From 14130b5689ec6dd4530544ef9134a67da5b7fabd Mon Sep 17 00:00:00 2001
From: bgeesaman <bgeesaman@users.noreply.github.com>
Date: Sat, 27 Jul 2024 01:25:42 +0000
Subject: [PATCH] Fetch all roles

---
 gcp_roles_cai.json                         | 10 +++++-----
 roles/chronicle.restrictedDataAccessViewer |  7 +++++++
 roles/datacatalog.tagTemplateUser          |  1 +
 roles/datacatalog.viewer                   |  1 +
 roles/dataplex.metadataJobViewer           |  2 +-
 roles/dataplex.serviceAgent                |  1 +
 6 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/gcp_roles_cai.json b/gcp_roles_cai.json
index b91bb991..2ca9d416 100644
--- a/gcp_roles_cai.json
+++ b/gcp_roles_cai.json
@@ -268,7 +268,7 @@
 {"description":"Modify Access to Chronicle API resources.","etag":"AA==","includedPermissions":["chronicle.ais.createFeedback","chronicle.ais.translateUdmQuery","chronicle.ais.translateYlRule","chronicle.analyticValues.list","chronicle.analytics.list","chronicle.cases.countPriorities","chronicle.collectors.get","chronicle.collectors.list","chronicle.conversations.create","chronicle.conversations.delete","chronicle.conversations.get","chronicle.conversations.list","chronicle.conversations.update","chronicle.curatedRuleSetCategories.countAllCuratedRuleSetDetections","chronicle.curatedRuleSetCategories.get","chronicle.curatedRuleSetCategories.list","chronicle.curatedRuleSetDeployments.batchUpdate","chronicle.curatedRuleSetDeployments.get","chronicle.curatedRuleSetDeployments.list","chronicle.curatedRuleSetDeployments.update","chronicle.curatedRuleSets.countCuratedRuleSetDetections","chronicle.curatedRuleSets.get","chronicle.curatedRuleSets.list","chronicle.curatedRules.get","chronicle.curatedRules.list","chronicle.dashboardCharts.get","chronicle.dashboardCharts.list","chronicle.dashboardQueries.execute","chronicle.dashboardQueries.get","chronicle.dashboardQueries.list","chronicle.dashboards.copy","chronicle.dashboards.create","chronicle.dashboards.delete","chronicle.dashboards.edit","chronicle.dashboards.get","chronicle.dashboards.list","chronicle.dashboards.schedule","chronicle.dataAccessScopes.list","chronicle.dataExports.cancel","chronicle.dataExports.create","chronicle.dataExports.fetchLogTypesAvailableForExport","chronicle.dataExports.get","chronicle.dataTableRows.asyncBulkCreate","chronicle.dataTableRows.asyncBulkReplace","chronicle.dataTableRows.asyncBulkUpdate","chronicle.dataTableRows.bulkCreate","chronicle.dataTableRows.bulkReplace","chronicle.dataTableRows.bulkUpdate","chronicle.dataTableRows.create","chronicle.dataTableRows.delete","chronicle.dataTableRows.get","chronicle.dataTableRows.list","chronicle.dataTableRows.update","chronicle.dataTables.bulkCreateDataTableAsync","chronicle.dataTables.create","chronicle.dataTables.delete","chronicle.dataTables.get","chronicle.dataTables.list","chronicle.dataTables.update","chronicle.dataTaps.create","chronicle.dataTaps.delete","chronicle.dataTaps.get","chronicle.dataTaps.list","chronicle.dataTaps.update","chronicle.entities.batchCreate","chronicle.entities.batchDelete","chronicle.entities.batchValidate","chronicle.entities.create","chronicle.entities.delete","chronicle.entities.find","chronicle.entities.findRelatedEntities","chronicle.entities.get","chronicle.entities.import","chronicle.entities.list","chronicle.entities.modifyEntityRiskScore","chronicle.entities.queryEntityRiskScoreModifications","chronicle.entities.searchEntities","chronicle.entities.summarize","chronicle.entities.summarizeFromQuery","chronicle.entityRiskScores.queryEntityRiskScores","chronicle.errorNotificationConfigs.get","chronicle.errorNotificationConfigs.list","chronicle.events.batchGet","chronicle.events.findUdmFieldValues","chronicle.events.get","chronicle.events.import","chronicle.events.queryProductSourceStats","chronicle.events.searchRawLogs","chronicle.events.udmSearch","chronicle.events.validateQuery","chronicle.findingsGraphs.exploreNode","chronicle.findingsGraphs.initializeGraph","chronicle.findingsRefinementDeployments.get","chronicle.findingsRefinementDeployments.list","chronicle.findingsRefinementDeployments.update","chronicle.findingsRefinements.computeActivity","chronicle.findingsRefinements.computeAllActivities","chronicle.findingsRefinements.create","chronicle.findingsRefinements.get","chronicle.findingsRefinements.list","chronicle.findingsRefinements.test","chronicle.findingsRefinements.update","chronicle.forwarders.generate","chronicle.forwarders.get","chronicle.forwarders.list","chronicle.globalDataAccessScopes.permit","chronicle.ingestionLogLabels.get","chronicle.ingestionLogLabels.list","chronicle.ingestionLogNamespaces.get","chronicle.ingestionLogNamespaces.list","chronicle.instances.generateCollectionAgentAuth","chronicle.instances.generateSoarAuthJwt","chronicle.instances.get","chronicle.instances.logTypeClassifier","chronicle.instances.report","chronicle.iocMatches.get","chronicle.iocMatches.list","chronicle.iocState.get","chronicle.iocState.update","chronicle.iocs.batchGet","chronicle.iocs.findFirstAndLastSeen","chronicle.iocs.get","chronicle.iocs.searchCuratedDetectionsForIoc","chronicle.legacies.legacyBatchGetCases","chronicle.legacies.legacyCalculateAlertStats","chronicle.legacies.legacyFetchAlertsView","chronicle.legacies.legacyFetchUdmSearchCsv","chronicle.legacies.legacyFetchUdmSearchView","chronicle.legacies.legacyFindAssetEvents","chronicle.legacies.legacyFindRawLogs","chronicle.legacies.legacyFindUdmEvents","chronicle.legacies.legacyGetAlert","chronicle.legacies.legacyGetCuratedRulesTrends","chronicle.legacies.legacyGetDetection","chronicle.legacies.legacyGetEventForDetection","chronicle.legacies.legacyGetFinding","chronicle.legacies.legacyGetRuleCounts","chronicle.legacies.legacyGetRulesTrends","chronicle.legacies.legacyRunTestRule","chronicle.legacies.legacySearchAlerts","chronicle.legacies.legacySearchArtifactEvents","chronicle.legacies.legacySearchArtifactIoCDetails","chronicle.legacies.legacySearchAssetEvents","chronicle.legacies.legacySearchCuratedDetections","chronicle.legacies.legacySearchCustomerStats","chronicle.legacies.legacySearchDetections","chronicle.legacies.legacySearchDomainsRecentlyRegistered","chronicle.legacies.legacySearchDomainsTimingStats","chronicle.legacies.legacySearchEnterpriseWideAlerts","chronicle.legacies.legacySearchEnterpriseWideIoCs","chronicle.legacies.legacySearchFindings","chronicle.legacies.legacySearchIngestionStats","chronicle.legacies.legacySearchIoCInsights","chronicle.legacies.legacySearchRawLogs","chronicle.legacies.legacySearchRuleDetectionCountBuckets","chronicle.legacies.legacySearchRuleDetectionEvents","chronicle.legacies.legacySearchRuleResults","chronicle.legacies.legacySearchRulesAlerts","chronicle.legacies.legacySearchUserEvents","chronicle.legacies.legacyStreamDetectionAlerts","chronicle.legacies.legacyTestRuleStreaming","chronicle.legacies.legacyUpdateAlert","chronicle.legacies.legacyUpdateFinding","chronicle.logTypeSchemas.list","chronicle.logs.export","chronicle.logs.get","chronicle.logs.import","chronicle.logs.list","chronicle.messages.create","chronicle.messages.delete","chronicle.messages.get","chronicle.messages.list","chronicle.messages.update","chronicle.multitenantDirectories.get","chronicle.nativeDashboards.create","chronicle.nativeDashboards.delete","chronicle.nativeDashboards.duplicate","chronicle.nativeDashboards.get","chronicle.nativeDashboards.list","chronicle.nativeDashboards.update","chronicle.operations.cancel","chronicle.operations.delete","chronicle.operations.get","chronicle.operations.list","chronicle.operations.streamSearch","chronicle.operations.wait","chronicle.preferenceSets.get","chronicle.preferenceSets.update","chronicle.referenceLists.create","chronicle.referenceLists.get","chronicle.referenceLists.list","chronicle.referenceLists.update","chronicle.referenceLists.verifyReferenceList","chronicle.retrohunts.create","chronicle.retrohunts.get","chronicle.retrohunts.list","chronicle.riskConfigs.get","chronicle.riskConfigs.update","chronicle.ruleDeployments.get","chronicle.ruleDeployments.list","chronicle.ruleDeployments.update","chronicle.ruleExecutionErrors.list","chronicle.rules.create","chronicle.rules.get","chronicle.rules.list","chronicle.rules.listRevisions","chronicle.rules.update","chronicle.rules.verifyRuleText","chronicle.searchQueries.create","chronicle.searchQueries.delete","chronicle.searchQueries.get","chronicle.searchQueries.list","chronicle.searchQueries.update","chronicle.watchlists.create","chronicle.watchlists.delete","chronicle.watchlists.get","chronicle.watchlists.list","chronicle.watchlists.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/chronicle.editor","stage":"GA","title":"Chronicle API Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Grants readonly access to Chronicle API resources, excluding Rules and Retrohunts.","etag":"AA==","includedPermissions":["chronicle.analyticValues.list","chronicle.analytics.list","chronicle.cases.countPriorities","chronicle.conversations.get","chronicle.conversations.list","chronicle.dashboardCharts.get","chronicle.dashboardCharts.list","chronicle.dashboardQueries.execute","chronicle.dashboardQueries.get","chronicle.dashboardQueries.list","chronicle.dashboards.get","chronicle.dashboards.list","chronicle.dashboards.schedule","chronicle.entities.find","chronicle.entities.findRelatedEntities","chronicle.entities.get","chronicle.entities.queryEntityRiskScoreModifications","chronicle.entities.searchEntities","chronicle.entities.summarize","chronicle.entities.summarizeFromQuery","chronicle.entityRiskScores.queryEntityRiskScores","chronicle.errorNotificationConfigs.get","chronicle.errorNotificationConfigs.list","chronicle.events.batchGet","chronicle.events.findUdmFieldValues","chronicle.events.get","chronicle.events.queryProductSourceStats","chronicle.events.searchRawLogs","chronicle.events.udmSearch","chronicle.events.validateQuery","chronicle.findingsGraphs.exploreNode","chronicle.findingsGraphs.initializeGraph","chronicle.findingsRefinementDeployments.get","chronicle.findingsRefinementDeployments.list","chronicle.findingsRefinements.computeActivity","chronicle.findingsRefinements.computeAllActivities","chronicle.findingsRefinements.get","chronicle.findingsRefinements.list","chronicle.findingsRefinements.test","chronicle.globalDataAccessScopes.permit","chronicle.ingestionLogLabels.get","chronicle.ingestionLogLabels.list","chronicle.ingestionLogNamespaces.get","chronicle.ingestionLogNamespaces.list","chronicle.instances.get","chronicle.legacies.legacyBatchGetCases","chronicle.legacies.legacyCalculateAlertStats","chronicle.legacies.legacyFetchAlertsView","chronicle.legacies.legacyFetchUdmSearchCsv","chronicle.legacies.legacyFetchUdmSearchView","chronicle.legacies.legacyFindAssetEvents","chronicle.legacies.legacyFindRawLogs","chronicle.legacies.legacyFindUdmEvents","chronicle.legacies.legacyGetAlert","chronicle.legacies.legacyGetFinding","chronicle.legacies.legacySearchAlerts","chronicle.legacies.legacySearchArtifactEvents","chronicle.legacies.legacySearchArtifactIoCDetails","chronicle.legacies.legacySearchAssetEvents","chronicle.legacies.legacySearchCustomerStats","chronicle.legacies.legacySearchDomainsRecentlyRegistered","chronicle.legacies.legacySearchDomainsTimingStats","chronicle.legacies.legacySearchEnterpriseWideAlerts","chronicle.legacies.legacySearchEnterpriseWideIoCs","chronicle.legacies.legacySearchFindings","chronicle.legacies.legacySearchIngestionStats","chronicle.legacies.legacySearchIoCInsights","chronicle.legacies.legacySearchRawLogs","chronicle.legacies.legacySearchUserEvents","chronicle.logTypeSchemas.list","chronicle.logs.export","chronicle.logs.get","chronicle.logs.list","chronicle.messages.get","chronicle.messages.list","chronicle.multitenantDirectories.get","chronicle.nativeDashboards.get","chronicle.nativeDashboards.list","chronicle.operations.get","chronicle.operations.list","chronicle.operations.streamSearch","chronicle.operations.wait","chronicle.preferenceSets.get","chronicle.preferenceSets.update","chronicle.searchQueries.create","chronicle.searchQueries.delete","chronicle.searchQueries.get","chronicle.searchQueries.list","chronicle.searchQueries.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/chronicle.limitedViewer","stage":"GA","title":"Chronicle API Limited Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Grants access to data controlled by Data Access Scopes. Intended to be refined by IAM Conditions.","etag":"AA==","includedPermissions":["chronicle.dataAccessScopes.permit"],"name":"roles/chronicle.restrictedDataAccess","stage":"BETA","title":"Chronicle API Restricted Data Access","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Grants readonly access to Chronicle API resources without global data access scope.","etag":"AA==","includedPermissions":["chronicle.ais.createFeedback","chronicle.ais.translateUdmQuery","chronicle.ais.translateYlRule","chronicle.dataAccessScopes.list","chronicle.entities.find","chronicle.entities.findRelatedEntities","chronicle.entities.get","chronicle.entities.list","chronicle.entities.searchEntities","chronicle.entities.summarize","chronicle.entities.summarizeFromQuery","chronicle.events.batchGet","chronicle.events.findUdmFieldValues","chronicle.events.get","chronicle.events.queryProductSourceStats","chronicle.events.searchRawLogs","chronicle.events.udmSearch","chronicle.events.validateQuery","chronicle.findingsGraphs.exploreNode","chronicle.findingsGraphs.initializeGraph","chronicle.instances.generateCollectionAgentAuth","chronicle.instances.generateSoarAuthJwt","chronicle.instances.get","chronicle.instances.report","chronicle.legacies.legacyBatchGetCases","chronicle.legacies.legacyCalculateAlertStats","chronicle.legacies.legacyFetchAlertsView","chronicle.legacies.legacyFetchUdmSearchCsv","chronicle.legacies.legacyFetchUdmSearchView","chronicle.legacies.legacyFindAssetEvents","chronicle.legacies.legacyFindRawLogs","chronicle.legacies.legacyFindUdmEvents","chronicle.legacies.legacyGetAlert","chronicle.legacies.legacyGetFinding","chronicle.legacies.legacyGetRuleCounts","chronicle.legacies.legacyGetRulesTrends","chronicle.legacies.legacyRunTestRule","chronicle.legacies.legacySearchArtifactEvents","chronicle.legacies.legacySearchArtifactIoCDetails","chronicle.legacies.legacySearchAssetEvents","chronicle.legacies.legacySearchCustomerStats","chronicle.legacies.legacySearchDomainsRecentlyRegistered","chronicle.legacies.legacySearchDomainsTimingStats","chronicle.legacies.legacySearchFindings","chronicle.legacies.legacySearchIngestionStats","chronicle.legacies.legacySearchIoCInsights","chronicle.legacies.legacySearchRawLogs","chronicle.legacies.legacySearchRuleDetectionCountBuckets","chronicle.legacies.legacySearchRuleDetectionEvents","chronicle.legacies.legacySearchRuleResults","chronicle.legacies.legacySearchRulesAlerts","chronicle.legacies.legacySearchUserEvents","chronicle.logs.get","chronicle.logs.list","chronicle.multitenantDirectories.get","chronicle.operations.get","chronicle.operations.list","chronicle.operations.streamSearch","chronicle.operations.wait","chronicle.referenceLists.get","chronicle.referenceLists.list","chronicle.referenceLists.verifyReferenceList","chronicle.retrohunts.get","chronicle.retrohunts.list","chronicle.ruleDeployments.get","chronicle.ruleDeployments.list","chronicle.ruleExecutionErrors.list","chronicle.rules.get","chronicle.rules.list","chronicle.rules.listRevisions","chronicle.rules.verifyRuleText","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/chronicle.restrictedDataAccessViewer","stage":"BETA","title":"Chronicle API Restricted Data Access Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Grants readonly access to Chronicle API resources without global data access scope.","etag":"AA==","includedPermissions":["chronicle.ais.createFeedback","chronicle.ais.translateUdmQuery","chronicle.ais.translateYlRule","chronicle.dashboardCharts.get","chronicle.dashboardCharts.list","chronicle.dashboardQueries.execute","chronicle.dashboardQueries.get","chronicle.dashboardQueries.list","chronicle.dataAccessScopes.list","chronicle.entities.find","chronicle.entities.findRelatedEntities","chronicle.entities.get","chronicle.entities.list","chronicle.entities.searchEntities","chronicle.entities.summarize","chronicle.entities.summarizeFromQuery","chronicle.events.batchGet","chronicle.events.findUdmFieldValues","chronicle.events.get","chronicle.events.queryProductSourceStats","chronicle.events.searchRawLogs","chronicle.events.udmSearch","chronicle.events.validateQuery","chronicle.findingsGraphs.exploreNode","chronicle.findingsGraphs.initializeGraph","chronicle.instances.generateCollectionAgentAuth","chronicle.instances.generateSoarAuthJwt","chronicle.instances.get","chronicle.instances.report","chronicle.legacies.legacyBatchGetCases","chronicle.legacies.legacyCalculateAlertStats","chronicle.legacies.legacyFetchAlertsView","chronicle.legacies.legacyFetchUdmSearchCsv","chronicle.legacies.legacyFetchUdmSearchView","chronicle.legacies.legacyFindAssetEvents","chronicle.legacies.legacyFindRawLogs","chronicle.legacies.legacyFindUdmEvents","chronicle.legacies.legacyGetAlert","chronicle.legacies.legacyGetFinding","chronicle.legacies.legacyGetRuleCounts","chronicle.legacies.legacyGetRulesTrends","chronicle.legacies.legacyRunTestRule","chronicle.legacies.legacySearchArtifactEvents","chronicle.legacies.legacySearchArtifactIoCDetails","chronicle.legacies.legacySearchAssetEvents","chronicle.legacies.legacySearchCustomerStats","chronicle.legacies.legacySearchDomainsRecentlyRegistered","chronicle.legacies.legacySearchDomainsTimingStats","chronicle.legacies.legacySearchFindings","chronicle.legacies.legacySearchIngestionStats","chronicle.legacies.legacySearchIoCInsights","chronicle.legacies.legacySearchRawLogs","chronicle.legacies.legacySearchRuleDetectionCountBuckets","chronicle.legacies.legacySearchRuleDetectionEvents","chronicle.legacies.legacySearchRuleResults","chronicle.legacies.legacySearchRulesAlerts","chronicle.legacies.legacySearchUserEvents","chronicle.logs.get","chronicle.logs.list","chronicle.multitenantDirectories.get","chronicle.nativeDashboards.get","chronicle.nativeDashboards.list","chronicle.operations.get","chronicle.operations.list","chronicle.operations.streamSearch","chronicle.operations.wait","chronicle.referenceLists.get","chronicle.referenceLists.list","chronicle.referenceLists.verifyReferenceList","chronicle.retrohunts.get","chronicle.retrohunts.list","chronicle.ruleDeployments.get","chronicle.ruleDeployments.list","chronicle.ruleExecutionErrors.list","chronicle.rules.get","chronicle.rules.list","chronicle.rules.listRevisions","chronicle.rules.verifyRuleText","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/chronicle.restrictedDataAccessViewer","stage":"BETA","title":"Chronicle API Restricted Data Access Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Grants Chronicle scoped access to customer project","etag":"AA==","includedPermissions":["bigquery.connections.create","bigquery.connections.delegate","bigquery.connections.delete","bigquery.connections.get","bigquery.connections.getIamPolicy","bigquery.connections.list","bigquery.connections.update","bigquery.connections.updateTag","bigquery.connections.use","bigquery.datasets.create","bigquery.jobs.create","bigquery.jobs.get","bigquery.tables.create","bigquery.tables.delete","bigquery.tables.get","bigquery.tables.update","bigquery.tables.updateData","chronicle.instances.get","monitoring.alertPolicies.create","monitoring.alertPolicies.delete","monitoring.alertPolicies.get","monitoring.alertPolicies.list","monitoring.alertPolicies.update","serviceusage.quotas.get","serviceusage.services.enable","serviceusage.services.get","serviceusage.services.list","storage.buckets.create","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.setIamPolicy","storage.objects.create","storage.objects.delete","storage.objects.get"],"name":"roles/chronicle.serviceAgent","stage":"GA","title":"Chronicle Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Grants admin access to Chronicle SOAR.","etag":"AA==","includedPermissions":["chronicle.instances.soarAdmin","cloudasset.assets.exportResource","cloudasset.assets.queryAccessPolicy","cloudasset.assets.queryIamPolicy","cloudasset.assets.queryOSInventories","cloudasset.assets.queryResource","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","cloudasset.assets.searchEnrichmentResourceOwners","resourcemanager.organizations.get","resourcemanager.projects.get","resourcemanager.projects.list","securitycenter.attackpaths.list","securitycenter.exposurepathexplan.get","securitycenter.findings.bulkMuteUpdate","securitycenter.findings.group","securitycenter.findings.list","securitycenter.findings.listFindingPropertyNames","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.findingsecuritymarks.update","securitycenter.simulations.get","securitycenter.userinterfacemetadata.get","securitycenter.valuedresources.list"],"name":"roles/chronicle.soarAdmin","stage":"BETA","title":"Chronicle SOAR Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Gives Chronicle SOAR the ability to perform remediation on Cloud Platform resources.","etag":"AA==","includedPermissions":["cloudasset.assets.analyzeIamPolicy","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","compute.instances.get","compute.instances.list","compute.instances.stop","compute.zones.list","iam.serviceAccounts.disable","iam.serviceAccounts.list","recommender.iamPolicyRecommendations.get","recommender.iamPolicyRecommendations.list","recommender.iamPolicyRecommendations.update","resourcemanager.organizations.getIamPolicy","securitycenter.findingexternalsystems.update","securitycenter.findings.list","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.notificationconfig.create","securitycenter.notificationconfig.get","securitycenter.notificationconfig.update","securitycenter.sources.list"],"name":"roles/chronicle.soarServiceAgent","stage":"GA","title":"Chronicle SOAR Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
@@ -555,9 +555,9 @@
 {"description":"Gives permission to modify tags on a GCP assets (BigQuery, Pub/Sub etc).","etag":"AA==","includedPermissions":["bigquery.connections.updateTag","bigquery.datasets.updateTag","bigquery.models.updateTag","bigquery.routines.updateTag","bigquery.tables.updateTag","datacatalog.entries.updateTag","datacatalog.entryGroups.updateTag","pubsub.topics.updateTag"],"name":"roles/datacatalog.tagEditor","stage":"GA","title":"Data Catalog Tag Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Access to create new tag templates","etag":"AA==","includedPermissions":["datacatalog.tagTemplates.create","datacatalog.tagTemplates.get"],"name":"roles/datacatalog.tagTemplateCreator","stage":"GA","title":"Data Catalog TagTemplate Creator","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Full acess to tag templates","etag":"AA==","includedPermissions":["datacatalog.tagTemplates.create","datacatalog.tagTemplates.delete","datacatalog.tagTemplates.get","datacatalog.tagTemplates.getIamPolicy","datacatalog.tagTemplates.getTag","datacatalog.tagTemplates.setIamPolicy","datacatalog.tagTemplates.update","datacatalog.tagTemplates.use","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datacatalog.tagTemplateOwner","stage":"GA","title":"Data Catalog TagTemplate Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Access to use templates to tag resources","etag":"AA==","includedPermissions":["datacatalog.tagTemplates.get","datacatalog.tagTemplates.getTag","datacatalog.tagTemplates.use","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datacatalog.tagTemplateUser","stage":"GA","title":"Data Catalog TagTemplate User","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Access to use templates to tag resources","etag":"AA==","includedPermissions":["datacatalog.tagTemplates.get","datacatalog.tagTemplates.getTag","datacatalog.tagTemplates.use","dataplex.projects.search","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datacatalog.tagTemplateUser","stage":"GA","title":"Data Catalog TagTemplate User","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Read access to templates and tags created using the templates","etag":"AA==","includedPermissions":["datacatalog.tagTemplates.get","datacatalog.tagTemplates.getTag","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datacatalog.tagTemplateViewer","stage":"GA","title":"Data Catalog TagTemplate Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Grants metadata read permissions to cataloged GCP assets (BigQuery, Pub/Sub etc)","etag":"AA==","includedPermissions":["bigquery.connections.get","bigquery.datasets.get","bigquery.models.getMetadata","bigquery.routines.get","bigquery.tables.get","datacatalog.entries.get","datacatalog.entries.list","datacatalog.entryGroups.get","datacatalog.entryGroups.list","datacatalog.operations.list","datacatalog.relationships.list","datacatalog.tagTemplates.get","datacatalog.tagTemplates.getTag","datacatalog.taxonomies.get","datacatalog.taxonomies.list","pubsub.topics.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datacatalog.viewer","stage":"GA","title":"Data Catalog Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Grants metadata read permissions to cataloged GCP assets (BigQuery, Pub/Sub etc)","etag":"AA==","includedPermissions":["bigquery.connections.get","bigquery.datasets.get","bigquery.models.getMetadata","bigquery.routines.get","bigquery.tables.get","datacatalog.entries.get","datacatalog.entries.list","datacatalog.entryGroups.get","datacatalog.entryGroups.list","datacatalog.operations.list","datacatalog.relationships.list","datacatalog.tagTemplates.get","datacatalog.tagTemplates.getTag","datacatalog.taxonomies.get","datacatalog.taxonomies.list","dataplex.projects.search","pubsub.topics.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datacatalog.viewer","stage":"GA","title":"Data Catalog Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Full access to Data Connectors.","etag":"AA==","includedPermissions":["dataconnectors.connectors.create","dataconnectors.connectors.delete","dataconnectors.connectors.get","dataconnectors.connectors.getIamPolicy","dataconnectors.connectors.list","dataconnectors.connectors.setIamPolicy","dataconnectors.connectors.update","dataconnectors.connectors.use","dataconnectors.locations.get","dataconnectors.locations.list","dataconnectors.operations.cancel","dataconnectors.operations.delete","dataconnectors.operations.get","dataconnectors.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataconnectors.connectorAdmin","stage":"BETA","title":"Connector Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Access to use Data Connectors.","etag":"AA==","includedPermissions":["dataconnectors.connectors.get","dataconnectors.connectors.getIamPolicy","dataconnectors.connectors.list","dataconnectors.connectors.use"],"name":"roles/dataconnectors.connectorUser","stage":"BETA","title":"Connector User","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Gives Data Connectors service agent permission to access the virtual private cloud","etag":"AA==","includedPermissions":["compute.globalOperations.get","compute.networks.access","vpcaccess.connectors.get","vpcaccess.connectors.use"],"name":"roles/dataconnectors.serviceAgent","stage":"GA","title":"Data Connectors Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
@@ -618,11 +618,11 @@
 {"description":"Grants access to creating and managing Entry Types. Does not give the right to create/modify Entries.","etag":"AA==","includedPermissions":["dataplex.entryTypes.create","dataplex.entryTypes.delete","dataplex.entryTypes.get","dataplex.entryTypes.getIamPolicy","dataplex.entryTypes.list","dataplex.entryTypes.setIamPolicy","dataplex.entryTypes.update","dataplex.entryTypes.use","dataplex.projects.search","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.entryTypeOwner","stage":"GA","title":"Dataplex Entry Type Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Grants access to use Entry Types to create/modify Entries of those types.","etag":"AA==","includedPermissions":["dataplex.entryTypes.get","dataplex.entryTypes.list","dataplex.entryTypes.use","dataplex.projects.search","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.entryTypeUser","stage":"GA","title":"Dataplex Entry Type User","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Grants access to creating and managing Metadata Jobs. Does not give the right to create/modify Entry Groups.","etag":"AA==","includedPermissions":["dataplex.metadataJobs.cancel","dataplex.metadataJobs.create","dataplex.metadataJobs.get","dataplex.metadataJobs.list","dataplex.operations.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.metadataJobOwner","stage":"ALPHA","title":"Dataplex Metadata Job Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Read access to Metadata Job resources.","etag":"AA==","includedPermissions":["dataplex.metadataJobs.get","dataplex.metadataJobs.list","dataplex.operations.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.metadataJobViewer","stage":"ALPHA","title":"Dataplex Metadata Job Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Read access to Metadata Job resources.","etag":"AA==","includedPermissions":["dataplex.metadataJobs.get","dataplex.metadataJobs.list","dataplex.operations.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.metadataJobViewer","stage":"BETA","title":"Dataplex Metadata Job Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Read only access to metadata.","etag":"AA==","includedPermissions":["dataplex.assets.get","dataplex.assets.list","dataplex.entities.get","dataplex.entities.list","dataplex.partitions.get","dataplex.partitions.list","dataplex.zones.get","dataplex.zones.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.metadataReader","stage":"GA","title":"Dataplex Metadata Reader","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Write and Read access to metadata.","etag":"AA==","includedPermissions":["dataplex.assets.get","dataplex.assets.list","dataplex.entities.create","dataplex.entities.delete","dataplex.entities.get","dataplex.entities.list","dataplex.entities.update","dataplex.partitions.create","dataplex.partitions.delete","dataplex.partitions.get","dataplex.partitions.list","dataplex.partitions.update","dataplex.zones.get","dataplex.zones.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataplex.metadataWriter","stage":"GA","title":"Dataplex Metadata Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Permissions configure ResourceAccess and DataAccess Specs on Data Attributes.","etag":"AA==","includedPermissions":["dataplex.dataTaxonomies.configureDataAccess","dataplex.dataTaxonomies.configureResourceAccess"],"name":"roles/dataplex.securityAdmin","stage":"GA","title":"Dataplex Security Administrator","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Gives the Dataplex service account access to project resources. This access will be used in data discovery, data management and data workload management.","etag":"AA==","includedPermissions":["bigquery.bireservations.get","bigquery.bireservations.update","bigquery.capacityCommitments.create","bigquery.capacityCommitments.delete","bigquery.capacityCommitments.get","bigquery.capacityCommitments.list","bigquery.capacityCommitments.update","bigquery.config.get","bigquery.config.update","bigquery.connections.create","bigquery.connections.delegate","bigquery.connections.delete","bigquery.connections.get","bigquery.connections.getIamPolicy","bigquery.connections.list","bigquery.connections.setIamPolicy","bigquery.connections.update","bigquery.connections.updateTag","bigquery.connections.use","bigquery.dataPolicies.create","bigquery.dataPolicies.delete","bigquery.dataPolicies.get","bigquery.dataPolicies.getIamPolicy","bigquery.dataPolicies.list","bigquery.dataPolicies.setIamPolicy","bigquery.dataPolicies.update","bigquery.datasets.create","bigquery.datasets.createTagBinding","bigquery.datasets.delete","bigquery.datasets.deleteTagBinding","bigquery.datasets.get","bigquery.datasets.getIamPolicy","bigquery.datasets.link","bigquery.datasets.listEffectiveTags","bigquery.datasets.listSharedDatasetUsage","bigquery.datasets.listTagBindings","bigquery.datasets.setIamPolicy","bigquery.datasets.update","bigquery.datasets.updateTag","bigquery.jobs.create","bigquery.jobs.delete","bigquery.jobs.get","bigquery.jobs.list","bigquery.jobs.listAll","bigquery.jobs.listExecutionMetadata","bigquery.jobs.update","bigquery.models.create","bigquery.models.delete","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.models.updateData","bigquery.models.updateMetadata","bigquery.models.updateTag","bigquery.readsessions.create","bigquery.readsessions.getData","bigquery.readsessions.update","bigquery.reservationAssignments.create","bigquery.reservationAssignments.delete","bigquery.reservationAssignments.list","bigquery.reservationAssignments.search","bigquery.reservations.create","bigquery.reservations.delete","bigquery.reservations.get","bigquery.reservations.list","bigquery.reservations.update","bigquery.routines.create","bigquery.routines.delete","bigquery.routines.get","bigquery.routines.list","bigquery.routines.update","bigquery.routines.updateTag","bigquery.rowAccessPolicies.create","bigquery.rowAccessPolicies.delete","bigquery.rowAccessPolicies.getIamPolicy","bigquery.rowAccessPolicies.list","bigquery.rowAccessPolicies.overrideTimeTravelRestrictions","bigquery.rowAccessPolicies.setIamPolicy","bigquery.rowAccessPolicies.update","bigquery.savedqueries.create","bigquery.savedqueries.delete","bigquery.savedqueries.get","bigquery.savedqueries.list","bigquery.savedqueries.update","bigquery.tables.create","bigquery.tables.createIndex","bigquery.tables.createSnapshot","bigquery.tables.createTagBinding","bigquery.tables.delete","bigquery.tables.deleteIndex","bigquery.tables.deleteSnapshot","bigquery.tables.deleteTagBinding","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.getIamPolicy","bigquery.tables.list","bigquery.tables.listEffectiveTags","bigquery.tables.listTagBindings","bigquery.tables.replicateData","bigquery.tables.restoreSnapshot","bigquery.tables.setCategory","bigquery.tables.setColumnDataPolicy","bigquery.tables.setIamPolicy","bigquery.tables.update","bigquery.tables.updateData","bigquery.tables.updateTag","bigquery.transfers.get","bigquery.transfers.update","bigquerymigration.translation.translate","datacatalog.catalogs.searchAll","datacatalog.categories.getIamPolicy","datacatalog.categories.setIamPolicy","datacatalog.entries.get","datacatalog.taxonomies.create","datacatalog.taxonomies.delete","datacatalog.taxonomies.get","datacatalog.taxonomies.list","datacatalog.taxonomies.update","dataform.compilationResults.create","dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.releaseConfigs.create","dataform.releaseConfigs.delete","dataform.releaseConfigs.get","dataform.releaseConfigs.list","dataform.releaseConfigs.update","dataform.repositories.commit","dataform.repositories.computeAccessTokenStatus","dataform.repositories.create","dataform.repositories.delete","dataform.repositories.fetchHistory","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.getIamPolicy","dataform.repositories.list","dataform.repositories.queryDirectoryContents","dataform.repositories.readFile","dataform.repositories.setIamPolicy","dataform.repositories.update","dataform.workflowConfigs.create","dataform.workflowConfigs.delete","dataform.workflowConfigs.get","dataform.workflowConfigs.list","dataform.workflowConfigs.update","dataform.workflowInvocations.cancel","dataform.workflowInvocations.create","dataform.workflowInvocations.delete","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.commit","dataform.workspaces.create","dataform.workspaces.delete","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.getIamPolicy","dataform.workspaces.installNpmPackages","dataform.workspaces.list","dataform.workspaces.makeDirectory","dataform.workspaces.moveDirectory","dataform.workspaces.moveFile","dataform.workspaces.pull","dataform.workspaces.push","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","dataform.workspaces.removeDirectory","dataform.workspaces.removeFile","dataform.workspaces.reset","dataform.workspaces.searchFiles","dataform.workspaces.setIamPolicy","dataform.workspaces.writeFile","dataplex.assets.getIamPolicy","dataplex.environments.execute","dataplex.environments.get","dataplex.environments.list","dataplex.lakes.get","dataplex.lakes.getIamPolicy","dataplex.zones.getIamPolicy","dataproc.batches.cancel","dataproc.batches.create","dataproc.batches.get","dataproc.operations.cancel","dataproc.operations.get","dataproc.operations.list","firebase.projects.get","iam.serviceAccounts.actAs","logging.logEntries.create","logging.logEntries.route","metastore.services.get","monitoring.metricDescriptors.create","monitoring.metricDescriptors.get","monitoring.metricDescriptors.list","monitoring.monitoredResourceDescriptors.get","monitoring.monitoredResourceDescriptors.list","monitoring.timeSeries.create","orgpolicy.policy.get","recommender.iamPolicyInsights.get","recommender.iamPolicyInsights.list","recommender.iamPolicyInsights.update","recommender.iamPolicyRecommendations.get","recommender.iamPolicyRecommendations.list","recommender.iamPolicyRecommendations.update","resourcemanager.hierarchyNodes.listEffectiveTags","resourcemanager.projects.get","resourcemanager.projects.list","servicemanagement.services.report","serviceusage.services.use","storage.anywhereCaches.create","storage.anywhereCaches.disable","storage.anywhereCaches.get","storage.anywhereCaches.list","storage.anywhereCaches.pause","storage.anywhereCaches.resume","storage.anywhereCaches.update","storage.bucketOperations.cancel","storage.bucketOperations.get","storage.bucketOperations.list","storage.buckets.create","storage.buckets.createTagBinding","storage.buckets.delete","storage.buckets.deleteTagBinding","storage.buckets.enableObjectRetention","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.getObjectInsights","storage.buckets.list","storage.buckets.listEffectiveTags","storage.buckets.listTagBindings","storage.buckets.restore","storage.buckets.setIamPolicy","storage.buckets.update","storage.managedFolders.create","storage.managedFolders.delete","storage.managedFolders.get","storage.managedFolders.getIamPolicy","storage.managedFolders.list","storage.managedFolders.setIamPolicy","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.overrideUnlockedRetention","storage.objects.restore","storage.objects.setIamPolicy","storage.objects.setRetention","storage.objects.update"],"name":"roles/dataplex.serviceAgent","stage":"GA","title":"Cloud Dataplex Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Gives the Dataplex service account access to project resources. This access will be used in data discovery, data management and data workload management.","etag":"AA==","includedPermissions":["bigquery.bireservations.get","bigquery.bireservations.update","bigquery.capacityCommitments.create","bigquery.capacityCommitments.delete","bigquery.capacityCommitments.get","bigquery.capacityCommitments.list","bigquery.capacityCommitments.update","bigquery.config.get","bigquery.config.update","bigquery.connections.create","bigquery.connections.delegate","bigquery.connections.delete","bigquery.connections.get","bigquery.connections.getIamPolicy","bigquery.connections.list","bigquery.connections.setIamPolicy","bigquery.connections.update","bigquery.connections.updateTag","bigquery.connections.use","bigquery.dataPolicies.create","bigquery.dataPolicies.delete","bigquery.dataPolicies.get","bigquery.dataPolicies.getIamPolicy","bigquery.dataPolicies.list","bigquery.dataPolicies.setIamPolicy","bigquery.dataPolicies.update","bigquery.datasets.create","bigquery.datasets.createTagBinding","bigquery.datasets.delete","bigquery.datasets.deleteTagBinding","bigquery.datasets.get","bigquery.datasets.getIamPolicy","bigquery.datasets.link","bigquery.datasets.listEffectiveTags","bigquery.datasets.listSharedDatasetUsage","bigquery.datasets.listTagBindings","bigquery.datasets.setIamPolicy","bigquery.datasets.update","bigquery.datasets.updateTag","bigquery.jobs.create","bigquery.jobs.delete","bigquery.jobs.get","bigquery.jobs.list","bigquery.jobs.listAll","bigquery.jobs.listExecutionMetadata","bigquery.jobs.update","bigquery.models.create","bigquery.models.delete","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.models.updateData","bigquery.models.updateMetadata","bigquery.models.updateTag","bigquery.readsessions.create","bigquery.readsessions.getData","bigquery.readsessions.update","bigquery.reservationAssignments.create","bigquery.reservationAssignments.delete","bigquery.reservationAssignments.list","bigquery.reservationAssignments.search","bigquery.reservations.create","bigquery.reservations.delete","bigquery.reservations.get","bigquery.reservations.list","bigquery.reservations.update","bigquery.routines.create","bigquery.routines.delete","bigquery.routines.get","bigquery.routines.list","bigquery.routines.update","bigquery.routines.updateTag","bigquery.rowAccessPolicies.create","bigquery.rowAccessPolicies.delete","bigquery.rowAccessPolicies.getIamPolicy","bigquery.rowAccessPolicies.list","bigquery.rowAccessPolicies.overrideTimeTravelRestrictions","bigquery.rowAccessPolicies.setIamPolicy","bigquery.rowAccessPolicies.update","bigquery.savedqueries.create","bigquery.savedqueries.delete","bigquery.savedqueries.get","bigquery.savedqueries.list","bigquery.savedqueries.update","bigquery.tables.create","bigquery.tables.createIndex","bigquery.tables.createSnapshot","bigquery.tables.createTagBinding","bigquery.tables.delete","bigquery.tables.deleteIndex","bigquery.tables.deleteSnapshot","bigquery.tables.deleteTagBinding","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.getIamPolicy","bigquery.tables.list","bigquery.tables.listEffectiveTags","bigquery.tables.listTagBindings","bigquery.tables.replicateData","bigquery.tables.restoreSnapshot","bigquery.tables.setCategory","bigquery.tables.setColumnDataPolicy","bigquery.tables.setIamPolicy","bigquery.tables.update","bigquery.tables.updateData","bigquery.tables.updateTag","bigquery.transfers.get","bigquery.transfers.update","bigquerymigration.translation.translate","datacatalog.catalogs.searchAll","datacatalog.categories.getIamPolicy","datacatalog.categories.setIamPolicy","datacatalog.entries.get","datacatalog.taxonomies.create","datacatalog.taxonomies.delete","datacatalog.taxonomies.get","datacatalog.taxonomies.list","datacatalog.taxonomies.update","dataform.compilationResults.create","dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.releaseConfigs.create","dataform.releaseConfigs.delete","dataform.releaseConfigs.get","dataform.releaseConfigs.list","dataform.releaseConfigs.update","dataform.repositories.commit","dataform.repositories.computeAccessTokenStatus","dataform.repositories.create","dataform.repositories.delete","dataform.repositories.fetchHistory","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.getIamPolicy","dataform.repositories.list","dataform.repositories.queryDirectoryContents","dataform.repositories.readFile","dataform.repositories.setIamPolicy","dataform.repositories.update","dataform.workflowConfigs.create","dataform.workflowConfigs.delete","dataform.workflowConfigs.get","dataform.workflowConfigs.list","dataform.workflowConfigs.update","dataform.workflowInvocations.cancel","dataform.workflowInvocations.create","dataform.workflowInvocations.delete","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.commit","dataform.workspaces.create","dataform.workspaces.delete","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.getIamPolicy","dataform.workspaces.installNpmPackages","dataform.workspaces.list","dataform.workspaces.makeDirectory","dataform.workspaces.moveDirectory","dataform.workspaces.moveFile","dataform.workspaces.pull","dataform.workspaces.push","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","dataform.workspaces.removeDirectory","dataform.workspaces.removeFile","dataform.workspaces.reset","dataform.workspaces.searchFiles","dataform.workspaces.setIamPolicy","dataform.workspaces.writeFile","dataplex.assets.getIamPolicy","dataplex.environments.execute","dataplex.environments.get","dataplex.environments.list","dataplex.lakes.get","dataplex.lakes.getIamPolicy","dataplex.projects.search","dataplex.zones.getIamPolicy","dataproc.batches.cancel","dataproc.batches.create","dataproc.batches.get","dataproc.operations.cancel","dataproc.operations.get","dataproc.operations.list","firebase.projects.get","iam.serviceAccounts.actAs","logging.logEntries.create","logging.logEntries.route","metastore.services.get","monitoring.metricDescriptors.create","monitoring.metricDescriptors.get","monitoring.metricDescriptors.list","monitoring.monitoredResourceDescriptors.get","monitoring.monitoredResourceDescriptors.list","monitoring.timeSeries.create","orgpolicy.policy.get","recommender.iamPolicyInsights.get","recommender.iamPolicyInsights.list","recommender.iamPolicyInsights.update","recommender.iamPolicyRecommendations.get","recommender.iamPolicyRecommendations.list","recommender.iamPolicyRecommendations.update","resourcemanager.hierarchyNodes.listEffectiveTags","resourcemanager.projects.get","resourcemanager.projects.list","servicemanagement.services.report","serviceusage.services.use","storage.anywhereCaches.create","storage.anywhereCaches.disable","storage.anywhereCaches.get","storage.anywhereCaches.list","storage.anywhereCaches.pause","storage.anywhereCaches.resume","storage.anywhereCaches.update","storage.bucketOperations.cancel","storage.bucketOperations.get","storage.bucketOperations.list","storage.buckets.create","storage.buckets.createTagBinding","storage.buckets.delete","storage.buckets.deleteTagBinding","storage.buckets.enableObjectRetention","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.getObjectInsights","storage.buckets.list","storage.buckets.listEffectiveTags","storage.buckets.listTagBindings","storage.buckets.restore","storage.buckets.setIamPolicy","storage.buckets.update","storage.managedFolders.create","storage.managedFolders.delete","storage.managedFolders.get","storage.managedFolders.getIamPolicy","storage.managedFolders.list","storage.managedFolders.setIamPolicy","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.overrideUnlockedRetention","storage.objects.restore","storage.objects.setIamPolicy","storage.objects.setRetention","storage.objects.update"],"name":"roles/dataplex.serviceAgent","stage":"GA","title":"Cloud Dataplex Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Owner access to data.  Should not be used directly. This role is granted by Dataplex to managed resources like GCS buckets, BigQuery datasets etc.","etag":"AA==","includedPermissions":["bigquery.datasets.get","bigquery.models.create","bigquery.models.delete","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.models.updateData","bigquery.models.updateMetadata","bigquery.routines.create","bigquery.routines.delete","bigquery.routines.get","bigquery.routines.list","bigquery.routines.update","bigquery.tables.create","bigquery.tables.createSnapshot","bigquery.tables.delete","bigquery.tables.deleteSnapshot","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.list","bigquery.tables.restoreSnapshot","bigquery.tables.update","bigquery.tables.updateData","storage.buckets.get","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.list","storage.objects.update"],"name":"roles/dataplex.storageDataOwner","stage":"GA","title":"Dataplex Storage Data Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Read only access to data. Should not be used directly. This role is granted by Dataplex to managed resources like GCS buckets, BigQuery datasets etc.","etag":"AA==","includedPermissions":["bigquery.datasets.get","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.routines.get","bigquery.routines.list","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.list","storage.buckets.get","storage.objects.get","storage.objects.list"],"name":"roles/dataplex.storageDataReader","stage":"GA","title":"Dataplex Storage Data Reader","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Write access to data. Should not be used directly. This role is granted by Dataplex to managed resources like GCS buckets, BigQuery datasets etc.","etag":"AA==","includedPermissions":["bigquery.tables.updateData","storage.objects.create","storage.objects.delete","storage.objects.update"],"name":"roles/dataplex.storageDataWriter","stage":"GA","title":"Dataplex Storage Data Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
diff --git a/roles/chronicle.restrictedDataAccessViewer b/roles/chronicle.restrictedDataAccessViewer
index 9f2a5bdf..f7d947c3 100644
--- a/roles/chronicle.restrictedDataAccessViewer
+++ b/roles/chronicle.restrictedDataAccessViewer
@@ -5,6 +5,11 @@
     "chronicle.ais.createFeedback",
     "chronicle.ais.translateUdmQuery",
     "chronicle.ais.translateYlRule",
+    "chronicle.dashboardCharts.get",
+    "chronicle.dashboardCharts.list",
+    "chronicle.dashboardQueries.execute",
+    "chronicle.dashboardQueries.get",
+    "chronicle.dashboardQueries.list",
     "chronicle.dataAccessScopes.list",
     "chronicle.entities.find",
     "chronicle.entities.findRelatedEntities",
@@ -57,6 +62,8 @@
     "chronicle.logs.get",
     "chronicle.logs.list",
     "chronicle.multitenantDirectories.get",
+    "chronicle.nativeDashboards.get",
+    "chronicle.nativeDashboards.list",
     "chronicle.operations.get",
     "chronicle.operations.list",
     "chronicle.operations.streamSearch",
diff --git a/roles/datacatalog.tagTemplateUser b/roles/datacatalog.tagTemplateUser
index b554ea67..5bb88a1b 100644
--- a/roles/datacatalog.tagTemplateUser
+++ b/roles/datacatalog.tagTemplateUser
@@ -5,6 +5,7 @@
     "datacatalog.tagTemplates.get",
     "datacatalog.tagTemplates.getTag",
     "datacatalog.tagTemplates.use",
+    "dataplex.projects.search",
     "resourcemanager.projects.get",
     "resourcemanager.projects.list"
   ],
diff --git a/roles/datacatalog.viewer b/roles/datacatalog.viewer
index 2b586c5f..f7531de5 100644
--- a/roles/datacatalog.viewer
+++ b/roles/datacatalog.viewer
@@ -17,6 +17,7 @@
     "datacatalog.tagTemplates.getTag",
     "datacatalog.taxonomies.get",
     "datacatalog.taxonomies.list",
+    "dataplex.projects.search",
     "pubsub.topics.get",
     "resourcemanager.projects.get",
     "resourcemanager.projects.list"
diff --git a/roles/dataplex.metadataJobViewer b/roles/dataplex.metadataJobViewer
index 4ee5fb5a..68a8f0f2 100644
--- a/roles/dataplex.metadataJobViewer
+++ b/roles/dataplex.metadataJobViewer
@@ -9,6 +9,6 @@
     "resourcemanager.projects.list"
   ],
   "name": "roles/dataplex.metadataJobViewer",
-  "stage": "ALPHA",
+  "stage": "BETA",
   "title": "Dataplex Metadata Job Viewer"
 }
diff --git a/roles/dataplex.serviceAgent b/roles/dataplex.serviceAgent
index c39d953b..8c667c0d 100644
--- a/roles/dataplex.serviceAgent
+++ b/roles/dataplex.serviceAgent
@@ -186,6 +186,7 @@
     "dataplex.environments.list",
     "dataplex.lakes.get",
     "dataplex.lakes.getIamPolicy",
+    "dataplex.projects.search",
     "dataplex.zones.getIamPolicy",
     "dataproc.batches.cancel",
     "dataproc.batches.create",