProxies.use",
"compute.targetHttpsProxies.create",
"compute.targetHttpsProxies.delete",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetHttpsProxies.setSslCertificates",
"compute.targetHttpsProxies.setSslPolicy",
"compute.targetHttpsProxies.setUrlMap",
"compute.targetHttpsProxies.use",
"compute.targetInstances.create",
"compute.targetInstances.delete",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetInstances.use",
"compute.targetPools.addHealthCheck",
"compute.targetPools.addInstance",
"compute.targetPools.create",
"compute.targetPools.delete",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetPools.removeHealthCheck",
"compute.targetPools.removeInstance",
"compute.targetPools.update",
"compute.targetPools.use",
"compute.targetSslProxies.create",
"compute.targetSslProxies.delete",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetSslProxies.setBackendService",
"compute.targetSslProxies.setProxyHeader",
"compute.targetSslProxies.setSslCertificates",
"compute.targetSslProxies.use",
"compute.targetTcpProxies.create",
"compute.targetTcpProxies.delete",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetTcpProxies.update",
"compute.targetTcpProxies.use",
"compute.targetVpnGateways.create",
"compute.targetVpnGateways.delete",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.targetVpnGateways.setLabels",
"compute.targetVpnGateways.use",
"compute.urlMaps.create",
"compute.urlMaps.delete",
"compute.urlMaps.get",
"compute.urlMaps.invalidateCache",
"compute.urlMaps.list",
"compute.urlMaps.update",
"compute.urlMaps.use",
"compute.urlMaps.validate",
"compute.vpnGateways.create",
"compute.vpnGateways.delete",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnGateways.setLabels",
"compute.vpnGateways.use",
"compute.vpnTunnels.create",
"compute.vpnTunnels.delete",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.vpnTunnels.setLabels",
"compute.zoneOperations.delete",
"compute.zoneOperations.get",
"compute.zoneOperations.getIamPolicy",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"consumerprocurement.accounts.create",
"consumerprocurement.accounts.delete",
"consumerprocurement.accounts.get",
"consumerprocurement.accounts.list",
"consumerprocurement.entitlements.get",
"consumerprocurement.entitlements.list",
"consumerprocurement.freeTrials.create",
"consumerprocurement.freeTrials.get",
"consumerprocurement.freeTrials.list",
"consumerprocurement.orders.cancel",
"consumerprocurement.orders.get",
"consumerprocurement.orders.list",
"consumerprocurement.orders.modify",
"consumerprocurement.orders.place",
"contactcenterinsights.analyses.create",
"contactcenterinsights.analyses.delete",
"contactcenterinsights.analyses.get",
"contactcenterinsights.analyses.list",
"contactcenterinsights.conversations.create",
"contactcenterinsights.conversations.delete",
"contactcenterinsights.conversations.get",
"contactcenterinsights.conversations.list",
"contactcenterinsights.conversations.update",
"contactcenterinsights.issueModels.create",
"contactcenterinsights.issueModels.delete",
"contactcenterinsights.issueModels.deploy",
"contactcenterinsights.issueModels.get",
"contactcenterinsights.issueModels.list",
"contactcenterinsights.issueModels.undeploy",
"contactcenterinsights.issueModels.update",
"contactcenterinsights.issues.get",
"contactcenterinsights.issues.list",
"contactcenterinsights.issues.update",
"contactcenterinsights.operations.get",
"contactcenterinsights.operations.list",
"contactcenterinsights.phraseMatchers.create",
"contactcenterinsights.phraseMatchers.delete",
"contactcenterinsights.phraseMatchers.get",
"contactcenterinsights.phraseMatchers.list",
"contactcenterinsights.phraseMatchers.update",
"contactcenterinsights.settings.get",
"contactcenterinsights.settings.update",
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.getStatus",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.getCredentials",
"container.clusters.list",
"container.clusters.update",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.create",
"container.controllerRevisions.delete",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.controllerRevisions.update",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.create",
"container.mutatingWebhookConfigurations.delete",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.mutatingWebhookConfigurations.update",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.operations.get",
"container.operations.list",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.create",
"container.podSecurityPolicies.delete",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podSecurityPolicies.update",
"container.podSecurityPolicies.use",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roles.get",
"container.roles.list",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.create",
"container.validatingWebhookConfigurations.delete",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.validatingWebhookConfigurations.update",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"containeranalysis.notes.attachOccurrence",
"containeranalysis.notes.create",
"containeranalysis.notes.delete",
"containeranalysis.notes.get",
"containeranalysis.notes.getIamPolicy",
"containeranalysis.notes.list",
"containeranalysis.notes.listOccurrences",
"containeranalysis.notes.update",
"containeranalysis.occurrences.create",
"containeranalysis.occurrences.delete",
"containeranalysis.occurrences.get",
"containeranalysis.occurrences.getIamPolicy",
"containeranalysis.occurrences.list",
"containeranalysis.occurrences.update",
"datacatalog.categories.getIamPolicy",
"datacatalog.entries.create",
"datacatalog.entries.delete",
"datacatalog.entries.get",
"datacatalog.entries.getIamPolicy",
"datacatalog.entries.list",
"datacatalog.entries.update",
"datacatalog.entries.updateTag",
"datacatalog.entryGroups.create",
"datacatalog.entryGroups.delete",
"datacatalog.entryGroups.get",
"datacatalog.entryGroups.getIamPolicy",
"datacatalog.entryGroups.list",
"datacatalog.entryGroups.update",
"datacatalog.tagTemplates.create",
"datacatalog.tagTemplates.delete",
"datacatalog.tagTemplates.get",
"datacatalog.tagTemplates.getIamPolicy",
"datacatalog.tagTemplates.getTag",
"datacatalog.tagTemplates.update",
"datacatalog.tagTemplates.use",
"datacatalog.taxonomies.get",
"datacatalog.taxonomies.getIamPolicy",
"datacatalog.taxonomies.list",
"dataflow.jobs.cancel",
"dataflow.jobs.create",
"dataflow.jobs.get",
"dataflow.jobs.list",
"dataflow.jobs.snapshot",
"dataflow.jobs.updateContents",
"dataflow.messages.list",
"dataflow.metrics.get",
"dataflow.snapshots.delete",
"dataflow.snapshots.get",
"dataflow.snapshots.list",
"datafusion.instances.create",
"datafusion.instances.delete",
"datafusion.instances.get",
"datafusion.instances.getIamPolicy",
"datafusion.instances.list",
"datafusion.instances.restart",
"datafusion.instances.runtime",
"datafusion.instances.update",
"datafusion.instances.upgrade",
"datafusion.locations.get",
"datafusion.locations.list",
"datafusion.operations.cancel",
"datafusion.operations.get",
"datafusion.operations.list",
"datalabeling.annotateddatasets.delete",
"datalabeling.annotateddatasets.get",
"datalabeling.annotateddatasets.label",
"datalabeling.annotateddatasets.list",
"datalabeling.annotationspecsets.create",
"datalabeling.annotationspecsets.delete",
"datalabeling.annotationspecsets.get",
"datalabeling.annotationspecsets.list",
"datalabeling.dataitems.get",
"datalabeling.dataitems.list",
"datalabeling.datasets.create",
"datalabeling.datasets.delete",
"datalabeling.datasets.export",
"datalabeling.datasets.get",
"datalabeling.datasets.import",
"datalabeling.datasets.list",
"datalabeling.examples.get",
"datalabeling.examples.list",
"datalabeling.instructions.create",
"datalabeling.instructions.delete",
"datalabeling.instructions.get",
"datalabeling.instructions.list",
"datalabeling.operations.cancel",
"datalabeling.operations.get",
"datalabeling.operations.list",
"datamigration.connectionprofiles.create",
"datamigration.connectionprofiles.delete",
"datamigration.connectionprofiles.get",
"datamigration.connectionprofiles.getIamPolicy",
"datamigration.connectionprofiles.list",
"datamigration.connectionprofiles.update",
"datamigration.locations.get",
"datamigration.locations.list",
"datamigration.migrationjobs.create",
"datamigration.migrationjobs.delete",
"datamigration.migrationjobs.generateSshScript",
"datamigration.migrationjobs.get",
"datamigration.migrationjobs.getIamPolicy",
"datamigration.migrationjobs.list",
"datamigration.migrationjobs.promote",
"datamigration.migrationjobs.restart",
"datamigration.migrationjobs.resume",
"datamigration.migrationjobs.start",
"datamigration.migrationjobs.stop",
"datamigration.migrationjobs.update",
"datamigration.migrationjobs.verify",
"datamigration.operations.cancel",
"datamigration.operations.delete",
"datamigration.operations.get",
"datamigration.operations.list",
"dataprep.projects.use",
"dataproc.agents.create",
"dataproc.agents.delete",
"dataproc.agents.get",
"dataproc.agents.list",
"dataproc.agents.update",
"dataproc.autoscalingPolicies.create",
"dataproc.autoscalingPolicies.delete",
"dataproc.autoscalingPolicies.get",
"dataproc.autoscalingPolicies.getIamPolicy",
"dataproc.autoscalingPolicies.list",
"dataproc.autoscalingPolicies.update",
"dataproc.autoscalingPolicies.use",
"dataproc.clusters.create",
"dataproc.clusters.delete",
"dataproc.clusters.get",
"dataproc.clusters.getIamPolicy",
"dataproc.clusters.list",
"dataproc.clusters.start",
"dataproc.clusters.stop",
"dataproc.clusters.update",
"dataproc.clusters.use",
"dataproc.jobs.cancel",
"dataproc.jobs.create",
"dataproc.jobs.delete",
"dataproc.jobs.get",
"dataproc.jobs.getIamPolicy",
"dataproc.jobs.list",
"dataproc.jobs.update",
"dataproc.operations.cancel",
"dataproc.operations.delete",
"dataproc.operations.get",
"dataproc.operations.getIamPolicy",
"dataproc.operations.list",
"dataproc.tasks.lease",
"dataproc.tasks.listInvalidatedLeases",
"dataproc.tasks.reportStatus",
"dataproc.workflowTemplates.create",
"dataproc.workflowTemplates.delete",
"dataproc.workflowTemplates.get",
"dataproc.workflowTemplates.getIamPolicy",
"dataproc.workflowTemplates.instantiate",
"dataproc.workflowTemplates.instantiateInline",
"dataproc.workflowTemplates.list",
"dataproc.workflowTemplates.update",
"dataprocessing.datasources.get",
"dataprocessing.datasources.list",
"dataprocessing.datasources.update",
"dataprocessing.featurecontrols.list",
"dataprocessing.groupcontrols.get",
"dataprocessing.groupcontrols.list",
"datastore.databases.get",
"datastore.databases.getIamPolicy",
"datastore.databases.list",
"datastore.databases.update",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.create",
"datastore.indexes.delete",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.indexes.update",
"datastore.namespaces.get",
"datastore.namespaces.getIamPolicy",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"datastream.connectionProfiles.create",
"datastream.connectionProfiles.delete",
"datastream.connectionProfiles.destinationTypes",
"datastream.connectionProfiles.discover",
"datastream.connectionProfiles.get",
"datastream.connectionProfiles.getIamPolicy",
"datastream.connectionProfiles.list",
"datastream.connectionProfiles.listStaticServiceIps",
"datastream.connectionProfiles.sourceTypes",
"datastream.connectionProfiles.update",
"datastream.locations.fetchStaticIps",
"datastream.locations.get",
"datastream.locations.list",
"datastream.operations.cancel",
"datastream.operations.delete",
"datastream.operations.get",
"datastream.operations.list",
"datastream.privateConnections.create",
"datastream.privateConnections.delete",
"datastream.privateConnections.get",
"datastream.privateConnections.getIamPolicy",
"datastream.privateConnections.list",
"datastream.routes.create",
"datastream.routes.delete",
"datastream.routes.get",
"datastream.routes.getIamPolicy",
"datastream.routes.list",
"datastream.streams.computeState",
"datastream.streams.create",
"datastream.streams.delete",
"datastream.streams.fetchErrors",
"datastream.streams.get",
"datastream.streams.getIamPolicy",
"datastream.streams.list",
"datastream.streams.pause",
"datastream.streams.resume",
"datastream.streams.start",
"datastream.streams.update",
"deploymentmanager.compositeTypes.create",
"deploymentmanager.compositeTypes.delete",
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.compositeTypes.update",
"deploymentmanager.deployments.cancelPreview",
"deploymentmanager.deployments.create",
"deploymentmanager.deployments.delete",
"deploymentmanager.deployments.get",
"deploymentmanager.deployments.list",
"deploymentmanager.deployments.stop",
"deploymentmanager.deployments.update",
"deploymentmanager.manifests.get",
"deploymentmanager.manifests.list",
"deploymentmanager.operations.get",
"deploymentmanager.operations.list",
"deploymentmanager.resources.get",
"deploymentmanager.resources.list",
"deploymentmanager.typeProviders.create",
"deploymentmanager.typeProviders.delete",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.typeProviders.update",
"deploymentmanager.types.create",
"deploymentmanager.types.delete",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"deploymentmanager.types.update",
"dialogflow.agents.create",
"dialogflow.agents.delete",
"dialogflow.agents.export",
"dialogflow.agents.get",
"dialogflow.agents.import",
"dialogflow.agents.list",
"dialogflow.agents.restore",
"dialogflow.agents.search",
"dialogflow.agents.train",
"dialogflow.agents.update",
"dialogflow.agents.validate",
"dialogflow.answerrecords.delete",
"dialogflow.answerrecords.get",
"dialogflow.answerrecords.list",
"dialogflow.answerrecords.update",
"dialogflow.callMatchers.create",
"dialogflow.callMatchers.delete",
"dialogflow.callMatchers.list",
"dialogflow.changelogs.get",
"dialogflow.changelogs.list",
"dialogflow.contexts.create",
"dialogflow.contexts.delete",
"dialogflow.contexts.get",
"dialogflow.contexts.list",
"dialogflow.contexts.update",
"dialogflow.conversationDatasets.create",
"dialogflow.conversationDatasets.delete",
"dialogflow.conversationDatasets.get",
"dialogflow.conversationDatasets.import",
"dialogflow.conversationDatasets.list",
"dialogflow.conversationModels.create",
"dialogflow.conversationModels.delete",
"dialogflow.conversationModels.deploy",
"dialogflow.conversationModels.get",
"dialogflow.conversationModels.list",
"dialogflow.conversationModels.undeploy",
"dialogflow.conversationProfiles.create",
"dialogflow.conversationProfiles.delete",
"dialogflow.conversationProfiles.get",
"dialogflow.conversationProfiles.list",
"dialogflow.conversationProfiles.update",
"dialogflow.conversations.addPhoneNumber",
"dialogflow.conversations.complete",
"dialogflow.conversations.create",
"dialogflow.conversations.get",
"dialogflow.conversations.list",
"dialogflow.documents.create",
"dialogflow.documents.delete",
"dialogflow.documents.get",
"dialogflow.documents.list",
"dialogflow.entityTypes.create",
"dialogflow.entityTypes.createEntity",
"dialogflow.entityTypes.delete",
"dialogflow.entityTypes.deleteEntity",
"dialogflow.entityTypes.get",
"dialogflow.entityTypes.list",
"dialogflow.entityTypes.update",
"dialogflow.entityTypes.updateEntity",
"dialogflow.environments.create",
"dialogflow.environments.delete",
"dialogflow.environments.get",
"dialogflow.environments.getHistory",
"dialogflow.environments.list",
"dialogflow.environments.lookupHistory",
"dialogflow.environments.update",
"dialogflow.flows.create",
"dialogflow.flows.delete",
"dialogflow.flows.get",
"dialogflow.flows.list",
"dialogflow.flows.train",
"dialogflow.flows.update",
"dialogflow.flows.validate",
"dialogflow.fulfillments.get",
"dialogflow.fulfillments.update",
"dialogflow.intents.create",
"dialogflow.intents.delete",
"dialogflow.intents.get",
"dialogflow.intents.list",
"dialogflow.intents.update",
"dialogflow.knowledgeBases.create",
"dialogflow.knowledgeBases.delete",
"dialogflow.knowledgeBases.get",
"dialogflow.knowledgeBases.list",
"dialogflow.messages.list",
"dialogflow.modelEvaluations.get",
"dialogflow.modelEvaluations.list",
"dialogflow.operations.get",
"dialogflow.pages.create",
"dialogflow.pages.delete",
"dialogflow.pages.get",
"dialogflow.pages.list",
"dialogflow.pages.update",
"dialogflow.participants.analyzeContent",
"dialogflow.participants.create",
"dialogflow.participants.get",
"dialogflow.participants.list",
"dialogflow.participants.suggest",
"dialogflow.participants.update",
"dialogflow.phoneNumberOrders.cancel",
"dialogflow.phoneNumberOrders.create",
"dialogflow.phoneNumberOrders.get",
"dialogflow.phoneNumberOrders.list",
"dialogflow.phoneNumberOrders.update",
"dialogflow.phoneNumbers.delete",
"dialogflow.phoneNumbers.list",
"dialogflow.phoneNumbers.undelete",
"dialogflow.phoneNumbers.update",
"dialogflow.securitySettings.create",
"dialogflow.securitySettings.delete",
"dialogflow.securitySettings.get",
"dialogflow.securitySettings.list",
"dialogflow.securitySettings.update",
"dialogflow.sessionEntityTypes.create",
"dialogflow.sessionEntityTypes.delete",
"dialogflow.sessionEntityTypes.get",
"dialogflow.sessionEntityTypes.list",
"dialogflow.sessionEntityTypes.update",
"dialogflow.sessions.detectIntent",
"dialogflow.sessions.streamingDetectIntent",
"dialogflow.smartMessagingEntries.create",
"dialogflow.smartMessagingEntries.delete",
"dialogflow.smartMessagingEntries.get",
"dialogflow.smartMessagingEntries.list",
"dialogflow.transitionRouteGroups.create",
"dialogflow.transitionRouteGroups.delete",
"dialogflow.transitionRouteGroups.get",
"dialogflow.transitionRouteGroups.list",
"dialogflow.transitionRouteGroups.update",
"dialogflow.versions.create",
"dialogflow.versions.delete",
"dialogflow.versions.get",
"dialogflow.versions.list",
"dialogflow.versions.load",
"dialogflow.versions.update",
"dialogflow.webhooks.create",
"dialogflow.webhooks.delete",
"dialogflow.webhooks.get",
"dialogflow.webhooks.list",
"dialogflow.webhooks.update",
"dlp.analyzeRiskTemplates.create",
"dlp.analyzeRiskTemplates.delete",
"dlp.analyzeRiskTemplates.get",
"dlp.analyzeRiskTemplates.list",
"dlp.analyzeRiskTemplates.update",
"dlp.columnDataProfiles.get",
"dlp.columnDataProfiles.list",
"dlp.deidentifyTemplates.create",
"dlp.deidentifyTemplates.delete",
"dlp.deidentifyTemplates.get",
"dlp.deidentifyTemplates.list",
"dlp.deidentifyTemplates.update",
"dlp.estimates.cancel",
"dlp.estimates.create",
"dlp.estimates.delete",
"dlp.estimates.get",
"dlp.estimates.list",
"dlp.inspectFindings.list",
"dlp.inspectTemplates.create",
"dlp.inspectTemplates.delete",
"dlp.inspectTemplates.get",
"dlp.inspectTemplates.list",
"dlp.inspectTemplates.update",
"dlp.jobTriggers.create",
"dlp.jobTriggers.delete",
"dlp.jobTriggers.get",
"dlp.jobTriggers.hybridInspect",
"dlp.jobTriggers.list",
"dlp.jobTriggers.update",
"dlp.jobs.cancel",
"dlp.jobs.create",
"dlp.jobs.delete",
"dlp.jobs.get",
"dlp.jobs.hybridInspect",
"dlp.jobs.list",
"dlp.projectDataProfiles.get",
"dlp.projectDataProfiles.list",
"dlp.storedInfoTypes.create",
"dlp.storedInfoTypes.delete",
"dlp.storedInfoTypes.get",
"dlp.storedInfoTypes.list",
"dlp.storedInfoTypes.update",
"dlp.tableDataProfiles.get",
"dlp.tableDataProfiles.list",
"dns.changes.create",
"dns.changes.get",
"dns.changes.list",
"dns.dnsKeys.get",
"dns.dnsKeys.list",
"dns.managedZoneOperations.get",
"dns.managedZoneOperations.list",
"dns.managedZones.create",
"dns.managedZones.delete",
"dns.managedZones.get",
"dns.managedZones.list",
"dns.managedZones.update",
"dns.networks.bindDNSResponsePolicy",
"dns.networks.bindPrivateDNSPolicy",
"dns.networks.bindPrivateDNSZone",
"dns.networks.targetWithPeeringZone",
"dns.policies.create",
"dns.policies.delete",
"dns.policies.get",
"dns.policies.list",
"dns.policies.update",
"dns.projects.get",
"dns.resourceRecordSets.create",
"dns.resourceRecordSets.delete",
"dns.resourceRecordSets.get",
"dns.resourceRecordSets.list",
"dns.resourceRecordSets.update",
"dns.responsePolicies.create",
"dns.responsePolicies.delete",
"dns.responsePolicies.get",
"dns.responsePolicies.list",
"dns.responsePolicies.update",
"dns.responsePolicyRules.create",
"dns.responsePolicyRules.delete",
"dns.responsePolicyRules.get",
"dns.responsePolicyRules.list",
"dns.responsePolicyRules.update",
"documentai.evaluations.create",
"documentai.evaluations.get",
"documentai.evaluations.list",
"documentai.humanReviewConfigs.get",
"documentai.humanReviewConfigs.review",
"documentai.humanReviewConfigs.update",
"documentai.labelerPools.create",
"documentai.labelerPools.delete",
"documentai.labelerPools.get",
"documentai.labelerPools.list",
"documentai.labelerPools.update",
"documentai.locations.get",
"documentai.locations.list",
"documentai.operations.getLegacy",
"documentai.processorTypes.list",
"documentai.processorVersions.create",
"documentai.processorVersions.delete",
"documentai.processorVersions.get",
"documentai.processorVersions.list",
"documentai.processorVersions.processBatch",
"documentai.processorVersions.processOnline",
"documentai.processorVersions.update",
"documentai.processors.create",
"documentai.processors.delete",
"documentai.processors.fetchHumanReviewDetails",
"documentai.processors.get",
"documentai.processors.list",
"documentai.processors.processBatch",
"documentai.processors.processOnline",
"documentai.processors.update",
"domains.locations.get",
"domains.locations.list",
"domains.operations.cancel",
"domains.operations.get",
"domains.operations.list",
"domains.registrations.configureContact",
"domains.registrations.configureDns",
"domains.registrations.configureManagement",
"domains.registrations.create",
"domains.registrations.delete",
"domains.registrations.get",
"domains.registrations.getIamPolicy",
"domains.registrations.list",
"domains.registrations.update",
"earlyaccesscenter.campaigns.get",
"earlyaccesscenter.campaigns.list",
"earlyaccesscenter.customerAllowlists.get",
"earlyaccesscenter.customerAllowlists.list",
"earthengine.assets.create",
"earthengine.assets.delete",
"earthengine.assets.get",
"earthengine.assets.getIamPolicy",
"earthengine.assets.list",
"earthengine.assets.update",
"earthengine.computations.create",
"earthengine.exports.create",
"earthengine.filmstripthumbnails.create",
"earthengine.filmstripthumbnails.get",
"earthengine.imports.create",
"earthengine.maps.create",
"earthengine.maps.get",
"earthengine.operations.delete",
"earthengine.operations.get",
"earthengine.operations.list",
"earthengine.operations.update",
"earthengine.tables.create",
"earthengine.tables.get",
"earthengine.thumbnails.create",
"earthengine.thumbnails.get",
"earthengine.videothumbnails.create",
"earthengine.videothumbnails.get",
"endpoints.portals.attachCustomDomain",
"endpoints.portals.detachCustomDomain",
"endpoints.portals.listCustomDomains",
"endpoints.portals.update",
"errorreporting.applications.list",
"errorreporting.errorEvents.create",
"errorreporting.errorEvents.delete",
"errorreporting.errorEvents.list",
"errorreporting.groupMetadata.get",
"errorreporting.groupMetadata.update",
"errorreporting.groups.list",
"essentialcontacts.contacts.create",
"essentialcontacts.contacts.delete",
"essentialcontacts.contacts.get",
"essentialcontacts.contacts.list",
"essentialcontacts.contacts.send",
"essentialcontacts.contacts.update",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"fcmdata.deliverydata.list",
"file.backups.create",
"file.backups.delete",
"file.backups.get",
"file.backups.list",
"file.backups.update",
"file.instances.create",
"file.instances.delete",
"file.instances.get",
"file.instances.list",
"file.instances.restore",
"file.instances.update",
"file.locations.get",
"file.locations.list",
"file.operations.cancel",
"file.operations.delete",
"file.operations.get",
"file.operations.list",
"file.snapshots.create",
"file.snapshots.delete",
"file.snapshots.get",
"file.snapshots.list",
"file.snapshots.update",
"firebase.billingPlans.get",
"firebase.clients.create",
"firebase.clients.delete",
"firebase.clients.get",
"firebase.clients.list",
"firebase.clients.update",
"firebase.links.list",
"firebase.projects.get",
"firebase.projects.update",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.create",
"firebaseabt.experiments.delete",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.experiments.update",
"firebaseabt.projectmetadata.get",
"firebaseanalytics.resources.googleAnalyticsEdit",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.debugTokens.update",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.deviceCheckConfig.update",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.recaptchaConfig.update",
"firebaseappcheck.services.get",
"firebaseappcheck.services.update",
"firebaseappdistro.groups.list",
"firebaseappdistro.groups.update",
"firebaseappdistro.releases.list",
"firebaseappdistro.releases.update",
"firebaseappdistro.testers.list",
"firebaseappdistro.testers.update",
"firebaseauth.configs.create",
"firebaseauth.configs.get",
"firebaseauth.configs.getHashConfig",
"firebaseauth.configs.update",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
"firebasecrash.issues.update",
"firebasecrash.reports.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.config.update",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.issues.update",
"firebasecrashlytics.sessions.get",
"firebasedatabase.instances.create",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebasedatabase.instances.update",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.domains.create",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.domains.update",
"firebasedynamiclinks.links.create",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.links.update",
"firebasedynamiclinks.stats.get",
"firebaseextensions.configs.list",
"firebasehosting.sites.create",
"firebasehosting.sites.delete",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebasehosting.sites.update",
"firebaseinappmessaging.campaigns.create",
"firebaseinappmessaging.campaigns.delete",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"firebaseinappmessaging.campaigns.update",
"firebaseml.compressionjobs.create",
"firebaseml.compressionjobs.delete",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.compressionjobs.start",
"firebaseml.compressionjobs.update",
"firebaseml.models.create",
"firebaseml.models.delete",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.create",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebaseml.modelversions.update",
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
"firebaseperformance.config.create",
"firebaseperformance.config.delete",
"firebaseperformance.config.update",
"firebaseperformance.data.get",
"firebasepredictions.predictions.create",
"firebasepredictions.predictions.delete",
"firebasepredictions.predictions.list",
"firebasepredictions.predictions.update",
"firebaserules.releases.create",
"firebaserules.releases.delete",
"firebaserules.releases.get",
"firebaserules.releases.getExecutable",
"firebaserules.releases.list",
"firebaserules.releases.update",
"firebaserules.rulesets.create",
"firebaserules.rulesets.delete",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"firebaserules.rulesets.test",
"firebasestorage.buckets.addFirebase",
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"firebasestorage.buckets.removeFirebase",
"gameservices.gameServerClusters.create",
"gameservices.gameServerClusters.delete",
"gameservices.gameServerClusters.get",
"gameservices.gameServerClusters.list",
"gameservices.gameServerClusters.update",
"gameservices.gameServerConfigs.create",
"gameservices.gameServerConfigs.delete",
"gameservices.gameServerConfigs.get",
"gameservices.gameServerConfigs.list",
"gameservices.gameServerDeployments.create",
"gameservices.gameServerDeployments.delete",
"gameservices.gameServerDeployments.get",
"gameservices.gameServerDeployments.list",
"gameservices.gameServerDeployments.rollout",
"gameservices.gameServerDeployments.update",
"gameservices.locations.get",
"gameservices.locations.list",
"gameservices.operations.cancel",
"gameservices.operations.delete",
"gameservices.operations.get",
"gameservices.operations.list",
"gameservices.realms.create",
"gameservices.realms.delete",
"gameservices.realms.get",
"gameservices.realms.list",
"gameservices.realms.update",
"genomics.datasets.create",
"genomics.datasets.delete",
"genomics.datasets.get",
"genomics.datasets.list",
"genomics.datasets.update",
"genomics.operations.cancel",
"genomics.operations.create",
"genomics.operations.get",
"genomics.operations.list",
"gkehub.features.create",
"gkehub.features.delete",
"gkehub.features.get",
"gkehub.features.getIamPolicy",
"gkehub.features.list",
"gkehub.features.update",
"gkehub.gateway.delete",
"gkehub.gateway.get",
"gkehub.gateway.getIamPolicy",
"gkehub.gateway.patch",
"gkehub.gateway.post",
"gkehub.gateway.put",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.create",
"gkehub.memberships.delete",
"gkehub.memberships.generateConnectManifest",
"gkehub.memberships.get",
"gkehub.memberships.getIamPolicy",
"gkehub.memberships.list",
"gkehub.memberships.update",
"gkehub.operations.cancel",
"gkehub.operations.delete",
"gkehub.operations.get",
"gkehub.operations.list",
"gkemulticloud.awsClusters.create",
"gkemulticloud.awsClusters.delete",
"gkemulticloud.awsClusters.get",
"gkemulticloud.awsClusters.list",
"gkemulticloud.awsClusters.update",
"gkemulticloud.awsNodePools.create",
"gkemulticloud.awsNodePools.delete",
"gkemulticloud.awsNodePools.get",
"gkemulticloud.awsNodePools.list",
"gkemulticloud.awsServerConfigs.get",
"gkemulticloud.azureClients.create",
"gkemulticloud.azureClients.delete",
"gkemulticloud.azureClients.get",
"gkemulticloud.azureClients.list",
"gkemulticloud.azureClusters.create",
"gkemulticloud.azureClusters.delete",
"gkemulticloud.azureClusters.get",
"gkemulticloud.azureClusters.list",
"gkemulticloud.azureClusters.update",
"gkemulticloud.azureNodePools.create",
"gkemulticloud.azureNodePools.delete",
"gkemulticloud.azureNodePools.get",
"gkemulticloud.azureNodePools.list",
"gkemulticloud.azureServerConfigs.get",
"gkemulticloud.operations.cancel",
"gkemulticloud.operations.delete",
"gkemulticloud.operations.get",
"gkemulticloud.operations.list",
"gkemulticloud.operations.wait",
"gsuiteaddons.authorizations.get",
"gsuiteaddons.deployments.create",
"gsuiteaddons.deployments.delete",
"gsuiteaddons.deployments.execute",
"gsuiteaddons.deployments.get",
"gsuiteaddons.deployments.install",
"gsuiteaddons.deployments.installStatus",
"gsuiteaddons.deployments.list",
"gsuiteaddons.deployments.uninstall",
"gsuiteaddons.deployments.update",
"healthcare.annotationStores.create",
"healthcare.annotationStores.delete",
"healthcare.annotationStores.evaluate",
"healthcare.annotationStores.export",
"healthcare.annotationStores.get",
"healthcare.annotationStores.getIamPolicy",
"healthcare.annotationStores.import",
"healthcare.annotationStores.list",
"healthcare.annotationStores.update",
"healthcare.annotations.create",
"healthcare.annotations.delete",
"healthcare.annotations.get",
"healthcare.annotations.list",
"healthcare.annotations.update",
"healthcare.attributeDefinitions.create",
"healthcare.attributeDefinitions.delete",
"healthcare.attributeDefinitions.get",
"healthcare.attributeDefinitions.list",
"healthcare.attributeDefinitions.update",
"healthcare.consentArtifacts.create",
"healthcare.consentArtifacts.delete",
"healthcare.consentArtifacts.get",
"healthcare.consentArtifacts.list",
"healthcare.consentStores.checkDataAccess",
"healthcare.consentStores.create",
"healthcare.consentStores.delete",
"healthcare.consentStores.evaluateUserConsents",
"healthcare.consentStores.get",
"healthcare.consentStores.getIamPolicy",
"healthcare.consentStores.list",
"healthcare.consentStores.queryAccessibleData",
"healthcare.consentStores.update",
"healthcare.consents.activate",
"healthcare.consents.create",
"healthcare.consents.delete",
"healthcare.consents.get",
"healthcare.consents.list",
"healthcare.consents.reject",
"healthcare.consents.revoke",
"healthcare.consents.update",
"healthcare.datasets.create",
"healthcare.datasets.deidentify",
"healthcare.datasets.delete",
"healthcare.datasets.get",
"healthcare.datasets.getIamPolicy",
"healthcare.datasets.list",
"healthcare.datasets.update",
"healthcare.dicomStores.create",
"healthcare.dicomStores.deidentify",
"healthcare.dicomStores.delete",
"healthcare.dicomStores.dicomWebDelete",
"healthcare.dicomStores.dicomWebRead",
"healthcare.dicomStores.dicomWebWrite",
"healthcare.dicomStores.export",
"healthcare.dicomStores.get",
"healthcare.dicomStores.getIamPolicy",
"healthcare.dicomStores.import",
"healthcare.dicomStores.list",
"healthcare.dicomStores.update",
"healthcare.fhirResources.create",
"healthcare.fhirResources.delete",
"healthcare.fhirResources.get",
"healthcare.fhirResources.patch",
"healthcare.fhirResources.purge",
"healthcare.fhirResources.translateConceptMap",
"healthcare.fhirResources.update",
"healthcare.fhirStores.configureSearch",
"healthcare.fhirStores.create",
"healthcare.fhirStores.deidentify",
"healthcare.fhirStores.delete",
"healthcare.fhirStores.executeBundle",
"healthcare.fhirStores.export",
"healthcare.fhirStores.get",
"healthcare.fhirStores.getIamPolicy",
"healthcare.fhirStores.import",
"healthcare.fhirStores.list",
"healthcare.fhirStores.searchResources",
"healthcare.fhirStores.update",
"healthcare.hl7V2Messages.create",
"healthcare.hl7V2Messages.delete",
"healthcare.hl7V2Messages.get",
"healthcare.hl7V2Messages.ingest",
"healthcare.hl7V2Messages.list",
"healthcare.hl7V2Messages.update",
"healthcare.hl7V2Stores.create",
"healthcare.hl7V2Stores.delete",
"healthcare.hl7V2Stores.get",
"healthcare.hl7V2Stores.getIamPolicy",
"healthcare.hl7V2Stores.import",
"healthcare.hl7V2Stores.list",
"healthcare.hl7V2Stores.update",
"healthcare.locations.get",
"healthcare.locations.list",
"healthcare.nlpservice.analyzeEntities",
"healthcare.operations.cancel",
"healthcare.operations.get",
"healthcare.operations.list",
"healthcare.userDataMappings.archive",
"healthcare.userDataMappings.create",
"healthcare.userDataMappings.delete",
"healthcare.userDataMappings.get",
"healthcare.userDataMappings.list",
"healthcare.userDataMappings.update",
"iam.googleapis.com/workloadIdentityPoolProviders.get",
"iam.googleapis.com/workloadIdentityPoolProviders.list",
"iam.googleapis.com/workloadIdentityPools.get",
"iam.googleapis.com/workloadIdentityPools.list",
"iam.roles.get",
"iam.roles.list",
"iam.serviceAccountKeys.create",
"iam.serviceAccountKeys.delete",
"iam.serviceAccountKeys.get",
"iam.serviceAccountKeys.list",
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.create",
"iam.serviceAccounts.delete",
"iam.serviceAccounts.disable",
"iam.serviceAccounts.enable",
"iam.serviceAccounts.get",
"iam.serviceAccounts.getIamPolicy",
"iam.serviceAccounts.list",
"iam.serviceAccounts.update",
"iap.projects.getSettings",
"iap.projects.updateSettings",
"iap.web.getSettings",
"iap.web.updateSettings",
"iap.webServiceVersions.getSettings",
"iap.webServiceVersions.updateSettings",
"iap.webServices.getSettings",
"iap.webServices.updateSettings",
"iap.webTypes.getSettings",
"iap.webTypes.updateSettings",
"integrations.apigeeAuthConfigs.create",
"integrations.apigeeAuthConfigs.delete",
"integrations.apigeeAuthConfigs.get",
"integrations.apigeeAuthConfigs.list",
"integrations.apigeeAuthConfigs.update",
"integrations.apigeeCertificates.get",
"integrations.apigeeExecutions.list",
"integrations.apigeeIntegrationVers.create",
"integrations.apigeeIntegrationVers.deploy",
"integrations.apigeeIntegrationVers.get",
"integrations.apigeeIntegrationVers.list",
"integrations.apigeeIntegrationVers.update",
"integrations.apigeeIntegrations.invoke",
"integrations.apigeeIntegrations.list",
"integrations.apigeeSfdcChannels.create",
"integrations.apigeeSfdcChannels.delete",
"integrations.apigeeSfdcChannels.get",
"integrations.apigeeSfdcChannels.list",
"integrations.apigeeSfdcChannels.update",
"integrations.apigeeSfdcInstances.create",
"integrations.apigeeSfdcInstances.delete",
"integrations.apigeeSfdcInstances.get",
"integrations.apigeeSfdcInstances.list",
"integrations.apigeeSfdcInstances.update",
"integrations.apigeeSuspensions.list",
"integrations.apigeeSuspensions.resolve",
"lifesciences.operations.cancel",
"lifesciences.operations.get",
"lifesciences.operations.list",
"lifesciences.workflows.run",
"livestream.channels.create",
"livestream.channels.delete",
"livestream.channels.get",
"livestream.channels.list",
"livestream.channels.start",
"livestream.channels.stop",
"livestream.channels.update",
"livestream.events.create",
"livestream.events.delete",
"livestream.events.get",
"livestream.events.list",
"livestream.inputs.create",
"livestream.inputs.delete",
"livestream.inputs.get",
"livestream.inputs.list",
"livestream.inputs.update",
"livestream.locations.get",
"livestream.locations.list",
"livestream.operations.cancel",
"livestream.operations.delete",
"livestream.operations.get",
"livestream.operations.list",
"logging.buckets.copyLogEntries",
"logging.buckets.get",
"logging.buckets.list",
"logging.cmekSettings.get",
"logging.cmekSettings.update",
"logging.exclusions.get",
"logging.exclusions.list",
"logging.locations.get",
"logging.locations.list",
"logging.logEntries.create",
"logging.logEntries.download",
"logging.logEntries.list",
"logging.logMetrics.create",
"logging.logMetrics.delete",
"logging.logMetrics.get",
"logging.logMetrics.list",
"logging.logMetrics.update",
"logging.logServiceIndexes.list",
"logging.logServices.list",
"logging.logs.delete",
"logging.logs.list",
"logging.notificationRules.get",
"logging.notificationRules.list",
"logging.operations.cancel",
"logging.operations.get",
"logging.operations.list",
"logging.queries.create",
"logging.queries.delete",
"logging.queries.get",
"logging.queries.list",
"logging.queries.listShared",
"logging.queries.update",
"logging.sinks.get",
"logging.sinks.list",
"logging.usage.get",
"logging.views.create",
"logging.views.delete",
"logging.views.get",
"logging.views.list",
"logging.views.listLogs",
"logging.views.listResourceKeys",
"logging.views.listResourceValues",
"logging.views.update",
"managedidentities.domains.attachTrust",
"managedidentities.domains.create",
"managedidentities.domains.delete",
"managedidentities.domains.detachTrust",
"managedidentities.domains.get",
"managedidentities.domains.getIamPolicy",
"managedidentities.domains.list",
"managedidentities.domains.reconfigureTrust",
"managedidentities.domains.resetpassword",
"managedidentities.domains.update",
"managedidentities.domains.updateLDAPSSettings",
"managedidentities.domains.validateTrust",
"managedidentities.locations.get",
"managedidentities.locations.list",
"managedidentities.operations.cancel",
"managedidentities.operations.delete",
"managedidentities.operations.get",
"managedidentities.operations.list",
"managedidentities.sqlintegrations.get",
"managedidentities.sqlintegrations.list",
"memcache.instances.applyParameters",
"memcache.instances.applySoftwareUpdate",
"memcache.instances.create",
"memcache.instances.delete",
"memcache.instances.get",
"memcache.instances.list",
"memcache.instances.update",
"memcache.instances.updateParameters",
"memcache.locations.get",
"memcache.locations.list",
"memcache.operations.cancel",
"memcache.operations.delete",
"memcache.operations.get",
"memcache.operations.list",
"metastore.backups.create",
"metastore.backups.delete",
"metastore.backups.get",
"metastore.backups.list",
"metastore.backups.use",
"metastore.imports.create",
"metastore.imports.get",
"metastore.imports.list",
"metastore.imports.update",
"metastore.locations.get",
"metastore.locations.list",
"metastore.operations.cancel",
"metastore.operations.delete",
"metastore.operations.get",
"metastore.operations.list",
"metastore.services.create",
"metastore.services.delete",
"metastore.services.export",
"metastore.services.get",
"metastore.services.getIamPolicy",
"metastore.services.list",
"metastore.services.restore",
"metastore.services.update",
"ml.jobs.cancel",
"ml.jobs.create",
"ml.jobs.get",
"ml.jobs.getIamPolicy",
"ml.jobs.list",
"ml.jobs.update",
"ml.locations.get",
"ml.locations.list",
"ml.models.create",
"ml.models.delete",
"ml.models.get",
"ml.models.getIamPolicy",
"ml.models.list",
"ml.models.predict",
"ml.models.update",
"ml.operations.cancel",
"ml.operations.get",
"ml.operations.list",
"ml.projects.getConfig",
"ml.studies.create",
"ml.studies.delete",
"ml.studies.get",
"ml.studies.getIamPolicy",
"ml.studies.list",
"ml.trials.create",
"ml.trials.delete",
"ml.trials.get",
"ml.trials.list",
"ml.trials.update",
"ml.versions.create",
"ml.versions.delete",
"ml.versions.get",
"ml.versions.list",
"ml.versions.predict",
"ml.versions.update",
"monitoring.alertPolicies.create",
"monitoring.alertPolicies.delete",
"monitoring.alertPolicies.get",
"monitoring.alertPolicies.list",
"monitoring.alertPolicies.update",
"monitoring.dashboards.create",
"monitoring.dashboards.delete",
"monitoring.dashboards.get",
"monitoring.dashboards.list",
"monitoring.dashboards.update",
"monitoring.groups.create",
"monitoring.groups.delete",
"monitoring.groups.get",
"monitoring.groups.list",
"monitoring.groups.update",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.delete",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.notificationChannelDescriptors.get",
"monitoring.notificationChannelDescriptors.list",
"monitoring.notificationChannels.create",
"monitoring.notificationChannels.delete",
"monitoring.notificationChannels.get",
"monitoring.notificationChannels.list",
"monitoring.notificationChannels.sendVerificationCode",
"monitoring.notificationChannels.update",
"monitoring.notificationChannels.verify",
"monitoring.publicWidgets.create",
"monitoring.publicWidgets.delete",
"monitoring.publicWidgets.get",
"monitoring.publicWidgets.list",
"monitoring.publicWidgets.update",
"monitoring.services.create",
"monitoring.services.delete",
"monitoring.services.get",
"monitoring.services.list",
"monitoring.services.update",
"monitoring.slos.create",
"monitoring.slos.delete",
"monitoring.slos.get",
"monitoring.slos.list",
"monitoring.slos.update",
"monitoring.timeSeries.create",
"monitoring.timeSeries.list",
"monitoring.uptimeCheckConfigs.create",
"monitoring.uptimeCheckConfigs.delete",
"monitoring.uptimeCheckConfigs.get",
"monitoring.uptimeCheckConfigs.list",
"monitoring.uptimeCheckConfigs.update",
"networkconnectivity.hubs.create",
"networkconnectivity.hubs.delete",
"networkconnectivity.hubs.get",
"networkconnectivity.hubs.getIamPolicy",
"networkconnectivity.hubs.list",
"networkconnectivity.hubs.update",
"networkconnectivity.locations.get",
"networkconnectivity.locations.list",
"networkconnectivity.operations.cancel",
"networkconnectivity.operations.delete",
"networkconnectivity.operations.get",
"networkconnectivity.operations.list",
"networkconnectivity.spokes.create",
"networkconnectivity.spokes.delete",
"networkconnectivity.spokes.get",
"networkconnectivity.spokes.getIamPolicy",
"networkconnectivity.spokes.list",
"networkconnectivity.spokes.update",
"networkmanagement.connectivitytests.create",
"networkmanagement.connectivitytests.delete",
"networkmanagement.connectivitytests.get",
"networkmanagement.connectivitytests.getIamPolicy",
"networkmanagement.connectivitytests.list",
"networkmanagement.connectivitytests.rerun",
"networkmanagement.connectivitytests.update",
"networkmanagement.locations.get",
"networkmanagement.locations.list",
"networkmanagement.operations.get",
"networkmanagement.operations.list",
"networksecurity.authorizationPolicies.create",
"networksecurity.authorizationPolicies.delete",
"networksecurity.authorizationPolicies.get",
"networksecurity.authorizationPolicies.getIamPolicy",
"networksecurity.authorizationPolicies.list",
"networksecurity.authorizationPolicies.update",
"networksecurity.authorizationPolicies.use",
"networksecurity.clientTlsPolicies.create",
"networksecurity.clientTlsPolicies.delete",
"networksecurity.clientTlsPolicies.get",
"networksecurity.clientTlsPolicies.getIamPolicy",
"networksecurity.clientTlsPolicies.list",
"networksecurity.clientTlsPolicies.update",
"networksecurity.clientTlsPolicies.use",
"networksecurity.locations.get",
"networksecurity.locations.list",
"networksecurity.operations.cancel",
"networksecurity.operations.delete",
"networksecurity.operations.get",
"networksecurity.operations.list",
"networksecurity.serverTlsPolicies.create",
"networksecurity.serverTlsPolicies.delete",
"networksecurity.serverTlsPolicies.get",
"networksecurity.serverTlsPolicies.getIamPolicy",
"networksecurity.serverTlsPolicies.list",
"networksecurity.serverTlsPolicies.update",
"networksecurity.serverTlsPolicies.use",
"networkservices.endpointConfigSelectors.create",
"networkservices.endpointConfigSelectors.delete",
"networkservices.endpointConfigSelectors.get",
"networkservices.endpointConfigSelectors.getIamPolicy",
"networkservices.endpointConfigSelectors.list",
"networkservices.endpointConfigSelectors.update",
"networkservices.endpointConfigSelectors.use",
"networkservices.httpFilters.create",
"networkservices.httpFilters.delete",
"networkservices.httpFilters.get",
"networkservices.httpFilters.getIamPolicy",
"networkservices.httpFilters.list",
"networkservices.httpFilters.update",
"networkservices.httpFilters.use",
"networkservices.httpfilters.create",
"networkservices.httpfilters.delete",
"networkservices.httpfilters.get",
"networkservices.httpfilters.getIamPolicy",
"networkservices.httpfilters.list",
"networkservices.httpfilters.update",
"networkservices.httpfilters.use",
"networkservices.locations.get",
"networkservices.locations.list",
"networkservices.operations.cancel",
"networkservices.operations.delete",
"networkservices.operations.get",
"networkservices.operations.list",
"notebooks.environments.create",
"notebooks.environments.delete",
"notebooks.environments.get",
"notebooks.environments.getIamPolicy",
"notebooks.environments.list",
"notebooks.executions.create",
"notebooks.executions.delete",
"notebooks.executions.get",
"notebooks.executions.getIamPolicy",
"notebooks.executions.list",
"notebooks.instances.checkUpgradability",
"notebooks.instances.create",
"notebooks.instances.delete",
"notebooks.instances.get",
"notebooks.instances.getIamPolicy",
"notebooks.instances.list",
"notebooks.instances.reset",
"notebooks.instances.setAccelerator",
"notebooks.instances.setLabels",
"notebooks.instances.setMachineType",
"notebooks.instances.start",
"notebooks.instances.stop",
"notebooks.instances.update",
"notebooks.instances.updateConfig",
"notebooks.instances.updateShieldInstanceConfig",
"notebooks.instances.upgrade",
"notebooks.instances.use",
"notebooks.locations.get",
"notebooks.locations.list",
"notebooks.operations.cancel",
"notebooks.operations.delete",
"notebooks.operations.get",
"notebooks.operations.list",
"notebooks.runtimes.create",
"notebooks.runtimes.delete",
"notebooks.runtimes.get",
"notebooks.runtimes.getIamPolicy",
"notebooks.runtimes.list",
"notebooks.runtimes.reset",
"notebooks.runtimes.start",
"notebooks.runtimes.stop",
"notebooks.runtimes.switch",
"notebooks.schedules.create",
"notebooks.schedules.delete",
"notebooks.schedules.get",
"notebooks.schedules.getIamPolicy",
"notebooks.schedules.list",
"oauthconfig.clientpolicy.get",
"oauthconfig.testusers.get",
"oauthconfig.testusers.update",
"oauthconfig.verification.get",
"oauthconfig.verification.submit",
"oauthconfig.verification.update",
"ondemandscanning.operations.cancel",
"ondemandscanning.operations.delete",
"ondemandscanning.operations.get",
"ondemandscanning.operations.list",
"ondemandscanning.operations.wait",
"ondemandscanning.scans.analyzePackages",
"ondemandscanning.scans.listVulnerabilities",
"ondemandscanning.scans.scan",
"opsconfigmonitoring.resourceMetadata.list",
"opsconfigmonitoring.resourceMetadata.write",
"orgpolicy.policy.get",
"osconfig.guestPolicies.create",
"osconfig.guestPolicies.delete",
"osconfig.guestPolicies.get",
"osconfig.guestPolicies.list",
"osconfig.guestPolicies.update",
"osconfig.instanceOSPoliciesCompliances.get",
"osconfig.instanceOSPoliciesCompliances.list",
"osconfig.inventories.get",
"osconfig.inventories.list",
"osconfig.osPolicyAssignments.create",
"osconfig.osPolicyAssignments.delete",
"osconfig.osPolicyAssignments.get",
"osconfig.osPolicyAssignments.list",
"osconfig.osPolicyAssignments.update",
"osconfig.patchDeployments.create",
"osconfig.patchDeployments.delete",
"osconfig.patchDeployments.execute",
"osconfig.patchDeployments.get",
"osconfig.patchDeployments.list",
"osconfig.patchDeployments.update",
"osconfig.patchJobs.exec",
"osconfig.patchJobs.get",
"osconfig.patchJobs.list",
"osconfig.vulnerabilityReports.get",
"osconfig.vulnerabilityReports.list",
"paymentsresellersubscription.products.list",
"paymentsresellersubscription.promotions.list",
"paymentsresellersubscription.subscriptions.cancel",
"paymentsresellersubscription.subscriptions.extend",
"paymentsresellersubscription.subscriptions.get",
"paymentsresellersubscription.subscriptions.provision",
"paymentsresellersubscription.subscriptions.undoCancel",
"policysimulator.replayResults.list",
"policysimulator.replays.get",
"policysimulator.replays.list",
"privateca.caPools.create",
"privateca.caPools.delete",
"privateca.caPools.get",
"privateca.caPools.getIamPolicy",
"privateca.caPools.list",
"privateca.caPools.update",
"privateca.certificateAuthorities.create",
"privateca.certificateAuthorities.delete",
"privateca.certificateAuthorities.get",
"privateca.certificateAuthorities.getIamPolicy",
"privateca.certificateAuthorities.list",
"privateca.certificateAuthorities.update",
"privateca.certificateRevocationLists.create",
"privateca.certificateRevocationLists.get",
"privateca.certificateRevocationLists.getIamPolicy",
"privateca.certificateRevocationLists.list",
"privateca.certificateRevocationLists.update",
"privateca.certificateTemplates.create",
"privateca.certificateTemplates.delete",
"privateca.certificateTemplates.get",
"privateca.certificateTemplates.getIamPolicy",
"privateca.certificateTemplates.list",
"privateca.certificateTemplates.update",
"privateca.certificateTemplates.use",
"privateca.certificates.create",
"privateca.certificates.createForSelf",
"privateca.certificates.get",
"privateca.certificates.getIamPolicy",
"privateca.certificates.list",
"privateca.certificates.update",
"privateca.locations.get",
"privateca.locations.list",
"privateca.operations.cancel",
"privateca.operations.delete",
"privateca.operations.get",
"privateca.operations.list",
"privateca.reusableConfigs.create",
"privateca.reusableConfigs.delete",
"privateca.reusableConfigs.get",
"privateca.reusableConfigs.getIamPolicy",
"privateca.reusableConfigs.list",
"privateca.reusableConfigs.update",
"proximitybeacon.attachments.create",
"proximitybeacon.attachments.delete",
"proximitybeacon.attachments.get",
"proximitybeacon.attachments.list",
"proximitybeacon.beacons.attach",
"proximitybeacon.beacons.create",
"proximitybeacon.beacons.get",
"proximitybeacon.beacons.list",
"proximitybeacon.beacons.update",
"proximitybeacon.namespaces.create",
"proximitybeacon.namespaces.delete",
"proximitybeacon.namespaces.get",
"proximitybeacon.namespaces.list",
"proximitybeacon.namespaces.update",
"pubsub.schemas.attach",
"pubsub.schemas.create",
"pubsub.schemas.delete",
"pubsub.schemas.get",
"pubsub.schemas.getIamPolicy",
"pubsub.schemas.list",
"pubsub.schemas.validate",
"pubsub.snapshots.create",
"pubsub.snapshots.delete",
"pubsub.snapshots.get",
"pubsub.snapshots.list",
"pubsub.snapshots.seek",
"pubsub.snapshots.update",
"pubsub.subscriptions.consume",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.list",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.detachSubscription",
"pubsub.topics.get",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.update",
"pubsub.topics.updateTag",
"pubsublite.reservations.attachTopic",
"pubsublite.reservations.create",
"pubsublite.reservations.delete",
"pubsublite.reservations.get",
"pubsublite.reservations.list",
"pubsublite.reservations.listTopics",
"pubsublite.reservations.update",
"pubsublite.subscriptions.create",
"pubsublite.subscriptions.delete",
"pubsublite.subscriptions.get",
"pubsublite.subscriptions.getCursor",
"pubsublite.subscriptions.list",
"pubsublite.subscriptions.seek",
"pubsublite.subscriptions.setCursor",
"pubsublite.subscriptions.subscribe",
"pubsublite.subscriptions.update",
"pubsublite.topics.computeHeadCursor",
"pubsublite.topics.computeMessageStats",
"pubsublite.topics.computeTimeCursor",
"pubsublite.topics.create",
"pubsublite.topics.delete",
"pubsublite.topics.get",
"pubsublite.topics.getPartitions",
"pubsublite.topics.list",
"pubsublite.topics.listSubscriptions",
"pubsublite.topics.publish",
"pubsublite.topics.subscribe",
"pubsublite.topics.update",
"recaptchaenterprise.assessments.annotate",
"recaptchaenterprise.assessments.create",
"recaptchaenterprise.keys.create",
"recaptchaenterprise.keys.delete",
"recaptchaenterprise.keys.get",
"recaptchaenterprise.keys.list",
"recaptchaenterprise.keys.update",
"recaptchaenterprise.metrics.get",
"recaptchaenterprise.projectmetadata.get",
"recommender.cloudAssetInsights.get",
"recommender.cloudAssetInsights.list",
"recommender.cloudAssetInsights.update",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.get",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.list",
"recommender.cloudsqlInstanceDiskUsageTrendInsights.update",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.get",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.list",
"recommender.cloudsqlInstanceOutOfDiskRecommendations.update",
"recommender.commitmentUtilizationInsights.get",
"recommender.commitmentUtilizationInsights.list",
"recommender.commitmentUtilizationInsights.update",
"recommender.computeAddressIdleResourceInsights.get",
"recommender.computeAddressIdleResourceInsights.list",
"recommender.computeAddressIdleResourceInsights.update",
"recommender.computeAddressIdleResourceRecommendations.get",
"recommender.computeAddressIdleResourceRecommendations.list",
"recommender.computeAddressIdleResourceRecommendations.update",
"recommender.computeDiskIdleResourceInsights.get",
"recommender.computeDiskIdleResourceInsights.list",
"recommender.computeDiskIdleResourceInsights.update",
"recommender.computeDiskIdleResourceRecommendations.get",
"recommender.computeDiskIdleResourceRecommendations.list",
"recommender.computeDiskIdleResourceRecommendations.update",
"recommender.computeFirewallInsights.get",
"recommender.computeFirewallInsights.list",
"recommender.computeFirewallInsights.update",
"recommender.computeImageIdleResourceInsights.get",
"recommender.computeImageIdleResourceInsights.list",
"recommender.computeImageIdleResourceInsights.update",
"recommender.computeImageIdleResourceRecommendations.get",
"recommender.computeImageIdleResourceRecommendations.list",
"recommender.computeImageIdleResourceRecommendations.update",
"recommender.computeInstanceGroupManagerMachineTypeRecommendations.get",
"recommender.computeInstanceGroupManagerMachineTypeRecommendations.list",
"recommender.computeInstanceGroupManagerMachineTypeRecommendations.update",
"recommender.computeInstanceIdleResourceRecommendations.get",
"recommender.computeInstanceIdleResourceRecommendations.list",
"recommender.computeInstanceIdleResourceRecommendations.update",
"recommender.computeInstanceMachineTypeRecommendations.get",
"recommender.computeInstanceMachineTypeRecommendations.list",
"recommender.computeInstanceMachineTypeRecommendations.update",
"recommender.iamPolicyInsights.get",
"recommender.iamPolicyInsights.list",
"recommender.iamPolicyInsights.update",
"recommender.iamPolicyLateralMovementInsights.get",
"recommender.iamPolicyLateralMovementInsights.list",
"recommender.iamPolicyLateralMovementInsights.update",
"recommender.iamPolicyRecommendations.get",
"recommender.iamPolicyRecommendations.list",
"recommender.iamPolicyRecommendations.update",
"recommender.iamServiceAccountInsights.get",
"recommender.iamServiceAccountInsights.list",
"recommender.iamServiceAccountInsights.update",
"recommender.locations.get",
"recommender.locations.list",
"recommender.loggingProductSuggestionContainerInsights.get",
"recommender.loggingProductSuggestionContainerInsights.list",
"recommender.loggingProductSuggestionContainerInsights.update",
"recommender.loggingProductSuggestionContainerRecommendations.get",
"recommender.loggingProductSuggestionContainerRecommendations.list",
"recommender.loggingProductSuggestionContainerRecommendations.update",
"recommender.monitoringProductSuggestionComputeInsights.get",
"recommender.monitoringProductSuggestionComputeInsights.list",
"recommender.monitoringProductSuggestionComputeInsights.update",
"recommender.monitoringProductSuggestionComputeRecommendations.get",
"recommender.monitoringProductSuggestionComputeRecommendations.list",
"recommender.monitoringProductSuggestionComputeRecommendations.update",
"recommender.resourcemanagerProjectUtilizationInsights.get",
"recommender.resourcemanagerProjectUtilizationInsights.list",
"recommender.resourcemanagerProjectUtilizationInsights.update",
"recommender.resourcemanagerProjectUtilizationRecommendations.get",
"recommender.resourcemanagerProjectUtilizationRecommendations.list",
"recommender.resourcemanagerProjectUtilizationRecommendations.update",
"recommender.usageCommitmentRecommendations.get",
"recommender.usageCommitmentRecommendations.list",
"recommender.usageCommitmentRecommendations.update",
"redis.instances.create",
"redis.instances.delete",
"redis.instances.export",
"redis.instances.failover",
"redis.instances.get",
"redis.instances.getAuthString",
"redis.instances.import",
"redis.instances.list",
"redis.instances.rescheduleMaintenance",
"redis.instances.update",
"redis.instances.updateAuth",
"redis.instances.upgrade",
"redis.locations.get",
"redis.locations.list",
"redis.operations.cancel",
"redis.operations.delete",
"redis.operations.get",
"redis.operations.list",
"remotebuildexecution.actions.create",
"remotebuildexecution.actions.delete",
"remotebuildexecution.actions.get",
"remotebuildexecution.actions.update",
"remotebuildexecution.blobs.create",
"remotebuildexecution.blobs.get",
"remotebuildexecution.botsessions.create",
"remotebuildexecution.botsessions.update",
"remotebuildexecution.instances.create",
"remotebuildexecution.instances.get",
"remotebuildexecution.instances.list",
"remotebuildexecution.logstreams.create",
"remotebuildexecution.logstreams.get",
"remotebuildexecution.logstreams.update",
"remotebuildexecution.workerpools.create",
"remotebuildexecution.workerpools.get",
"remotebuildexecution.workerpools.list",
"remotebuildexecution.workerpools.update",
"resourcemanager.hierarchyNodes.createTagBinding",
"resourcemanager.hierarchyNodes.deleteTagBinding",
"resourcemanager.hierarchyNodes.listTagBindings",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"resourcemanager.projects.move",
"resourcemanager.projects.update",
"resourcemanager.tagKeys.create",
"resourcemanager.tagKeys.delete",
"resourcemanager.tagKeys.get",
"resourcemanager.tagKeys.getIamPolicy",
"resourcemanager.tagKeys.list",
"resourcemanager.tagKeys.update",
"resourcemanager.tagValueBindings.create",
"resourcemanager.tagValueBindings.delete",
"resourcemanager.tagValues.create",
"resourcemanager.tagValues.delete",
"resourcemanager.tagValues.get",
"resourcemanager.tagValues.getIamPolicy",
"resourcemanager.tagValues.list",
"resourcemanager.tagValues.update",
"resourcesettings.settings.get",
"resourcesettings.settings.list",
"retail.catalogs.list",
"retail.catalogs.update",
"retail.operations.get",
"retail.operations.list",
"retail.placements.predict",
"retail.products.create",
"retail.products.delete",
"retail.products.export",
"retail.products.get",
"retail.products.import",
"retail.products.list",
"retail.products.update",
"retail.userEvents.create",
"retail.userEvents.import",
"retail.userEvents.purge",
"retail.userEvents.rejoin",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.delete",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.invoke",
"run.routes.list",
"run.services.create",
"run.services.delete",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"run.services.update",
"runtimeconfig.configs.create",
"runtimeconfig.configs.delete",
"runtimeconfig.configs.get",
"runtimeconfig.configs.list",
"runtimeconfig.configs.update",
"runtimeconfig.operations.get",
"runtimeconfig.operations.list",
"runtimeconfig.variables.create",
"runtimeconfig.variables.delete",
"runtimeconfig.variables.get",
"runtimeconfig.variables.list",
"runtimeconfig.variables.update",
"runtimeconfig.variables.watch",
"runtimeconfig.waiters.create",
"runtimeconfig.waiters.delete",
"runtimeconfig.waiters.get",
"runtimeconfig.waiters.list",
"runtimeconfig.waiters.update",
"secretmanager.locations.get",
"secretmanager.locations.list",
"secretmanager.secrets.create",
"secretmanager.secrets.delete",
"secretmanager.secrets.get",
"secretmanager.secrets.getIamPolicy",
"secretmanager.secrets.list",
"secretmanager.secrets.update",
"secretmanager.versions.add",
"secretmanager.versions.destroy",
"secretmanager.versions.disable",
"secretmanager.versions.enable",
"secretmanager.versions.get",
"secretmanager.versions.list",
"securitycenter.assets.group",
"securitycenter.assets.list",
"securitycenter.assets.listAssetPropertyNames",
"securitycenter.assets.runDiscovery",
"securitycenter.assetsecuritymarks.update",
"securitycenter.containerthreatdetectionsettings.calculate",
"securitycenter.containerthreatdetectionsettings.get",
"securitycenter.containerthreatdetectionsettings.update",
"securitycenter.eventthreatdetectionsettings.calculate",
"securitycenter.eventthreatdetectionsettings.get",
"securitycenter.eventthreatdetectionsettings.update",
"securitycenter.findings.group",
"securitycenter.findings.list",
"securitycenter.findings.listFindingPropertyNames",
"securitycenter.findings.setState",
"securitycenter.findings.setWorkflowState",
"securitycenter.findings.update",
"securitycenter.findingsecuritymarks.update",
"securitycenter.notificationconfig.create",
"securitycenter.notificationconfig.delete",
"securitycenter.notificationconfig.get",
"securitycenter.notificationconfig.list",
"securitycenter.notificationconfig.update",
"securitycenter.organizationsettings.get",
"securitycenter.organizationsettings.update",
"securitycenter.securitycentersettings.get",
"securitycenter.securitycentersettings.update",
"securitycenter.securityhealthanalyticssettings.calculate",
"securitycenter.securityhealthanalyticssettings.get",
"securitycenter.securityhealthanalyticssettings.update",
"securitycenter.sources.get",
"securitycenter.sources.getIamPolicy",
"securitycenter.sources.list",
"securitycenter.sources.update",
"securitycenter.subscription.get",
"securitycenter.userinterfacemetadata.get",
"securitycenter.websecurityscannersettings.calculate",
"securitycenter.websecurityscannersettings.get",
"securitycenter.websecurityscannersettings.update",
"servicebroker.bindingoperations.get",
"servicebroker.bindingoperations.list",
"servicebroker.bindings.create",
"servicebroker.bindings.delete",
"servicebroker.bindings.get",
"servicebroker.bindings.getIamPolicy",
"servicebroker.bindings.list",
"servicebroker.catalogs.create",
"servicebroker.catalogs.delete",
"servicebroker.catalogs.get",
"servicebroker.catalogs.getIamPolicy",
"servicebroker.catalogs.list",
"servicebroker.instanceoperations.get",
"servicebroker.instanceoperations.list",
"servicebroker.instances.create",
"servicebroker.instances.delete",
"servicebroker.instances.get",
"servicebroker.instances.getIamPolicy",
"servicebroker.instances.list",
"servicebroker.instances.update",
"serviceconsumermanagement.consumers.get",
"serviceconsumermanagement.quota.get",
"serviceconsumermanagement.quota.update",
"serviceconsumermanagement.tenancyu.addResource",
"serviceconsumermanagement.tenancyu.create",
"serviceconsumermanagement.tenancyu.delete",
"serviceconsumermanagement.tenancyu.list",
"serviceconsumermanagement.tenancyu.removeResource",
"servicedirectory.endpoints.create",
"servicedirectory.endpoints.delete",
"servicedirectory.endpoints.get",
"servicedirectory.endpoints.getIamPolicy",
"servicedirectory.endpoints.list",
"servicedirectory.endpoints.update",
"servicedirectory.locations.get",
"servicedirectory.locations.list",
"servicedirectory.namespaces.associatePrivateZone",
"servicedirectory.namespaces.create",
"servicedirectory.namespaces.delete",
"servicedirectory.namespaces.get",
"servicedirectory.namespaces.getIamPolicy",
"servicedirectory.namespaces.list",
"servicedirectory.namespaces.update",
"servicedirectory.services.create",
"servicedirectory.services.delete",
"servicedirectory.services.get",
"servicedirectory.services.getIamPolicy",
"servicedirectory.services.list",
"servicedirectory.services.resolve",
"servicedirectory.services.update",
"servicemanagement.services.bind",
"servicemanagement.services.check",
"servicemanagement.services.create",
"servicemanagement.services.delete",
"servicemanagement.services.get",
"servicemanagement.services.list",
"servicemanagement.services.quota",
"servicemanagement.services.report",
"servicemanagement.services.update",
"servicenetworking.operations.cancel",
"servicenetworking.operations.delete",
"servicenetworking.operations.get",
"servicenetworking.operations.list",
"servicenetworking.services.addSubnetwork",
"servicenetworking.services.get",
"serviceusage.apiKeys.regenerate",
"serviceusage.apiKeys.revert",
"serviceusage.operations.cancel",
"serviceusage.operations.delete",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.quotas.update",
"serviceusage.services.disable",
"serviceusage.services.enable",
"serviceusage.services.get",
"serviceusage.services.list",
"serviceusage.services.use",
"source.repos.get",
"source.repos.getIamPolicy",
"source.repos.list",
"source.repos.update",
"spanner.backupOperations.cancel",
"spanner.backupOperations.get",
"spanner.backupOperations.list",
"spanner.backups.create",
"spanner.backups.delete",
"spanner.backups.get",
"spanner.backups.getIamPolicy",
"spanner.backups.list",
"spanner.backups.restoreDatabase",
"spanner.backups.update",
"spanner.databaseOperations.cancel",
"spanner.databaseOperations.delete",
"spanner.databaseOperations.get",
"spanner.databaseOperations.list",
"spanner.databases.beginOrRollbackReadWriteTransaction",
"spanner.databases.beginPartitionedDmlTransaction",
"spanner.databases.beginReadOnlyTransaction",
"spanner.databases.create",
"spanner.databases.createBackup",
"spanner.databases.drop",
"spanner.databases.get",
"spanner.databases.getDdl",
"spanner.databases.getIamPolicy",
"spanner.databases.list",
"spanner.databases.partitionQuery",
"spanner.databases.partitionRead",
"spanner.databases.read",
"spanner.databases.select",
"spanner.databases.update",
"spanner.databases.updateDdl",
"spanner.databases.write",
"spanner.instanceConfigs.get",
"spanner.instanceConfigs.list",
"spanner.instanceOperations.cancel",
"spanner.instanceOperations.delete",
"spanner.instanceOperations.get",
"spanner.instanceOperations.list",
"spanner.instances.create",
"spanner.instances.delete",
"spanner.instances.get",
"spanner.instances.getIamPolicy",
"spanner.instances.list",
"spanner.instances.update",
"spanner.sessions.create",
"spanner.sessions.delete",
"spanner.sessions.get",
"spanner.sessions.list",
"stackdriver.projects.get",
"stackdriver.resourceMetadata.write",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.hmacKeys.create",
"storage.hmacKeys.delete",
"storage.hmacKeys.get",
"storage.hmacKeys.list",
"storage.hmacKeys.update",
"storagetransfer.jobs.create",
"storagetransfer.jobs.delete",
"storagetransfer.jobs.get",
"storagetransfer.jobs.list",
"storagetransfer.jobs.run",
"storagetransfer.jobs.update",
"storagetransfer.operations.cancel",
"storagetransfer.operations.get",
"storagetransfer.operations.list",
"storagetransfer.operations.pause",
"storagetransfer.operations.resume",
"storagetransfer.projects.getServiceAccount",
"subscribewithgoogledeveloper.tools.get",
"tpu.acceleratortypes.get",
"tpu.acceleratortypes.list",
"tpu.locations.get",
"tpu.locations.list",
"tpu.nodes.create",
"tpu.nodes.delete",
"tpu.nodes.get",
"tpu.nodes.list",
"tpu.nodes.reimage",
"tpu.nodes.reset",
"tpu.nodes.start",
"tpu.nodes.stop",
"tpu.operations.get",
"tpu.operations.list",
"tpu.tensorflowversions.get",
"tpu.tensorflowversions.list",
"trafficdirector.networks.getConfigs",
"trafficdirector.networks.reportMetrics",
"transcoder.jobTemplates.create",
"transcoder.jobTemplates.delete",
"transcoder.jobTemplates.get",
"transcoder.jobTemplates.list",
"transcoder.jobs.create",
"transcoder.jobs.delete",
"transcoder.jobs.get",
"transcoder.jobs.list",
"translationhub.portals.create",
"translationhub.portals.delete",
"translationhub.portals.get",
"translationhub.portals.list",
"translationhub.portals.update",
"vmmigration.cloneJobs.create",
"vmmigration.cloneJobs.get",
"vmmigration.cloneJobs.list",
"vmmigration.cloneJobs.update",
"vmmigration.cutoverJobs.create",
"vmmigration.cutoverJobs.get",
"vmmigration.cutoverJobs.list",
"vmmigration.cutoverJobs.update",
"vmmigration.datacenterConnectors.create",
"vmmigration.datacenterConnectors.delete",
"vmmigration.datacenterConnectors.get",
"vmmigration.datacenterConnectors.list",
"vmmigration.deployments.create",
"vmmigration.deployments.get",
"vmmigration.deployments.list",
"vmmigration.groups.create",
"vmmigration.groups.delete",
"vmmigration.groups.get",
"vmmigration.groups.list",
"vmmigration.groups.update",
"vmmigration.locations.get",
"vmmigration.locations.list",
"vmmigration.migratingVms.create",
"vmmigration.migratingVms.delete",
"vmmigration.migratingVms.get",
"vmmigration.migratingVms.list",
"vmmigration.migratingVms.update",
"vmmigration.operations.cancel",
"vmmigration.operations.delete",
"vmmigration.operations.get",
"vmmigration.operations.list",
"vmmigration.sources.create",
"vmmigration.sources.delete",
"vmmigration.sources.get",
"vmmigration.sources.list",
"vmmigration.sources.update",
"vmmigration.targets.create",
"vmmigration.targets.delete",
"vmmigration.targets.get",
"vmmigration.targets.list",
"vmmigration.targets.update",
"vmmigration.utilizationReports.create",
"vmmigration.utilizationReports.delete",
"vmmigration.utilizationReports.get",
"vmmigration.utilizationReports.list",
"vmwareengine.services.use",
"vmwareengine.services.view",
"vpcaccess.connectors.create",
"vpcaccess.connectors.delete",
"vpcaccess.connectors.get",
"vpcaccess.connectors.list",
"vpcaccess.connectors.use",
"vpcaccess.locations.list",
"vpcaccess.operations.get",
"vpcaccess.operations.list",
"workflows.executions.cancel",
"workflows.executions.create",
"workflows.executions.get",
"workflows.executions.list",
"workflows.locations.get",
"workflows.locations.list",
"workflows.operations.cancel",
"workflows.operations.get",
"workflows.operations.list",
"workflows.workflows.create",
"workflows.workflows.delete",
"workflows.workflows.get",
"workflows.workflows.getIamPolicy",
"workflows.workflows.list",
"workflows.workflows.update"
],
"name": "roles/editor",
"stage": "GA",
"title": "Editor"
}
{
"description": "Full access to Endpoints Portal resources",
"etag": "AA==",
"includedPermissions": [
"endpoints.portals.attachCustomDomain",
"endpoints.portals.detachCustomDomain",
"endpoints.portals.listCustomDomains",
"endpoints.portals.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"servicemanagement.services.get"
],
"name": "roles/endpoints.portalAdmin",
"stage": "BETA",
"title": "Endpoints Portal Admin"
}
{
"description": "Gives the Cloud Endpoints service account access to Endpoints services and the ability to act as a service controller.",
"etag": "AA==",
"includedPermissions": [
"servicemanagement.services.check",
"servicemanagement.services.get",
"servicemanagement.services.quota",
"servicemanagement.services.report"
],
"name": "roles/endpoints.serviceAgent",
"stage": "GA",
"title": "Cloud Endpoints Service Agent"
}
{
"description": "Can access information about Endpoints services for consumer portal management, and can read Source Repositories for consumer portal custom content.",
"etag": "AA==",
"includedPermissions": [
"servicemanagement.services.get",
"servicemanagement.services.list",
"source.repos.get"
],
"name": "roles/endpointsportal.serviceAgent",
"stage": "GA",
"title": "Endpoints Portal Service Agent"
}
{
"description": "Gives Enterprise Knowledge Graph Service Account access to consumer resources.",
"etag": "AA==",
"includedPermissions": [
"bigquery.datasets.create",
"bigquery.datasets.get",
"bigquery.readsessions.create",
"bigquery.tables.create",
"bigquery.tables.get",
"bigquery.tables.getData",
"bigquery.tables.list",
"bigquery.tables.update",
"bigquery.tables.updateData",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/enterpriseknowledgegraph.serviceAgent",
"stage": "GA",
"title": "Enterprise Knowledge Graph Service Agent"
}
{
"description": "Administrative access to Error Reporting.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"errorreporting.applications.list",
"errorreporting.errorEvents.create",
"errorreporting.errorEvents.delete",
"errorreporting.errorEvents.list",
"errorreporting.groupMetadata.get",
"errorreporting.groupMetadata.update",
"errorreporting.groups.list",
"logging.notificationRules.create",
"logging.notificationRules.delete",
"logging.notificationRules.get",
"logging.notificationRules.list",
"logging.notificationRules.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"stackdriver.projects.get"
],
"name": "roles/errorreporting.admin",
"stage": "BETA",
"title": "Error Reporting Admin"
}
{
"description": "User access to Error Reporting. Can list all errors and update their metadata. Can delete error events.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"errorreporting.applications.list",
"errorreporting.errorEvents.delete",
"errorreporting.errorEvents.list",
"errorreporting.groupMetadata.get",
"errorreporting.groupMetadata.update",
"errorreporting.groups.list",
"logging.notificationRules.get",
"logging.notificationRules.list",
"logging.notificationRules.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"stackdriver.projects.get"
],
"name": "roles/errorreporting.user",
"stage": "BETA",
"title": "Error Reporting User"
}
{
"description": "Read-only access to all Error Reporting data.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"errorreporting.applications.list",
"errorreporting.errorEvents.list",
"errorreporting.groupMetadata.get",
"errorreporting.groups.list",
"logging.notificationRules.get",
"logging.notificationRules.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"stackdriver.projects.get"
],
"name": "roles/errorreporting.viewer",
"stage": "BETA",
"title": "Error Reporting Viewer"
}
{
"description": "Can send error events to Error Reporting. Intended for service accounts.",
"etag": "AA==",
"includedPermissions": [
"errorreporting.errorEvents.create"
],
"name": "roles/errorreporting.writer",
"stage": "BETA",
"title": "Error Reporting Writer"
}
{
"description": "Full access to all essential contacts",
"etag": "AA==",
"includedPermissions": [
"essentialcontacts.contacts.create",
"essentialcontacts.contacts.delete",
"essentialcontacts.contacts.get",
"essentialcontacts.contacts.list",
"essentialcontacts.contacts.send",
"essentialcontacts.contacts.update"
],
"name": "roles/essentialcontacts.admin",
"stage": "GA",
"title": "Essential Contacts Admin"
}
{
"description": "Viewer for all essential contacts",
"etag": "AA==",
"includedPermissions": [
"essentialcontacts.contacts.get",
"essentialcontacts.contacts.list"
],
"name": "roles/essentialcontacts.viewer",
"stage": "GA",
"title": "Essential Contacts Viewer"
}
{
"description": "Full control over all Eventarc resources.",
"etag": "AA==",
"includedPermissions": [
"eventarc.events.receiveAuditLogWritten",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.setIamPolicy",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/eventarc.admin",
"stage": "BETA",
"title": "Eventarc Admin"
}
{
"description": "Access to read and write Eventarc resources.",
"etag": "AA==",
"includedPermissions": [
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/eventarc.developer",
"stage": "BETA",
"title": "Eventarc Developer"
}
{
"description": "Can receive events from all event providers.",
"etag": "AA==",
"includedPermissions": [
"eventarc.events.receiveAuditLogWritten"
],
"name": "roles/eventarc.eventReceiver",
"stage": "BETA",
"title": "Eventarc Event Receiver"
}
{
"description": "Gives Eventarc service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"iam.serviceAccounts.actAs",
"iam.serviceAccounts.getAccessToken",
"pubsub.subscriptions.create",
"pubsub.subscriptions.delete",
"pubsub.subscriptions.get",
"pubsub.subscriptions.list",
"pubsub.subscriptions.update",
"pubsub.topics.attachSubscription",
"pubsub.topics.create",
"pubsub.topics.delete",
"pubsub.topics.get",
"pubsub.topics.list",
"pubsub.topics.publish",
"pubsub.topics.update",
"run.services.get",
"serviceusage.services.use",
"storage.buckets.get",
"storage.buckets.update"
],
"name": "roles/eventarc.serviceAgent",
"stage": "GA",
"title": "Eventarc Service Agent"
}
{
"description": "Can view the state of all Eventarc resources, including IAM policies.",
"etag": "AA==",
"includedPermissions": [
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/eventarc.viewer",
"stage": "BETA",
"title": "Eventarc Viewer"
}
{
"description": "Read-write access to Filestore instances and related resources.",
"etag": "AA==",
"includedPermissions": [
"file.backups.create",
"file.backups.delete",
"file.backups.get",
"file.backups.list",
"file.backups.update",
"file.instances.create",
"file.instances.delete",
"file.instances.get",
"file.instances.list",
"file.instances.restore",
"file.instances.update",
"file.locations.get",
"file.locations.list",
"file.operations.cancel",
"file.operations.delete",
"file.operations.get",
"file.operations.list",
"file.snapshots.create",
"file.snapshots.delete",
"file.snapshots.get",
"file.snapshots.list",
"file.snapshots.update"
],
"name": "roles/file.editor",
"stage": "BETA",
"title": "Cloud Filestore Editor"
}
{
"description": "Gives Cloud Filestore service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"compute.globalOperations.get",
"compute.networks.addPeering",
"compute.networks.get",
"compute.networks.removePeering",
"compute.networks.update",
"compute.networks.updatePeering",
"compute.routes.list",
"monitoring.metricDescriptors.create",
"monitoring.metricDescriptors.get",
"monitoring.metricDescriptors.list",
"monitoring.monitoredResourceDescriptors.get",
"monitoring.monitoredResourceDescriptors.list",
"monitoring.timeSeries.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/file.serviceAgent",
"stage": "GA",
"title": "Cloud Filestore Service Agent"
}
{
"description": "Read-only access to Filestore instances and related resources.",
"etag": "AA==",
"includedPermissions": [
"file.backups.get",
"file.backups.list",
"file.instances.get",
"file.instances.list",
"file.locations.get",
"file.locations.list",
"file.operations.get",
"file.operations.list",
"file.snapshots.get",
"file.snapshots.list"
],
"name": "roles/file.viewer",
"stage": "BETA",
"title": "Cloud Filestore Viewer"
}
{
"description": "Full access to Firebase products.",
"etag": "AA==",
"includedPermissions": [
"apikeys.keys.get",
"apikeys.keys.list",
"apikeys.keys.lookup",
"appengine.applications.get",
"automl.annotationSpecs.create",
"automl.annotationSpecs.delete",
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotationSpecs.update",
"automl.annotations.approve",
"automl.annotations.create",
"automl.annotations.list",
"automl.annotations.manipulate",
"automl.annotations.reject",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.columnSpecs.update",
"automl.datasets.create",
"automl.datasets.delete",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.getIamPolicy",
"automl.datasets.import",
"automl.datasets.list",
"automl.datasets.setIamPolicy",
"automl.datasets.update",
"automl.examples.delete",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.create",
"automl.humanAnnotationTasks.delete",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.getIamPolicy",
"automl.locations.list",
"automl.locations.setIamPolicy",
"automl.modelEvaluations.create",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.create",
"automl.models.delete",
"automl.models.deploy",
"automl.models.export",
"automl.models.get",
"automl.models.getIamPolicy",
"automl.models.list",
"automl.models.predict",
"automl.models.setIamPolicy",
"automl.models.undeploy",
"automl.operations.cancel",
"automl.operations.delete",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"automl.tableSpecs.update",
"clientauthconfig.brands.get",
"clientauthconfig.brands.list",
"clientauthconfig.brands.update",
"clientauthconfig.clients.create",
"clientauthconfig.clients.delete",
"clientauthconfig.clients.get",
"clientauthconfig.clients.list",
"clientauthconfig.clients.update",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudconfig.configs.get",
"cloudconfig.configs.update",
"cloudfunctions.functions.call",
"cloudfunctions.functions.create",
"cloudfunctions.functions.delete",
"cloudfunctions.functions.get",
"cloudfunctions.functions.getIamPolicy",
"cloudfunctions.functions.invoke",
"cloudfunctions.functions.list",
"cloudfunctions.functions.setIamPolicy",
"cloudfunctions.functions.sourceCodeGet",
"cloudfunctions.functions.sourceCodeSet",
"cloudfunctions.functions.update",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"cloudmessaging.messages.create",
"cloudnotifications.activities.list",
"cloudtestservice.environmentcatalog.get",
"cloudtestservice.matrices.create",
"cloudtestservice.matrices.get",
"cloudtestservice.matrices.update",
"cloudtoolresults.executions.create",
"cloudtoolresults.executions.get",
"cloudtoolresults.executions.list",
"cloudtoolresults.executions.update",
"cloudtoolresults.histories.create",
"cloudtoolresults.histories.get",
"cloudtoolresults.histories.list",
"cloudtoolresults.settings.create",
"cloudtoolresults.settings.get",
"cloudtoolresults.settings.update",
"cloudtoolresults.steps.create",
"cloudtoolresults.steps.get",
"cloudtoolresults.steps.list",
"cloudtoolresults.steps.update",
"datastore.databases.create",
"datastore.databases.delete",
"datastore.databases.export",
"datastore.databases.get",
"datastore.databases.getIamPolicy",
"datastore.databases.import",
"datastore.databases.list",
"datastore.databases.setIamPolicy",
"datastore.databases.update",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.create",
"datastore.indexes.delete",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.indexes.update",
"datastore.locations.get",
"datastore.locations.list",
"datastore.namespaces.get",
"datastore.namespaces.getIamPolicy",
"datastore.namespaces.list",
"datastore.namespaces.setIamPolicy",
"datastore.operations.cancel",
"datastore.operations.delete",
"datastore.operations.get",
"datastore.operations.list",
"datastore.statistics.get",
"datastore.statistics.list",
"errorreporting.groups.list",
"eventarc.events.receiveAuditLogWritten",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.setIamPolicy",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"fcmdata.deliverydata.list",
"firebase.billingPlans.get",
"firebase.billingPlans.update",
"firebase.clients.create",
"firebase.clients.delete",
"firebase.clients.get",
"firebase.clients.list",
"firebase.clients.update",
"firebase.links.create",
"firebase.links.delete",
"firebase.links.list",
"firebase.links.update",
"firebase.projects.delete",
"firebase.projects.get",
"firebase.projects.update",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.create",
"firebaseabt.experiments.delete",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.experiments.update",
"firebaseabt.projectmetadata.get",
"firebaseanalytics.resources.googleAnalyticsEdit",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.debugTokens.update",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.deviceCheckConfig.update",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.recaptchaConfig.update",
"firebaseappcheck.services.get",
"firebaseappcheck.services.update",
"firebaseappdistro.groups.list",
"firebaseappdistro.groups.update",
"firebaseappdistro.releases.list",
"firebaseappdistro.releases.update",
"firebaseappdistro.testers.list",
"firebaseappdistro.testers.update",
"firebaseauth.configs.create",
"firebaseauth.configs.get",
"firebaseauth.configs.getHashConfig",
"firebaseauth.configs.update",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
"firebasecrash.issues.update",
"firebasecrash.reports.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.config.update",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.issues.update",
"firebasecrashlytics.sessions.get",
"firebasedatabase.instances.create",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebasedatabase.instances.update",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.destinations.update",
"firebasedynamiclinks.domains.create",
"firebasedynamiclinks.domains.delete",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.domains.update",
"firebasedynamiclinks.links.create",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.links.update",
"firebasedynamiclinks.stats.get",
"firebaseextensions.configs.create",
"firebaseextensions.configs.delete",
"firebaseextensions.configs.list",
"firebaseextensions.configs.update",
"firebasehosting.sites.create",
"firebasehosting.sites.delete",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebasehosting.sites.update",
"firebaseinappmessaging.campaigns.create",
"firebaseinappmessaging.campaigns.delete",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"firebaseinappmessaging.campaigns.update",
"firebaseml.compressionjobs.create",
"firebaseml.compressionjobs.delete",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.compressionjobs.start",
"firebaseml.compressionjobs.update",
"firebaseml.models.create",
"firebaseml.models.delete",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.create",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebaseml.modelversions.update",
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
"firebaseperformance.config.create",
"firebaseperformance.config.delete",
"firebaseperformance.config.update",
"firebaseperformance.data.get",
"firebasepredictions.predictions.create",
"firebasepredictions.predictions.delete",
"firebasepredictions.predictions.list",
"firebasepredictions.predictions.update",
"firebaserules.releases.create",
"firebaserules.releases.delete",
"firebaserules.releases.get",
"firebaserules.releases.getExecutable",
"firebaserules.releases.list",
"firebaserules.releases.update",
"firebaserules.rulesets.create",
"firebaserules.rulesets.delete",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"firebaserules.rulesets.test",
"firebasestorage.buckets.addFirebase",
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"firebasestorage.buckets.removeFirebase",
"logging.logEntries.list",
"monitoring.timeSeries.list",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.delete",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.invoke",
"run.routes.list",
"run.services.create",
"run.services.delete",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"run.services.setIamPolicy",
"run.services.update",
"runtimeconfig.configs.create",
"runtimeconfig.configs.delete",
"runtimeconfig.configs.get",
"runtimeconfig.configs.list",
"runtimeconfig.configs.update",
"runtimeconfig.operations.get",
"runtimeconfig.operations.list",
"runtimeconfig.variables.create",
"runtimeconfig.variables.delete",
"runtimeconfig.variables.get",
"runtimeconfig.variables.list",
"runtimeconfig.variables.update",
"runtimeconfig.variables.watch",
"runtimeconfig.waiters.create",
"runtimeconfig.waiters.delete",
"runtimeconfig.waiters.get",
"runtimeconfig.waiters.list",
"runtimeconfig.waiters.update",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/firebase.admin",
"stage": "GA",
"title": "Firebase Admin"
}
{
"description": "Full access to Google Analytics for Firebase.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseanalytics.resources.googleAnalyticsEdit",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseextensions.configs.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/firebase.analyticsAdmin",
"stage": "GA",
"title": "Firebase Analytics Admin"
}
{
"description": "Read access to Google Analytics for Firebase.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseextensions.configs.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list"
],
"name": "roles/firebase.analyticsViewer",
"stage": "GA",
"title": "Firebase Analytics Viewer"
}
{
"description": "Read and write access to Firebase App Distribution with the Admin SDK",
"etag": "AA==",
"includedPermissions": [
"firebaseappdistro.groups.list",
"firebaseappdistro.groups.update",
"firebaseappdistro.releases.list",
"firebaseappdistro.releases.update",
"firebaseappdistro.testers.list",
"firebaseappdistro.testers.update"
],
"name": "roles/firebase.appDistributionSdkServiceAgent",
"stage": "GA",
"title": "Firebase App Distribution Admin SDK Service Agent"
}
{
"description": "Full access to Firebase Develop products and Analytics.",
"etag": "AA==",
"includedPermissions": [
"apikeys.keys.get",
"apikeys.keys.list",
"apikeys.keys.lookup",
"appengine.applications.get",
"automl.annotationSpecs.create",
"automl.annotationSpecs.delete",
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotationSpecs.update",
"automl.annotations.approve",
"automl.annotations.create",
"automl.annotations.list",
"automl.annotations.manipulate",
"automl.annotations.reject",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.columnSpecs.update",
"automl.datasets.create",
"automl.datasets.delete",
"automl.datasets.export",
"automl.datasets.get",
"automl.datasets.getIamPolicy",
"automl.datasets.import",
"automl.datasets.list",
"automl.datasets.setIamPolicy",
"automl.datasets.update",
"automl.examples.delete",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.create",
"automl.humanAnnotationTasks.delete",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.getIamPolicy",
"automl.locations.list",
"automl.locations.setIamPolicy",
"automl.modelEvaluations.create",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.create",
"automl.models.delete",
"automl.models.deploy",
"automl.models.export",
"automl.models.get",
"automl.models.getIamPolicy",
"automl.models.list",
"automl.models.predict",
"automl.models.setIamPolicy",
"automl.models.undeploy",
"automl.operations.cancel",
"automl.operations.delete",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"automl.tableSpecs.update",
"clientauthconfig.brands.get",
"clientauthconfig.brands.list",
"clientauthconfig.brands.update",
"clientauthconfig.clients.get",
"clientauthconfig.clients.list",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudfunctions.functions.call",
"cloudfunctions.functions.create",
"cloudfunctions.functions.delete",
"cloudfunctions.functions.get",
"cloudfunctions.functions.getIamPolicy",
"cloudfunctions.functions.invoke",
"cloudfunctions.functions.list",
"cloudfunctions.functions.setIamPolicy",
"cloudfunctions.functions.sourceCodeGet",
"cloudfunctions.functions.sourceCodeSet",
"cloudfunctions.functions.update",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"cloudnotifications.activities.list",
"datastore.databases.create",
"datastore.databases.delete",
"datastore.databases.export",
"datastore.databases.get",
"datastore.databases.getIamPolicy",
"datastore.databases.import",
"datastore.databases.list",
"datastore.databases.setIamPolicy",
"datastore.databases.update",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.create",
"datastore.indexes.delete",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.indexes.update",
"datastore.locations.get",
"datastore.locations.list",
"datastore.namespaces.get",
"datastore.namespaces.getIamPolicy",
"datastore.namespaces.list",
"datastore.namespaces.setIamPolicy",
"datastore.operations.cancel",
"datastore.operations.delete",
"datastore.operations.get",
"datastore.operations.list",
"datastore.statistics.get",
"datastore.statistics.list",
"errorreporting.groups.list",
"eventarc.events.receiveAuditLogWritten",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.cancel",
"eventarc.operations.delete",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.create",
"eventarc.triggers.delete",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"eventarc.triggers.setIamPolicy",
"eventarc.triggers.undelete",
"eventarc.triggers.update",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseanalytics.resources.googleAnalyticsEdit",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.debugTokens.update",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.deviceCheckConfig.update",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.recaptchaConfig.update",
"firebaseappcheck.services.get",
"firebaseappcheck.services.update",
"firebaseauth.configs.create",
"firebaseauth.configs.get",
"firebaseauth.configs.getHashConfig",
"firebaseauth.configs.update",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
"firebasedatabase.instances.create",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebasedatabase.instances.update",
"firebaseextensions.configs.list",
"firebasehosting.sites.create",
"firebasehosting.sites.delete",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebasehosting.sites.update",
"firebaseml.compressionjobs.create",
"firebaseml.compressionjobs.delete",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.compressionjobs.start",
"firebaseml.compressionjobs.update",
"firebaseml.models.create",
"firebaseml.models.delete",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.create",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebaseml.modelversions.update",
"firebaserules.releases.create",
"firebaserules.releases.delete",
"firebaserules.releases.get",
"firebaserules.releases.getExecutable",
"firebaserules.releases.list",
"firebaserules.releases.update",
"firebaserules.rulesets.create",
"firebaserules.rulesets.delete",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"firebaserules.rulesets.test",
"firebasestorage.buckets.addFirebase",
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"firebasestorage.buckets.removeFirebase",
"logging.logEntries.list",
"monitoring.timeSeries.list",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.delete",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.invoke",
"run.routes.list",
"run.services.create",
"run.services.delete",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"run.services.setIamPolicy",
"run.services.update",
"runtimeconfig.configs.create",
"runtimeconfig.configs.delete",
"runtimeconfig.configs.get",
"runtimeconfig.configs.list",
"runtimeconfig.configs.update",
"runtimeconfig.operations.get",
"runtimeconfig.operations.list",
"runtimeconfig.variables.create",
"runtimeconfig.variables.delete",
"runtimeconfig.variables.get",
"runtimeconfig.variables.list",
"runtimeconfig.variables.update",
"runtimeconfig.variables.watch",
"runtimeconfig.waiters.create",
"runtimeconfig.waiters.delete",
"runtimeconfig.waiters.get",
"runtimeconfig.waiters.list",
"runtimeconfig.waiters.update",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.buckets.create",
"storage.buckets.createTagBinding",
"storage.buckets.delete",
"storage.buckets.deleteTagBinding",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.listTagBindings",
"storage.buckets.setIamPolicy",
"storage.buckets.update",
"storage.multipartUploads.abort",
"storage.multipartUploads.create",
"storage.multipartUploads.list",
"storage.multipartUploads.listParts",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/firebase.developAdmin",
"stage": "GA",
"title": "Firebase Develop Admin"
}
{
"description": "Read access to Firebase Develop products and Analytics.",
"etag": "AA==",
"includedPermissions": [
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotations.list",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.datasets.get",
"automl.datasets.list",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.list",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.get",
"automl.models.list",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"clientauthconfig.brands.get",
"clientauthconfig.brands.list",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudfunctions.functions.get",
"cloudfunctions.functions.list",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"cloudnotifications.activities.list",
"datastore.databases.get",
"datastore.databases.getIamPolicy",
"datastore.databases.list",
"datastore.entities.get",
"datastore.entities.list",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.namespaces.get",
"datastore.namespaces.getIamPolicy",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"errorreporting.groups.list",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.services.get",
"firebaseauth.configs.get",
"firebaseauth.users.get",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebaseextensions.configs.list",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebaserules.releases.get",
"firebaserules.releases.list",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"logging.logEntries.list",
"monitoring.timeSeries.list",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.list",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list"
],
"name": "roles/firebase.developViewer",
"stage": "GA",
"title": "Firebase Develop Viewer"
}
{
"description": "Full access to Firebase Grow products and Analytics.",
"etag": "AA==",
"includedPermissions": [
"clientauthconfig.clients.get",
"clientauthconfig.clients.list",
"cloudconfig.configs.get",
"cloudconfig.configs.update",
"cloudmessaging.messages.create",
"cloudnotifications.activities.list",
"fcmdata.deliverydata.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.create",
"firebaseabt.experiments.delete",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.experiments.update",
"firebaseabt.projectmetadata.get",
"firebaseanalytics.resources.googleAnalyticsEdit",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.destinations.update",
"firebasedynamiclinks.domains.create",
"firebasedynamiclinks.domains.delete",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.domains.update",
"firebasedynamiclinks.links.create",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.links.update",
"firebasedynamiclinks.stats.get",
"firebaseextensions.configs.list",
"firebaseinappmessaging.campaigns.create",
"firebaseinappmessaging.campaigns.delete",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"firebaseinappmessaging.campaigns.update",
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
"firebasepredictions.predictions.create",
"firebasepredictions.predictions.delete",
"firebasepredictions.predictions.list",
"firebasepredictions.predictions.update",
"monitoring.timeSeries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/firebase.growthAdmin",
"stage": "GA",
"title": "Firebase Grow Admin"
}
{
"description": "Read access to Firebase Grow products and Analytics.",
"etag": "AA==",
"includedPermissions": [
"cloudconfig.configs.get",
"cloudnotifications.activities.list",
"fcmdata.deliverydata.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.projectmetadata.get",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.stats.get",
"firebaseextensions.configs.list",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasepredictions.predictions.list",
"monitoring.timeSeries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/firebase.growthViewer",
"stage": "GA",
"title": "Firebase Grow Viewer"
}
{
"description": "Access to create new service agents for Firebase projects; assign roles to service agents; provision GCP resources as required by Firebase services.",
"etag": "AA==",
"includedPermissions": [
"apikeys.keys.create",
"apikeys.keys.get",
"apikeys.keys.list",
"apikeys.keys.update",
"appengine.applications.create",
"appengine.applications.get",
"appengine.applications.update",
"appengine.operations.get",
"appengine.services.list",
"clientauthconfig.brands.create",
"clientauthconfig.brands.update",
"clientauthconfig.clients.create",
"clientauthconfig.clients.getWithSecret",
"clientauthconfig.clients.list",
"clientauthconfig.clients.update",
"firebase.clients.create",
"firebase.clients.delete",
"firebase.clients.get",
"firebase.projects.delete",
"firebase.projects.get",
"firebase.projects.update",
"firebaseauth.configs.create",
"firebaseauth.configs.get",
"firebaseauth.configs.update",
"firebaserules.releases.create",
"firebaserules.releases.delete",
"firebaserules.releases.get",
"firebaserules.rulesets.create",
"iam.roles.get",
"iam.serviceAccounts.create",
"iam.serviceAccounts.get",
"iam.serviceAccounts.list",
"resourcemanager.organizations.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.setIamPolicy",
"resourcemanager.projects.update",
"servicemanagement.services.bind",
"serviceusage.services.enable",
"serviceusage.services.get",
"storage.buckets.create",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.setIamPolicy"
],
"name": "roles/firebase.managementServiceAgent",
"stage": "GA",
"title": "Firebase Service Management Service Agent"
}
{
"description": "Full access to Firebase Quality products and Analytics.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseanalytics.resources.googleAnalyticsEdit",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappdistro.groups.list",
"firebaseappdistro.groups.update",
"firebaseappdistro.releases.list",
"firebaseappdistro.releases.update",
"firebaseappdistro.testers.list",
"firebaseappdistro.testers.update",
"firebasecrash.issues.update",
"firebasecrash.reports.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.config.update",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.issues.update",
"firebasecrashlytics.sessions.get",
"firebaseextensions.configs.list",
"firebaseperformance.config.create",
"firebaseperformance.config.delete",
"firebaseperformance.config.update",
"firebaseperformance.data.get",
"monitoring.timeSeries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/firebase.qualityAdmin",
"stage": "GA",
"title": "Firebase Quality Admin"
}
{
"description": "Read access to Firebase Quality products and Analytics.",
"etag": "AA==",
"includedPermissions": [
"cloudnotifications.activities.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappdistro.groups.list",
"firebaseappdistro.releases.list",
"firebaseappdistro.testers.list",
"firebasecrash.reports.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.sessions.get",
"firebaseextensions.configs.list",
"firebaseperformance.data.get",
"monitoring.timeSeries.list",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/firebase.qualityViewer",
"stage": "GA",
"title": "Firebase Quality Viewer"
}
{
"description": "Read and write access to Firebase products available in the Admin SDK",
"etag": "AA==",
"includedPermissions": [
"appengine.applications.get",
"cloudconfig.configs.get",
"cloudconfig.configs.update",
"cloudmessaging.messages.create",
"datastore.databases.get",
"datastore.databases.list",
"datastore.entities.allocateIds",
"datastore.entities.create",
"datastore.entities.delete",
"datastore.entities.get",
"datastore.entities.list",
"datastore.entities.update",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.namespaces.get",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"firebase.clients.create",
"firebase.clients.delete",
"firebase.clients.get",
"firebase.clients.list",
"firebase.clients.update",
"firebase.projects.get",
"firebase.projects.update",
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.debugTokens.update",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.deviceCheckConfig.update",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.recaptchaConfig.update",
"firebaseappcheck.services.get",
"firebaseappcheck.services.update",
"firebaseauth.configs.create",
"firebaseauth.configs.get",
"firebaseauth.configs.update",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
"firebasedatabase.instances.create",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebasedatabase.instances.update",
"firebasehosting.sites.create",
"firebasehosting.sites.delete",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebasehosting.sites.update",
"firebaseml.compressionjobs.create",
"firebaseml.compressionjobs.delete",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.compressionjobs.start",
"firebaseml.compressionjobs.update",
"firebaseml.models.create",
"firebaseml.models.delete",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.create",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebaseml.modelversions.update",
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
"firebaserules.releases.get",
"firebaserules.releases.list",
"firebaserules.releases.update",
"firebaserules.rulesets.create",
"firebaserules.rulesets.delete",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"resourcemanager.projects.update",
"storage.buckets.create",
"storage.buckets.delete",
"storage.buckets.get",
"storage.buckets.list",
"storage.buckets.update",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.setIamPolicy",
"storage.objects.update"
],
"name": "roles/firebase.sdkAdminServiceAgent",
"stage": "GA",
"title": "Firebase Admin SDK Administrator Service Agent"
}
{
"description": "Access to provision apps with the Admin SDK.",
"etag": "AA==",
"includedPermissions": [
"apikeys.keys.list",
"clientauthconfig.clients.list",
"cloudmessaging.messages.create",
"firebase.clients.create",
"servicemanagement.services.bind",
"serviceusage.services.enable"
],
"name": "roles/firebase.sdkProvisioningServiceAgent",
"stage": "GA",
"title": "Firebase SDK Provisioning Service Agent"
}
{
"description": "Read-only access to Firebase products.",
"etag": "AA==",
"includedPermissions": [
"automl.annotationSpecs.get",
"automl.annotationSpecs.list",
"automl.annotations.list",
"automl.columnSpecs.get",
"automl.columnSpecs.list",
"automl.datasets.get",
"automl.datasets.list",
"automl.examples.get",
"automl.examples.list",
"automl.humanAnnotationTasks.get",
"automl.humanAnnotationTasks.list",
"automl.locations.get",
"automl.locations.list",
"automl.modelEvaluations.get",
"automl.modelEvaluations.list",
"automl.models.get",
"automl.models.list",
"automl.operations.get",
"automl.operations.list",
"automl.tableSpecs.get",
"automl.tableSpecs.list",
"clientauthconfig.brands.get",
"clientauthconfig.brands.list",
"cloudbuild.builds.get",
"cloudbuild.builds.list",
"cloudconfig.configs.get",
"cloudfunctions.functions.get",
"cloudfunctions.functions.list",
"cloudfunctions.locations.get",
"cloudfunctions.locations.list",
"cloudfunctions.operations.get",
"cloudfunctions.operations.list",
"cloudnotifications.activities.list",
"cloudtestservice.environmentcatalog.get",
"cloudtestservice.matrices.get",
"cloudtoolresults.executions.get",
"cloudtoolresults.executions.list",
"cloudtoolresults.histories.get",
"cloudtoolresults.histories.list",
"cloudtoolresults.settings.get",
"cloudtoolresults.steps.get",
"cloudtoolresults.steps.list",
"datastore.databases.get",
"datastore.databases.getIamPolicy",
"datastore.databases.list",
"datastore.entities.get",
"datastore.entities.list",
"datastore.indexes.get",
"datastore.indexes.list",
"datastore.namespaces.get",
"datastore.namespaces.getIamPolicy",
"datastore.namespaces.list",
"datastore.statistics.get",
"datastore.statistics.list",
"errorreporting.groups.list",
"eventarc.locations.get",
"eventarc.locations.list",
"eventarc.operations.get",
"eventarc.operations.list",
"eventarc.triggers.get",
"eventarc.triggers.getIamPolicy",
"eventarc.triggers.list",
"fcmdata.deliverydata.list",
"firebase.billingPlans.get",
"firebase.clients.get",
"firebase.clients.list",
"firebase.links.list",
"firebase.projects.get",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.projectmetadata.get",
"firebaseanalytics.resources.googleAnalyticsReadAndAnalyze",
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.services.get",
"firebaseappdistro.groups.list",
"firebaseappdistro.releases.list",
"firebaseappdistro.testers.list",
"firebaseauth.configs.get",
"firebaseauth.users.get",
"firebasecrash.reports.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.sessions.get",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.stats.get",
"firebaseextensions.configs.list",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebaseperformance.data.get",
"firebasepredictions.predictions.list",
"firebaserules.releases.get",
"firebaserules.releases.list",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"logging.logEntries.list",
"monitoring.timeSeries.list",
"recommender.locations.get",
"recommender.locations.list",
"remotebuildexecution.blobs.get",
"resourcemanager.projects.get",
"resourcemanager.projects.getIamPolicy",
"resourcemanager.projects.list",
"run.configurations.get",
"run.configurations.list",
"run.locations.list",
"run.revisions.get",
"run.revisions.list",
"run.routes.get",
"run.routes.list",
"run.services.get",
"run.services.getIamPolicy",
"run.services.list",
"serviceusage.operations.get",
"serviceusage.operations.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list"
],
"name": "roles/firebase.viewer",
"stage": "GA",
"title": "Firebase Viewer"
}
{
"description": "Full read/write access to Firebase A/B Testing resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.create",
"firebaseabt.experiments.delete",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.experiments.update",
"firebaseabt.projectmetadata.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseabt.admin",
"stage": "BETA",
"title": "Firebase A/B Testing Admin"
}
{
"description": "Read-only access to Firebase A/B Testing resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseabt.experimentresults.get",
"firebaseabt.experiments.get",
"firebaseabt.experiments.list",
"firebaseabt.projectmetadata.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseabt.viewer",
"stage": "BETA",
"title": "Firebase A/B Testing Viewer"
}
{
"description": "Full management of Firebase App Check.",
"etag": "AA==",
"includedPermissions": [
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.debugTokens.update",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.deviceCheckConfig.update",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.recaptchaConfig.update",
"firebaseappcheck.services.get",
"firebaseappcheck.services.update"
],
"name": "roles/firebaseappcheck.admin",
"stage": "BETA",
"title": "Firebase App Check Admin"
}
{
"description": "Read-only access for Firebase App Check.",
"etag": "AA==",
"includedPermissions": [
"firebaseappcheck.debugTokens.get",
"firebaseappcheck.deviceCheckConfig.get",
"firebaseappcheck.recaptchaConfig.get",
"firebaseappcheck.services.get"
],
"name": "roles/firebaseappcheck.viewer",
"stage": "BETA",
"title": "Firebase App Check Viewer"
}
{
"description": "Full read/write access to Firebase App Distribution resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseappdistro.groups.list",
"firebaseappdistro.groups.update",
"firebaseappdistro.releases.list",
"firebaseappdistro.releases.update",
"firebaseappdistro.testers.list",
"firebaseappdistro.testers.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseappdistro.admin",
"stage": "BETA",
"title": "Firebase App Distribution Admin"
}
{
"description": "Read-only access to Firebase App Distribution resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseappdistro.groups.list",
"firebaseappdistro.releases.list",
"firebaseappdistro.testers.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseappdistro.viewer",
"stage": "BETA",
"title": "Firebase App Distribution Viewer"
}
{
"description": "Full read/write access to Firebase Authentication resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseauth.configs.create",
"firebaseauth.configs.get",
"firebaseauth.configs.getHashConfig",
"firebaseauth.configs.update",
"firebaseauth.users.create",
"firebaseauth.users.createSession",
"firebaseauth.users.delete",
"firebaseauth.users.get",
"firebaseauth.users.sendEmail",
"firebaseauth.users.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseauth.admin",
"stage": "GA",
"title": "Firebase Authentication Admin"
}
{
"description": "Read-only access to Firebase Authentication resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseauth.configs.get",
"firebaseauth.users.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseauth.viewer",
"stage": "GA",
"title": "Firebase Authentication Viewer"
}
{
"description": "Full read/write access to symbol mapping file resources for Firebase Crash Reporting.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"resourcemanager.projects.get"
],
"name": "roles/firebasecrash.symbolMappingsAdmin",
"stage": "GA",
"title": "Firebase Crash Symbol Uploader"
}
{
"description": "Full read/write access to Firebase Crashlytics resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.config.update",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.issues.update",
"firebasecrashlytics.sessions.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasecrashlytics.admin",
"stage": "GA",
"title": "Firebase Crashlytics Admin"
}
{
"description": "Read-only access to Firebase Crashlytics resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasecrashlytics.config.get",
"firebasecrashlytics.data.get",
"firebasecrashlytics.issues.get",
"firebasecrashlytics.issues.list",
"firebasecrashlytics.sessions.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasecrashlytics.viewer",
"stage": "GA",
"title": "Firebase Crashlytics Viewer"
}
{
"description": "Full read/write access to Firebase Realtime Database resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasedatabase.instances.create",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"firebasedatabase.instances.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasedatabase.admin",
"stage": "GA",
"title": "Firebase Realtime Database Admin"
}
{
"description": "Read-only access to Firebase Realtime Database resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasedatabase.instances.get",
"firebasedatabase.instances.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasedatabase.viewer",
"stage": "GA",
"title": "Firebase Realtime Database Viewer"
}
{
"description": "Full read/write access to Firebase Dynamic Links resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.destinations.update",
"firebasedynamiclinks.domains.create",
"firebasedynamiclinks.domains.delete",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.domains.update",
"firebasedynamiclinks.links.create",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.links.update",
"firebasedynamiclinks.stats.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasedynamiclinks.admin",
"stage": "GA",
"title": "Firebase Dynamic Links Admin"
}
{
"description": "Read-only access to Firebase Dynamic Links resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasedynamiclinks.destinations.list",
"firebasedynamiclinks.domains.get",
"firebasedynamiclinks.domains.list",
"firebasedynamiclinks.links.get",
"firebasedynamiclinks.links.list",
"firebasedynamiclinks.stats.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasedynamiclinks.viewer",
"stage": "GA",
"title": "Firebase Dynamic Links Viewer"
}
{
"description": "Full read/write access to Firebase Hosting resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasehosting.sites.create",
"firebasehosting.sites.delete",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"firebasehosting.sites.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasehosting.admin",
"stage": "GA",
"title": "Firebase Hosting Admin"
}
{
"description": "Read-only access to Firebase Hosting resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasehosting.sites.get",
"firebasehosting.sites.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasehosting.viewer",
"stage": "GA",
"title": "Firebase Hosting Viewer"
}
{
"description": "Full read/write access to Firebase In-App Messaging resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseinappmessaging.campaigns.create",
"firebaseinappmessaging.campaigns.delete",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"firebaseinappmessaging.campaigns.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseinappmessaging.admin",
"stage": "BETA",
"title": "Firebase In-App Messaging Admin"
}
{
"description": "Read-only access to Firebase In-App Messaging resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseinappmessaging.campaigns.get",
"firebaseinappmessaging.campaigns.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseinappmessaging.viewer",
"stage": "BETA",
"title": "Firebase In-App Messaging Viewer"
}
{
"description": "Full read/write access to Firebase ML Kit resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseml.compressionjobs.create",
"firebaseml.compressionjobs.delete",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.compressionjobs.start",
"firebaseml.compressionjobs.update",
"firebaseml.models.create",
"firebaseml.models.delete",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.create",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"firebaseml.modelversions.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseml.admin",
"stage": "BETA",
"title": "Firebase ML Kit Admin"
}
{
"description": "Read-only access to Firebase ML Kit resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseml.compressionjobs.get",
"firebaseml.compressionjobs.list",
"firebaseml.models.get",
"firebaseml.models.list",
"firebaseml.modelversions.get",
"firebaseml.modelversions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseml.viewer",
"stage": "BETA",
"title": "Firebase ML Kit Viewer"
}
{
"description": "Grants Firebase Extensions API Service Account access to manage resources.",
"etag": "AA==",
"includedPermissions": [
"cloudfunctions.functions.getIamPolicy",
"cloudfunctions.functions.setIamPolicy",
"deploymentmanager.compositeTypes.create",
"deploymentmanager.compositeTypes.delete",
"deploymentmanager.compositeTypes.get",
"deploymentmanager.compositeTypes.list",
"deploymentmanager.compositeTypes.update",
"deploymentmanager.deployments.cancelPreview",
"deploymentmanager.deployments.create",
"deploymentmanager.deployments.delete",
"deploymentmanager.deployments.get",
"deploymentmanager.deployments.list",
"deploymentmanager.deployments.stop",
"deploymentmanager.deployments.update",
"deploymentmanager.manifests.get",
"deploymentmanager.manifests.list",
"deploymentmanager.operations.get",
"deploymentmanager.operations.list",
"deploymentmanager.resources.get",
"deploymentmanager.resources.list",
"deploymentmanager.typeProviders.create",
"deploymentmanager.typeProviders.delete",
"deploymentmanager.typeProviders.get",
"deploymentmanager.typeProviders.getType",
"deploymentmanager.typeProviders.list",
"deploymentmanager.typeProviders.listTypes",
"deploymentmanager.typeProviders.update",
"deploymentmanager.types.create",
"deploymentmanager.types.delete",
"deploymentmanager.types.get",
"deploymentmanager.types.list",
"deploymentmanager.types.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"run.services.getIamPolicy",
"run.services.setIamPolicy",
"serviceusage.quotas.get",
"serviceusage.services.enable",
"serviceusage.services.get",
"serviceusage.services.list"
],
"name": "roles/firebasemods.serviceAgent",
"stage": "GA",
"title": "Firebase Extensions API Service Agent"
}
{
"description": "Full read/write access to Firebase Cloud Messaging resources.",
"etag": "AA==",
"includedPermissions": [
"fcmdata.deliverydata.list",
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasenotifications.messages.create",
"firebasenotifications.messages.delete",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"firebasenotifications.messages.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasenotifications.admin",
"stage": "GA",
"title": "Firebase Cloud Messaging Admin"
}
{
"description": "Read-only access to Firebase Cloud Messaging resources.",
"etag": "AA==",
"includedPermissions": [
"fcmdata.deliverydata.list",
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasenotifications.messages.get",
"firebasenotifications.messages.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasenotifications.viewer",
"stage": "GA",
"title": "Firebase Cloud Messaging Viewer"
}
{
"description": "Full access to firebaseperformance resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseperformance.config.create",
"firebaseperformance.config.delete",
"firebaseperformance.config.update",
"firebaseperformance.data.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseperformance.admin",
"stage": "GA",
"title": "Firebase Performance Reporting Admin"
}
{
"description": "Read-only access to firebaseperformance resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebaseperformance.data.get",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaseperformance.viewer",
"stage": "GA",
"title": "Firebase Performance Reporting Viewer"
}
{
"description": "Full read/write access to Firebase Predictions resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasepredictions.predictions.create",
"firebasepredictions.predictions.delete",
"firebasepredictions.predictions.list",
"firebasepredictions.predictions.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasepredictions.admin",
"stage": "GA",
"title": "Firebase Predictions Admin"
}
{
"description": "Read-only access to Firebase Predictions resources.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasepredictions.predictions.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasepredictions.viewer",
"stage": "GA",
"title": "Firebase Predictions Viewer"
}
{
"description": "Full management of Firebase Rules.",
"etag": "AA==",
"includedPermissions": [
"firebaserules.releases.create",
"firebaserules.releases.delete",
"firebaserules.releases.get",
"firebaserules.releases.getExecutable",
"firebaserules.releases.list",
"firebaserules.releases.update",
"firebaserules.rulesets.create",
"firebaserules.rulesets.delete",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"firebaserules.rulesets.test",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaserules.admin",
"stage": "GA",
"title": "Firebase Rules Admin"
}
{
"description": "Read-only access on all resources with the ability to test Rulesets.",
"etag": "AA==",
"includedPermissions": [
"firebaserules.releases.get",
"firebaserules.releases.list",
"firebaserules.rulesets.get",
"firebaserules.rulesets.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebaserules.viewer",
"stage": "GA",
"title": "Firebase Rules Viewer"
}
{
"description": "Full management of Cloud Storage for Firebase.",
"etag": "AA==",
"includedPermissions": [
"firebase.clients.get",
"firebase.clients.list",
"firebase.projects.get",
"firebasestorage.buckets.addFirebase",
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"firebasestorage.buckets.removeFirebase",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasestorage.admin",
"stage": "BETA",
"title": "Cloud Storage for Firebase Admin"
}
{
"description": "Access to Cloud Storage for Firebase through API and SDK.",
"etag": "AA==",
"includedPermissions": [
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.objects.create",
"storage.objects.delete",
"storage.objects.get",
"storage.objects.getIamPolicy",
"storage.objects.list",
"storage.objects.update"
],
"name": "roles/firebasestorage.serviceAgent",
"stage": "GA",
"title": "Cloud Storage for Firebase Service Agent"
}
{
"description": "Read-only access for Cloud Storage for Firebase.",
"etag": "AA==",
"includedPermissions": [
"firebasestorage.buckets.get",
"firebasestorage.buckets.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/firebasestorage.viewer",
"stage": "BETA",
"title": "Cloud Storage for Firebase Viewer"
}
{
"description": "Gives Firestore service account access to managed resources.",
"etag": "AA==",
"includedPermissions": [
"storage.buckets.get",
"storage.objects.create",
"storage.objects.get",
"storage.objects.list"
],
"name": "roles/firestore.serviceAgent",
"stage": "GA",
"title": "Firestore Service Agent"
}
{
"description": "Gives Cloud Firewall Insights service agent permissions to retrieve Firewall, VM and route resources on user behalf.",
"etag": "AA==",
"includedPermissions": [
"compute.backendServices.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.list",
"compute.healthChecks.list",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.list",
"compute.instanceGroups.list",
"compute.instances.get",
"compute.instances.list",
"compute.networks.list",
"compute.projects.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.subnetworks.list",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.list",
"compute.targetPools.list",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.list",
"compute.urlMaps.list",
"compute.vpnGateways.list",
"compute.vpnTunnels.list"
],
"name": "roles/firewallinsights.serviceAgent",
"stage": "GA",
"title": "Cloud Firewall Insights Service Agent"
}
{
"description": "Grants the FleetEngine Service Account access to manage resources.",
"etag": "AA==",
"includedPermissions": [
"bigquery.jobs.create",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/fleetengine.serviceAgent",
"stage": "GA",
"title": "FleetEngine Service Agent"
}
{
"description": "Full access to Game Services API and related resources.",
"etag": "AA==",
"includedPermissions": [
"gameservices.gameServerClusters.create",
"gameservices.gameServerClusters.delete",
"gameservices.gameServerClusters.get",
"gameservices.gameServerClusters.list",
"gameservices.gameServerClusters.update",
"gameservices.gameServerConfigs.create",
"gameservices.gameServerConfigs.delete",
"gameservices.gameServerConfigs.get",
"gameservices.gameServerConfigs.list",
"gameservices.gameServerDeployments.create",
"gameservices.gameServerDeployments.delete",
"gameservices.gameServerDeployments.get",
"gameservices.gameServerDeployments.list",
"gameservices.gameServerDeployments.rollout",
"gameservices.gameServerDeployments.update",
"gameservices.locations.get",
"gameservices.locations.list",
"gameservices.operations.cancel",
"gameservices.operations.delete",
"gameservices.operations.get",
"gameservices.operations.list",
"gameservices.realms.create",
"gameservices.realms.delete",
"gameservices.realms.get",
"gameservices.realms.list",
"gameservices.realms.update",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/gameservices.admin",
"stage": "GA",
"title": "Game Services API Admin"
}
{
"description": "Gives Game Services Service Account access to GCP resources.",
"etag": "AA==",
"includedPermissions": [
"container.apiServices.create",
"container.apiServices.delete",
"container.apiServices.get",
"container.apiServices.getStatus",
"container.apiServices.list",
"container.apiServices.update",
"container.apiServices.updateStatus",
"container.auditSinks.create",
"container.auditSinks.delete",
"container.auditSinks.get",
"container.auditSinks.list",
"container.auditSinks.update",
"container.backendConfigs.create",
"container.backendConfigs.delete",
"container.backendConfigs.get",
"container.backendConfigs.list",
"container.backendConfigs.update",
"container.bindings.create",
"container.bindings.delete",
"container.bindings.get",
"container.bindings.list",
"container.bindings.update",
"container.certificateSigningRequests.create",
"container.certificateSigningRequests.delete",
"container.certificateSigningRequests.get",
"container.certificateSigningRequests.list",
"container.certificateSigningRequests.update",
"container.certificateSigningRequests.updateStatus",
"container.clusterRoleBindings.create",
"container.clusterRoleBindings.get",
"container.clusterRoleBindings.list",
"container.clusterRoleBindings.update",
"container.clusterRoles.bind",
"container.clusterRoles.create",
"container.clusterRoles.escalate",
"container.clusterRoles.get",
"container.clusterRoles.list",
"container.clusterRoles.update",
"container.clusters.create",
"container.clusters.delete",
"container.clusters.get",
"container.clusters.list",
"container.clusters.update",
"container.componentStatuses.get",
"container.componentStatuses.list",
"container.configMaps.create",
"container.configMaps.delete",
"container.configMaps.get",
"container.configMaps.list",
"container.configMaps.update",
"container.controllerRevisions.get",
"container.controllerRevisions.list",
"container.cronJobs.create",
"container.cronJobs.delete",
"container.cronJobs.get",
"container.cronJobs.getStatus",
"container.cronJobs.list",
"container.cronJobs.update",
"container.cronJobs.updateStatus",
"container.csiDrivers.create",
"container.csiDrivers.delete",
"container.csiDrivers.get",
"container.csiDrivers.list",
"container.csiDrivers.update",
"container.csiNodeInfos.create",
"container.csiNodeInfos.delete",
"container.csiNodeInfos.get",
"container.csiNodeInfos.list",
"container.csiNodeInfos.update",
"container.csiNodes.create",
"container.csiNodes.delete",
"container.csiNodes.get",
"container.csiNodes.list",
"container.csiNodes.update",
"container.customResourceDefinitions.create",
"container.customResourceDefinitions.delete",
"container.customResourceDefinitions.get",
"container.customResourceDefinitions.getStatus",
"container.customResourceDefinitions.list",
"container.customResourceDefinitions.update",
"container.customResourceDefinitions.updateStatus",
"container.daemonSets.create",
"container.daemonSets.delete",
"container.daemonSets.get",
"container.daemonSets.getStatus",
"container.daemonSets.list",
"container.daemonSets.update",
"container.daemonSets.updateStatus",
"container.deployments.create",
"container.deployments.delete",
"container.deployments.get",
"container.deployments.getScale",
"container.deployments.getStatus",
"container.deployments.list",
"container.deployments.rollback",
"container.deployments.update",
"container.deployments.updateScale",
"container.deployments.updateStatus",
"container.endpointSlices.create",
"container.endpointSlices.delete",
"container.endpointSlices.get",
"container.endpointSlices.list",
"container.endpointSlices.update",
"container.endpoints.create",
"container.endpoints.delete",
"container.endpoints.get",
"container.endpoints.list",
"container.endpoints.update",
"container.events.create",
"container.events.delete",
"container.events.get",
"container.events.list",
"container.events.update",
"container.frontendConfigs.create",
"container.frontendConfigs.delete",
"container.frontendConfigs.get",
"container.frontendConfigs.list",
"container.frontendConfigs.update",
"container.horizontalPodAutoscalers.create",
"container.horizontalPodAutoscalers.delete",
"container.horizontalPodAutoscalers.get",
"container.horizontalPodAutoscalers.getStatus",
"container.horizontalPodAutoscalers.list",
"container.horizontalPodAutoscalers.update",
"container.horizontalPodAutoscalers.updateStatus",
"container.ingresses.create",
"container.ingresses.delete",
"container.ingresses.get",
"container.ingresses.getStatus",
"container.ingresses.list",
"container.ingresses.update",
"container.ingresses.updateStatus",
"container.initializerConfigurations.create",
"container.initializerConfigurations.delete",
"container.initializerConfigurations.get",
"container.initializerConfigurations.list",
"container.initializerConfigurations.update",
"container.jobs.create",
"container.jobs.delete",
"container.jobs.get",
"container.jobs.getStatus",
"container.jobs.list",
"container.jobs.update",
"container.jobs.updateStatus",
"container.leases.create",
"container.leases.delete",
"container.leases.get",
"container.leases.list",
"container.leases.update",
"container.limitRanges.create",
"container.limitRanges.delete",
"container.limitRanges.get",
"container.limitRanges.list",
"container.limitRanges.update",
"container.localSubjectAccessReviews.create",
"container.localSubjectAccessReviews.list",
"container.managedCertificates.create",
"container.managedCertificates.delete",
"container.managedCertificates.get",
"container.managedCertificates.list",
"container.managedCertificates.update",
"container.mutatingWebhookConfigurations.get",
"container.mutatingWebhookConfigurations.list",
"container.namespaces.create",
"container.namespaces.delete",
"container.namespaces.finalize",
"container.namespaces.get",
"container.namespaces.getStatus",
"container.namespaces.list",
"container.namespaces.update",
"container.namespaces.updateStatus",
"container.networkPolicies.create",
"container.networkPolicies.delete",
"container.networkPolicies.get",
"container.networkPolicies.list",
"container.networkPolicies.update",
"container.nodes.create",
"container.nodes.delete",
"container.nodes.get",
"container.nodes.getStatus",
"container.nodes.list",
"container.nodes.proxy",
"container.nodes.update",
"container.nodes.updateStatus",
"container.persistentVolumeClaims.create",
"container.persistentVolumeClaims.delete",
"container.persistentVolumeClaims.get",
"container.persistentVolumeClaims.getStatus",
"container.persistentVolumeClaims.list",
"container.persistentVolumeClaims.update",
"container.persistentVolumeClaims.updateStatus",
"container.persistentVolumes.create",
"container.persistentVolumes.delete",
"container.persistentVolumes.get",
"container.persistentVolumes.getStatus",
"container.persistentVolumes.list",
"container.persistentVolumes.update",
"container.persistentVolumes.updateStatus",
"container.petSets.create",
"container.petSets.delete",
"container.petSets.get",
"container.petSets.list",
"container.petSets.update",
"container.petSets.updateStatus",
"container.podDisruptionBudgets.create",
"container.podDisruptionBudgets.delete",
"container.podDisruptionBudgets.get",
"container.podDisruptionBudgets.getStatus",
"container.podDisruptionBudgets.list",
"container.podDisruptionBudgets.update",
"container.podDisruptionBudgets.updateStatus",
"container.podPresets.create",
"container.podPresets.delete",
"container.podPresets.get",
"container.podPresets.list",
"container.podPresets.update",
"container.podSecurityPolicies.get",
"container.podSecurityPolicies.list",
"container.podTemplates.create",
"container.podTemplates.delete",
"container.podTemplates.get",
"container.podTemplates.list",
"container.podTemplates.update",
"container.pods.attach",
"container.pods.create",
"container.pods.delete",
"container.pods.evict",
"container.pods.exec",
"container.pods.get",
"container.pods.getLogs",
"container.pods.getStatus",
"container.pods.initialize",
"container.pods.list",
"container.pods.portForward",
"container.pods.proxy",
"container.pods.update",
"container.pods.updateStatus",
"container.priorityClasses.create",
"container.priorityClasses.delete",
"container.priorityClasses.get",
"container.priorityClasses.list",
"container.priorityClasses.update",
"container.replicaSets.create",
"container.replicaSets.delete",
"container.replicaSets.get",
"container.replicaSets.getScale",
"container.replicaSets.getStatus",
"container.replicaSets.list",
"container.replicaSets.update",
"container.replicaSets.updateScale",
"container.replicaSets.updateStatus",
"container.replicationControllers.create",
"container.replicationControllers.delete",
"container.replicationControllers.get",
"container.replicationControllers.getScale",
"container.replicationControllers.getStatus",
"container.replicationControllers.list",
"container.replicationControllers.update",
"container.replicationControllers.updateScale",
"container.replicationControllers.updateStatus",
"container.resourceQuotas.create",
"container.resourceQuotas.delete",
"container.resourceQuotas.get",
"container.resourceQuotas.getStatus",
"container.resourceQuotas.list",
"container.resourceQuotas.update",
"container.resourceQuotas.updateStatus",
"container.roleBindings.create",
"container.roleBindings.get",
"container.roleBindings.list",
"container.roles.bind",
"container.roles.create",
"container.roles.escalate",
"container.roles.get",
"container.roles.list",
"container.runtimeClasses.create",
"container.runtimeClasses.delete",
"container.runtimeClasses.get",
"container.runtimeClasses.list",
"container.runtimeClasses.update",
"container.scheduledJobs.create",
"container.scheduledJobs.delete",
"container.scheduledJobs.get",
"container.scheduledJobs.list",
"container.scheduledJobs.update",
"container.scheduledJobs.updateStatus",
"container.secrets.create",
"container.secrets.delete",
"container.secrets.get",
"container.secrets.list",
"container.secrets.update",
"container.selfSubjectAccessReviews.create",
"container.selfSubjectAccessReviews.list",
"container.selfSubjectRulesReviews.create",
"container.serviceAccounts.create",
"container.serviceAccounts.createToken",
"container.serviceAccounts.delete",
"container.serviceAccounts.get",
"container.serviceAccounts.list",
"container.serviceAccounts.update",
"container.services.create",
"container.services.delete",
"container.services.get",
"container.services.getStatus",
"container.services.list",
"container.services.proxy",
"container.services.update",
"container.services.updateStatus",
"container.statefulSets.create",
"container.statefulSets.delete",
"container.statefulSets.get",
"container.statefulSets.getScale",
"container.statefulSets.getStatus",
"container.statefulSets.list",
"container.statefulSets.update",
"container.statefulSets.updateScale",
"container.statefulSets.updateStatus",
"container.storageClasses.create",
"container.storageClasses.delete",
"container.storageClasses.get",
"container.storageClasses.list",
"container.storageClasses.update",
"container.storageStates.create",
"container.storageStates.delete",
"container.storageStates.get",
"container.storageStates.getStatus",
"container.storageStates.list",
"container.storageStates.update",
"container.storageStates.updateStatus",
"container.storageVersionMigrations.create",
"container.storageVersionMigrations.delete",
"container.storageVersionMigrations.get",
"container.storageVersionMigrations.getStatus",
"container.storageVersionMigrations.list",
"container.storageVersionMigrations.update",
"container.storageVersionMigrations.updateStatus",
"container.subjectAccessReviews.create",
"container.subjectAccessReviews.list",
"container.thirdPartyObjects.create",
"container.thirdPartyObjects.delete",
"container.thirdPartyObjects.get",
"container.thirdPartyObjects.list",
"container.thirdPartyObjects.update",
"container.thirdPartyResources.create",
"container.thirdPartyResources.delete",
"container.thirdPartyResources.get",
"container.thirdPartyResources.list",
"container.thirdPartyResources.update",
"container.tokenReviews.create",
"container.updateInfos.create",
"container.updateInfos.delete",
"container.updateInfos.get",
"container.updateInfos.list",
"container.updateInfos.update",
"container.validatingWebhookConfigurations.get",
"container.validatingWebhookConfigurations.list",
"container.volumeAttachments.create",
"container.volumeAttachments.delete",
"container.volumeAttachments.get",
"container.volumeAttachments.getStatus",
"container.volumeAttachments.list",
"container.volumeAttachments.update",
"container.volumeAttachments.updateStatus",
"container.volumeSnapshotClasses.create",
"container.volumeSnapshotClasses.delete",
"container.volumeSnapshotClasses.get",
"container.volumeSnapshotClasses.list",
"container.volumeSnapshotClasses.update",
"container.volumeSnapshotContents.create",
"container.volumeSnapshotContents.delete",
"container.volumeSnapshotContents.get",
"container.volumeSnapshotContents.getStatus",
"container.volumeSnapshotContents.list",
"container.volumeSnapshotContents.update",
"container.volumeSnapshotContents.updateStatus",
"container.volumeSnapshots.create",
"container.volumeSnapshots.delete",
"container.volumeSnapshots.get",
"container.volumeSnapshots.getStatus",
"container.volumeSnapshots.list",
"container.volumeSnapshots.update",
"container.volumeSnapshots.updateStatus",
"gkehub.features.get",
"gkehub.features.getIamPolicy",
"gkehub.features.list",
"gkehub.locations.get",
"gkehub.locations.list",
"gkehub.memberships.generateConnectManifest",
"gkehub.memberships.get",
"gkehub.memberships.getIamPolicy",
"gkehub.memberships.list",
"gkehub.operations.get",
"gkehub.operations.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/gameservices.serviceAgent",
"stage": "GA",
"title": "Game Services Service Agent"
}
{
"description": "Read-only access to Game Services API and related resources.",
"etag": "AA==",
"includedPermissions": [
"gameservices.gameServerClusters.get",
"gameservices.gameServerClusters.list",
"gameservices.gameServerConfigs.get",
"gameservices.gameServerConfigs.list",
"gameservices.gameServerDeployments.get",
"gameservices.gameServerDeployments.list",
"gameservices.locations.get",
"gameservices.locations.list",
"gameservices.operations.get",
"gameservices.operations.list",
"gameservices.realms.get",
"gameservices.realms.list",
"resourcemanager.projects.get",
"resourcemanager.projects.list"
],
"name": "roles/gameservices.viewer",
"stage": "GA",
"title": "Game Services API Viewer"
}
{
"description": "Full access to genomics datasets and operations.",
"etag": "AA==",
"includedPermissions": [
"genomics.datasets.create",
"genomics.datasets.delete",
"genomics.datasets.get",
"genomics.datasets.getIamPolicy",
"genomics.datasets.list",
"genomics.datasets.setIamPolicy",
"genomics.datasets.update",
"genomics.operations.cancel",
"genomics.operations.create",
"genomics.operations.get",
"genomics.operations.list"
],
"name": "roles/genomics.admin",
"stage": "GA",
"title": "Genomics Admin"
}
{
"description": "Access to read and edit genomics datasets and operations.",
"etag": "AA==",
"includedPermissions": [
"genomics.datasets.create",
"genomics.datasets.delete",
"genomics.datasets.get",
"genomics.datasets.list",
"genomics.datasets.update",
"genomics.operations.cancel",
"genomics.operations.create",
"genomics.operations.get",
"genomics.operations.list"
],
"name": "roles/genomics.editor",
"stage": "GA",
"title": "Genomics Editor"
}
{
"description": "Full access to operate on genomics pipelines.",
"etag": "AA==",
"includedPermissions": [
"genomics.operations.cancel",
"genomics.operations.create",
"genomics.operations.get",
"genomics.operations.list"
],
"name": "roles/genomics.pipelinesRunner",
"stage": "GA",
"title": "Genomics Pipelines Runner"
}
{
"description": "Gives Genomics Service Account access to compute resources. Includes access to service accounts.",
"etag": "AA==",
"includedPermissions": [
"compute.acceleratorTypes.get",
"compute.acceleratorTypes.list",
"compute.addresses.get",
"compute.addresses.list",
"compute.addresses.use",
"compute.autoscalers.create",
"compute.autoscalers.delete",
"compute.autoscalers.get",
"compute.autoscalers.list",
"compute.autoscalers.update",
"compute.backendBuckets.get",
"compute.backendBuckets.list",
"compute.backendServices.get",
"compute.backendServices.list",
"compute.diskTypes.get",
"compute.diskTypes.list",
"compute.disks.addResourcePolicies",
"compute.disks.create",
"compute.disks.createSnapshot",
"compute.disks.delete",
"compute.disks.get",
"compute.disks.getIamPolicy",
"compute.disks.list",
"compute.disks.removeResourcePolicies",
"compute.disks.resize",
"compute.disks.setIamPolicy",
"compute.disks.setLabels",
"compute.disks.update",
"compute.disks.use",
"compute.disks.useReadOnly",
"compute.externalVpnGateways.get",
"compute.externalVpnGateways.list",
"compute.firewalls.get",
"compute.firewalls.list",
"compute.forwardingRules.get",
"compute.forwardingRules.list",
"compute.globalAddresses.get",
"compute.globalAddresses.list",
"compute.globalAddresses.use",
"compute.globalForwardingRules.get",
"compute.globalForwardingRules.list",
"compute.globalForwardingRules.pscGet",
"compute.globalNetworkEndpointGroups.attachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.create",
"compute.globalNetworkEndpointGroups.delete",
"compute.globalNetworkEndpointGroups.detachNetworkEndpoints",
"compute.globalNetworkEndpointGroups.get",
"compute.globalNetworkEndpointGroups.list",
"compute.globalNetworkEndpointGroups.use",
"compute.globalOperations.get",
"compute.globalOperations.list",
"compute.healthChecks.get",
"compute.healthChecks.list",
"compute.httpHealthChecks.get",
"compute.httpHealthChecks.list",
"compute.httpsHealthChecks.get",
"compute.httpsHealthChecks.list",
"compute.images.create",
"compute.images.delete",
"compute.images.deprecate",
"compute.images.get",
"compute.images.getFromFamily",
"compute.images.getIamPolicy",
"compute.images.list",
"compute.images.setIamPolicy",
"compute.images.setLabels",
"compute.images.update",
"compute.images.useReadOnly",
"compute.instanceGroupManagers.create",
"compute.instanceGroupManagers.delete",
"compute.instanceGroupManagers.get",
"compute.instanceGroupManagers.list",
"compute.instanceGroupManagers.update",
"compute.instanceGroupManagers.use",
"compute.instanceGroups.create",
"compute.instanceGroups.delete",
"compute.instanceGroups.get",
"compute.instanceGroups.list",
"compute.instanceGroups.update",
"compute.instanceGroups.use",
"compute.instanceTemplates.create",
"compute.instanceTemplates.delete",
"compute.instanceTemplates.get",
"compute.instanceTemplates.getIamPolicy",
"compute.instanceTemplates.list",
"compute.instanceTemplates.setIamPolicy",
"compute.instanceTemplates.useReadOnly",
"compute.instances.addAccessConfig",
"compute.instances.addMaintenancePolicies",
"compute.instances.addResourcePolicies",
"compute.instances.attachDisk",
"compute.instances.create",
"compute.instances.delete",
"compute.instances.deleteAccessConfig",
"compute.instances.detachDisk",
"compute.instances.get",
"compute.instances.getEffectiveFirewalls",
"compute.instances.getGuestAttributes",
"compute.instances.getIamPolicy",
"compute.instances.getScreenshot",
"compute.instances.getSerialPortOutput",
"compute.instances.getShieldedInstanceIdentity",
"compute.instances.getShieldedVmIdentity",
"compute.instances.list",
"compute.instances.listReferrers",
"compute.instances.osAdminLogin",
"compute.instances.osLogin",
"compute.instances.removeMaintenancePolicies",
"compute.instances.removeResourcePolicies",
"compute.instances.reset",
"compute.instances.resume",
"compute.instances.setDeletionProtection",
"compute.instances.setDiskAutoDelete",
"compute.instances.setIamPolicy",
"compute.instances.setLabels",
"compute.instances.setMachineResources",
"compute.instances.setMachineType",
"compute.instances.setMetadata",
"compute.instances.setMinCpuPlatform",
"compute.instances.setScheduling",
"compute.instances.setServiceAccount",
"compute.instances.setShieldedInstanceIntegrityPolicy",
"compute.instances.setShieldedVmIntegrityPolicy",
"compute.instances.setTags",
"compute.instances.start",
"compute.instances.startWithEncryptionKey",
"compute.instances.stop",
"compute.instances.suspend",
"compute.instances.update",
"compute.instances.updateAccessConfig",
"compute.instances.updateDisplayDevice",
"compute.instances.updateNetworkInterface",
"compute.instances.updateSecurity",
"compute.instances.updateShieldedInstanceConfig",
"compute.instances.updateShieldedVmConfig",
"compute.instances.use",
"compute.instances.useReadOnly",
"compute.interconnectAttachments.get",
"compute.interconnectAttachments.list",
"compute.interconnectLocations.get",
"compute.interconnectLocations.list",
"compute.interconnects.get",
"compute.interconnects.list",
"compute.licenseCodes.get",
"compute.licenseCodes.getIamPolicy",
"compute.licenseCodes.list",
"compute.licenseCodes.setIamPolicy",
"compute.licenseCodes.update",
"compute.licenseCodes.use",
"compute.licenses.create",
"compute.licenses.delete",
"compute.licenses.get",
"compute.licenses.getIamPolicy",
"compute.licenses.list",
"compute.licenses.setIamPolicy",
"compute.machineImages.create",
"compute.machineImages.delete",
"compute.machineImages.get",
"compute.machineImages.getIamPolicy",
"compute.machineImages.list",
"compute.machineImages.setIamPolicy",
"compute.machineImages.useReadOnly",
"compute.machineTypes.get",
"compute.machineTypes.list",
"compute.networkEndpointGroups.attachNetworkEndpoints",
"compute.networkEndpointGroups.create",
"compute.networkEndpointGroups.delete",
"compute.networkEndpointGroups.detachNetworkEndpoints",
"compute.networkEndpointGroups.get",
"compute.networkEndpointGroups.getIamPolicy",
"compute.networkEndpointGroups.list",
"compute.networkEndpointGroups.setIamPolicy",
"compute.networkEndpointGroups.use",
"compute.networks.get",
"compute.networks.list",
"compute.networks.use",
"compute.networks.useExternalIp",
"compute.projects.get",
"compute.projects.setCommonInstanceMetadata",
"compute.regionBackendServices.get",
"compute.regionBackendServices.list",
"compute.regionHealthCheckServices.get",
"compute.regionHealthCheckServices.list",
"compute.regionHealthChecks.get",
"compute.regionHealthChecks.list",
"compute.regionNetworkEndpointGroups.create",
"compute.regionNetworkEndpointGroups.delete",
"compute.regionNetworkEndpointGroups.get",
"compute.regionNetworkEndpointGroups.list",
"compute.regionNetworkEndpointGroups.use",
"compute.regionNotificationEndpoints.get",
"compute.regionNotificationEndpoints.list",
"compute.regionOperations.get",
"compute.regionOperations.list",
"compute.regionSslCertificates.get",
"compute.regionSslCertificates.list",
"compute.regionTargetHttpProxies.get",
"compute.regionTargetHttpProxies.list",
"compute.regionTargetHttpsProxies.get",
"compute.regionTargetHttpsProxies.list",
"compute.regionUrlMaps.get",
"compute.regionUrlMaps.list",
"compute.regions.get",
"compute.regions.list",
"compute.reservations.get",
"compute.reservations.list",
"compute.resourcePolicies.create",
"compute.resourcePolicies.delete",
"compute.resourcePolicies.get",
"compute.resourcePolicies.list",
"compute.resourcePolicies.use",
"compute.routers.get",
"compute.routers.list",
"compute.routes.get",
"compute.routes.list",
"compute.serviceAttachments.get",
"compute.serviceAttachments.list",
"compute.snapshots.create",
"compute.snapshots.delete",
"compute.snapshots.get",
"compute.snapshots.getIamPolicy",
"compute.snapshots.list",
"compute.snapshots.setIamPolicy",
"compute.snapshots.setLabels",
"compute.snapshots.useReadOnly",
"compute.sslCertificates.get",
"compute.sslCertificates.list",
"compute.sslPolicies.get",
"compute.sslPolicies.list",
"compute.sslPolicies.listAvailableFeatures",
"compute.subnetworks.get",
"compute.subnetworks.list",
"compute.subnetworks.use",
"compute.subnetworks.useExternalIp",
"compute.targetGrpcProxies.get",
"compute.targetGrpcProxies.list",
"compute.targetHttpProxies.get",
"compute.targetHttpProxies.list",
"compute.targetHttpsProxies.get",
"compute.targetHttpsProxies.list",
"compute.targetInstances.get",
"compute.targetInstances.list",
"compute.targetPools.get",
"compute.targetPools.list",
"compute.targetSslProxies.get",
"compute.targetSslProxies.list",
"compute.targetTcpProxies.get",
"compute.targetTcpProxies.list",
"compute.targetVpnGateways.get",
"compute.targetVpnGateways.list",
"compute.urlMaps.get",
"compute.urlMaps.list",
"compute.vpnGateways.get",
"compute.vpnGateways.list",
"compute.vpnTunnels.get",
"compute.vpnTunnels.list",
"compute.zoneOperations.get",
"compute.zoneOperations.list",
"compute.zones.get",
"compute.zones.list",
"iam.serviceAccounts.actAs",
"pubsub.topics.publish",
"resourcemanager.projects.get",
"resourcemanager.projects.list",
"serviceusage.quotas.get",
"serviceusage.services.get",
"serviceusage.services.list",
"serviceusage.services.use"
],
"name": "roles/genomics.serviceAgent",
"stage": "GA",
"title": "Genomics Service Agent"
}
{
"description": "Access to view genomics datasets and operations.",
"etag": "AA==",
"includedPermissions": [
"genomics.datasets.get",
"genomics.datasets.list",
"genomics.operations.get",
"genomics.operations.list"
],
"name": "
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment