diff --git a/gcp_roles_cai.json b/gcp_roles_cai.json index 54f8dcd4..10ebe419 100644 --- a/gcp_roles_cai.json +++ b/gcp_roles_cai.json @@ -633,7 +633,7 @@ {"description":"Dataprep service identity. Includes access to service accounts.","etag":"AA==","includedPermissions":["bigquery.bireservations.get","bigquery.capacityCommitments.get","bigquery.capacityCommitments.list","bigquery.config.get","bigquery.datasets.create","bigquery.datasets.get","bigquery.datasets.getIamPolicy","bigquery.datasets.updateTag","bigquery.jobs.create","bigquery.jobs.list","bigquery.models.create","bigquery.models.delete","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.models.updateData","bigquery.models.updateMetadata","bigquery.models.updateTag","bigquery.readsessions.create","bigquery.readsessions.getData","bigquery.readsessions.update","bigquery.reservationAssignments.list","bigquery.reservationAssignments.search","bigquery.reservations.get","bigquery.reservations.list","bigquery.routines.create","bigquery.routines.delete","bigquery.routines.get","bigquery.routines.list","bigquery.routines.update","bigquery.routines.updateTag","bigquery.savedqueries.get","bigquery.savedqueries.list","bigquery.tables.create","bigquery.tables.createIndex","bigquery.tables.createSnapshot","bigquery.tables.delete","bigquery.tables.deleteIndex","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.getIamPolicy","bigquery.tables.list","bigquery.tables.replicateData","bigquery.tables.restoreSnapshot","bigquery.tables.update","bigquery.tables.updateData","bigquery.tables.updateTag","bigquery.transfers.get","bigquerymigration.translation.translate","cloudbuild.builds.create","cloudbuild.builds.get","cloudbuild.builds.list","cloudbuild.builds.update","cloudbuild.operations.get","cloudbuild.operations.list","compute.acceleratorTypes.get","compute.acceleratorTypes.list","compute.addresses.get","compute.addresses.list","compute.autoscalers.get","compute.autoscalers.list","compute.backendBuckets.get","compute.backendBuckets.getIamPolicy","compute.backendBuckets.list","compute.backendBuckets.listEffectiveTags","compute.backendBuckets.listTagBindings","compute.backendServices.get","compute.backendServices.getIamPolicy","compute.backendServices.list","compute.backendServices.listEffectiveTags","compute.backendServices.listTagBindings","compute.commitments.get","compute.commitments.list","compute.diskTypes.get","compute.diskTypes.list","compute.disks.get","compute.disks.getIamPolicy","compute.disks.list","compute.disks.listEffectiveTags","compute.disks.listTagBindings","compute.externalVpnGateways.get","compute.externalVpnGateways.list","compute.firewallPolicies.get","compute.firewallPolicies.getIamPolicy","compute.firewallPolicies.list","compute.firewallPolicies.listEffectiveTags","compute.firewallPolicies.listTagBindings","compute.firewalls.get","compute.firewalls.list","compute.firewalls.listEffectiveTags","compute.firewalls.listTagBindings","compute.forwardingRules.get","compute.forwardingRules.list","compute.forwardingRules.listEffectiveTags","compute.forwardingRules.listTagBindings","compute.futureReservations.get","compute.futureReservations.getIamPolicy","compute.futureReservations.list","compute.globalAddresses.get","compute.globalAddresses.list","compute.globalForwardingRules.get","compute.globalForwardingRules.list","compute.globalForwardingRules.listEffectiveTags","compute.globalForwardingRules.listTagBindings","compute.globalForwardingRules.pscGet","compute.globalNetworkEndpointGroups.get","compute.globalNetworkEndpointGroups.list","compute.globalNetworkEndpointGroups.listEffectiveTags","compute.globalNetworkEndpointGroups.listTagBindings","compute.globalOperations.get","compute.globalOperations.getIamPolicy","compute.globalOperations.list","compute.globalPublicDelegatedPrefixes.get","compute.globalPublicDelegatedPrefixes.list","compute.healthChecks.get","compute.healthChecks.list","compute.healthChecks.listEffectiveTags","compute.healthChecks.listTagBindings","compute.httpHealthChecks.get","compute.httpHealthChecks.list","compute.httpHealthChecks.listEffectiveTags","compute.httpHealthChecks.listTagBindings","compute.httpsHealthChecks.get","compute.httpsHealthChecks.list","compute.httpsHealthChecks.listEffectiveTags","compute.httpsHealthChecks.listTagBindings","compute.images.get","compute.images.getFromFamily","compute.images.getIamPolicy","compute.images.list","compute.images.listEffectiveTags","compute.images.listTagBindings","compute.instanceGroupManagers.get","compute.instanceGroupManagers.list","compute.instanceGroupManagers.listEffectiveTags","compute.instanceGroupManagers.listTagBindings","compute.instanceGroups.get","compute.instanceGroups.list","compute.instanceSettings.get","compute.instanceTemplates.get","compute.instanceTemplates.getIamPolicy","compute.instanceTemplates.list","compute.instances.get","compute.instances.getEffectiveFirewalls","compute.instances.getGuestAttributes","compute.instances.getIamPolicy","compute.instances.getScreenshot","compute.instances.getSerialPortOutput","compute.instances.getShieldedInstanceIdentity","compute.instances.getShieldedVmIdentity","compute.instances.list","compute.instances.listEffectiveTags","compute.instances.listReferrers","compute.instances.listTagBindings","compute.instantSnapshots.get","compute.instantSnapshots.getIamPolicy","compute.instantSnapshots.list","compute.interconnectAttachments.get","compute.interconnectAttachments.list","compute.interconnectLocations.get","compute.interconnectLocations.list","compute.interconnectRemoteLocations.get","compute.interconnectRemoteLocations.list","compute.interconnects.get","compute.interconnects.list","compute.licenseCodes.get","compute.licenseCodes.getIamPolicy","compute.licenseCodes.list","compute.licenses.get","compute.licenses.getIamPolicy","compute.licenses.list","compute.machineImages.get","compute.machineImages.getIamPolicy","compute.machineImages.list","compute.machineTypes.get","compute.machineTypes.list","compute.maintenancePolicies.get","compute.maintenancePolicies.getIamPolicy","compute.maintenancePolicies.list","compute.networkAttachments.get","compute.networkAttachments.getIamPolicy","compute.networkAttachments.list","compute.networkEdgeSecurityServices.get","compute.networkEdgeSecurityServices.list","compute.networkEndpointGroups.get","compute.networkEndpointGroups.getIamPolicy","compute.networkEndpointGroups.list","compute.networkEndpointGroups.listEffectiveTags","compute.networkEndpointGroups.listTagBindings","compute.networks.get","compute.networks.getEffectiveFirewalls","compute.networks.getRegionEffectiveFirewalls","compute.networks.list","compute.networks.listEffectiveTags","compute.networks.listPeeringRoutes","compute.networks.listTagBindings","compute.nodeGroups.get","compute.nodeGroups.getIamPolicy","compute.nodeGroups.list","compute.nodeTemplates.get","compute.nodeTemplates.getIamPolicy","compute.nodeTemplates.list","compute.nodeTypes.get","compute.nodeTypes.list","compute.organizations.listAssociations","compute.packetMirrorings.get","compute.packetMirrorings.list","compute.projects.get","compute.publicAdvertisedPrefixes.get","compute.publicAdvertisedPrefixes.list","compute.publicDelegatedPrefixes.get","compute.publicDelegatedPrefixes.list","compute.regionBackendServices.get","compute.regionBackendServices.getIamPolicy","compute.regionBackendServices.list","compute.regionBackendServices.listEffectiveTags","compute.regionBackendServices.listTagBindings","compute.regionFirewallPolicies.get","compute.regionFirewallPolicies.getIamPolicy","compute.regionFirewallPolicies.list","compute.regionFirewallPolicies.listEffectiveTags","compute.regionFirewallPolicies.listTagBindings","compute.regionHealthCheckServices.get","compute.regionHealthCheckServices.list","compute.regionHealthChecks.get","compute.regionHealthChecks.list","compute.regionHealthChecks.listEffectiveTags","compute.regionHealthChecks.listTagBindings","compute.regionNetworkEndpointGroups.get","compute.regionNetworkEndpointGroups.list","compute.regionNetworkEndpointGroups.listEffectiveTags","compute.regionNetworkEndpointGroups.listTagBindings","compute.regionNotificationEndpoints.get","compute.regionNotificationEndpoints.list","compute.regionOperations.get","compute.regionOperations.getIamPolicy","compute.regionOperations.list","compute.regionSecurityPolicies.get","compute.regionSecurityPolicies.list","compute.regionSecurityPolicies.listEffectiveTags","compute.regionSecurityPolicies.listTagBindings","compute.regionSslCertificates.get","compute.regionSslCertificates.list","compute.regionSslCertificates.listEffectiveTags","compute.regionSslCertificates.listTagBindings","compute.regionSslPolicies.get","compute.regionSslPolicies.list","compute.regionSslPolicies.listAvailableFeatures","compute.regionTargetHttpProxies.get","compute.regionTargetHttpProxies.list","compute.regionTargetHttpProxies.listEffectiveTags","compute.regionTargetHttpProxies.listTagBindings","compute.regionTargetHttpsProxies.get","compute.regionTargetHttpsProxies.list","compute.regionTargetHttpsProxies.listEffectiveTags","compute.regionTargetHttpsProxies.listTagBindings","compute.regionTargetTcpProxies.get","compute.regionTargetTcpProxies.list","compute.regionUrlMaps.get","compute.regionUrlMaps.list","compute.regionUrlMaps.listEffectiveTags","compute.regionUrlMaps.listTagBindings","compute.regionUrlMaps.validate","compute.regions.get","compute.regions.list","compute.reservations.get","compute.reservations.list","compute.resourcePolicies.get","compute.resourcePolicies.getIamPolicy","compute.resourcePolicies.list","compute.routers.get","compute.routers.getRoutePolicy","compute.routers.list","compute.routers.listBgpRoutes","compute.routers.listRoutePolicies","compute.routes.get","compute.routes.list","compute.routes.listEffectiveTags","compute.routes.listTagBindings","compute.securityPolicies.get","compute.securityPolicies.getIamPolicy","compute.securityPolicies.list","compute.securityPolicies.listEffectiveTags","compute.securityPolicies.listTagBindings","compute.serviceAttachments.get","compute.serviceAttachments.getIamPolicy","compute.serviceAttachments.list","compute.snapshotSettings.get","compute.snapshots.get","compute.snapshots.getIamPolicy","compute.snapshots.list","compute.snapshots.listEffectiveTags","compute.snapshots.listTagBindings","compute.sslCertificates.get","compute.sslCertificates.list","compute.sslCertificates.listEffectiveTags","compute.sslCertificates.listTagBindings","compute.sslPolicies.get","compute.sslPolicies.list","compute.sslPolicies.listAvailableFeatures","compute.sslPolicies.listEffectiveTags","compute.sslPolicies.listTagBindings","compute.storagePools.get","compute.storagePools.getIamPolicy","compute.storagePools.list","compute.subnetworks.get","compute.subnetworks.getIamPolicy","compute.subnetworks.list","compute.subnetworks.listEffectiveTags","compute.subnetworks.listTagBindings","compute.targetGrpcProxies.get","compute.targetGrpcProxies.list","compute.targetHttpProxies.get","compute.targetHttpProxies.list","compute.targetHttpProxies.listEffectiveTags","compute.targetHttpProxies.listTagBindings","compute.targetHttpsProxies.get","compute.targetHttpsProxies.list","compute.targetHttpsProxies.listEffectiveTags","compute.targetHttpsProxies.listTagBindings","compute.targetInstances.get","compute.targetInstances.list","compute.targetInstances.listEffectiveTags","compute.targetInstances.listTagBindings","compute.targetPools.get","compute.targetPools.list","compute.targetPools.listEffectiveTags","compute.targetPools.listTagBindings","compute.targetSslProxies.get","compute.targetSslProxies.list","compute.targetSslProxies.listEffectiveTags","compute.targetSslProxies.listTagBindings","compute.targetTcpProxies.get","compute.targetTcpProxies.list","compute.targetTcpProxies.listEffectiveTags","compute.targetTcpProxies.listTagBindings","compute.targetVpnGateways.get","compute.targetVpnGateways.list","compute.urlMaps.get","compute.urlMaps.list","compute.urlMaps.listEffectiveTags","compute.urlMaps.listTagBindings","compute.urlMaps.validate","compute.vpnGateways.get","compute.vpnGateways.list","compute.vpnTunnels.get","compute.vpnTunnels.list","compute.zoneOperations.get","compute.zoneOperations.getIamPolicy","compute.zoneOperations.list","compute.zones.get","compute.zones.list","dataflow.jobs.cancel","dataflow.jobs.create","dataflow.jobs.get","dataflow.jobs.list","dataflow.jobs.snapshot","dataflow.jobs.updateContents","dataflow.messages.list","dataflow.metrics.get","dataflow.snapshots.delete","dataflow.snapshots.get","dataflow.snapshots.list","dataform.locations.get","dataform.locations.list","dataform.repositories.create","dataform.repositories.list","iam.serviceAccounts.actAs","iam.serviceAccounts.get","iam.serviceAccounts.list","orgpolicy.policy.get","recommender.dataflowDiagnosticsInsights.get","recommender.dataflowDiagnosticsInsights.list","recommender.dataflowDiagnosticsInsights.update","remotebuildexecution.blobs.get","resourcemanager.projects.get","resourcemanager.projects.list","serviceusage.quotas.get","serviceusage.services.get","serviceusage.services.list","storage.buckets.get","storage.buckets.list","storage.managedFolders.create","storage.managedFolders.delete","storage.managedFolders.get","storage.managedFolders.list","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.overrideUnlockedRetention","storage.objects.restore","storage.objects.setIamPolicy","storage.objects.setRetention","storage.objects.update"],"name":"roles/dataprep.serviceAgent","stage":"GA","title":"Dataprep Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Full control of Dataproc resources.","etag":"AA==","includedPermissions":["compute.machineTypes.get","compute.machineTypes.list","compute.networks.get","compute.networks.list","compute.projects.get","compute.regions.get","compute.regions.list","compute.zones.get","compute.zones.list","dataproc.autoscalingPolicies.create","dataproc.autoscalingPolicies.delete","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.getIamPolicy","dataproc.autoscalingPolicies.list","dataproc.autoscalingPolicies.setIamPolicy","dataproc.autoscalingPolicies.update","dataproc.autoscalingPolicies.use","dataproc.batches.analyze","dataproc.batches.cancel","dataproc.batches.create","dataproc.batches.delete","dataproc.batches.get","dataproc.batches.list","dataproc.clusters.create","dataproc.clusters.delete","dataproc.clusters.get","dataproc.clusters.getIamPolicy","dataproc.clusters.list","dataproc.clusters.setIamPolicy","dataproc.clusters.start","dataproc.clusters.stop","dataproc.clusters.update","dataproc.clusters.use","dataproc.jobs.cancel","dataproc.jobs.create","dataproc.jobs.delete","dataproc.jobs.get","dataproc.jobs.getIamPolicy","dataproc.jobs.list","dataproc.jobs.setIamPolicy","dataproc.jobs.update","dataproc.nodeGroups.create","dataproc.nodeGroups.get","dataproc.nodeGroups.update","dataproc.operations.cancel","dataproc.operations.delete","dataproc.operations.get","dataproc.operations.getIamPolicy","dataproc.operations.list","dataproc.operations.setIamPolicy","dataproc.sessionTemplates.create","dataproc.sessionTemplates.delete","dataproc.sessionTemplates.get","dataproc.sessionTemplates.list","dataproc.sessionTemplates.update","dataproc.sessions.create","dataproc.sessions.delete","dataproc.sessions.get","dataproc.sessions.list","dataproc.sessions.terminate","dataproc.workflowTemplates.create","dataproc.workflowTemplates.delete","dataproc.workflowTemplates.get","dataproc.workflowTemplates.getIamPolicy","dataproc.workflowTemplates.instantiate","dataproc.workflowTemplates.instantiateInline","dataproc.workflowTemplates.list","dataproc.workflowTemplates.setIamPolicy","dataproc.workflowTemplates.update","dataprocrm.nodePools.create","dataprocrm.nodePools.delete","dataprocrm.nodePools.deleteNodes","dataprocrm.nodePools.get","dataprocrm.nodePools.list","dataprocrm.nodePools.resize","dataprocrm.nodes.get","dataprocrm.nodes.heartbeat","dataprocrm.nodes.list","dataprocrm.nodes.update","dataprocrm.operations.get","dataprocrm.operations.list","dataprocrm.workloads.cancel","dataprocrm.workloads.create","dataprocrm.workloads.delete","dataprocrm.workloads.get","dataprocrm.workloads.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataproc.admin","stage":"GA","title":"Dataproc Administrator","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Full control of Dataproc resources. Allows viewing all networks.","etag":"AA==","includedPermissions":["compute.machineTypes.get","compute.machineTypes.list","compute.networks.get","compute.networks.list","compute.projects.get","compute.regions.get","compute.regions.list","compute.zones.get","compute.zones.list","dataproc.autoscalingPolicies.create","dataproc.autoscalingPolicies.delete","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.list","dataproc.autoscalingPolicies.update","dataproc.autoscalingPolicies.use","dataproc.batches.analyze","dataproc.batches.cancel","dataproc.batches.create","dataproc.batches.delete","dataproc.batches.get","dataproc.batches.list","dataproc.clusters.create","dataproc.clusters.delete","dataproc.clusters.get","dataproc.clusters.list","dataproc.clusters.start","dataproc.clusters.stop","dataproc.clusters.update","dataproc.clusters.use","dataproc.jobs.cancel","dataproc.jobs.create","dataproc.jobs.delete","dataproc.jobs.get","dataproc.jobs.list","dataproc.jobs.update","dataproc.nodeGroups.create","dataproc.nodeGroups.get","dataproc.nodeGroups.update","dataproc.operations.cancel","dataproc.operations.delete","dataproc.operations.get","dataproc.operations.list","dataproc.sessionTemplates.create","dataproc.sessionTemplates.delete","dataproc.sessionTemplates.get","dataproc.sessionTemplates.list","dataproc.sessionTemplates.update","dataproc.sessions.create","dataproc.sessions.delete","dataproc.sessions.get","dataproc.sessions.list","dataproc.sessions.terminate","dataproc.workflowTemplates.create","dataproc.workflowTemplates.delete","dataproc.workflowTemplates.get","dataproc.workflowTemplates.instantiate","dataproc.workflowTemplates.instantiateInline","dataproc.workflowTemplates.list","dataproc.workflowTemplates.update","dataprocrm.nodePools.create","dataprocrm.nodePools.delete","dataprocrm.nodePools.deleteNodes","dataprocrm.nodePools.get","dataprocrm.nodePools.list","dataprocrm.nodePools.resize","dataprocrm.nodes.get","dataprocrm.nodes.heartbeat","dataprocrm.nodes.list","dataprocrm.nodes.update","dataprocrm.operations.get","dataprocrm.operations.list","dataprocrm.workloads.cancel","dataprocrm.workloads.create","dataprocrm.workloads.delete","dataprocrm.workloads.get","dataprocrm.workloads.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataproc.editor","stage":"GA","title":"Dataproc Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Allows management of Dataproc resources. Intended for service accounts running Dataproc Hub instances.","etag":"AA==","includedPermissions":["compute.instances.get","compute.instances.setMetadata","compute.instances.setTags","compute.zoneOperations.get","compute.zones.list","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.list","dataproc.autoscalingPolicies.use","dataproc.clusters.create","dataproc.clusters.delete","dataproc.clusters.get","dataproc.clusters.list","dataproc.clusters.update","dataproc.operations.cancel","dataproc.operations.delete","dataproc.operations.get","dataproc.operations.list","iam.serviceAccounts.actAs","iam.serviceAccounts.get","iam.serviceAccounts.list","logging.buckets.get","logging.buckets.list","logging.exclusions.get","logging.exclusions.list","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logEntries.create","logging.logEntries.list","logging.logEntries.route","logging.logMetrics.get","logging.logMetrics.list","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.operations.get","logging.operations.list","logging.queries.getShared","logging.queries.listShared","logging.queries.usePrivate","logging.sinks.get","logging.sinks.list","logging.usage.get","logging.views.get","logging.views.list","observability.scopes.get","resourcemanager.projects.get","resourcemanager.projects.list","storage.buckets.get","storage.objects.get","storage.objects.list"],"name":"roles/dataproc.hubAgent","stage":"GA","title":"Dataproc Hub Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Allows management of Dataproc resources. Intended for service accounts running Dataproc Hub instances.","etag":"AA==","includedPermissions":["compute.instances.get","compute.instances.setMetadata","compute.instances.setTags","compute.zoneOperations.get","compute.zones.list","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.list","dataproc.autoscalingPolicies.use","dataproc.clusters.create","dataproc.clusters.delete","dataproc.clusters.get","dataproc.clusters.list","dataproc.clusters.update","dataproc.operations.cancel","dataproc.operations.delete","dataproc.operations.get","dataproc.operations.list","iam.serviceAccounts.actAs","iam.serviceAccounts.get","iam.serviceAccounts.list","logging.buckets.get","logging.buckets.list","logging.exclusions.get","logging.exclusions.list","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logEntries.create","logging.logEntries.list","logging.logEntries.route","logging.logMetrics.get","logging.logMetrics.list","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.operations.get","logging.operations.list","logging.queries.getShared","logging.queries.listShared","logging.queries.usePrivate","logging.sinks.get","logging.sinks.list","logging.usage.get","logging.views.get","logging.views.list","resourcemanager.projects.get","resourcemanager.projects.list","storage.buckets.get","storage.objects.get","storage.objects.list"],"name":"roles/dataproc.hubAgent","stage":"GA","title":"Dataproc Hub Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Gives Dataproc Service Account access to service accounts, compute resources, storage resources, and kubernetes resources. Includes access to service accounts.","etag":"AA==","includedPermissions":["compute.acceleratorTypes.get","compute.acceleratorTypes.list","compute.addresses.createInternal","compute.addresses.deleteInternal","compute.addresses.get","compute.addresses.list","compute.addresses.use","compute.addresses.useInternal","compute.autoscalers.create","compute.autoscalers.delete","compute.autoscalers.get","compute.autoscalers.list","compute.autoscalers.update","compute.diskTypes.get","compute.diskTypes.list","compute.disks.create","compute.disks.createSnapshot","compute.disks.createTagBinding","compute.disks.delete","compute.disks.get","compute.disks.list","compute.disks.resize","compute.disks.setLabels","compute.disks.startAsyncReplication","compute.disks.stopAsyncReplication","compute.disks.stopGroupAsyncReplication","compute.disks.update","compute.disks.use","compute.disks.useReadOnly","compute.firewalls.get","compute.firewalls.list","compute.globalAddresses.get","compute.globalAddresses.list","compute.globalAddresses.use","compute.globalNetworkEndpointGroups.attachNetworkEndpoints","compute.globalNetworkEndpointGroups.create","compute.globalNetworkEndpointGroups.createTagBinding","compute.globalNetworkEndpointGroups.delete","compute.globalNetworkEndpointGroups.deleteTagBinding","compute.globalNetworkEndpointGroups.detachNetworkEndpoints","compute.globalNetworkEndpointGroups.get","compute.globalNetworkEndpointGroups.list","compute.globalNetworkEndpointGroups.listEffectiveTags","compute.globalNetworkEndpointGroups.listTagBindings","compute.globalNetworkEndpointGroups.use","compute.globalOperations.get","compute.globalOperations.list","compute.images.get","compute.images.getFromFamily","compute.images.list","compute.images.useReadOnly","compute.instanceGroupManagers.create","compute.instanceGroupManagers.createTagBinding","compute.instanceGroupManagers.delete","compute.instanceGroupManagers.deleteTagBinding","compute.instanceGroupManagers.get","compute.instanceGroupManagers.list","compute.instanceGroupManagers.listEffectiveTags","compute.instanceGroupManagers.listTagBindings","compute.instanceGroupManagers.update","compute.instanceGroupManagers.use","compute.instanceGroups.create","compute.instanceGroups.delete","compute.instanceGroups.get","compute.instanceGroups.list","compute.instanceGroups.update","compute.instanceGroups.use","compute.instanceSettings.get","compute.instanceTemplates.create","compute.instanceTemplates.delete","compute.instanceTemplates.get","compute.instanceTemplates.getIamPolicy","compute.instanceTemplates.list","compute.instanceTemplates.setIamPolicy","compute.instanceTemplates.useReadOnly","compute.instances.addAccessConfig","compute.instances.addMaintenancePolicies","compute.instances.addResourcePolicies","compute.instances.attachDisk","compute.instances.create","compute.instances.createTagBinding","compute.instances.delete","compute.instances.deleteAccessConfig","compute.instances.deleteTagBinding","compute.instances.detachDisk","compute.instances.get","compute.instances.getEffectiveFirewalls","compute.instances.getGuestAttributes","compute.instances.getIamPolicy","compute.instances.getScreenshot","compute.instances.getSerialPortOutput","compute.instances.getShieldedInstanceIdentity","compute.instances.getShieldedVmIdentity","compute.instances.list","compute.instances.listEffectiveTags","compute.instances.listReferrers","compute.instances.listTagBindings","compute.instances.osAdminLogin","compute.instances.osLogin","compute.instances.pscInterfaceCreate","compute.instances.removeMaintenancePolicies","compute.instances.removeResourcePolicies","compute.instances.reset","compute.instances.resume","compute.instances.sendDiagnosticInterrupt","compute.instances.setDeletionProtection","compute.instances.setDiskAutoDelete","compute.instances.setIamPolicy","compute.instances.setLabels","compute.instances.setMachineResources","compute.instances.setMachineType","compute.instances.setMetadata","compute.instances.setMinCpuPlatform","compute.instances.setName","compute.instances.setScheduling","compute.instances.setSecurityPolicy","compute.instances.setServiceAccount","compute.instances.setShieldedInstanceIntegrityPolicy","compute.instances.setShieldedVmIntegrityPolicy","compute.instances.setTags","compute.instances.simulateMaintenanceEvent","compute.instances.start","compute.instances.startWithEncryptionKey","compute.instances.stop","compute.instances.suspend","compute.instances.update","compute.instances.updateAccessConfig","compute.instances.updateDisplayDevice","compute.instances.updateNetworkInterface","compute.instances.updateSecurity","compute.instances.updateShieldedInstanceConfig","compute.instances.updateShieldedVmConfig","compute.instances.use","compute.instances.useReadOnly","compute.licenses.get","compute.licenses.list","compute.machineImages.create","compute.machineImages.delete","compute.machineImages.get","compute.machineImages.getIamPolicy","compute.machineImages.list","compute.machineImages.setIamPolicy","compute.machineImages.useReadOnly","compute.machineTypes.get","compute.machineTypes.list","compute.networkEndpointGroups.attachNetworkEndpoints","compute.networkEndpointGroups.create","compute.networkEndpointGroups.createTagBinding","compute.networkEndpointGroups.delete","compute.networkEndpointGroups.deleteTagBinding","compute.networkEndpointGroups.detachNetworkEndpoints","compute.networkEndpointGroups.get","compute.networkEndpointGroups.getIamPolicy","compute.networkEndpointGroups.list","compute.networkEndpointGroups.listEffectiveTags","compute.networkEndpointGroups.listTagBindings","compute.networkEndpointGroups.setIamPolicy","compute.networkEndpointGroups.use","compute.networks.get","compute.networks.getEffectiveFirewalls","compute.networks.list","compute.networks.listEffectiveTags","compute.networks.listTagBindings","compute.networks.use","compute.networks.useExternalIp","compute.nodeGroups.get","compute.nodeTypes.get","compute.projects.get","compute.regionNetworkEndpointGroups.attachNetworkEndpoints","compute.regionNetworkEndpointGroups.create","compute.regionNetworkEndpointGroups.createTagBinding","compute.regionNetworkEndpointGroups.delete","compute.regionNetworkEndpointGroups.deleteTagBinding","compute.regionNetworkEndpointGroups.detachNetworkEndpoints","compute.regionNetworkEndpointGroups.get","compute.regionNetworkEndpointGroups.list","compute.regionNetworkEndpointGroups.listEffectiveTags","compute.regionNetworkEndpointGroups.listTagBindings","compute.regionNetworkEndpointGroups.use","compute.regionOperations.get","compute.regionOperations.list","compute.regions.get","compute.regions.list","compute.reservations.get","compute.reservations.list","compute.resourcePolicies.list","compute.resourcePolicies.useReadOnly","compute.storagePools.get","compute.storagePools.list","compute.storagePools.use","compute.subnetworks.get","compute.subnetworks.list","compute.subnetworks.listEffectiveTags","compute.subnetworks.listTagBindings","compute.subnetworks.use","compute.subnetworks.useExternalIp","compute.targetPools.get","compute.targetPools.list","compute.targetPools.listEffectiveTags","compute.targetPools.listTagBindings","compute.zoneOperations.get","compute.zoneOperations.list","compute.zones.get","compute.zones.list","container.clusterRoleBindings.create","container.clusterRoleBindings.delete","container.clusterRoleBindings.get","container.clusterRoleBindings.list","container.clusterRoleBindings.update","container.clusterRoles.bind","container.clusterRoles.create","container.clusterRoles.delete","container.clusterRoles.escalate","container.clusterRoles.get","container.clusterRoles.list","container.clusterRoles.update","container.clusters.get","container.clusters.update","container.customResourceDefinitions.create","container.customResourceDefinitions.delete","container.customResourceDefinitions.get","container.customResourceDefinitions.list","container.customResourceDefinitions.update","container.namespaces.create","container.namespaces.delete","container.namespaces.get","container.namespaces.list","container.namespaces.update","container.operations.get","container.roleBindings.create","container.roleBindings.delete","container.roleBindings.get","container.roleBindings.list","container.roleBindings.update","container.roles.bind","container.roles.escalate","dataproc.autoscalingPolicies.create","dataproc.autoscalingPolicies.delete","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.getIamPolicy","dataproc.autoscalingPolicies.list","dataproc.autoscalingPolicies.update","dataproc.autoscalingPolicies.use","dataproc.clusters.create","dataproc.clusters.delete","dataproc.clusters.get","dataproc.clusters.getIamPolicy","dataproc.clusters.list","dataproc.clusters.setIamPolicy","dataproc.clusters.start","dataproc.clusters.stop","dataproc.clusters.update","dataproc.clusters.use","dataproc.jobs.cancel","dataproc.jobs.create","dataproc.jobs.delete","dataproc.jobs.get","dataproc.jobs.getIamPolicy","dataproc.jobs.list","dataproc.jobs.setIamPolicy","dataproc.jobs.update","dataproc.nodeGroups.create","dataproc.nodeGroups.get","dataproc.nodeGroups.update","dataproc.operations.cancel","dataproc.sessionTemplates.get","dataproc.sessions.create","dataproc.sessions.delete","dataproc.sessions.get","dataproc.sessions.list","dataproc.sessions.terminate","dataprocrm.nodePools.create","dataprocrm.nodePools.delete","dataprocrm.nodePools.deleteNodes","dataprocrm.nodePools.get","dataprocrm.nodePools.list","dataprocrm.nodePools.resize","dataprocrm.nodes.get","dataprocrm.nodes.heartbeat","dataprocrm.nodes.list","dataprocrm.nodes.mintOAuthToken","dataprocrm.nodes.update","dataprocrm.operations.cancel","dataprocrm.operations.get","dataprocrm.operations.list","dataprocrm.workloads.cancel","dataprocrm.workloads.create","dataprocrm.workloads.delete","dataprocrm.workloads.get","dataprocrm.workloads.list","firebase.projects.get","iam.serviceAccounts.actAs","iam.serviceAccounts.getAccessToken","metastore.services.get","orgpolicy.policy.get","recommender.iamPolicyInsights.get","recommender.iamPolicyInsights.list","recommender.iamPolicyInsights.update","recommender.iamPolicyRecommendations.get","recommender.iamPolicyRecommendations.list","recommender.iamPolicyRecommendations.update","resourcemanager.hierarchyNodes.listEffectiveTags","resourcemanager.projects.get","resourcemanager.projects.list","serviceusage.quotas.get","serviceusage.services.get","serviceusage.services.list","serviceusage.services.use","storage.anywhereCaches.create","storage.anywhereCaches.disable","storage.anywhereCaches.get","storage.anywhereCaches.list","storage.anywhereCaches.pause","storage.anywhereCaches.resume","storage.anywhereCaches.update","storage.bucketOperations.cancel","storage.bucketOperations.get","storage.bucketOperations.list","storage.buckets.create","storage.buckets.createTagBinding","storage.buckets.delete","storage.buckets.deleteTagBinding","storage.buckets.enableObjectRetention","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.getObjectInsights","storage.buckets.list","storage.buckets.listEffectiveTags","storage.buckets.listTagBindings","storage.buckets.restore","storage.buckets.setIamPolicy","storage.buckets.update","storage.managedFolders.create","storage.managedFolders.delete","storage.managedFolders.get","storage.managedFolders.getIamPolicy","storage.managedFolders.list","storage.managedFolders.setIamPolicy","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.overrideUnlockedRetention","storage.objects.restore","storage.objects.setIamPolicy","storage.objects.setRetention","storage.objects.update"],"name":"roles/dataproc.serviceAgent","stage":"GA","title":"Dataproc Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Read-only access to Dataproc resources.","etag":"AA==","includedPermissions":["compute.machineTypes.get","compute.regions.get","compute.regions.list","compute.zones.get","compute.zones.list","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.list","dataproc.batches.analyze","dataproc.batches.get","dataproc.batches.list","dataproc.clusters.get","dataproc.clusters.list","dataproc.jobs.get","dataproc.jobs.list","dataproc.nodeGroups.get","dataproc.operations.get","dataproc.operations.list","dataproc.sessionTemplates.get","dataproc.sessionTemplates.list","dataproc.sessions.get","dataproc.sessions.list","dataproc.workflowTemplates.get","dataproc.workflowTemplates.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataproc.viewer","stage":"GA","title":"Dataproc Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Worker access to Dataproc. Intended for service accounts.","etag":"AA==","includedPermissions":["dataproc.agents.create","dataproc.agents.delete","dataproc.agents.get","dataproc.agents.list","dataproc.agents.update","dataproc.tasks.lease","dataproc.tasks.listInvalidatedLeases","dataproc.tasks.reportStatus","dataprocrm.nodes.mintOAuthToken","logging.logEntries.create","logging.logEntries.route","monitoring.metricDescriptors.create","monitoring.metricDescriptors.get","monitoring.metricDescriptors.list","monitoring.monitoredResourceDescriptors.get","monitoring.monitoredResourceDescriptors.list","monitoring.timeSeries.create","storage.buckets.get","storage.managedFolders.create","storage.managedFolders.delete","storage.managedFolders.get","storage.managedFolders.list","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.overrideUnlockedRetention","storage.objects.restore","storage.objects.setIamPolicy","storage.objects.setRetention","storage.objects.update"],"name":"roles/dataproc.worker","stage":"GA","title":"Dataproc Worker","asset_type":"iam.googleapis.com/ExportedIAMRole"} @@ -1023,7 +1023,7 @@ {"description":"Read access to Live Stream resources.","etag":"AA==","includedPermissions":["livestream.assets.get","livestream.assets.list","livestream.channels.get","livestream.channels.list","livestream.clips.get","livestream.clips.list","livestream.events.get","livestream.events.list","livestream.inputs.get","livestream.inputs.list","livestream.locations.get","livestream.locations.list","livestream.operations.get","livestream.operations.list","livestream.pools.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/livestream.viewer","stage":"GA","title":"Live Stream Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Access to all logging permissions, and dependent permissions.","etag":"AA==","includedPermissions":["logging.buckets.copyLogEntries","logging.buckets.create","logging.buckets.delete","logging.buckets.get","logging.buckets.list","logging.buckets.undelete","logging.buckets.update","logging.exclusions.create","logging.exclusions.delete","logging.exclusions.get","logging.exclusions.list","logging.exclusions.update","logging.fields.access","logging.links.create","logging.links.delete","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logEntries.create","logging.logEntries.download","logging.logEntries.list","logging.logEntries.route","logging.logMetrics.create","logging.logMetrics.delete","logging.logMetrics.get","logging.logMetrics.list","logging.logMetrics.update","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.delete","logging.logs.list","logging.notificationRules.create","logging.notificationRules.delete","logging.notificationRules.get","logging.notificationRules.list","logging.notificationRules.update","logging.operations.cancel","logging.operations.get","logging.operations.list","logging.privateLogEntries.list","logging.queries.deleteShared","logging.queries.getShared","logging.queries.listShared","logging.queries.share","logging.queries.updateShared","logging.queries.usePrivate","logging.settings.get","logging.settings.update","logging.sinks.create","logging.sinks.delete","logging.sinks.get","logging.sinks.list","logging.sinks.update","logging.usage.get","logging.views.access","logging.views.create","logging.views.delete","logging.views.get","logging.views.getIamPolicy","logging.views.list","logging.views.listLogs","logging.views.listResourceKeys","logging.views.listResourceValues","logging.views.setIamPolicy","logging.views.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/logging.admin","stage":"GA","title":"Logging Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Ability to write logs to a log bucket.","etag":"AA==","includedPermissions":["logging.buckets.write"],"name":"roles/logging.bucketWriter","stage":"GA","title":"Logs Bucket Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Access to configure log exporting and metrics.","etag":"AA==","includedPermissions":["logging.buckets.create","logging.buckets.delete","logging.buckets.get","logging.buckets.list","logging.buckets.undelete","logging.buckets.update","logging.exclusions.create","logging.exclusions.delete","logging.exclusions.get","logging.exclusions.list","logging.exclusions.update","logging.links.create","logging.links.delete","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logMetrics.create","logging.logMetrics.delete","logging.logMetrics.get","logging.logMetrics.list","logging.logMetrics.update","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.notificationRules.create","logging.notificationRules.delete","logging.notificationRules.get","logging.notificationRules.list","logging.notificationRules.update","logging.operations.cancel","logging.operations.get","logging.operations.list","logging.settings.get","logging.settings.update","logging.sinks.create","logging.sinks.delete","logging.sinks.get","logging.sinks.list","logging.sinks.update","logging.views.create","logging.views.delete","logging.views.get","logging.views.getIamPolicy","logging.views.list","logging.views.update","observability.scopes.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/logging.configWriter","stage":"GA","title":"Logs Configuration Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Access to configure log exporting and metrics.","etag":"AA==","includedPermissions":["logging.buckets.create","logging.buckets.delete","logging.buckets.get","logging.buckets.list","logging.buckets.undelete","logging.buckets.update","logging.exclusions.create","logging.exclusions.delete","logging.exclusions.get","logging.exclusions.list","logging.exclusions.update","logging.links.create","logging.links.delete","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logMetrics.create","logging.logMetrics.delete","logging.logMetrics.get","logging.logMetrics.list","logging.logMetrics.update","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.notificationRules.create","logging.notificationRules.delete","logging.notificationRules.get","logging.notificationRules.list","logging.notificationRules.update","logging.operations.cancel","logging.operations.get","logging.operations.list","logging.settings.get","logging.settings.update","logging.sinks.create","logging.sinks.delete","logging.sinks.get","logging.sinks.list","logging.sinks.update","logging.views.create","logging.views.delete","logging.views.get","logging.views.getIamPolicy","logging.views.list","logging.views.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/logging.configWriter","stage":"GA","title":"Logs Configuration Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Ability to read restricted fields in a log bucket.","etag":"AA==","includedPermissions":["logging.fields.access"],"name":"roles/logging.fieldAccessor","stage":"GA","title":"Log Field Accessor","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Ability to see links for a bucket.","etag":"AA==","includedPermissions":["logging.links.get","logging.links.list"],"name":"roles/logging.linkViewer","stage":"GA","title":"Log Link Accessor","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Access to write logs.","etag":"AA==","includedPermissions":["logging.logEntries.create","logging.logEntries.route"],"name":"roles/logging.logWriter","stage":"GA","title":"Logs Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"} @@ -1552,7 +1552,7 @@ {"description":"Gives Immersive Stream for XR access to the required resources.","etag":"AA==","includedPermissions":["resourcemanager.projects.get","resourcemanager.projects.list","storage.buckets.create","storage.buckets.get","storage.objects.create","storage.objects.get","storage.objects.list"],"name":"roles/stream.serviceAgent","stage":"GA","title":"Stream Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Read-only access to Stream all resources.","etag":"AA==","includedPermissions":["resourcemanager.projects.get","resourcemanager.projects.list","stream.locations.get","stream.locations.list","stream.operations.get","stream.operations.list","stream.streamContents.get","stream.streamContents.list","stream.streamInstances.get","stream.streamInstances.list"],"name":"roles/stream.viewer","stage":"GA","title":"Stream Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Access DevTools for Subscribe with Google","etag":"AA==","includedPermissions":["resourcemanager.projects.get","resourcemanager.projects.list","subscribewithgoogledeveloper.tools.get"],"name":"roles/subscribewithgoogledeveloper.developer","stage":"BETA","title":"Subscribe with Google Developer","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Full access to Telco Automation resources.","etag":"AA==","includedPermissions":["logging.buckets.get","logging.buckets.list","logging.exclusions.get","logging.exclusions.list","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logEntries.list","logging.logMetrics.get","logging.logMetrics.list","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.operations.get","logging.operations.list","logging.queries.getShared","logging.queries.listShared","logging.queries.usePrivate","logging.sinks.get","logging.sinks.list","logging.usage.get","logging.views.get","logging.views.list","monitoring.timeSeries.list","observability.scopes.get","resourcemanager.projects.get","serviceusage.quotas.get","serviceusage.quotas.update","serviceusage.services.disable","serviceusage.services.enable","serviceusage.services.get","serviceusage.services.list","serviceusage.services.use","source.repos.get","source.repos.list","telcoautomation.blueprints.approve","telcoautomation.blueprints.create","telcoautomation.blueprints.delete","telcoautomation.blueprints.get","telcoautomation.blueprints.list","telcoautomation.blueprints.propose","telcoautomation.blueprints.update","telcoautomation.deployments.apply","telcoautomation.deployments.computeStatus","telcoautomation.deployments.create","telcoautomation.deployments.delete","telcoautomation.deployments.get","telcoautomation.deployments.list","telcoautomation.deployments.rollback","telcoautomation.deployments.update","telcoautomation.edgeSlms.create","telcoautomation.edgeSlms.delete","telcoautomation.edgeSlms.get","telcoautomation.edgeSlms.list","telcoautomation.hydratedDeployments.apply","telcoautomation.hydratedDeployments.get","telcoautomation.hydratedDeployments.list","telcoautomation.hydratedDeployments.update","telcoautomation.locations.get","telcoautomation.locations.list","telcoautomation.operations.cancel","telcoautomation.operations.delete","telcoautomation.operations.get","telcoautomation.operations.list","telcoautomation.orchestrationClusters.create","telcoautomation.orchestrationClusters.delete","telcoautomation.orchestrationClusters.get","telcoautomation.orchestrationClusters.list","telcoautomation.publicBlueprints.get","telcoautomation.publicBlueprints.list"],"name":"roles/telcoautomation.admin","stage":"BETA","title":"Telco Automation Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Full access to Telco Automation resources.","etag":"AA==","includedPermissions":["logging.buckets.get","logging.buckets.list","logging.exclusions.get","logging.exclusions.list","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logEntries.list","logging.logMetrics.get","logging.logMetrics.list","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.operations.get","logging.operations.list","logging.queries.getShared","logging.queries.listShared","logging.queries.usePrivate","logging.sinks.get","logging.sinks.list","logging.usage.get","logging.views.get","logging.views.list","monitoring.timeSeries.list","resourcemanager.projects.get","serviceusage.quotas.get","serviceusage.quotas.update","serviceusage.services.disable","serviceusage.services.enable","serviceusage.services.get","serviceusage.services.list","serviceusage.services.use","source.repos.get","source.repos.list","telcoautomation.blueprints.approve","telcoautomation.blueprints.create","telcoautomation.blueprints.delete","telcoautomation.blueprints.get","telcoautomation.blueprints.list","telcoautomation.blueprints.propose","telcoautomation.blueprints.update","telcoautomation.deployments.apply","telcoautomation.deployments.computeStatus","telcoautomation.deployments.create","telcoautomation.deployments.delete","telcoautomation.deployments.get","telcoautomation.deployments.list","telcoautomation.deployments.rollback","telcoautomation.deployments.update","telcoautomation.edgeSlms.create","telcoautomation.edgeSlms.delete","telcoautomation.edgeSlms.get","telcoautomation.edgeSlms.list","telcoautomation.hydratedDeployments.apply","telcoautomation.hydratedDeployments.get","telcoautomation.hydratedDeployments.list","telcoautomation.hydratedDeployments.update","telcoautomation.locations.get","telcoautomation.locations.list","telcoautomation.operations.cancel","telcoautomation.operations.delete","telcoautomation.operations.get","telcoautomation.operations.list","telcoautomation.orchestrationClusters.create","telcoautomation.orchestrationClusters.delete","telcoautomation.orchestrationClusters.get","telcoautomation.orchestrationClusters.list","telcoautomation.publicBlueprints.get","telcoautomation.publicBlueprints.list"],"name":"roles/telcoautomation.admin","stage":"BETA","title":"Telco Automation Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Ability to manage blueprints","etag":"AA==","includedPermissions":["telcoautomation.blueprints.create","telcoautomation.blueprints.delete","telcoautomation.blueprints.get","telcoautomation.blueprints.list","telcoautomation.blueprints.propose","telcoautomation.blueprints.update","telcoautomation.deployments.computeStatus","telcoautomation.deployments.get","telcoautomation.deployments.list","telcoautomation.hydratedDeployments.get","telcoautomation.hydratedDeployments.list","telcoautomation.orchestrationClusters.get","telcoautomation.orchestrationClusters.list","telcoautomation.publicBlueprints.get","telcoautomation.publicBlueprints.list"],"name":"roles/telcoautomation.blueprintDesigner","stage":"BETA","title":"Telco Automation Blueprint Designer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Ability to manage deployments","etag":"AA==","includedPermissions":["telcoautomation.blueprints.get","telcoautomation.blueprints.list","telcoautomation.deployments.apply","telcoautomation.deployments.computeStatus","telcoautomation.deployments.create","telcoautomation.deployments.delete","telcoautomation.deployments.get","telcoautomation.deployments.list","telcoautomation.deployments.rollback","telcoautomation.deployments.update","telcoautomation.hydratedDeployments.apply","telcoautomation.hydratedDeployments.get","telcoautomation.hydratedDeployments.list","telcoautomation.hydratedDeployments.update","telcoautomation.orchestrationClusters.get","telcoautomation.orchestrationClusters.list"],"name":"roles/telcoautomation.deploymentAdmin","stage":"BETA","title":"Telco Automation Deployment Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Ability to get status of deployments","etag":"AA==","includedPermissions":["logging.buckets.get","logging.buckets.list","logging.exclusions.get","logging.exclusions.list","logging.links.get","logging.links.list","logging.locations.get","logging.locations.list","logging.logEntries.list","logging.logMetrics.get","logging.logMetrics.list","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.operations.get","logging.operations.list","logging.queries.getShared","logging.queries.listShared","logging.queries.usePrivate","logging.sinks.get","logging.sinks.list","logging.usage.get","logging.views.get","logging.views.list","resourcemanager.projects.get","telcoautomation.blueprints.get","telcoautomation.blueprints.list","telcoautomation.deployments.computeStatus","telcoautomation.deployments.get","telcoautomation.deployments.list","telcoautomation.hydratedDeployments.get","telcoautomation.hydratedDeployments.list","telcoautomation.orchestrationClusters.get","telcoautomation.orchestrationClusters.list"],"name":"roles/telcoautomation.opsAdminTier1","stage":"BETA","title":"Telco Automation Tier 1 Operations Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} diff --git a/roles/dataproc.hubAgent b/roles/dataproc.hubAgent index 5d5e0069..178828e0 100644 --- a/roles/dataproc.hubAgent +++ b/roles/dataproc.hubAgent @@ -48,7 +48,6 @@ "logging.usage.get", "logging.views.get", "logging.views.list", - "observability.scopes.get", "resourcemanager.projects.get", "resourcemanager.projects.list", "storage.buckets.get", diff --git a/roles/logging.configWriter b/roles/logging.configWriter index dfd40791..08086c06 100644 --- a/roles/logging.configWriter +++ b/roles/logging.configWriter @@ -48,7 +48,6 @@ "logging.views.getIamPolicy", "logging.views.list", "logging.views.update", - "observability.scopes.get", "resourcemanager.projects.get", "resourcemanager.projects.list" ], diff --git a/roles/telcoautomation.admin b/roles/telcoautomation.admin index e8d10aa6..2894c9e3 100644 --- a/roles/telcoautomation.admin +++ b/roles/telcoautomation.admin @@ -27,7 +27,6 @@ "logging.views.get", "logging.views.list", "monitoring.timeSeries.list", - "observability.scopes.get", "resourcemanager.projects.get", "serviceusage.quotas.get", "serviceusage.quotas.update",