From f66b034c1a52f18cea737fe0b3a8e8af5dd57ec2 Mon Sep 17 00:00:00 2001 From: bgeesaman Date: Thu, 7 Jul 2022 01:25:41 +0000 Subject: [PATCH] Fetch all roles --- gcp_roles_cai.json | 18 +++++++++--------- roles/certificatemanager.editor | 2 +- roles/certificatemanager.owner | 2 +- roles/certificatemanager.viewer | 2 +- roles/dataform.admin | 2 +- roles/dataform.editor | 2 +- roles/dataform.viewer | 2 +- roles/gkehub.gatewayEditor | 2 +- roles/gkehub.serviceAgent | 1 + roles/workloadcertificate.serviceAgent | 3 ++- 10 files changed, 19 insertions(+), 17 deletions(-) diff --git a/gcp_roles_cai.json b/gcp_roles_cai.json index 7518d991..7cd65640 100644 --- a/gcp_roles_cai.json +++ b/gcp_roles_cai.json @@ -168,9 +168,9 @@ {"description":"Can read Notes and Occurrences from the Container Analysis Service to find and verify signatures.","etag":"AA==","includedPermissions":["binaryauthorization.attestors.get","binaryauthorization.attestors.list","binaryauthorization.attestors.verifyImageAttested","cloudasset.assets.exportResource","cloudasset.feeds.create","cloudasset.feeds.delete","cloudasset.feeds.get","cloudasset.feeds.update","containeranalysis.notes.get","containeranalysis.notes.list","containeranalysis.notes.listOccurrences","containeranalysis.occurrences.get","containeranalysis.occurrences.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/binaryauthorization.serviceAgent","stage":"GA","title":"Binary Authorization Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Access to browse GCP resources.","etag":"AA==","includedPermissions":["resourcemanager.folders.get","resourcemanager.folders.list","resourcemanager.organizations.get","resourcemanager.projects.get","resourcemanager.projects.getIamPolicy","resourcemanager.projects.list"],"name":"roles/browser","stage":"GA","title":"Browser","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"This role can view all properties of Patients.","etag":"AA==","includedPermissions":["carestudio.patients.get","carestudio.patients.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/carestudio.viewer","stage":"GA","title":"Care Studio Patients Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Edit access to Certificate Manager all resources.","etag":"AA==","includedPermissions":["certificatemanager.certmapentries.create","certificatemanager.certmapentries.get","certificatemanager.certmapentries.getIamPolicy","certificatemanager.certmapentries.list","certificatemanager.certmapentries.update","certificatemanager.certmaps.create","certificatemanager.certmaps.get","certificatemanager.certmaps.getIamPolicy","certificatemanager.certmaps.list","certificatemanager.certmaps.update","certificatemanager.certmaps.use","certificatemanager.certs.create","certificatemanager.certs.get","certificatemanager.certs.getIamPolicy","certificatemanager.certs.list","certificatemanager.certs.update","certificatemanager.certs.use","certificatemanager.dnsauthorizations.create","certificatemanager.dnsauthorizations.get","certificatemanager.dnsauthorizations.getIamPolicy","certificatemanager.dnsauthorizations.list","certificatemanager.dnsauthorizations.update","certificatemanager.dnsauthorizations.use","certificatemanager.locations.get","certificatemanager.locations.list","certificatemanager.operations.get","certificatemanager.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/certificatemanager.editor","stage":"BETA","title":"Certificate Manager Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Full access to Certificate Manager all resources.","etag":"AA==","includedPermissions":["certificatemanager.certmapentries.create","certificatemanager.certmapentries.delete","certificatemanager.certmapentries.get","certificatemanager.certmapentries.getIamPolicy","certificatemanager.certmapentries.list","certificatemanager.certmapentries.setIamPolicy","certificatemanager.certmapentries.update","certificatemanager.certmaps.create","certificatemanager.certmaps.delete","certificatemanager.certmaps.get","certificatemanager.certmaps.getIamPolicy","certificatemanager.certmaps.list","certificatemanager.certmaps.setIamPolicy","certificatemanager.certmaps.update","certificatemanager.certmaps.use","certificatemanager.certs.create","certificatemanager.certs.delete","certificatemanager.certs.get","certificatemanager.certs.getIamPolicy","certificatemanager.certs.list","certificatemanager.certs.setIamPolicy","certificatemanager.certs.update","certificatemanager.certs.use","certificatemanager.dnsauthorizations.create","certificatemanager.dnsauthorizations.delete","certificatemanager.dnsauthorizations.get","certificatemanager.dnsauthorizations.getIamPolicy","certificatemanager.dnsauthorizations.list","certificatemanager.dnsauthorizations.setIamPolicy","certificatemanager.dnsauthorizations.update","certificatemanager.dnsauthorizations.use","certificatemanager.locations.get","certificatemanager.locations.list","certificatemanager.operations.cancel","certificatemanager.operations.delete","certificatemanager.operations.get","certificatemanager.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/certificatemanager.owner","stage":"BETA","title":"Certificate Manager Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Read-only access to Certificate Manager all resources.","etag":"AA==","includedPermissions":["certificatemanager.certmapentries.get","certificatemanager.certmapentries.getIamPolicy","certificatemanager.certmapentries.list","certificatemanager.certmaps.get","certificatemanager.certmaps.getIamPolicy","certificatemanager.certmaps.list","certificatemanager.certs.get","certificatemanager.certs.getIamPolicy","certificatemanager.certs.list","certificatemanager.dnsauthorizations.get","certificatemanager.dnsauthorizations.getIamPolicy","certificatemanager.dnsauthorizations.list","certificatemanager.locations.get","certificatemanager.locations.list","certificatemanager.operations.get","certificatemanager.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/certificatemanager.viewer","stage":"BETA","title":"Certificate Manager Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Edit access to Certificate Manager all resources.","etag":"AA==","includedPermissions":["certificatemanager.certmapentries.create","certificatemanager.certmapentries.get","certificatemanager.certmapentries.getIamPolicy","certificatemanager.certmapentries.list","certificatemanager.certmapentries.update","certificatemanager.certmaps.create","certificatemanager.certmaps.get","certificatemanager.certmaps.getIamPolicy","certificatemanager.certmaps.list","certificatemanager.certmaps.update","certificatemanager.certmaps.use","certificatemanager.certs.create","certificatemanager.certs.get","certificatemanager.certs.getIamPolicy","certificatemanager.certs.list","certificatemanager.certs.update","certificatemanager.certs.use","certificatemanager.dnsauthorizations.create","certificatemanager.dnsauthorizations.get","certificatemanager.dnsauthorizations.getIamPolicy","certificatemanager.dnsauthorizations.list","certificatemanager.dnsauthorizations.update","certificatemanager.dnsauthorizations.use","certificatemanager.locations.get","certificatemanager.locations.list","certificatemanager.operations.get","certificatemanager.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/certificatemanager.editor","stage":"GA","title":"Certificate Manager Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Full access to Certificate Manager all resources.","etag":"AA==","includedPermissions":["certificatemanager.certmapentries.create","certificatemanager.certmapentries.delete","certificatemanager.certmapentries.get","certificatemanager.certmapentries.getIamPolicy","certificatemanager.certmapentries.list","certificatemanager.certmapentries.setIamPolicy","certificatemanager.certmapentries.update","certificatemanager.certmaps.create","certificatemanager.certmaps.delete","certificatemanager.certmaps.get","certificatemanager.certmaps.getIamPolicy","certificatemanager.certmaps.list","certificatemanager.certmaps.setIamPolicy","certificatemanager.certmaps.update","certificatemanager.certmaps.use","certificatemanager.certs.create","certificatemanager.certs.delete","certificatemanager.certs.get","certificatemanager.certs.getIamPolicy","certificatemanager.certs.list","certificatemanager.certs.setIamPolicy","certificatemanager.certs.update","certificatemanager.certs.use","certificatemanager.dnsauthorizations.create","certificatemanager.dnsauthorizations.delete","certificatemanager.dnsauthorizations.get","certificatemanager.dnsauthorizations.getIamPolicy","certificatemanager.dnsauthorizations.list","certificatemanager.dnsauthorizations.setIamPolicy","certificatemanager.dnsauthorizations.update","certificatemanager.dnsauthorizations.use","certificatemanager.locations.get","certificatemanager.locations.list","certificatemanager.operations.cancel","certificatemanager.operations.delete","certificatemanager.operations.get","certificatemanager.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/certificatemanager.owner","stage":"GA","title":"Certificate Manager Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Read-only access to Certificate Manager all resources.","etag":"AA==","includedPermissions":["certificatemanager.certmapentries.get","certificatemanager.certmapentries.getIamPolicy","certificatemanager.certmapentries.list","certificatemanager.certmaps.get","certificatemanager.certmaps.getIamPolicy","certificatemanager.certmaps.list","certificatemanager.certs.get","certificatemanager.certs.getIamPolicy","certificatemanager.certs.list","certificatemanager.dnsauthorizations.get","certificatemanager.dnsauthorizations.getIamPolicy","certificatemanager.dnsauthorizations.list","certificatemanager.locations.get","certificatemanager.locations.list","certificatemanager.operations.get","certificatemanager.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/certificatemanager.viewer","stage":"GA","title":"Certificate Manager Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Can view and modify bot configurations","etag":"AA==","includedPermissions":["chat.bots.get","chat.bots.update"],"name":"roles/chat.owner","stage":"GA","title":"Chat Bots Owner","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Can view bot configurations","etag":"AA==","includedPermissions":["chat.bots.get"],"name":"roles/chat.reader","stage":"GA","title":"Chat Bots Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Admins can view and modify Chronicle service details.","etag":"AA==","includedPermissions":["chroniclesm.gcpAssociations.create","chroniclesm.gcpAssociations.delete","chroniclesm.gcpAssociations.get","chroniclesm.gcpSettings.get","chroniclesm.gcpSettings.update"],"name":"roles/chroniclesm.admin","stage":"GA","title":"Chronicle Service Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} @@ -376,10 +376,10 @@ {"description":"Gives Cloud Dataflow service account access to managed resources. Includes access to service accounts.","etag":"AA==","includedPermissions":["bigquery.bireservations.get","bigquery.bireservations.update","bigquery.capacityCommitments.create","bigquery.capacityCommitments.delete","bigquery.capacityCommitments.get","bigquery.capacityCommitments.list","bigquery.capacityCommitments.update","bigquery.config.get","bigquery.config.update","bigquery.connections.create","bigquery.connections.delegate","bigquery.connections.delete","bigquery.connections.get","bigquery.connections.getIamPolicy","bigquery.connections.list","bigquery.connections.setIamPolicy","bigquery.connections.update","bigquery.connections.updateTag","bigquery.connections.use","bigquery.dataPolicies.create","bigquery.dataPolicies.delete","bigquery.dataPolicies.get","bigquery.dataPolicies.getIamPolicy","bigquery.dataPolicies.list","bigquery.dataPolicies.setIamPolicy","bigquery.dataPolicies.update","bigquery.datasets.create","bigquery.datasets.createTagBinding","bigquery.datasets.delete","bigquery.datasets.deleteTagBinding","bigquery.datasets.get","bigquery.datasets.getIamPolicy","bigquery.datasets.link","bigquery.datasets.listTagBindings","bigquery.datasets.setIamPolicy","bigquery.datasets.update","bigquery.datasets.updateTag","bigquery.jobs.create","bigquery.jobs.delete","bigquery.jobs.get","bigquery.jobs.list","bigquery.jobs.listAll","bigquery.jobs.listExecutionMetadata","bigquery.jobs.update","bigquery.models.create","bigquery.models.delete","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.models.updateData","bigquery.models.updateMetadata","bigquery.models.updateTag","bigquery.readsessions.create","bigquery.readsessions.getData","bigquery.readsessions.update","bigquery.reservationAssignments.create","bigquery.reservationAssignments.delete","bigquery.reservationAssignments.list","bigquery.reservationAssignments.search","bigquery.reservations.create","bigquery.reservations.delete","bigquery.reservations.get","bigquery.reservations.list","bigquery.reservations.update","bigquery.routines.create","bigquery.routines.delete","bigquery.routines.get","bigquery.routines.list","bigquery.routines.update","bigquery.routines.updateTag","bigquery.rowAccessPolicies.create","bigquery.rowAccessPolicies.delete","bigquery.rowAccessPolicies.getIamPolicy","bigquery.rowAccessPolicies.list","bigquery.rowAccessPolicies.overrideTimeTravelRestrictions","bigquery.rowAccessPolicies.setIamPolicy","bigquery.rowAccessPolicies.update","bigquery.savedqueries.create","bigquery.savedqueries.delete","bigquery.savedqueries.get","bigquery.savedqueries.list","bigquery.savedqueries.update","bigquery.tables.create","bigquery.tables.createIndex","bigquery.tables.createSnapshot","bigquery.tables.delete","bigquery.tables.deleteIndex","bigquery.tables.deleteSnapshot","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.getIamPolicy","bigquery.tables.list","bigquery.tables.restoreSnapshot","bigquery.tables.setCategory","bigquery.tables.setIamPolicy","bigquery.tables.update","bigquery.tables.updateData","bigquery.tables.updateTag","bigquery.transfers.get","bigquery.transfers.update","bigquerymigration.translation.translate","clouddebugger.breakpoints.list","clouddebugger.breakpoints.listActive","clouddebugger.breakpoints.update","clouddebugger.debuggees.create","cloudnotifications.activities.list","compute.acceleratorTypes.get","compute.acceleratorTypes.list","compute.addresses.create","compute.addresses.createInternal","compute.addresses.delete","compute.addresses.deleteInternal","compute.addresses.get","compute.addresses.list","compute.addresses.setLabels","compute.addresses.use","compute.addresses.useInternal","compute.autoscalers.create","compute.autoscalers.delete","compute.autoscalers.get","compute.autoscalers.list","compute.autoscalers.update","compute.backendBuckets.create","compute.backendBuckets.delete","compute.backendBuckets.get","compute.backendBuckets.list","compute.backendBuckets.setSecurityPolicy","compute.backendBuckets.update","compute.backendBuckets.use","compute.backendServices.create","compute.backendServices.delete","compute.backendServices.get","compute.backendServices.getIamPolicy","compute.backendServices.list","compute.backendServices.setIamPolicy","compute.backendServices.setSecurityPolicy","compute.backendServices.update","compute.backendServices.use","compute.diskTypes.get","compute.diskTypes.list","compute.disks.addResourcePolicies","compute.disks.create","compute.disks.createSnapshot","compute.disks.createTagBinding","compute.disks.delete","compute.disks.deleteTagBinding","compute.disks.get","compute.disks.getIamPolicy","compute.disks.list","compute.disks.listEffectiveTags","compute.disks.listTagBindings","compute.disks.removeResourcePolicies","compute.disks.resize","compute.disks.setIamPolicy","compute.disks.setLabels","compute.disks.update","compute.disks.use","compute.disks.useReadOnly","compute.externalVpnGateways.create","compute.externalVpnGateways.delete","compute.externalVpnGateways.get","compute.externalVpnGateways.list","compute.externalVpnGateways.setLabels","compute.externalVpnGateways.use","compute.firewallPolicies.get","compute.firewallPolicies.list","compute.firewallPolicies.use","compute.firewalls.get","compute.firewalls.list","compute.forwardingRules.create","compute.forwardingRules.delete","compute.forwardingRules.get","compute.forwardingRules.list","compute.forwardingRules.pscCreate","compute.forwardingRules.pscDelete","compute.forwardingRules.pscSetLabels","compute.forwardingRules.pscSetTarget","compute.forwardingRules.pscUpdate","compute.forwardingRules.setLabels","compute.forwardingRules.setTarget","compute.forwardingRules.update","compute.forwardingRules.use","compute.globalAddresses.create","compute.globalAddresses.createInternal","compute.globalAddresses.delete","compute.globalAddresses.deleteInternal","compute.globalAddresses.get","compute.globalAddresses.list","compute.globalAddresses.setLabels","compute.globalAddresses.use","compute.globalForwardingRules.create","compute.globalForwardingRules.delete","compute.globalForwardingRules.get","compute.globalForwardingRules.list","compute.globalForwardingRules.pscCreate","compute.globalForwardingRules.pscDelete","compute.globalForwardingRules.pscGet","compute.globalForwardingRules.pscSetLabels","compute.globalForwardingRules.pscSetTarget","compute.globalForwardingRules.pscUpdate","compute.globalForwardingRules.setLabels","compute.globalForwardingRules.setTarget","compute.globalForwardingRules.update","compute.globalNetworkEndpointGroups.attachNetworkEndpoints","compute.globalNetworkEndpointGroups.create","compute.globalNetworkEndpointGroups.delete","compute.globalNetworkEndpointGroups.detachNetworkEndpoints","compute.globalNetworkEndpointGroups.get","compute.globalNetworkEndpointGroups.list","compute.globalNetworkEndpointGroups.use","compute.globalOperations.get","compute.globalOperations.list","compute.globalPublicDelegatedPrefixes.delete","compute.globalPublicDelegatedPrefixes.get","compute.globalPublicDelegatedPrefixes.list","compute.globalPublicDelegatedPrefixes.update","compute.globalPublicDelegatedPrefixes.updatePolicy","compute.healthChecks.create","compute.healthChecks.delete","compute.healthChecks.get","compute.healthChecks.list","compute.healthChecks.update","compute.healthChecks.use","compute.healthChecks.useReadOnly","compute.httpHealthChecks.create","compute.httpHealthChecks.delete","compute.httpHealthChecks.get","compute.httpHealthChecks.list","compute.httpHealthChecks.update","compute.httpHealthChecks.use","compute.httpHealthChecks.useReadOnly","compute.httpsHealthChecks.create","compute.httpsHealthChecks.delete","compute.httpsHealthChecks.get","compute.httpsHealthChecks.list","compute.httpsHealthChecks.update","compute.httpsHealthChecks.use","compute.httpsHealthChecks.useReadOnly","compute.images.create","compute.images.createTagBinding","compute.images.delete","compute.images.deleteTagBinding","compute.images.deprecate","compute.images.get","compute.images.getFromFamily","compute.images.getIamPolicy","compute.images.list","compute.images.listEffectiveTags","compute.images.listTagBindings","compute.images.setIamPolicy","compute.images.setLabels","compute.images.update","compute.images.useReadOnly","compute.instanceGroupManagers.create","compute.instanceGroupManagers.delete","compute.instanceGroupManagers.get","compute.instanceGroupManagers.list","compute.instanceGroupManagers.update","compute.instanceGroupManagers.use","compute.instanceGroups.create","compute.instanceGroups.delete","compute.instanceGroups.get","compute.instanceGroups.list","compute.instanceGroups.update","compute.instanceGroups.use","compute.instanceTemplates.create","compute.instanceTemplates.delete","compute.instanceTemplates.get","compute.instanceTemplates.getIamPolicy","compute.instanceTemplates.list","compute.instanceTemplates.setIamPolicy","compute.instanceTemplates.useReadOnly","compute.instances.addAccessConfig","compute.instances.addMaintenancePolicies","compute.instances.addResourcePolicies","compute.instances.attachDisk","compute.instances.create","compute.instances.createTagBinding","compute.instances.delete","compute.instances.deleteAccessConfig","compute.instances.deleteTagBinding","compute.instances.detachDisk","compute.instances.get","compute.instances.getEffectiveFirewalls","compute.instances.getGuestAttributes","compute.instances.getIamPolicy","compute.instances.getScreenshot","compute.instances.getSerialPortOutput","compute.instances.getShieldedInstanceIdentity","compute.instances.getShieldedVmIdentity","compute.instances.list","compute.instances.listEffectiveTags","compute.instances.listReferrers","compute.instances.listTagBindings","compute.instances.osAdminLogin","compute.instances.osLogin","compute.instances.removeMaintenancePolicies","compute.instances.removeResourcePolicies","compute.instances.reset","compute.instances.resume","compute.instances.sendDiagnosticInterrupt","compute.instances.setDeletionProtection","compute.instances.setDiskAutoDelete","compute.instances.setIamPolicy","compute.instances.setLabels","compute.instances.setMachineResources","compute.instances.setMachineType","compute.instances.setMetadata","compute.instances.setMinCpuPlatform","compute.instances.setScheduling","compute.instances.setServiceAccount","compute.instances.setShieldedInstanceIntegrityPolicy","compute.instances.setShieldedVmIntegrityPolicy","compute.instances.setTags","compute.instances.start","compute.instances.startWithEncryptionKey","compute.instances.stop","compute.instances.suspend","compute.instances.update","compute.instances.updateAccessConfig","compute.instances.updateDisplayDevice","compute.instances.updateNetworkInterface","compute.instances.updateSecurity","compute.instances.updateShieldedInstanceConfig","compute.instances.updateShieldedVmConfig","compute.instances.use","compute.instances.useReadOnly","compute.interconnectAttachments.create","compute.interconnectAttachments.delete","compute.interconnectAttachments.get","compute.interconnectAttachments.list","compute.interconnectAttachments.setLabels","compute.interconnectAttachments.update","compute.interconnectAttachments.use","compute.interconnectLocations.get","compute.interconnectLocations.list","compute.interconnects.create","compute.interconnects.delete","compute.interconnects.get","compute.interconnects.list","compute.interconnects.setLabels","compute.interconnects.update","compute.interconnects.use","compute.licenseCodes.get","compute.licenseCodes.getIamPolicy","compute.licenseCodes.list","compute.licenseCodes.setIamPolicy","compute.licenseCodes.update","compute.licenseCodes.use","compute.licenses.create","compute.licenses.delete","compute.licenses.get","compute.licenses.getIamPolicy","compute.licenses.list","compute.licenses.setIamPolicy","compute.machineImages.create","compute.machineImages.delete","compute.machineImages.get","compute.machineImages.getIamPolicy","compute.machineImages.list","compute.machineImages.setIamPolicy","compute.machineImages.useReadOnly","compute.machineTypes.get","compute.machineTypes.list","compute.networkEndpointGroups.attachNetworkEndpoints","compute.networkEndpointGroups.create","compute.networkEndpointGroups.delete","compute.networkEndpointGroups.detachNetworkEndpoints","compute.networkEndpointGroups.get","compute.networkEndpointGroups.getIamPolicy","compute.networkEndpointGroups.list","compute.networkEndpointGroups.setIamPolicy","compute.networkEndpointGroups.use","compute.networks.access","compute.networks.addPeering","compute.networks.create","compute.networks.delete","compute.networks.get","compute.networks.getEffectiveFirewalls","compute.networks.getRegionEffectiveFirewalls","compute.networks.list","compute.networks.listPeeringRoutes","compute.networks.mirror","compute.networks.removePeering","compute.networks.setFirewallPolicy","compute.networks.switchToCustomMode","compute.networks.update","compute.networks.updatePeering","compute.networks.updatePolicy","compute.networks.use","compute.networks.useExternalIp","compute.packetMirrorings.get","compute.packetMirrorings.list","compute.projects.get","compute.publicDelegatedPrefixes.delete","compute.publicDelegatedPrefixes.get","compute.publicDelegatedPrefixes.list","compute.publicDelegatedPrefixes.update","compute.publicDelegatedPrefixes.updatePolicy","compute.regionBackendServices.create","compute.regionBackendServices.delete","compute.regionBackendServices.get","compute.regionBackendServices.getIamPolicy","compute.regionBackendServices.list","compute.regionBackendServices.setIamPolicy","compute.regionBackendServices.setSecurityPolicy","compute.regionBackendServices.update","compute.regionBackendServices.use","compute.regionFirewallPolicies.get","compute.regionFirewallPolicies.list","compute.regionFirewallPolicies.use","compute.regionHealthCheckServices.create","compute.regionHealthCheckServices.delete","compute.regionHealthCheckServices.get","compute.regionHealthCheckServices.list","compute.regionHealthCheckServices.update","compute.regionHealthCheckServices.use","compute.regionHealthChecks.create","compute.regionHealthChecks.delete","compute.regionHealthChecks.get","compute.regionHealthChecks.list","compute.regionHealthChecks.update","compute.regionHealthChecks.use","compute.regionHealthChecks.useReadOnly","compute.regionNetworkEndpointGroups.create","compute.regionNetworkEndpointGroups.delete","compute.regionNetworkEndpointGroups.get","compute.regionNetworkEndpointGroups.list","compute.regionNetworkEndpointGroups.use","compute.regionNotificationEndpoints.create","compute.regionNotificationEndpoints.delete","compute.regionNotificationEndpoints.get","compute.regionNotificationEndpoints.list","compute.regionNotificationEndpoints.update","compute.regionNotificationEndpoints.use","compute.regionOperations.get","compute.regionOperations.list","compute.regionSslCertificates.get","compute.regionSslCertificates.list","compute.regionTargetHttpProxies.create","compute.regionTargetHttpProxies.delete","compute.regionTargetHttpProxies.get","compute.regionTargetHttpProxies.list","compute.regionTargetHttpProxies.setUrlMap","compute.regionTargetHttpProxies.use","compute.regionTargetHttpsProxies.create","compute.regionTargetHttpsProxies.delete","compute.regionTargetHttpsProxies.get","compute.regionTargetHttpsProxies.list","compute.regionTargetHttpsProxies.setSslCertificates","compute.regionTargetHttpsProxies.setUrlMap","compute.regionTargetHttpsProxies.use","compute.regionUrlMaps.create","compute.regionUrlMaps.delete","compute.regionUrlMaps.get","compute.regionUrlMaps.invalidateCache","compute.regionUrlMaps.list","compute.regionUrlMaps.update","compute.regionUrlMaps.use","compute.regionUrlMaps.validate","compute.regions.get","compute.regions.list","compute.reservations.get","compute.reservations.list","compute.resourcePolicies.create","compute.resourcePolicies.delete","compute.resourcePolicies.get","compute.resourcePolicies.list","compute.resourcePolicies.use","compute.routers.create","compute.routers.delete","compute.routers.get","compute.routers.list","compute.routers.update","compute.routers.use","compute.routes.create","compute.routes.delete","compute.routes.get","compute.routes.list","compute.securityPolicies.get","compute.securityPolicies.list","compute.securityPolicies.use","compute.serviceAttachments.create","compute.serviceAttachments.delete","compute.serviceAttachments.get","compute.serviceAttachments.list","compute.serviceAttachments.update","compute.snapshots.create","compute.snapshots.createTagBinding","compute.snapshots.delete","compute.snapshots.deleteTagBinding","compute.snapshots.get","compute.snapshots.getIamPolicy","compute.snapshots.list","compute.snapshots.listEffectiveTags","compute.snapshots.listTagBindings","compute.snapshots.setIamPolicy","compute.snapshots.setLabels","compute.snapshots.useReadOnly","compute.sslCertificates.get","compute.sslCertificates.list","compute.sslPolicies.create","compute.sslPolicies.delete","compute.sslPolicies.get","compute.sslPolicies.list","compute.sslPolicies.listAvailableFeatures","compute.sslPolicies.update","compute.sslPolicies.use","compute.subnetworks.create","compute.subnetworks.delete","compute.subnetworks.expandIpCidrRange","compute.subnetworks.get","compute.subnetworks.getIamPolicy","compute.subnetworks.list","compute.subnetworks.mirror","compute.subnetworks.setIamPolicy","compute.subnetworks.setPrivateIpGoogleAccess","compute.subnetworks.update","compute.subnetworks.use","compute.subnetworks.useExternalIp","compute.targetGrpcProxies.create","compute.targetGrpcProxies.delete","compute.targetGrpcProxies.get","compute.targetGrpcProxies.list","compute.targetGrpcProxies.update","compute.targetGrpcProxies.use","compute.targetHttpProxies.create","compute.targetHttpProxies.delete","compute.targetHttpProxies.get","compute.targetHttpProxies.list","compute.targetHttpProxies.setUrlMap","compute.targetHttpProxies.use","compute.targetHttpsProxies.create","compute.targetHttpsProxies.delete","compute.targetHttpsProxies.get","compute.targetHttpsProxies.list","compute.targetHttpsProxies.setSslCertificates","compute.targetHttpsProxies.setSslPolicy","compute.targetHttpsProxies.setUrlMap","compute.targetHttpsProxies.use","compute.targetInstances.create","compute.targetInstances.delete","compute.targetInstances.get","compute.targetInstances.list","compute.targetInstances.use","compute.targetPools.addHealthCheck","compute.targetPools.addInstance","compute.targetPools.create","compute.targetPools.delete","compute.targetPools.get","compute.targetPools.list","compute.targetPools.removeHealthCheck","compute.targetPools.removeInstance","compute.targetPools.update","compute.targetPools.use","compute.targetSslProxies.create","compute.targetSslProxies.delete","compute.targetSslProxies.get","compute.targetSslProxies.list","compute.targetSslProxies.setBackendService","compute.targetSslProxies.setProxyHeader","compute.targetSslProxies.setSslCertificates","compute.targetSslProxies.use","compute.targetTcpProxies.create","compute.targetTcpProxies.delete","compute.targetTcpProxies.get","compute.targetTcpProxies.list","compute.targetTcpProxies.update","compute.targetTcpProxies.use","compute.targetVpnGateways.create","compute.targetVpnGateways.delete","compute.targetVpnGateways.get","compute.targetVpnGateways.list","compute.targetVpnGateways.setLabels","compute.targetVpnGateways.use","compute.urlMaps.create","compute.urlMaps.delete","compute.urlMaps.get","compute.urlMaps.invalidateCache","compute.urlMaps.list","compute.urlMaps.update","compute.urlMaps.use","compute.urlMaps.validate","compute.vpnGateways.create","compute.vpnGateways.delete","compute.vpnGateways.get","compute.vpnGateways.list","compute.vpnGateways.setLabels","compute.vpnGateways.use","compute.vpnTunnels.create","compute.vpnTunnels.delete","compute.vpnTunnels.get","compute.vpnTunnels.list","compute.vpnTunnels.setLabels","compute.zoneOperations.get","compute.zoneOperations.list","compute.zones.get","compute.zones.list","dataflow.jobs.cancel","dataflow.jobs.create","dataflow.jobs.get","dataflow.jobs.list","dataflow.jobs.snapshot","dataflow.jobs.updateContents","dataflow.messages.list","dataflow.metrics.get","dataflow.snapshots.delete","dataflow.snapshots.get","dataflow.snapshots.list","firebase.projects.get","iam.serviceAccounts.actAs","iam.serviceAccounts.get","iam.serviceAccounts.getAccessToken","iam.serviceAccounts.implicitDelegation","iam.serviceAccounts.list","iam.serviceAccounts.signBlob","iam.serviceAccounts.signJwt","logging.buckets.create","logging.buckets.delete","logging.buckets.get","logging.buckets.list","logging.buckets.undelete","logging.buckets.update","logging.cmekSettings.get","logging.cmekSettings.update","logging.exclusions.create","logging.exclusions.delete","logging.exclusions.get","logging.exclusions.list","logging.exclusions.update","logging.locations.get","logging.locations.list","logging.logEntries.create","logging.logMetrics.create","logging.logMetrics.delete","logging.logMetrics.get","logging.logMetrics.list","logging.logMetrics.update","logging.logServiceIndexes.list","logging.logServices.list","logging.logs.list","logging.notificationRules.create","logging.notificationRules.delete","logging.notificationRules.get","logging.notificationRules.list","logging.notificationRules.update","logging.operations.cancel","logging.operations.get","logging.operations.list","logging.sinks.create","logging.sinks.delete","logging.sinks.get","logging.sinks.list","logging.sinks.update","logging.views.create","logging.views.delete","logging.views.get","logging.views.list","logging.views.update","monitoring.alertPolicies.get","monitoring.alertPolicies.list","monitoring.dashboards.get","monitoring.dashboards.list","monitoring.groups.get","monitoring.groups.list","monitoring.metricDescriptors.create","monitoring.metricDescriptors.get","monitoring.metricDescriptors.list","monitoring.monitoredResourceDescriptors.get","monitoring.monitoredResourceDescriptors.list","monitoring.notificationChannelDescriptors.get","monitoring.notificationChannelDescriptors.list","monitoring.notificationChannels.get","monitoring.notificationChannels.list","monitoring.publicWidgets.get","monitoring.publicWidgets.list","monitoring.services.get","monitoring.services.list","monitoring.slos.get","monitoring.slos.list","monitoring.timeSeries.create","monitoring.timeSeries.list","monitoring.uptimeCheckConfigs.get","monitoring.uptimeCheckConfigs.list","networkconnectivity.locations.get","networkconnectivity.locations.list","networkconnectivity.operations.cancel","networkconnectivity.operations.delete","networkconnectivity.operations.get","networkconnectivity.operations.list","networksecurity.authorizationPolicies.create","networksecurity.authorizationPolicies.delete","networksecurity.authorizationPolicies.get","networksecurity.authorizationPolicies.getIamPolicy","networksecurity.authorizationPolicies.list","networksecurity.authorizationPolicies.setIamPolicy","networksecurity.authorizationPolicies.update","networksecurity.authorizationPolicies.use","networksecurity.clientTlsPolicies.create","networksecurity.clientTlsPolicies.delete","networksecurity.clientTlsPolicies.get","networksecurity.clientTlsPolicies.getIamPolicy","networksecurity.clientTlsPolicies.list","networksecurity.clientTlsPolicies.setIamPolicy","networksecurity.clientTlsPolicies.update","networksecurity.clientTlsPolicies.use","networksecurity.locations.get","networksecurity.locations.list","networksecurity.operations.cancel","networksecurity.operations.delete","networksecurity.operations.get","networksecurity.operations.list","networksecurity.serverTlsPolicies.create","networksecurity.serverTlsPolicies.delete","networksecurity.serverTlsPolicies.get","networksecurity.serverTlsPolicies.getIamPolicy","networksecurity.serverTlsPolicies.list","networksecurity.serverTlsPolicies.setIamPolicy","networksecurity.serverTlsPolicies.update","networksecurity.serverTlsPolicies.use","networkservices.endpointConfigSelectors.create","networkservices.endpointConfigSelectors.delete","networkservices.endpointConfigSelectors.get","networkservices.endpointConfigSelectors.getIamPolicy","networkservices.endpointConfigSelectors.list","networkservices.endpointConfigSelectors.setIamPolicy","networkservices.endpointConfigSelectors.update","networkservices.endpointConfigSelectors.use","networkservices.endpointPolicies.create","networkservices.endpointPolicies.delete","networkservices.endpointPolicies.get","networkservices.endpointPolicies.getIamPolicy","networkservices.endpointPolicies.list","networkservices.endpointPolicies.setIamPolicy","networkservices.endpointPolicies.update","networkservices.endpointPolicies.use","networkservices.gateways.create","networkservices.gateways.delete","networkservices.gateways.get","networkservices.gateways.list","networkservices.gateways.update","networkservices.gateways.use","networkservices.grpcRoutes.create","networkservices.grpcRoutes.delete","networkservices.grpcRoutes.get","networkservices.grpcRoutes.getIamPolicy","networkservices.grpcRoutes.list","networkservices.grpcRoutes.setIamPolicy","networkservices.grpcRoutes.update","networkservices.grpcRoutes.use","networkservices.httpFilters.create","networkservices.httpFilters.delete","networkservices.httpFilters.get","networkservices.httpFilters.getIamPolicy","networkservices.httpFilters.list","networkservices.httpFilters.setIamPolicy","networkservices.httpFilters.update","networkservices.httpFilters.use","networkservices.httpRoutes.create","networkservices.httpRoutes.delete","networkservices.httpRoutes.get","networkservices.httpRoutes.getIamPolicy","networkservices.httpRoutes.list","networkservices.httpRoutes.setIamPolicy","networkservices.httpRoutes.update","networkservices.httpRoutes.use","networkservices.httpfilters.create","networkservices.httpfilters.delete","networkservices.httpfilters.get","networkservices.httpfilters.getIamPolicy","networkservices.httpfilters.list","networkservices.httpfilters.setIamPolicy","networkservices.httpfilters.update","networkservices.httpfilters.use","networkservices.locations.get","networkservices.locations.list","networkservices.meshes.create","networkservices.meshes.delete","networkservices.meshes.get","networkservices.meshes.getIamPolicy","networkservices.meshes.list","networkservices.meshes.setIamPolicy","networkservices.meshes.update","networkservices.meshes.use","networkservices.operations.cancel","networkservices.operations.delete","networkservices.operations.get","networkservices.operations.list","networkservices.serviceBindings.create","networkservices.serviceBindings.delete","networkservices.serviceBindings.get","networkservices.serviceBindings.list","networkservices.serviceBindings.update","networkservices.tcpRoutes.create","networkservices.tcpRoutes.delete","networkservices.tcpRoutes.get","networkservices.tcpRoutes.getIamPolicy","networkservices.tcpRoutes.list","networkservices.tcpRoutes.setIamPolicy","networkservices.tcpRoutes.update","networkservices.tcpRoutes.use","networkservices.tlsRoutes.create","networkservices.tlsRoutes.delete","networkservices.tlsRoutes.get","networkservices.tlsRoutes.list","networkservices.tlsRoutes.update","networkservices.tlsRoutes.use","opsconfigmonitoring.resourceMetadata.list","orgpolicy.policy.get","pubsub.schemas.attach","pubsub.schemas.create","pubsub.schemas.delete","pubsub.schemas.get","pubsub.schemas.getIamPolicy","pubsub.schemas.list","pubsub.schemas.setIamPolicy","pubsub.schemas.validate","pubsub.snapshots.create","pubsub.snapshots.delete","pubsub.snapshots.get","pubsub.snapshots.getIamPolicy","pubsub.snapshots.list","pubsub.snapshots.seek","pubsub.snapshots.setIamPolicy","pubsub.snapshots.update","pubsub.subscriptions.consume","pubsub.subscriptions.create","pubsub.subscriptions.delete","pubsub.subscriptions.get","pubsub.subscriptions.getIamPolicy","pubsub.subscriptions.list","pubsub.subscriptions.setIamPolicy","pubsub.subscriptions.update","pubsub.topics.attachSubscription","pubsub.topics.create","pubsub.topics.delete","pubsub.topics.detachSubscription","pubsub.topics.get","pubsub.topics.getIamPolicy","pubsub.topics.list","pubsub.topics.publish","pubsub.topics.setIamPolicy","pubsub.topics.update","pubsub.topics.updateTag","recommender.dataflowDiagnosticsInsights.get","recommender.dataflowDiagnosticsInsights.list","recommender.dataflowDiagnosticsInsights.update","resourcemanager.projects.get","resourcemanager.projects.list","servicedirectory.namespaces.create","servicedirectory.namespaces.delete","servicedirectory.services.create","servicedirectory.services.delete","servicenetworking.operations.get","servicenetworking.services.addPeering","servicenetworking.services.createPeeredDnsDomain","servicenetworking.services.deletePeeredDnsDomain","servicenetworking.services.get","servicenetworking.services.listPeeredDnsDomains","serviceusage.quotas.get","serviceusage.services.get","serviceusage.services.list","serviceusage.services.use","stackdriver.projects.get","storage.buckets.create","storage.buckets.createTagBinding","storage.buckets.delete","storage.buckets.deleteTagBinding","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.list","storage.buckets.listEffectiveTags","storage.buckets.listTagBindings","storage.buckets.setIamPolicy","storage.buckets.update","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.setIamPolicy","storage.objects.update","trafficdirector.networks.getConfigs","trafficdirector.networks.reportMetrics"],"name":"roles/dataflow.serviceAgent","stage":"GA","title":"Cloud Dataflow Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Read only access to Dataflow jobs.","etag":"AA==","includedPermissions":["dataflow.jobs.get","dataflow.jobs.list","dataflow.messages.list","dataflow.metrics.get","dataflow.snapshots.get","dataflow.snapshots.list","recommender.dataflowDiagnosticsInsights.get","recommender.dataflowDiagnosticsInsights.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataflow.viewer","stage":"GA","title":"Dataflow Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Worker access to Dataflow. Intended for service accounts.","etag":"AA==","includedPermissions":["autoscaling.sites.readRecommendations","autoscaling.sites.writeMetrics","autoscaling.sites.writeState","compute.instanceGroupManagers.update","compute.instances.delete","compute.instances.setDiskAutoDelete","dataflow.jobs.get","dataflow.shuffle.read","dataflow.shuffle.write","dataflow.streamingWorkItems.commitWork","dataflow.streamingWorkItems.getData","dataflow.streamingWorkItems.getWork","dataflow.workItems.lease","dataflow.workItems.sendMessage","dataflow.workItems.update","logging.logEntries.create","monitoring.timeSeries.create","storage.buckets.get","storage.objects.create","storage.objects.get"],"name":"roles/dataflow.worker","stage":"GA","title":"Dataflow Worker","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Full access to all Dataform resources.","etag":"AA==","includedPermissions":["dataform.compilationResults.create","dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.repositories.create","dataform.repositories.delete","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.list","dataform.repositories.update","dataform.workflowInvocations.cancel","dataform.workflowInvocations.create","dataform.workflowInvocations.delete","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.commit","dataform.workspaces.create","dataform.workspaces.delete","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.installNpmPackages","dataform.workspaces.list","dataform.workspaces.makeDirectory","dataform.workspaces.moveDirectory","dataform.workspaces.moveFile","dataform.workspaces.pull","dataform.workspaces.push","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","dataform.workspaces.removeDirectory","dataform.workspaces.removeFile","dataform.workspaces.reset","dataform.workspaces.writeFile","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.admin","stage":"ALPHA","title":"Dataform Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Edit access to Workspaces and Read-only access to Repositories.","etag":"AA==","includedPermissions":["dataform.compilationResults.create","dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.list","dataform.workflowInvocations.cancel","dataform.workflowInvocations.create","dataform.workflowInvocations.delete","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.commit","dataform.workspaces.create","dataform.workspaces.delete","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.installNpmPackages","dataform.workspaces.list","dataform.workspaces.makeDirectory","dataform.workspaces.moveDirectory","dataform.workspaces.moveFile","dataform.workspaces.pull","dataform.workspaces.push","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","dataform.workspaces.removeDirectory","dataform.workspaces.removeFile","dataform.workspaces.reset","dataform.workspaces.writeFile","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.editor","stage":"ALPHA","title":"Dataform Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Full access to all Dataform resources.","etag":"AA==","includedPermissions":["dataform.compilationResults.create","dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.repositories.create","dataform.repositories.delete","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.list","dataform.repositories.update","dataform.workflowInvocations.cancel","dataform.workflowInvocations.create","dataform.workflowInvocations.delete","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.commit","dataform.workspaces.create","dataform.workspaces.delete","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.installNpmPackages","dataform.workspaces.list","dataform.workspaces.makeDirectory","dataform.workspaces.moveDirectory","dataform.workspaces.moveFile","dataform.workspaces.pull","dataform.workspaces.push","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","dataform.workspaces.removeDirectory","dataform.workspaces.removeFile","dataform.workspaces.reset","dataform.workspaces.writeFile","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.admin","stage":"BETA","title":"Dataform Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Edit access to Workspaces and Read-only access to Repositories.","etag":"AA==","includedPermissions":["dataform.compilationResults.create","dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.list","dataform.workflowInvocations.cancel","dataform.workflowInvocations.create","dataform.workflowInvocations.delete","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.commit","dataform.workspaces.create","dataform.workspaces.delete","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.installNpmPackages","dataform.workspaces.list","dataform.workspaces.makeDirectory","dataform.workspaces.moveDirectory","dataform.workspaces.moveFile","dataform.workspaces.pull","dataform.workspaces.push","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","dataform.workspaces.removeDirectory","dataform.workspaces.removeFile","dataform.workspaces.reset","dataform.workspaces.writeFile","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.editor","stage":"BETA","title":"Dataform Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Gives permission for the Dataform API to access a secret from Secret Manager","etag":"AA==","includedPermissions":["resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.serviceAgent","stage":"GA","title":"Dataform Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Read-only access to all Dataform resources.","etag":"AA==","includedPermissions":["dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.list","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.list","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.viewer","stage":"ALPHA","title":"Dataform Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Read-only access to all Dataform resources.","etag":"AA==","includedPermissions":["dataform.compilationResults.get","dataform.compilationResults.list","dataform.compilationResults.query","dataform.locations.get","dataform.locations.list","dataform.repositories.fetchRemoteBranches","dataform.repositories.get","dataform.repositories.list","dataform.workflowInvocations.get","dataform.workflowInvocations.list","dataform.workflowInvocations.query","dataform.workspaces.fetchFileDiff","dataform.workspaces.fetchFileGitStatuses","dataform.workspaces.fetchGitAheadBehind","dataform.workspaces.get","dataform.workspaces.list","dataform.workspaces.queryDirectoryContents","dataform.workspaces.readFile","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/dataform.viewer","stage":"BETA","title":"Dataform Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Full access to Cloud Data Fusion Instances, Namespaces and related resources.","etag":"AA==","includedPermissions":["datafusion.instances.create","datafusion.instances.delete","datafusion.instances.get","datafusion.instances.getIamPolicy","datafusion.instances.list","datafusion.instances.restart","datafusion.instances.runtime","datafusion.instances.setIamPolicy","datafusion.instances.update","datafusion.instances.upgrade","datafusion.locations.get","datafusion.locations.list","datafusion.operations.cancel","datafusion.operations.get","datafusion.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/datafusion.admin","stage":"BETA","title":"Cloud Data Fusion Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Access to Cloud Data Fusion runtime resources.","etag":"AA==","includedPermissions":["datafusion.instances.runtime"],"name":"roles/datafusion.runner","stage":"BETA","title":"Cloud Data Fusion Runner","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Gives Cloud Data Fusion service account access to Service Networking, Cloud Dataproc, Cloud Storage, BigQuery, Cloud Spanner, and Cloud Bigtable resources.","etag":"AA==","includedPermissions":["bigquery.config.get","bigquery.dataPolicies.create","bigquery.dataPolicies.delete","bigquery.dataPolicies.get","bigquery.dataPolicies.getIamPolicy","bigquery.dataPolicies.list","bigquery.dataPolicies.setIamPolicy","bigquery.dataPolicies.update","bigquery.datasets.create","bigquery.datasets.createTagBinding","bigquery.datasets.delete","bigquery.datasets.deleteTagBinding","bigquery.datasets.get","bigquery.datasets.getIamPolicy","bigquery.datasets.link","bigquery.datasets.listTagBindings","bigquery.datasets.setIamPolicy","bigquery.datasets.update","bigquery.datasets.updateTag","bigquery.jobs.create","bigquery.models.create","bigquery.models.delete","bigquery.models.export","bigquery.models.getData","bigquery.models.getMetadata","bigquery.models.list","bigquery.models.updateData","bigquery.models.updateMetadata","bigquery.models.updateTag","bigquery.routines.create","bigquery.routines.delete","bigquery.routines.get","bigquery.routines.list","bigquery.routines.update","bigquery.routines.updateTag","bigquery.rowAccessPolicies.create","bigquery.rowAccessPolicies.delete","bigquery.rowAccessPolicies.getIamPolicy","bigquery.rowAccessPolicies.list","bigquery.rowAccessPolicies.setIamPolicy","bigquery.rowAccessPolicies.update","bigquery.tables.create","bigquery.tables.createIndex","bigquery.tables.createSnapshot","bigquery.tables.delete","bigquery.tables.deleteIndex","bigquery.tables.deleteSnapshot","bigquery.tables.export","bigquery.tables.get","bigquery.tables.getData","bigquery.tables.getIamPolicy","bigquery.tables.list","bigquery.tables.restoreSnapshot","bigquery.tables.setCategory","bigquery.tables.setIamPolicy","bigquery.tables.update","bigquery.tables.updateData","bigquery.tables.updateTag","bigtable.appProfiles.create","bigtable.appProfiles.delete","bigtable.appProfiles.get","bigtable.appProfiles.list","bigtable.appProfiles.update","bigtable.backups.create","bigtable.backups.delete","bigtable.backups.get","bigtable.backups.getIamPolicy","bigtable.backups.list","bigtable.backups.restore","bigtable.backups.setIamPolicy","bigtable.backups.update","bigtable.clusters.create","bigtable.clusters.delete","bigtable.clusters.get","bigtable.clusters.list","bigtable.clusters.update","bigtable.instances.create","bigtable.instances.delete","bigtable.instances.get","bigtable.instances.getIamPolicy","bigtable.instances.list","bigtable.instances.setIamPolicy","bigtable.instances.update","bigtable.keyvisualizer.get","bigtable.keyvisualizer.list","bigtable.locations.list","bigtable.tables.checkConsistency","bigtable.tables.create","bigtable.tables.delete","bigtable.tables.generateConsistencyToken","bigtable.tables.get","bigtable.tables.getIamPolicy","bigtable.tables.list","bigtable.tables.mutateRows","bigtable.tables.readRows","bigtable.tables.sampleRowKeys","bigtable.tables.setIamPolicy","bigtable.tables.undelete","bigtable.tables.update","compute.acceleratorTypes.get","compute.acceleratorTypes.list","compute.addresses.get","compute.addresses.list","compute.autoscalers.get","compute.autoscalers.list","compute.backendBuckets.get","compute.backendBuckets.list","compute.backendServices.get","compute.backendServices.list","compute.disks.listEffectiveTags","compute.disks.listTagBindings","compute.externalVpnGateways.get","compute.externalVpnGateways.list","compute.firewalls.get","compute.firewalls.list","compute.forwardingRules.get","compute.forwardingRules.list","compute.globalAddresses.get","compute.globalAddresses.list","compute.globalForwardingRules.get","compute.globalForwardingRules.list","compute.globalForwardingRules.pscGet","compute.globalOperations.get","compute.healthChecks.get","compute.healthChecks.list","compute.httpHealthChecks.get","compute.httpHealthChecks.list","compute.httpsHealthChecks.get","compute.httpsHealthChecks.list","compute.images.listEffectiveTags","compute.images.listTagBindings","compute.instanceGroupManagers.get","compute.instanceGroupManagers.list","compute.instanceGroups.get","compute.instanceGroups.list","compute.instances.get","compute.instances.getGuestAttributes","compute.instances.getScreenshot","compute.instances.getSerialPortOutput","compute.instances.list","compute.instances.listEffectiveTags","compute.instances.listReferrers","compute.instances.listTagBindings","compute.interconnectAttachments.get","compute.interconnectAttachments.list","compute.interconnectLocations.get","compute.interconnectLocations.list","compute.interconnects.get","compute.interconnects.list","compute.machineTypes.get","compute.machineTypes.list","compute.networks.addPeering","compute.networks.get","compute.networks.getEffectiveFirewalls","compute.networks.getRegionEffectiveFirewalls","compute.networks.list","compute.networks.listPeeringRoutes","compute.networks.removePeering","compute.networks.update","compute.packetMirrorings.get","compute.packetMirrorings.list","compute.projects.get","compute.regionBackendServices.get","compute.regionBackendServices.list","compute.regionHealthCheckServices.get","compute.regionHealthCheckServices.list","compute.regionHealthChecks.get","compute.regionHealthChecks.list","compute.regionNotificationEndpoints.get","compute.regionNotificationEndpoints.list","compute.regionSslCertificates.get","compute.regionSslCertificates.list","compute.regionTargetHttpProxies.get","compute.regionTargetHttpProxies.list","compute.regionTargetHttpsProxies.get","compute.regionTargetHttpsProxies.list","compute.regionUrlMaps.get","compute.regionUrlMaps.list","compute.regions.get","compute.regions.list","compute.routers.get","compute.routers.list","compute.routes.get","compute.routes.list","compute.serviceAttachments.get","compute.serviceAttachments.list","compute.snapshots.listEffectiveTags","compute.snapshots.listTagBindings","compute.sslCertificates.get","compute.sslCertificates.list","compute.sslPolicies.get","compute.sslPolicies.list","compute.sslPolicies.listAvailableFeatures","compute.subnetworks.get","compute.subnetworks.list","compute.targetGrpcProxies.get","compute.targetGrpcProxies.list","compute.targetHttpProxies.get","compute.targetHttpProxies.list","compute.targetHttpsProxies.get","compute.targetHttpsProxies.list","compute.targetInstances.get","compute.targetInstances.list","compute.targetPools.get","compute.targetPools.list","compute.targetSslProxies.get","compute.targetSslProxies.list","compute.targetTcpProxies.get","compute.targetTcpProxies.list","compute.targetVpnGateways.get","compute.targetVpnGateways.list","compute.urlMaps.get","compute.urlMaps.list","compute.vpnGateways.get","compute.vpnGateways.list","compute.vpnTunnels.get","compute.vpnTunnels.list","compute.zones.get","compute.zones.list","dataproc.autoscalingPolicies.create","dataproc.autoscalingPolicies.delete","dataproc.autoscalingPolicies.get","dataproc.autoscalingPolicies.list","dataproc.autoscalingPolicies.update","dataproc.autoscalingPolicies.use","dataproc.batches.cancel","dataproc.batches.create","dataproc.batches.delete","dataproc.batches.get","dataproc.batches.list","dataproc.clusters.create","dataproc.clusters.delete","dataproc.clusters.get","dataproc.clusters.list","dataproc.clusters.start","dataproc.clusters.stop","dataproc.clusters.update","dataproc.clusters.use","dataproc.jobs.cancel","dataproc.jobs.create","dataproc.jobs.delete","dataproc.jobs.get","dataproc.jobs.list","dataproc.jobs.update","dataproc.operations.cancel","dataproc.operations.delete","dataproc.operations.get","dataproc.operations.list","dataproc.workflowTemplates.create","dataproc.workflowTemplates.delete","dataproc.workflowTemplates.get","dataproc.workflowTemplates.instantiate","dataproc.workflowTemplates.instantiateInline","dataproc.workflowTemplates.list","dataproc.workflowTemplates.update","dns.managedZones.create","dns.managedZones.delete","dns.managedZones.get","dns.managedZones.list","dns.networks.bindPrivateDNSZone","dns.networks.targetWithPeeringZone","firebase.projects.get","monitoring.metricDescriptors.create","monitoring.metricDescriptors.get","monitoring.metricDescriptors.list","monitoring.monitoredResourceDescriptors.get","monitoring.monitoredResourceDescriptors.list","monitoring.timeSeries.create","monitoring.timeSeries.list","networkconnectivity.locations.get","networkconnectivity.locations.list","networkconnectivity.operations.get","networkconnectivity.operations.list","networksecurity.authorizationPolicies.get","networksecurity.authorizationPolicies.list","networksecurity.clientTlsPolicies.get","networksecurity.clientTlsPolicies.list","networksecurity.locations.get","networksecurity.locations.list","networksecurity.operations.get","networksecurity.operations.list","networksecurity.serverTlsPolicies.get","networksecurity.serverTlsPolicies.list","networkservices.endpointConfigSelectors.get","networkservices.endpointConfigSelectors.list","networkservices.endpointPolicies.get","networkservices.endpointPolicies.list","networkservices.gateways.get","networkservices.gateways.list","networkservices.grpcRoutes.get","networkservices.grpcRoutes.list","networkservices.httpFilters.get","networkservices.httpFilters.list","networkservices.httpRoutes.get","networkservices.httpRoutes.list","networkservices.httpfilters.get","networkservices.httpfilters.list","networkservices.locations.get","networkservices.locations.list","networkservices.meshes.get","networkservices.meshes.list","networkservices.operations.get","networkservices.operations.list","networkservices.serviceBindings.get","networkservices.serviceBindings.list","networkservices.tcpRoutes.get","networkservices.tcpRoutes.list","networkservices.tlsRoutes.get","networkservices.tlsRoutes.list","orgpolicy.policy.get","resourcemanager.projects.get","resourcemanager.projects.list","servicenetworking.services.get","serviceusage.quotas.get","serviceusage.services.get","serviceusage.services.list","spanner.databaseOperations.cancel","spanner.databaseOperations.delete","spanner.databaseOperations.get","spanner.databaseOperations.list","spanner.databases.beginOrRollbackReadWriteTransaction","spanner.databases.beginPartitionedDmlTransaction","spanner.databases.beginReadOnlyTransaction","spanner.databases.getDdl","spanner.databases.list","spanner.databases.partitionQuery","spanner.databases.partitionRead","spanner.databases.read","spanner.databases.select","spanner.databases.updateDdl","spanner.databases.write","spanner.instanceConfigs.get","spanner.instanceConfigs.list","spanner.instances.get","spanner.instances.list","spanner.sessions.create","spanner.sessions.delete","spanner.sessions.get","spanner.sessions.list","storage.buckets.create","storage.buckets.createTagBinding","storage.buckets.delete","storage.buckets.deleteTagBinding","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.list","storage.buckets.listEffectiveTags","storage.buckets.listTagBindings","storage.buckets.setIamPolicy","storage.buckets.update","storage.multipartUploads.abort","storage.multipartUploads.create","storage.multipartUploads.list","storage.multipartUploads.listParts","storage.objects.create","storage.objects.delete","storage.objects.get","storage.objects.getIamPolicy","storage.objects.list","storage.objects.setIamPolicy","storage.objects.update","trafficdirector.networks.getConfigs","trafficdirector.networks.reportMetrics"],"name":"roles/datafusion.serviceAgent","stage":"GA","title":"Cloud Data Fusion API Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} @@ -595,9 +595,9 @@ {"description":"Ability to set up GKE Connect between external clusters and Google.","etag":"AA==","includedPermissions":["gkehub.endpoints.connect"],"name":"roles/gkehub.connect","stage":"GA","title":"GKE Connect Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Edit access to GKE Hub resources.","etag":"AA==","includedPermissions":["gkehub.features.create","gkehub.features.delete","gkehub.features.get","gkehub.features.getIamPolicy","gkehub.features.list","gkehub.features.update","gkehub.fleet.create","gkehub.fleet.delete","gkehub.fleet.get","gkehub.fleet.update","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.create","gkehub.memberships.delete","gkehub.memberships.generateConnectManifest","gkehub.memberships.get","gkehub.memberships.getIamPolicy","gkehub.memberships.list","gkehub.memberships.update","gkehub.operations.cancel","gkehub.operations.delete","gkehub.operations.get","gkehub.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/gkehub.editor","stage":"GA","title":"GKE Hub Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Full access to Connect Gateway.","etag":"AA==","includedPermissions":["gkehub.gateway.delete","gkehub.gateway.get","gkehub.gateway.getIamPolicy","gkehub.gateway.patch","gkehub.gateway.post","gkehub.gateway.put","gkehub.gateway.setIamPolicy","serviceusage.services.get"],"name":"roles/gkehub.gatewayAdmin","stage":"GA","title":"Connect Gateway Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Edit access to Connect Gateway.","etag":"AA==","includedPermissions":["gkehub.gateway.delete","gkehub.gateway.get","gkehub.gateway.patch","gkehub.gateway.post","gkehub.gateway.put","serviceusage.services.get"],"name":"roles/gkehub.gatewayEditor","stage":"ALPHA","title":"Connect Gateway Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Edit access to Connect Gateway.","etag":"AA==","includedPermissions":["gkehub.gateway.delete","gkehub.gateway.get","gkehub.gateway.patch","gkehub.gateway.post","gkehub.gateway.put","serviceusage.services.get"],"name":"roles/gkehub.gatewayEditor","stage":"GA","title":"Connect Gateway Editor","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Read-only access to Connect Gateway.","etag":"AA==","includedPermissions":["gkehub.gateway.get","serviceusage.services.get"],"name":"roles/gkehub.gatewayReader","stage":"GA","title":"Connect Gateway Reader","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Gives the GKE Hub service agent access to Cloud Platform resources.","etag":"AA==","includedPermissions":["container.clusterRoleBindings.create","container.clusterRoleBindings.delete","container.clusterRoleBindings.get","container.clusterRoleBindings.list","container.clusterRoleBindings.update","container.clusterRoles.bind","container.clusterRoles.create","container.clusterRoles.delete","container.clusterRoles.escalate","container.clusterRoles.get","container.clusterRoles.list","container.clusterRoles.update","container.clusters.get","container.customResourceDefinitions.create","container.customResourceDefinitions.delete","container.customResourceDefinitions.get","container.customResourceDefinitions.list","container.customResourceDefinitions.update","container.namespaces.get","container.thirdPartyObjects.create","container.thirdPartyObjects.delete","container.thirdPartyObjects.get","container.thirdPartyObjects.list","container.thirdPartyObjects.update","gkehub.features.create","gkehub.features.get","gkehub.features.list","gkehub.fleet.create","gkehub.fleet.get","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.create","gkehub.memberships.generateConnectManifest","gkehub.memberships.get","gkehub.memberships.list","gkehub.operations.get","gkemulticloud.awsClusters.get","gkemulticloud.azureClusters.get","gkeonprem.bareMetalClusters.get","gkeonprem.vmwareClusters.get","serviceusage.services.get","serviceusage.services.list"],"name":"roles/gkehub.serviceAgent","stage":"GA","title":"GKE Hub Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Gives the GKE Hub service agent access to Cloud Platform resources.","etag":"AA==","includedPermissions":["container.clusterRoleBindings.create","container.clusterRoleBindings.delete","container.clusterRoleBindings.get","container.clusterRoleBindings.list","container.clusterRoleBindings.update","container.clusterRoles.bind","container.clusterRoles.create","container.clusterRoles.delete","container.clusterRoles.escalate","container.clusterRoles.get","container.clusterRoles.list","container.clusterRoles.update","container.clusters.get","container.clusters.update","container.customResourceDefinitions.create","container.customResourceDefinitions.delete","container.customResourceDefinitions.get","container.customResourceDefinitions.list","container.customResourceDefinitions.update","container.namespaces.get","container.thirdPartyObjects.create","container.thirdPartyObjects.delete","container.thirdPartyObjects.get","container.thirdPartyObjects.list","container.thirdPartyObjects.update","gkehub.features.create","gkehub.features.get","gkehub.features.list","gkehub.fleet.create","gkehub.fleet.get","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.create","gkehub.memberships.generateConnectManifest","gkehub.memberships.get","gkehub.memberships.list","gkehub.operations.get","gkemulticloud.awsClusters.get","gkemulticloud.azureClusters.get","gkeonprem.bareMetalClusters.get","gkeonprem.vmwareClusters.get","serviceusage.services.get","serviceusage.services.list"],"name":"roles/gkehub.serviceAgent","stage":"GA","title":"GKE Hub Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Read-only access to GKE Hubs and related resources.","etag":"AA==","includedPermissions":["gkehub.features.get","gkehub.features.getIamPolicy","gkehub.features.list","gkehub.fleet.get","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.generateConnectManifest","gkehub.memberships.get","gkehub.memberships.getIamPolicy","gkehub.memberships.list","gkehub.operations.get","gkehub.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/gkehub.viewer","stage":"GA","title":"GKE Hub Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Admin access to Anthos Multi-cloud resources.","etag":"AA==","includedPermissions":["gkemulticloud.awsClusters.create","gkemulticloud.awsClusters.delete","gkemulticloud.awsClusters.generateAccessToken","gkemulticloud.awsClusters.get","gkemulticloud.awsClusters.getAdminKubeconfig","gkemulticloud.awsClusters.list","gkemulticloud.awsClusters.update","gkemulticloud.awsNodePools.create","gkemulticloud.awsNodePools.delete","gkemulticloud.awsNodePools.get","gkemulticloud.awsNodePools.list","gkemulticloud.awsNodePools.update","gkemulticloud.awsServerConfigs.get","gkemulticloud.azureClients.create","gkemulticloud.azureClients.delete","gkemulticloud.azureClients.get","gkemulticloud.azureClients.list","gkemulticloud.azureClusters.create","gkemulticloud.azureClusters.delete","gkemulticloud.azureClusters.generateAccessToken","gkemulticloud.azureClusters.get","gkemulticloud.azureClusters.getAdminKubeconfig","gkemulticloud.azureClusters.list","gkemulticloud.azureClusters.update","gkemulticloud.azureNodePools.create","gkemulticloud.azureNodePools.delete","gkemulticloud.azureNodePools.get","gkemulticloud.azureNodePools.list","gkemulticloud.azureNodePools.update","gkemulticloud.azureServerConfigs.get","gkemulticloud.operations.cancel","gkemulticloud.operations.delete","gkemulticloud.operations.get","gkemulticloud.operations.list","gkemulticloud.operations.wait","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/gkemulticloud.admin","stage":"GA","title":"Anthos Multi-cloud Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Grants the Anthos Multi-Cloud Service Account access to manage resources.","etag":"AA==","includedPermissions":["gkehub.features.create","gkehub.features.delete","gkehub.features.get","gkehub.features.getIamPolicy","gkehub.features.list","gkehub.features.setIamPolicy","gkehub.features.update","gkehub.fleet.create","gkehub.fleet.delete","gkehub.fleet.get","gkehub.fleet.update","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.create","gkehub.memberships.delete","gkehub.memberships.generateConnectManifest","gkehub.memberships.get","gkehub.memberships.getIamPolicy","gkehub.memberships.list","gkehub.memberships.setIamPolicy","gkehub.memberships.update","gkehub.operations.cancel","gkehub.operations.delete","gkehub.operations.get","gkehub.operations.list","gkemulticloud.awsClusters.delete","gkemulticloud.awsNodePools.delete","gkemulticloud.azureClients.delete","gkemulticloud.azureClusters.delete","gkemulticloud.azureNodePools.delete","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/gkemulticloud.serviceAgent","stage":"GA","title":"Anthos Multi-Cloud Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} @@ -1058,4 +1058,4 @@ {"description":"Access to execute workflows and manage the executions.","etag":"AA==","includedPermissions":["resourcemanager.projects.get","resourcemanager.projects.list","workflows.callbacks.send","workflows.executions.cancel","workflows.executions.create","workflows.executions.get","workflows.executions.list"],"name":"roles/workflows.invoker","stage":"GA","title":"Workflows Invoker","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Gives Cloud Workflows service account access to managed resources.","etag":"AA==","includedPermissions":["iam.serviceAccounts.get","iam.serviceAccounts.getAccessToken","iam.serviceAccounts.getOpenIdToken"],"name":"roles/workflows.serviceAgent","stage":"GA","title":"Cloud Workflows Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} {"description":"Read-only access to workflows and related resources.","etag":"AA==","includedPermissions":["resourcemanager.projects.get","resourcemanager.projects.list","workflows.executions.get","workflows.executions.list","workflows.locations.get","workflows.locations.list","workflows.operations.get","workflows.operations.list","workflows.workflows.get","workflows.workflows.list"],"name":"roles/workflows.viewer","stage":"GA","title":"Workflows Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"} -{"description":"Gives the Workload Certificate service agent access to Cloud Platform resources.","etag":"AA==","includedPermissions":["container.clusters.get","container.clusters.update","gkehub.features.get","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.get","gkehub.memberships.list","serviceconsumermanagement.tenancyu.addResource","serviceconsumermanagement.tenancyu.create","serviceconsumermanagement.tenancyu.delete","serviceconsumermanagement.tenancyu.removeResource"],"name":"roles/workloadcertificate.serviceAgent","stage":"GA","title":"Workload Certificate Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} +{"description":"Gives the Workload Certificate service agent access to Cloud Platform resources.","etag":"AA==","includedPermissions":["container.clusters.get","container.clusters.update","gkehub.features.get","gkehub.locations.get","gkehub.locations.list","gkehub.memberships.get","gkehub.memberships.list","serviceconsumermanagement.tenancyu.addResource","serviceconsumermanagement.tenancyu.create","serviceconsumermanagement.tenancyu.delete","serviceconsumermanagement.tenancyu.removeResource","serviceusage.services.use"],"name":"roles/workloadcertificate.serviceAgent","stage":"GA","title":"Workload Certificate Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"} diff --git a/roles/certificatemanager.editor b/roles/certificatemanager.editor index 9979c664..87ab5488 100644 --- a/roles/certificatemanager.editor +++ b/roles/certificatemanager.editor @@ -33,6 +33,6 @@ "resourcemanager.projects.list" ], "name": "roles/certificatemanager.editor", - "stage": "BETA", + "stage": "GA", "title": "Certificate Manager Editor" } diff --git a/roles/certificatemanager.owner b/roles/certificatemanager.owner index 9ab7c110..cd02d747 100644 --- a/roles/certificatemanager.owner +++ b/roles/certificatemanager.owner @@ -43,6 +43,6 @@ "resourcemanager.projects.list" ], "name": "roles/certificatemanager.owner", - "stage": "BETA", + "stage": "GA", "title": "Certificate Manager Owner" } diff --git a/roles/certificatemanager.viewer b/roles/certificatemanager.viewer index 9af25943..903beb85 100644 --- a/roles/certificatemanager.viewer +++ b/roles/certificatemanager.viewer @@ -22,6 +22,6 @@ "resourcemanager.projects.list" ], "name": "roles/certificatemanager.viewer", - "stage": "BETA", + "stage": "GA", "title": "Certificate Manager Viewer" } diff --git a/roles/dataform.admin b/roles/dataform.admin index 638e11c1..55d19a2a 100644 --- a/roles/dataform.admin +++ b/roles/dataform.admin @@ -44,6 +44,6 @@ "resourcemanager.projects.list" ], "name": "roles/dataform.admin", - "stage": "ALPHA", + "stage": "BETA", "title": "Dataform Admin" } diff --git a/roles/dataform.editor b/roles/dataform.editor index aedbee74..4457682b 100644 --- a/roles/dataform.editor +++ b/roles/dataform.editor @@ -41,6 +41,6 @@ "resourcemanager.projects.list" ], "name": "roles/dataform.editor", - "stage": "ALPHA", + "stage": "BETA", "title": "Dataform Editor" } diff --git a/roles/dataform.viewer b/roles/dataform.viewer index c983bf37..e0125ddb 100644 --- a/roles/dataform.viewer +++ b/roles/dataform.viewer @@ -24,6 +24,6 @@ "resourcemanager.projects.list" ], "name": "roles/dataform.viewer", - "stage": "ALPHA", + "stage": "BETA", "title": "Dataform Viewer" } diff --git a/roles/gkehub.gatewayEditor b/roles/gkehub.gatewayEditor index 8ef37206..f97a13d2 100644 --- a/roles/gkehub.gatewayEditor +++ b/roles/gkehub.gatewayEditor @@ -10,6 +10,6 @@ "serviceusage.services.get" ], "name": "roles/gkehub.gatewayEditor", - "stage": "ALPHA", + "stage": "GA", "title": "Connect Gateway Editor" } diff --git a/roles/gkehub.serviceAgent b/roles/gkehub.serviceAgent index 0c8daffb..16013505 100644 --- a/roles/gkehub.serviceAgent +++ b/roles/gkehub.serviceAgent @@ -15,6 +15,7 @@ "container.clusterRoles.list", "container.clusterRoles.update", "container.clusters.get", + "container.clusters.update", "container.customResourceDefinitions.create", "container.customResourceDefinitions.delete", "container.customResourceDefinitions.get", diff --git a/roles/workloadcertificate.serviceAgent b/roles/workloadcertificate.serviceAgent index e0a07f30..97e52b44 100644 --- a/roles/workloadcertificate.serviceAgent +++ b/roles/workloadcertificate.serviceAgent @@ -12,7 +12,8 @@ "serviceconsumermanagement.tenancyu.addResource", "serviceconsumermanagement.tenancyu.create", "serviceconsumermanagement.tenancyu.delete", - "serviceconsumermanagement.tenancyu.removeResource" + "serviceconsumermanagement.tenancyu.removeResource", + "serviceusage.services.use" ], "name": "roles/workloadcertificate.serviceAgent", "stage": "GA",