roles/dataform.codeOwner
Full access to code resources.
Code Owner
['dataform.locations.get', 'dataform.locations.list', 'dataform.repositories.commit', 'dataform.repositories.computeAccessTokenStatus', 'dataform.repositories.create', 'dataform.repositories.delete', 'dataform.repositories.fetchHistory', 'dataform.repositories.fetchRemoteBranches', 'dataform.repositories.get', 'dataform.repositories.getIamPolicy', 'dataform.repositories.list', 'dataform.repositories.queryDirectoryContents', 'dataform.repositories.readFile', 'dataform.repositories.setIamPolicy', 'dataform.repositories.update', 'dataform.workspaces.commit', 'dataform.workspaces.create', 'dataform.workspaces.delete', 'dataform.workspaces.fetchFileDiff', 'dataform.workspaces.fetchFileGitStatuses', 'dataform.workspaces.fetchGitAheadBehind', 'dataform.workspaces.get', 'dataform.workspaces.getIamPolicy', 'dataform.workspaces.installNpmPackages', 'dataform.workspaces.list', 'dataform.workspaces.makeDirectory', 'dataform.workspaces.moveDirectory', 'dataform.workspaces.moveFile', 'dataform.workspaces.pull', 'dataform.workspaces.push', 'dataform.workspaces.queryDirectoryContents', 'dataform.workspaces.readFile', 'dataform.workspaces.removeDirectory', 'dataform.workspaces.removeFile', 'dataform.workspaces.reset', 'dataform.workspaces.searchFiles', 'dataform.workspaces.setIamPolicy', 'dataform.workspaces.writeFile', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.editor
Edit access to Workspaces and Read-only access to Repositories.
Dataform Editor
['dataform.compilationResults.create', 'dataform.compilationResults.get', 'dataform.compilationResults.list', 'dataform.compilationResults.query', 'dataform.config.get', 'dataform.locations.get', 'dataform.locations.list', 'dataform.releaseConfigs.get', 'dataform.releaseConfigs.list', 'dataform.repositories.computeAccessTokenStatus', 'dataform.repositories.fetchHistory', 'dataform.repositories.fetchRemoteBranches', 'dataform.repositories.get', 'dataform.repositories.getIamPolicy', 'dataform.repositories.list', 'dataform.repositories.queryDirectoryContents', 'dataform.repositories.readFile', 'dataform.workflowConfigs.get', 'dataform.workflowConfigs.list', 'dataform.workflowInvocations.cancel', 'dataform.workflowInvocations.create', 'dataform.workflowInvocations.delete', 'dataform.workflowInvocations.get', 'dataform.workflowInvocations.list', 'dataform.workflowInvocations.query', 'dataform.workspaces.commit', 'dataform.workspaces.create', 'dataform.workspaces.delete', 'dataform.workspaces.fetchFileDiff', 'dataform.workspaces.fetchFileGitStatuses', 'dataform.workspaces.fetchGitAheadBehind', 'dataform.workspaces.get', 'dataform.workspaces.getIamPolicy', 'dataform.workspaces.installNpmPackages', 'dataform.workspaces.list', 'dataform.workspaces.makeDirectory', 'dataform.workspaces.moveDirectory', 'dataform.workspaces.moveFile', 'dataform.workspaces.pull', 'dataform.workspaces.push', 'dataform.workspaces.queryDirectoryContents', 'dataform.workspaces.readFile', 'dataform.workspaces.removeDirectory', 'dataform.workspaces.removeFile', 'dataform.workspaces.reset', 'dataform.workspaces.searchFiles', 'dataform.workspaces.writeFile', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.viewer
Read-only access to all Dataform resources.
Dataform Viewer
['dataform.compilationResults.get', 'dataform.compilationResults.list', 'dataform.compilationResults.query', 'dataform.config.get', 'dataform.locations.get', 'dataform.locations.list', 'dataform.releaseConfigs.get', 'dataform.releaseConfigs.list', 'dataform.repositories.computeAccessTokenStatus', 'dataform.repositories.fetchHistory', 'dataform.repositories.fetchRemoteBranches', 'dataform.repositories.get', 'dataform.repositories.getIamPolicy', 'dataform.repositories.list', 'dataform.repositories.queryDirectoryContents', 'dataform.repositories.readFile', 'dataform.workflowConfigs.get', 'dataform.workflowConfigs.list', 'dataform.workflowInvocations.get', 'dataform.workflowInvocations.list', 'dataform.workflowInvocations.query', 'dataform.workspaces.fetchFileDiff', 'dataform.workspaces.fetchFileGitStatuses', 'dataform.workspaces.fetchGitAheadBehind', 'dataform.workspaces.get', 'dataform.workspaces.getIamPolicy', 'dataform.workspaces.list', 'dataform.workspaces.queryDirectoryContents', 'dataform.workspaces.readFile', 'dataform.workspaces.searchFiles', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.codeCreator
Access only to private and shared code resources. The permissions in the Code Creator let you create and list code in Dataform, and access only the code that you created and code that was explicitly shared with you.
Code Creator
['dataform.locations.get', 'dataform.locations.list', 'dataform.repositories.create', 'dataform.repositories.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.codeEditor
Edit access code resources.
Code Editor
['dataform.locations.get', 'dataform.locations.list', 'dataform.repositories.commit', 'dataform.repositories.computeAccessTokenStatus', 'dataform.repositories.create', 'dataform.repositories.fetchHistory', 'dataform.repositories.fetchRemoteBranches', 'dataform.repositories.get', 'dataform.repositories.getIamPolicy', 'dataform.repositories.list', 'dataform.repositories.queryDirectoryContents', 'dataform.repositories.readFile', 'dataform.workspaces.commit', 'dataform.workspaces.create', 'dataform.workspaces.delete', 'dataform.workspaces.fetchFileDiff', 'dataform.workspaces.fetchFileGitStatuses', 'dataform.workspaces.fetchGitAheadBehind', 'dataform.workspaces.get', 'dataform.workspaces.getIamPolicy', 'dataform.workspaces.installNpmPackages', 'dataform.workspaces.list', 'dataform.workspaces.makeDirectory', 'dataform.workspaces.moveDirectory', 'dataform.workspaces.moveFile', 'dataform.workspaces.pull', 'dataform.workspaces.push', 'dataform.workspaces.queryDirectoryContents', 'dataform.workspaces.readFile', 'dataform.workspaces.removeDirectory', 'dataform.workspaces.removeFile', 'dataform.workspaces.reset', 'dataform.workspaces.searchFiles', 'dataform.workspaces.writeFile', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.codeViewer
Read-only access to all code resources.
Code Viewer
['dataform.locations.get', 'dataform.locations.list', 'dataform.repositories.computeAccessTokenStatus', 'dataform.repositories.fetchHistory', 'dataform.repositories.fetchRemoteBranches', 'dataform.repositories.get', 'dataform.repositories.getIamPolicy', 'dataform.repositories.list', 'dataform.repositories.queryDirectoryContents', 'dataform.repositories.readFile', 'dataform.workspaces.fetchFileDiff', 'dataform.workspaces.fetchFileGitStatuses', 'dataform.workspaces.fetchGitAheadBehind', 'dataform.workspaces.get', 'dataform.workspaces.getIamPolicy', 'dataform.workspaces.list', 'dataform.workspaces.queryDirectoryContents', 'dataform.workspaces.readFile', 'dataform.workspaces.searchFiles', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.admin
Full access to all Dataform resources.
Dataform Admin
['dataform.compilationResults.create', 'dataform.compilationResults.get', 'dataform.compilationResults.list', 'dataform.compilationResults.query', 'dataform.config.get', 'dataform.config.update', 'dataform.locations.get', 'dataform.locations.list', 'dataform.releaseConfigs.create', 'dataform.releaseConfigs.delete', 'dataform.releaseConfigs.get', 'dataform.releaseConfigs.list', 'dataform.releaseConfigs.update', 'dataform.repositories.commit', 'dataform.repositories.computeAccessTokenStatus', 'dataform.repositories.create', 'dataform.repositories.delete', 'dataform.repositories.fetchHistory', 'dataform.repositories.fetchRemoteBranches', 'dataform.repositories.get', 'dataform.repositories.getIamPolicy', 'dataform.repositories.list', 'dataform.repositories.queryDirectoryContents', 'dataform.repositories.readFile', 'dataform.repositories.setIamPolicy', 'dataform.repositories.update', 'dataform.workflowConfigs.create', 'dataform.workflowConfigs.delete', 'dataform.workflowConfigs.get', 'dataform.workflowConfigs.list', 'dataform.workflowConfigs.update', 'dataform.workflowInvocations.cancel', 'dataform.workflowInvocations.create', 'dataform.workflowInvocations.delete', 'dataform.workflowInvocations.get', 'dataform.workflowInvocations.list', 'dataform.workflowInvocations.query', 'dataform.workspaces.commit', 'dataform.workspaces.create', 'dataform.workspaces.delete', 'dataform.workspaces.fetchFileDiff', 'dataform.workspaces.fetchFileGitStatuses', 'dataform.workspaces.fetchGitAheadBehind', 'dataform.workspaces.get', 'dataform.workspaces.getIamPolicy', 'dataform.workspaces.installNpmPackages', 'dataform.workspaces.list', 'dataform.workspaces.makeDirectory', 'dataform.workspaces.moveDirectory', 'dataform.workspaces.moveFile', 'dataform.workspaces.pull', 'dataform.workspaces.push', 'dataform.workspaces.queryDirectoryContents', 'dataform.workspaces.readFile', 'dataform.workspaces.removeDirectory', 'dataform.workspaces.removeFile', 'dataform.workspaces.reset', 'dataform.workspaces.searchFiles', 'dataform.workspaces.setIamPolicy', 'dataform.workspaces.writeFile', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA
roles/dataform.serviceAgent
Gives permission for the Dataform API to access a secret from Secret Manager
Dataform Service Agent
['dataform.compilationResults.create', 'dataform.workflowInvocations.create', 'resourcemanager.projects.get', 'resourcemanager.projects.list']
Copy Permissions
GA