Roles Data

Name Description Title Included Permissions Copy Stage
roles/cloudcontrolspartner.monitoringReader Readonly access to Cloud Controls Partner monitoring resources. Cloud Controls Partner Monitoring Reader ['cloudcontrolspartner.customers.get', 'cloudcontrolspartner.customers.list', 'cloudcontrolspartner.violations.get', 'cloudcontrolspartner.violations.list', 'cloudcontrolspartner.workloads.get', 'cloudcontrolspartner.workloads.list'] GA
roles/cloudcontrolspartner.monitoringServiceAgent Gives Cloud Controls Partner monitoring service agent permission to view and list Assured Workload violations. The role is assigned to enable partner monitoring capability. Cloud Controls Partner Monitoring Service Agent ['assuredworkloads.violations.get', 'assuredworkloads.violations.list'] GA
roles/cloudcontrolspartner.inspectabilityReader Readonly access to Cloud Controls Partner inspectability resources. Cloud Controls Partner Inspectability Reader ['cloudcontrolspartner.customers.get', 'cloudcontrolspartner.customers.list', 'cloudcontrolspartner.inspectabilityevents.get', 'cloudcontrolspartner.platformcontrols.get'] GA
roles/cloudcontrolspartner.supportCaseServiceAgent Gives the Partner Console service account access to support cases for workloads associated with a partner. Cloud Controls Partner Support Case Service Agent ['cloudsupport.techCases.get'] GA
roles/cloudcontrolspartner.accessApprovalServiceAgent Gives the Partner Console service account access to read Access Approval Requests for workloads associated with a partner. Cloud Controls Partner Access Approval Service Agent ['accessapproval.requests.get', 'accessapproval.requests.list'] GA
roles/cloudcontrolspartner.reader Readonly access to Cloud Controls Partner resources. Cloud Controls Partner Reader ['cloudcontrolspartner.accessapprovalrequests.list', 'cloudcontrolspartner.customers.get', 'cloudcontrolspartner.customers.list', 'cloudcontrolspartner.ekmconnections.get', 'cloudcontrolspartner.inspectabilityevents.get', 'cloudcontrolspartner.partnerpermissions.get', 'cloudcontrolspartner.partners.get', 'cloudcontrolspartner.platformcontrols.get', 'cloudcontrolspartner.violations.get', 'cloudcontrolspartner.violations.list', 'cloudcontrolspartner.workloads.get', 'cloudcontrolspartner.workloads.list'] GA
roles/cloudcontrolspartner.ekmServiceAgent Gives Cloud Controls Partner service agent permission to list EKM connections, get EKM connection status, and provide EKM diagnostic information. Cloud Controls Partner EKM Service Agent ['cloudkms.ekmConnections.get', 'cloudkms.ekmConnections.getIamPolicy', 'cloudkms.ekmConnections.list', 'cloudkms.ekmConnections.verifyConnectivity'] GA
roles/cloudcontrolspartner.editor Editor access to Cloud Controls Partner resources. Cloud Controls Partner Editor ['cloudcontrolspartner.accessapprovalrequests.list', 'cloudcontrolspartner.customers.create', 'cloudcontrolspartner.customers.delete', 'cloudcontrolspartner.customers.get', 'cloudcontrolspartner.customers.list', 'cloudcontrolspartner.ekmconnections.get', 'cloudcontrolspartner.inspectabilityevents.get', 'cloudcontrolspartner.partnerpermissions.get', 'cloudcontrolspartner.partners.get', 'cloudcontrolspartner.platformcontrols.get', 'cloudcontrolspartner.violations.get', 'cloudcontrolspartner.violations.list', 'cloudcontrolspartner.workloads.get', 'cloudcontrolspartner.workloads.list'] GA
roles/cloudcontrolspartner.admin Full access to Cloud Controls Partner resources. Cloud Controls Partner Admin ['cloudcontrolspartner.accessapprovalrequests.list', 'cloudcontrolspartner.customers.create', 'cloudcontrolspartner.customers.delete', 'cloudcontrolspartner.customers.get', 'cloudcontrolspartner.customers.list', 'cloudcontrolspartner.ekmconnections.get', 'cloudcontrolspartner.inspectabilityevents.get', 'cloudcontrolspartner.partnerpermissions.get', 'cloudcontrolspartner.partners.get', 'cloudcontrolspartner.platformcontrols.get', 'cloudcontrolspartner.violations.list', 'cloudcontrolspartner.workloads.list'] GA