Roles Data

Name Description Title Included Permissions Copy Stage
roles/clouddeploy.viewer Can view Cloud Deploy resources. Cloud Deploy Viewer ['clouddeploy.automationRuns.get', 'clouddeploy.automationRuns.list', 'clouddeploy.automations.get', 'clouddeploy.automations.list', 'clouddeploy.config.get', 'clouddeploy.customTargetTypes.get', 'clouddeploy.customTargetTypes.getIamPolicy', 'clouddeploy.customTargetTypes.list', 'clouddeploy.deliveryPipelines.get', 'clouddeploy.deliveryPipelines.getIamPolicy', 'clouddeploy.deliveryPipelines.list', 'clouddeploy.deliveryPipelines.listEffectiveTags', 'clouddeploy.deliveryPipelines.listTagBindings', 'clouddeploy.deployPolicies.get', 'clouddeploy.deployPolicies.list', 'clouddeploy.jobRuns.get', 'clouddeploy.jobRuns.list', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'clouddeploy.releases.get', 'clouddeploy.releases.list', 'clouddeploy.rollouts.get', 'clouddeploy.rollouts.list', 'clouddeploy.targets.get', 'clouddeploy.targets.getIamPolicy', 'clouddeploy.targets.list', 'clouddeploy.targets.listEffectiveTags', 'clouddeploy.targets.listTagBindings', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/clouddeploy.operator Permission to manage deployment configuration. Cloud Deploy Operator ['clouddeploy.automationRuns.cancel', 'clouddeploy.automationRuns.get', 'clouddeploy.automationRuns.list', 'clouddeploy.automations.create', 'clouddeploy.automations.delete', 'clouddeploy.automations.get', 'clouddeploy.automations.list', 'clouddeploy.automations.update', 'clouddeploy.config.get', 'clouddeploy.customTargetTypes.get', 'clouddeploy.customTargetTypes.getIamPolicy', 'clouddeploy.customTargetTypes.list', 'clouddeploy.deliveryPipelines.create', 'clouddeploy.deliveryPipelines.createTagBinding', 'clouddeploy.deliveryPipelines.delete', 'clouddeploy.deliveryPipelines.deleteTagBinding', 'clouddeploy.deliveryPipelines.get', 'clouddeploy.deliveryPipelines.getIamPolicy', 'clouddeploy.deliveryPipelines.list', 'clouddeploy.deliveryPipelines.listEffectiveTags', 'clouddeploy.deliveryPipelines.listTagBindings', 'clouddeploy.deliveryPipelines.update', 'clouddeploy.deployPolicies.get', 'clouddeploy.deployPolicies.list', 'clouddeploy.jobRuns.get', 'clouddeploy.jobRuns.list', 'clouddeploy.jobRuns.terminate', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'clouddeploy.releases.abandon', 'clouddeploy.releases.create', 'clouddeploy.releases.delete', 'clouddeploy.releases.get', 'clouddeploy.releases.list', 'clouddeploy.rollouts.advance', 'clouddeploy.rollouts.cancel', 'clouddeploy.rollouts.create', 'clouddeploy.rollouts.get', 'clouddeploy.rollouts.ignoreJob', 'clouddeploy.rollouts.list', 'clouddeploy.rollouts.retryJob', 'clouddeploy.rollouts.rollback', 'clouddeploy.targets.create', 'clouddeploy.targets.createTagBinding', 'clouddeploy.targets.delete', 'clouddeploy.targets.deleteTagBinding', 'clouddeploy.targets.get', 'clouddeploy.targets.getIamPolicy', 'clouddeploy.targets.list', 'clouddeploy.targets.listEffectiveTags', 'clouddeploy.targets.listTagBindings', 'clouddeploy.targets.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/clouddeploy.approver Permission to approve or reject rollouts. Cloud Deploy Approver ['clouddeploy.config.get', 'clouddeploy.jobRuns.get', 'clouddeploy.jobRuns.list', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'clouddeploy.rollouts.approve', 'clouddeploy.rollouts.get', 'clouddeploy.rollouts.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/clouddeploy.policyAdmin Permission to manage Deploy Policies. Cloud Deploy Policy Admin ['clouddeploy.deployPolicies.create', 'clouddeploy.deployPolicies.delete', 'clouddeploy.deployPolicies.get', 'clouddeploy.deployPolicies.list', 'clouddeploy.deployPolicies.override', 'clouddeploy.deployPolicies.update', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] BETA
roles/clouddeploy.serviceAgent Gives Cloud Deploy Service Account access to managed resources. Cloud Deploy Service Agent ['cloudbuild.builds.create', 'cloudbuild.builds.get', 'cloudbuild.builds.list', 'cloudbuild.builds.update', 'cloudbuild.workerpools.use', 'iam.serviceAccounts.actAs', 'iam.serviceAccounts.getAccessToken', 'logging.logEntries.create', 'pubsub.topics.get', 'pubsub.topics.publish', 'servicemanagement.services.report', 'serviceusage.services.use', 'storage.buckets.create', 'storage.buckets.get', 'storage.objects.get'] GA
roles/clouddeploy.releaser Permission to create Cloud Deploy releases and rollouts. Cloud Deploy Releaser ['clouddeploy.config.get', 'clouddeploy.customTargetTypes.get', 'clouddeploy.deliveryPipelines.get', 'clouddeploy.jobRuns.get', 'clouddeploy.jobRuns.list', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'clouddeploy.releases.create', 'clouddeploy.releases.get', 'clouddeploy.releases.list', 'clouddeploy.rollouts.advance', 'clouddeploy.rollouts.cancel', 'clouddeploy.rollouts.create', 'clouddeploy.rollouts.get', 'clouddeploy.rollouts.list', 'clouddeploy.rollouts.rollback', 'clouddeploy.targets.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/clouddeploy.policyOverrider Permission to override Deploy Policies. Cloud Deploy Policy Overrider ['clouddeploy.deployPolicies.get', 'clouddeploy.deployPolicies.list', 'clouddeploy.deployPolicies.override', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] BETA
roles/clouddeploy.customTargetTypeAdmin Permission to manage CustomTargetType resources Cloud Deploy Custom Target Type Admin ['clouddeploy.config.get', 'clouddeploy.customTargetTypes.create', 'clouddeploy.customTargetTypes.delete', 'clouddeploy.customTargetTypes.get', 'clouddeploy.customTargetTypes.getIamPolicy', 'clouddeploy.customTargetTypes.list', 'clouddeploy.customTargetTypes.setIamPolicy', 'clouddeploy.customTargetTypes.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/clouddeploy.jobRunner Permission to execute Cloud Deploy work without permission to deliver to a target. Cloud Deploy Runner ['clouddeploy.config.get', 'logging.logEntries.create', 'storage.objects.create', 'storage.objects.get', 'storage.objects.list'] GA
roles/clouddeploy.developer Permission to manage deployment configuration without permission to access operational resources, such as targets. Cloud Deploy Developer ['clouddeploy.automationRuns.get', 'clouddeploy.automationRuns.list', 'clouddeploy.automations.get', 'clouddeploy.automations.list', 'clouddeploy.config.get', 'clouddeploy.deliveryPipelines.create', 'clouddeploy.deliveryPipelines.createTagBinding', 'clouddeploy.deliveryPipelines.delete', 'clouddeploy.deliveryPipelines.deleteTagBinding', 'clouddeploy.deliveryPipelines.get', 'clouddeploy.deliveryPipelines.getIamPolicy', 'clouddeploy.deliveryPipelines.list', 'clouddeploy.deliveryPipelines.listEffectiveTags', 'clouddeploy.deliveryPipelines.listTagBindings', 'clouddeploy.deliveryPipelines.update', 'clouddeploy.deployPolicies.get', 'clouddeploy.deployPolicies.list', 'clouddeploy.jobRuns.get', 'clouddeploy.jobRuns.list', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'clouddeploy.releases.abandon', 'clouddeploy.releases.create', 'clouddeploy.releases.delete', 'clouddeploy.releases.get', 'clouddeploy.releases.list', 'clouddeploy.rollouts.get', 'clouddeploy.rollouts.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/clouddeploymentmanager.serviceAgent Allows Deployment Manager service to actuate resources across DM projects and folders Cloud Deployment Manager Service Agent ['accesscontextmanager.accessLevels.create', 'accesscontextmanager.accessLevels.delete', 'accesscontextmanager.accessLevels.get', 'accesscontextmanager.accessLevels.update', 'accesscontextmanager.policies.list', 'accesscontextmanager.servicePerimeters.create', 'accesscontextmanager.servicePerimeters.delete', 'accesscontextmanager.servicePerimeters.get', 'accesscontextmanager.servicePerimeters.update', 'appengine.applications.get', 'appengine.operations.get', 'appengine.services.update', 'appengine.versions.create', 'appengine.versions.delete', 'appengine.versions.get', 'appengine.versions.list', 'artifactregistry.repositories.create', 'artifactregistry.repositories.delete', 'artifactregistry.repositories.get', 'artifactregistry.repositories.update', 'bigquery.connections.get', 'bigquery.datasets.create', 'bigquery.datasets.delete', 'bigquery.datasets.get', 'bigquery.datasets.getIamPolicy', 'bigquery.datasets.update', 'bigquery.jobs.create', 'bigquery.routines.create', 'bigquery.routines.get', 'bigquery.routines.update', 'bigquery.tables.create', 'bigquery.tables.delete', 'bigquery.tables.get', 'bigquery.tables.getData', 'bigquery.tables.setCategory', 'bigquery.tables.update', 'bigquery.tables.updateData', 'bigtable.instances.create', 'bigtable.instances.delete', 'bigtable.instances.get', 'bigtable.instances.update', 'bigtable.tables.create', 'bigtable.tables.delete', 'bigtable.tables.get', 'bigtable.tables.update', 'billing.resourceAssociations.create', 'billing.resourcebudgets.write', 'cloudbuild.builds.create', 'cloudbuild.builds.get', 'cloudfunctions.functions.call', 'cloudfunctions.functions.create', 'cloudfunctions.functions.delete', 'cloudfunctions.functions.get', 'cloudfunctions.functions.getIamPolicy', 'cloudfunctions.functions.list', 'cloudfunctions.functions.update', 'cloudfunctions.operations.get', 'cloudprivatecatalog.targets.get', 'cloudscheduler.jobs.create', 'cloudscheduler.jobs.delete', 'cloudscheduler.jobs.get', 'cloudscheduler.jobs.update', 'cloudsql.backupRuns.create', 'cloudsql.databases.create', 'cloudsql.databases.delete', 'cloudsql.databases.get', 'cloudsql.databases.list', 'cloudsql.databases.update', 'cloudsql.instances.create', 'cloudsql.instances.delete', 'cloudsql.instances.get', 'cloudsql.instances.import', 'cloudsql.instances.restart', 'cloudsql.instances.update', 'cloudsql.sslCerts.create', 'cloudsql.sslCerts.delete', 'cloudsql.sslCerts.get', 'cloudsql.users.create', 'cloudsql.users.delete', 'cloudtasks.queues.create', 'cloudtasks.queues.delete', 'cloudtasks.queues.get', 'compute.addresses.create', 'compute.addresses.createInternal', 'compute.addresses.delete', 'compute.addresses.deleteInternal', 'compute.addresses.get', 'compute.addresses.list', 'compute.addresses.setLabels', 'compute.addresses.use', 'compute.addresses.useInternal', 'compute.autoscalers.create', 'compute.autoscalers.delete', 'compute.autoscalers.get', 'compute.autoscalers.update', 'compute.backendBuckets.create', 'compute.backendBuckets.delete', 'compute.backendBuckets.get', 'compute.backendBuckets.update', 'compute.backendBuckets.use', 'compute.backendServices.create', 'compute.backendServices.delete', 'compute.backendServices.get', 'compute.backendServices.setSecurityPolicy', 'compute.backendServices.update', 'compute.backendServices.use', 'compute.disks.addResourcePolicies', 'compute.disks.create', 'compute.disks.delete', 'compute.disks.get', 'compute.disks.removeResourcePolicies', 'compute.disks.resize', 'compute.disks.setLabels', 'compute.disks.update', 'compute.disks.use', 'compute.disks.useReadOnly', 'compute.externalVpnGateways.create', 'compute.externalVpnGateways.delete', 'compute.externalVpnGateways.get', 'compute.externalVpnGateways.setLabels', 'compute.externalVpnGateways.use', 'compute.firewallPolicies.create', 'compute.firewallPolicies.delete', 'compute.firewallPolicies.get', 'compute.firewalls.create', 'compute.firewalls.delete', 'compute.firewalls.get', 'compute.firewalls.list', 'compute.firewalls.update', 'compute.forwardingRules.create', 'compute.forwardingRules.delete', 'compute.forwardingRules.get', 'compute.forwardingRules.pscCreate', 'compute.forwardingRules.pscSetLabels', 'compute.forwardingRules.setLabels', 'compute.forwardingRules.setTarget', 'compute.forwardingRules.update', 'compute.forwardingRules.use', 'compute.globalAddresses.create', 'compute.globalAddresses.createInternal', 'compute.globalAddresses.delete', 'compute.globalAddresses.deleteInternal', 'compute.globalAddresses.get', 'compute.globalAddresses.setLabels', 'compute.globalAddresses.use', 'compute.globalForwardingRules.create', 'compute.globalForwardingRules.delete', 'compute.globalForwardingRules.get', 'compute.globalForwardingRules.pscCreate', 'compute.globalForwardingRules.pscDelete', 'compute.globalForwardingRules.pscSetLabels', 'compute.globalForwardingRules.setLabels', 'compute.globalNetworkEndpointGroups.attachNetworkEndpoints', 'compute.globalNetworkEndpointGroups.create', 'compute.globalNetworkEndpointGroups.delete', 'compute.globalNetworkEndpointGroups.get', 'compute.globalNetworkEndpointGroups.use', 'compute.globalOperations.get', 'compute.healthChecks.create', 'compute.healthChecks.delete', 'compute.healthChecks.get', 'compute.healthChecks.update', 'compute.healthChecks.use', 'compute.healthChecks.useReadOnly', 'compute.httpHealthChecks.create', 'compute.httpHealthChecks.delete', 'compute.httpHealthChecks.get', 'compute.httpHealthChecks.update', 'compute.httpHealthChecks.use', 'compute.httpHealthChecks.useReadOnly', 'compute.httpsHealthChecks.create', 'compute.httpsHealthChecks.delete', 'compute.httpsHealthChecks.get', 'compute.httpsHealthChecks.update', 'compute.httpsHealthChecks.use', 'compute.httpsHealthChecks.useReadOnly', 'compute.images.create', 'compute.images.delete', 'compute.images.deprecate', 'compute.images.get', 'compute.images.setLabels', 'compute.images.useReadOnly', 'compute.instanceGroupManagers.create', 'compute.instanceGroupManagers.delete', 'compute.instanceGroupManagers.get', 'compute.instanceGroupManagers.update', 'compute.instanceGroupManagers.use', 'compute.instanceGroups.create', 'compute.instanceGroups.delete', 'compute.instanceGroups.get', 'compute.instanceGroups.update', 'compute.instanceGroups.use', 'compute.instanceTemplates.create', 'compute.instanceTemplates.delete', 'compute.instanceTemplates.get', 'compute.instanceTemplates.useReadOnly', 'compute.instances.addAccessConfig', 'compute.instances.create', 'compute.instances.delete', 'compute.instances.deleteAccessConfig', 'compute.instances.get', 'compute.instances.listTagBindings', 'compute.instances.resume', 'compute.instances.setDeletionProtection', 'compute.instances.setDiskAutoDelete', 'compute.instances.setLabels', 'compute.instances.setMetadata', 'compute.instances.setServiceAccount', 'compute.instances.setTags', 'compute.instances.start', 'compute.instances.stop', 'compute.instances.suspend', 'compute.instances.update', 'compute.instances.updateDisplayDevice', 'compute.instances.use', 'compute.interconnectAttachments.create', 'compute.interconnectAttachments.delete', 'compute.interconnectAttachments.get', 'compute.interconnectAttachments.setLabels', 'compute.interconnectAttachments.update', 'compute.interconnects.create', 'compute.interconnects.delete', 'compute.interconnects.get', 'compute.interconnects.setLabels', 'compute.interconnects.use', 'compute.machineImages.useReadOnly', 'compute.machineTypes.get', 'compute.networkEndpointGroups.attachNetworkEndpoints', 'compute.networkEndpointGroups.create', 'compute.networkEndpointGroups.delete', 'compute.networkEndpointGroups.get', 'compute.networkEndpointGroups.use', 'compute.networks.addPeering', 'compute.networks.create', 'compute.networks.delete', 'compute.networks.get', 'compute.networks.listPeeringRoutes', 'compute.networks.removePeering', 'compute.networks.switchToCustomMode', 'compute.networks.update', 'compute.networks.updatePolicy', 'compute.networks.use', 'compute.networks.useExternalIp', 'compute.organizations.disableXpnResource', 'compute.organizations.enableXpnHost', 'compute.organizations.enableXpnResource', 'compute.packetMirrorings.create', 'compute.packetMirrorings.delete', 'compute.packetMirrorings.get', 'compute.projects.get', 'compute.projects.setUsageExportBucket', 'compute.regionBackendServices.create', 'compute.regionBackendServices.delete', 'compute.regionBackendServices.get', 'compute.regionBackendServices.update', 'compute.regionBackendServices.use', 'compute.regionHealthChecks.create', 'compute.regionHealthChecks.delete', 'compute.regionHealthChecks.get', 'compute.regionHealthChecks.update', 'compute.regionHealthChecks.use', 'compute.regionHealthChecks.useReadOnly', 'compute.regionNetworkEndpointGroups.create', 'compute.regionNetworkEndpointGroups.delete', 'compute.regionNetworkEndpointGroups.get', 'compute.regionNetworkEndpointGroups.use', 'compute.regionOperations.get', 'compute.regionSslCertificates.create', 'compute.regionSslCertificates.delete', 'compute.regionSslCertificates.get', 'compute.regionTargetHttpProxies.create', 'compute.regionTargetHttpProxies.delete', 'compute.regionTargetHttpProxies.get', 'compute.regionTargetHttpProxies.use', 'compute.regionTargetHttpsProxies.create', 'compute.regionTargetHttpsProxies.delete', 'compute.regionTargetHttpsProxies.get', 'compute.regionTargetHttpsProxies.use', 'compute.regionUrlMaps.create', 'compute.regionUrlMaps.delete', 'compute.regionUrlMaps.get', 'compute.regionUrlMaps.use', 'compute.regions.get', 'compute.reservations.list', 'compute.resourcePolicies.create', 'compute.resourcePolicies.delete', 'compute.resourcePolicies.get', 'compute.resourcePolicies.use', 'compute.routers.create', 'compute.routers.delete', 'compute.routers.get', 'compute.routers.update', 'compute.routers.use', 'compute.routes.create', 'compute.routes.delete', 'compute.routes.get', 'compute.securityPolicies.create', 'compute.securityPolicies.delete', 'compute.securityPolicies.get', 'compute.securityPolicies.setLabels', 'compute.securityPolicies.update', 'compute.securityPolicies.use', 'compute.serviceAttachments.create', 'compute.serviceAttachments.get', 'compute.snapshots.useReadOnly', 'compute.sslCertificates.create', 'compute.sslCertificates.delete', 'compute.sslCertificates.get', 'compute.sslPolicies.create', 'compute.sslPolicies.delete', 'compute.sslPolicies.get', 'compute.sslPolicies.use', 'compute.subnetworks.create', 'compute.subnetworks.delete', 'compute.subnetworks.expandIpCidrRange', 'compute.subnetworks.get', 'compute.subnetworks.list', 'compute.subnetworks.mirror', 'compute.subnetworks.update', 'compute.subnetworks.use', 'compute.subnetworks.useExternalIp', 'compute.targetHttpProxies.create', 'compute.targetHttpProxies.delete', 'compute.targetHttpProxies.get', 'compute.targetHttpProxies.use', 'compute.targetHttpsProxies.create', 'compute.targetHttpsProxies.delete', 'compute.targetHttpsProxies.get', 'compute.targetHttpsProxies.setSslCertificates', 'compute.targetHttpsProxies.setSslPolicy', 'compute.targetHttpsProxies.use', 'compute.targetInstances.create', 'compute.targetInstances.delete', 'compute.targetInstances.get', 'compute.targetInstances.use', 'compute.targetPools.addHealthCheck', 'compute.targetPools.addInstance', 'compute.targetPools.create', 'compute.targetPools.delete', 'compute.targetPools.get', 'compute.targetPools.removeHealthCheck', 'compute.targetPools.removeInstance', 'compute.targetPools.use', 'compute.targetSslProxies.create', 'compute.targetSslProxies.delete', 'compute.targetSslProxies.get', 'compute.targetSslProxies.setSslCertificates', 'compute.targetSslProxies.use', 'compute.targetTcpProxies.create', 'compute.targetTcpProxies.delete', 'compute.targetTcpProxies.get', 'compute.targetTcpProxies.use', 'compute.targetVpnGateways.create', 'compute.targetVpnGateways.delete', 'compute.targetVpnGateways.get', 'compute.targetVpnGateways.setLabels', 'compute.targetVpnGateways.use', 'compute.urlMaps.create', 'compute.urlMaps.delete', 'compute.urlMaps.get', 'compute.urlMaps.update', 'compute.urlMaps.use', 'compute.vpnGateways.create', 'compute.vpnGateways.delete', 'compute.vpnGateways.get', 'compute.vpnGateways.setLabels', 'compute.vpnGateways.use', 'compute.vpnTunnels.create', 'compute.vpnTunnels.delete', 'compute.vpnTunnels.get', 'compute.vpnTunnels.setLabels', 'compute.zoneOperations.get', 'compute.zoneOperations.list', 'compute.zones.get', 'container.backendConfigs.create', 'container.backendConfigs.delete', 'container.backendConfigs.get', 'container.clusterRoleBindings.create', 'container.clusterRoleBindings.delete', 'container.clusterRoleBindings.get', 'container.clusterRoles.bind', 'container.clusterRoles.create', 'container.clusterRoles.delete', 'container.clusterRoles.escalate', 'container.clusterRoles.get', 'container.clusters.create', 'container.clusters.delete', 'container.clusters.get', 'container.clusters.getCredentials', 'container.clusters.update', 'container.configMaps.create', 'container.configMaps.delete', 'container.configMaps.get', 'container.configMaps.update', 'container.cronJobs.create', 'container.cronJobs.delete', 'container.cronJobs.get', 'container.cronJobs.update', 'container.daemonSets.create', 'container.daemonSets.delete', 'container.daemonSets.get', 'container.daemonSets.update', 'container.deployments.create', 'container.deployments.delete', 'container.deployments.get', 'container.deployments.update', 'container.frontendConfigs.create', 'container.frontendConfigs.delete', 'container.frontendConfigs.get', 'container.horizontalPodAutoscalers.create', 'container.horizontalPodAutoscalers.delete', 'container.horizontalPodAutoscalers.get', 'container.ingresses.create', 'container.ingresses.delete', 'container.ingresses.get', 'container.jobs.create', 'container.jobs.delete', 'container.jobs.get', 'container.managedCertificates.create', 'container.managedCertificates.delete', 'container.managedCertificates.get', 'container.mutatingWebhookConfigurations.delete', 'container.mutatingWebhookConfigurations.get', 'container.namespaces.create', 'container.namespaces.delete', 'container.namespaces.get', 'container.networkPolicies.create', 'container.networkPolicies.delete', 'container.networkPolicies.get', 'container.operations.get', 'container.podDisruptionBudgets.create', 'container.podDisruptionBudgets.delete', 'container.podDisruptionBudgets.get', 'container.podSecurityPolicies.delete', 'container.podSecurityPolicies.get', 'container.priorityClasses.create', 'container.priorityClasses.delete', 'container.priorityClasses.get', 'container.replicationControllers.create', 'container.replicationControllers.delete', 'container.replicationControllers.get', 'container.roleBindings.create', 'container.roleBindings.delete', 'container.roleBindings.get', 'container.roles.bind', 'container.roles.create', 'container.roles.delete', 'container.roles.escalate', 'container.roles.get', 'container.roles.update', 'container.secrets.create', 'container.secrets.delete', 'container.secrets.get', 'container.secrets.update', 'container.serviceAccounts.create', 'container.serviceAccounts.delete', 'container.serviceAccounts.get', 'container.serviceAccounts.update', 'container.services.create', 'container.services.delete', 'container.services.get', 'container.statefulSets.create', 'container.statefulSets.delete', 'container.statefulSets.get', 'container.statefulSets.update', 'container.storageClasses.create', 'container.storageClasses.delete', 'container.storageClasses.get', 'container.thirdPartyObjects.create', 'container.thirdPartyObjects.delete', 'container.thirdPartyObjects.get', 'container.thirdPartyObjects.update', 'container.validatingWebhookConfigurations.delete', 'container.validatingWebhookConfigurations.get', 'datacatalog.taxonomies.get', 'dataproc.autoscalingPolicies.create', 'dataproc.autoscalingPolicies.delete', 'dataproc.autoscalingPolicies.get', 'dataproc.autoscalingPolicies.use', 'dataproc.clusters.create', 'dataproc.clusters.delete', 'dataproc.clusters.get', 'dataproc.nodeGroups.create', 'dataproc.operations.get', 'dataproc.workflowTemplates.create', 'dataproc.workflowTemplates.delete', 'dataproc.workflowTemplates.get', 'deploymentmanager.compositeTypes.get', 'deploymentmanager.deployments.create', 'deploymentmanager.deployments.delete', 'deploymentmanager.deployments.get', 'deploymentmanager.deployments.update', 'deploymentmanager.operations.get', 'deploymentmanager.typeProviders.create', 'deploymentmanager.typeProviders.delete', 'deploymentmanager.typeProviders.get', 'deploymentmanager.typeProviders.update', 'dns.changes.create', 'dns.changes.get', 'dns.changes.list', 'dns.managedZones.create', 'dns.managedZones.delete', 'dns.managedZones.get', 'dns.managedZones.list', 'dns.managedZones.update', 'dns.networks.bindPrivateDNSZone', 'dns.networks.targetWithPeeringZone', 'dns.policies.delete', 'dns.policies.get', 'dns.resourceRecordSets.create', 'dns.resourceRecordSets.delete', 'dns.resourceRecordSets.list', 'dns.resourceRecordSets.update', 'file.instances.create', 'file.instances.delete', 'file.instances.get', 'file.instances.update', 'file.operations.get', 'firebase.projects.get', 'firebase.projects.update', 'firebaseanalytics.resources.googleAnalyticsEdit', 'iam.roles.create', 'iam.roles.delete', 'iam.roles.get', 'iam.roles.list', 'iam.roles.update', 'iam.serviceAccountKeys.delete', 'iam.serviceAccountKeys.get', 'iam.serviceAccounts.actAs', 'iam.serviceAccounts.create', 'iam.serviceAccounts.delete', 'iam.serviceAccounts.get', 'iam.serviceAccounts.list', 'iam.serviceAccounts.update', 'logging.buckets.update', 'logging.exclusions.create', 'logging.exclusions.delete', 'logging.exclusions.get', 'logging.exclusions.update', 'logging.logEntries.create', 'logging.logMetrics.create', 'logging.logMetrics.delete', 'logging.logMetrics.get', 'logging.logMetrics.update', 'logging.notificationRules.create', 'logging.sinks.create', 'logging.sinks.delete', 'logging.sinks.get', 'logging.sinks.update', 'monitoring.alertPolicies.create', 'monitoring.alertPolicies.delete', 'monitoring.alertPolicies.get', 'monitoring.alertPolicies.list', 'monitoring.alertPolicies.update', 'monitoring.dashboards.create', 'monitoring.dashboards.delete', 'monitoring.dashboards.get', 'monitoring.dashboards.update', 'monitoring.groups.create', 'monitoring.groups.delete', 'monitoring.groups.get', 'monitoring.groups.update', 'monitoring.metricDescriptors.create', 'monitoring.metricDescriptors.delete', 'monitoring.metricDescriptors.get', 'monitoring.notificationChannels.create', 'monitoring.notificationChannels.delete', 'monitoring.notificationChannels.get', 'monitoring.notificationChannels.update', 'monitoring.uptimeCheckConfigs.create', 'monitoring.uptimeCheckConfigs.delete', 'monitoring.uptimeCheckConfigs.get', 'monitoring.uptimeCheckConfigs.update', 'networksecurity.serverTlsPolicies.use', 'pubsub.schemas.attach', 'pubsub.subscriptions.create', 'pubsub.subscriptions.delete', 'pubsub.subscriptions.get', 'pubsub.subscriptions.update', 'pubsub.topics.attachSubscription', 'pubsub.topics.create', 'pubsub.topics.delete', 'pubsub.topics.get', 'pubsub.topics.getIamPolicy', 'pubsub.topics.publish', 'pubsub.topics.update', 'redis.instances.create', 'redis.instances.delete', 'redis.instances.get', 'redis.instances.update', 'redis.instances.updateAuth', 'redis.operations.get', 'resourcemanager.folders.create', 'resourcemanager.folders.delete', 'resourcemanager.folders.get', 'resourcemanager.folders.getIamPolicy', 'resourcemanager.folders.list', 'resourcemanager.folders.update', 'resourcemanager.organizations.getIamPolicy', 'resourcemanager.projects.create', 'resourcemanager.projects.createBillingAssignment', 'resourcemanager.projects.delete', 'resourcemanager.projects.deleteBillingAssignment', 'resourcemanager.projects.get', 'resourcemanager.projects.getIamPolicy', 'resourcemanager.projects.list', 'resourcemanager.projects.move', 'resourcemanager.projects.update', 'resourcemanager.projects.updateLiens', 'resourcemanager.tagHolds.create', 'resourcemanager.tagHolds.delete', 'resourcemanager.tagValueBindings.create', 'resourcemanager.tagValueBindings.delete', 'resourcemanager.tagValues.get', 'runtimeconfig.configs.create', 'runtimeconfig.configs.delete', 'runtimeconfig.configs.get', 'runtimeconfig.configs.list', 'runtimeconfig.configs.update', 'runtimeconfig.variables.create', 'runtimeconfig.variables.delete', 'runtimeconfig.variables.get', 'runtimeconfig.variables.list', 'runtimeconfig.variables.update', 'runtimeconfig.waiters.create', 'runtimeconfig.waiters.delete', 'runtimeconfig.waiters.get', 'runtimeconfig.waiters.list', 'servicedirectory.namespaces.associatePrivateZone', 'servicedirectory.namespaces.create', 'servicedirectory.namespaces.delete', 'servicedirectory.services.create', 'servicemanagement.services.bind', 'servicenetworking.operations.get', 'servicenetworking.services.addPeering', 'servicenetworking.services.get', 'serviceusage.services.disable', 'serviceusage.services.enable', 'serviceusage.services.get', 'serviceusage.services.use', 'source.repos.create', 'spanner.databaseOperations.get', 'spanner.databases.create', 'spanner.databases.drop', 'spanner.databases.get', 'spanner.databases.updateDdl', 'spanner.instanceOperations.get', 'spanner.instances.create', 'spanner.instances.delete', 'spanner.instances.get', 'spanner.instances.update', 'storage.buckets.create', 'storage.buckets.delete', 'storage.buckets.get', 'storage.buckets.getIamPolicy', 'storage.buckets.update', 'storage.hmacKeys.create', 'storage.objects.create', 'storage.objects.delete', 'storage.objects.get', 'storage.objects.getIamPolicy', 'storage.objects.list', 'vpcaccess.connectors.create', 'vpcaccess.connectors.delete', 'vpcaccess.operations.get', 'workflows.operations.get', 'workflows.workflows.create', 'workflows.workflows.delete', 'workflows.workflows.get'] GA
roles/clouddeploy.admin Full control of Cloud Deploy resources. Cloud Deploy Admin ['clouddeploy.automationRuns.cancel', 'clouddeploy.automationRuns.get', 'clouddeploy.automationRuns.list', 'clouddeploy.automations.create', 'clouddeploy.automations.delete', 'clouddeploy.automations.get', 'clouddeploy.automations.list', 'clouddeploy.automations.update', 'clouddeploy.config.get', 'clouddeploy.customTargetTypes.create', 'clouddeploy.customTargetTypes.delete', 'clouddeploy.customTargetTypes.get', 'clouddeploy.customTargetTypes.getIamPolicy', 'clouddeploy.customTargetTypes.list', 'clouddeploy.customTargetTypes.setIamPolicy', 'clouddeploy.customTargetTypes.update', 'clouddeploy.deliveryPipelines.create', 'clouddeploy.deliveryPipelines.createTagBinding', 'clouddeploy.deliveryPipelines.delete', 'clouddeploy.deliveryPipelines.deleteTagBinding', 'clouddeploy.deliveryPipelines.get', 'clouddeploy.deliveryPipelines.getIamPolicy', 'clouddeploy.deliveryPipelines.list', 'clouddeploy.deliveryPipelines.listEffectiveTags', 'clouddeploy.deliveryPipelines.listTagBindings', 'clouddeploy.deliveryPipelines.setIamPolicy', 'clouddeploy.deliveryPipelines.update', 'clouddeploy.deployPolicies.create', 'clouddeploy.deployPolicies.delete', 'clouddeploy.deployPolicies.get', 'clouddeploy.deployPolicies.list', 'clouddeploy.deployPolicies.override', 'clouddeploy.deployPolicies.update', 'clouddeploy.jobRuns.get', 'clouddeploy.jobRuns.list', 'clouddeploy.jobRuns.terminate', 'clouddeploy.locations.get', 'clouddeploy.locations.list', 'clouddeploy.operations.cancel', 'clouddeploy.operations.delete', 'clouddeploy.operations.get', 'clouddeploy.operations.list', 'clouddeploy.releases.abandon', 'clouddeploy.releases.create', 'clouddeploy.releases.delete', 'clouddeploy.releases.get', 'clouddeploy.releases.list', 'clouddeploy.rollouts.advance', 'clouddeploy.rollouts.approve', 'clouddeploy.rollouts.cancel', 'clouddeploy.rollouts.create', 'clouddeploy.rollouts.get', 'clouddeploy.rollouts.ignoreJob', 'clouddeploy.rollouts.list', 'clouddeploy.rollouts.retryJob', 'clouddeploy.rollouts.rollback', 'clouddeploy.targets.create', 'clouddeploy.targets.createTagBinding', 'clouddeploy.targets.delete', 'clouddeploy.targets.deleteTagBinding', 'clouddeploy.targets.get', 'clouddeploy.targets.getIamPolicy', 'clouddeploy.targets.list', 'clouddeploy.targets.listEffectiveTags', 'clouddeploy.targets.listTagBindings', 'clouddeploy.targets.setIamPolicy', 'clouddeploy.targets.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA