Roles Data

Name Description Title Included Permissions Copy Stage
roles/edgecontainer.clusterServiceAgent Grants the Edge Container Cluster Service Account access to manage resources. Edge Container Cluster Service Agent ['cloudnotifications.activities.list', 'gkehub.endpoints.connect', 'gkehub.features.create', 'gkehub.features.get', 'gkehub.features.list', 'gkehub.features.update', 'gkehub.fleet.create', 'gkehub.fleet.delete', 'gkehub.fleet.get', 'gkehub.locations.get', 'gkehub.locations.list', 'gkehub.memberships.create', 'gkehub.memberships.delete', 'gkehub.memberships.generateConnectManifest', 'gkehub.memberships.get', 'gkehub.memberships.list', 'gkehub.memberships.update', 'gkehub.operations.cancel', 'gkehub.operations.delete', 'gkehub.operations.get', 'gkehub.operations.list', 'kubernetesmetadata.metadata.config', 'kubernetesmetadata.metadata.publish', 'kubernetesmetadata.metadata.snapshot', 'logging.logEntries.create', 'monitoring.alertPolicies.get', 'monitoring.alertPolicies.list', 'monitoring.dashboards.create', 'monitoring.dashboards.delete', 'monitoring.dashboards.get', 'monitoring.dashboards.list', 'monitoring.dashboards.update', 'monitoring.groups.get', 'monitoring.groups.list', 'monitoring.metricDescriptors.create', 'monitoring.metricDescriptors.get', 'monitoring.metricDescriptors.list', 'monitoring.monitoredResourceDescriptors.get', 'monitoring.monitoredResourceDescriptors.list', 'monitoring.notificationChannelDescriptors.get', 'monitoring.notificationChannelDescriptors.list', 'monitoring.notificationChannels.get', 'monitoring.notificationChannels.list', 'monitoring.services.get', 'monitoring.services.list', 'monitoring.slos.get', 'monitoring.slos.list', 'monitoring.snoozes.get', 'monitoring.snoozes.list', 'monitoring.timeSeries.create', 'monitoring.timeSeries.list', 'monitoring.uptimeCheckConfigs.get', 'monitoring.uptimeCheckConfigs.list', 'opsconfigmonitoring.resourceMetadata.list', 'opsconfigmonitoring.resourceMetadata.write', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'serviceusage.quotas.get', 'serviceusage.services.enable', 'serviceusage.services.get', 'serviceusage.services.list', 'stackdriver.projects.get', 'stackdriver.resourceMetadata.list', 'stackdriver.resourceMetadata.write', 'storage.buckets.create', 'storage.buckets.get', 'storage.buckets.list', 'storage.buckets.update', 'storage.objects.create', 'storage.objects.delete', 'storage.objects.get', 'storage.objects.list', 'storage.objects.update'] GA
roles/edgecontainer.admin Full access to Edge Container all resources. Edge Container Admin ['edgecontainer.clusters.create', 'edgecontainer.clusters.delete', 'edgecontainer.clusters.generateAccessToken', 'edgecontainer.clusters.generateOfflineCredential', 'edgecontainer.clusters.get', 'edgecontainer.clusters.getIamPolicy', 'edgecontainer.clusters.list', 'edgecontainer.clusters.setIamPolicy', 'edgecontainer.clusters.update', 'edgecontainer.clusters.upgrade', 'edgecontainer.locations.get', 'edgecontainer.locations.list', 'edgecontainer.machines.create', 'edgecontainer.machines.delete', 'edgecontainer.machines.get', 'edgecontainer.machines.getIamPolicy', 'edgecontainer.machines.list', 'edgecontainer.machines.setIamPolicy', 'edgecontainer.machines.update', 'edgecontainer.machines.use', 'edgecontainer.nodePools.create', 'edgecontainer.nodePools.delete', 'edgecontainer.nodePools.get', 'edgecontainer.nodePools.getIamPolicy', 'edgecontainer.nodePools.list', 'edgecontainer.nodePools.setIamPolicy', 'edgecontainer.nodePools.update', 'edgecontainer.operations.cancel', 'edgecontainer.operations.delete', 'edgecontainer.operations.get', 'edgecontainer.operations.list', 'edgecontainer.serverconfig.get', 'edgecontainer.vpnConnections.create', 'edgecontainer.vpnConnections.delete', 'edgecontainer.vpnConnections.get', 'edgecontainer.vpnConnections.getIamPolicy', 'edgecontainer.vpnConnections.list', 'edgecontainer.vpnConnections.setIamPolicy', 'edgecontainer.vpnConnections.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/edgecontainer.offlineCredentialUser Access to get Edge Container cluster offline credentials Edge Container Cluster offline Credential User ['edgecontainer.clusters.generateOfflineCredential', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/edgecontainer.viewer Read-only access to Edge Container all resources. Edge Container Viewer ['edgecontainer.clusters.generateAccessToken', 'edgecontainer.clusters.get', 'edgecontainer.clusters.getIamPolicy', 'edgecontainer.clusters.list', 'edgecontainer.locations.get', 'edgecontainer.locations.list', 'edgecontainer.machines.get', 'edgecontainer.machines.getIamPolicy', 'edgecontainer.machines.list', 'edgecontainer.nodePools.get', 'edgecontainer.nodePools.getIamPolicy', 'edgecontainer.nodePools.list', 'edgecontainer.operations.get', 'edgecontainer.operations.list', 'edgecontainer.serverconfig.get', 'edgecontainer.vpnConnections.get', 'edgecontainer.vpnConnections.getIamPolicy', 'edgecontainer.vpnConnections.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/edgecontainer.machineUser Access to use Edge Container Machine resources. Edge Container Machine User ['edgecontainer.machines.get', 'edgecontainer.machines.getIamPolicy', 'edgecontainer.machines.list', 'edgecontainer.machines.use', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/edgecontainer.serviceAgent Grants the Edge Container Service Account access to manage resources. Edge Container Service Agent ['compute.externalVpnGateways.create', 'compute.externalVpnGateways.delete', 'compute.externalVpnGateways.get', 'compute.externalVpnGateways.use', 'compute.globalOperations.get', 'compute.networks.get', 'compute.networks.updatePolicy', 'compute.regionOperations.get', 'compute.routers.create', 'compute.routers.delete', 'compute.routers.get', 'compute.routers.list', 'compute.routers.update', 'compute.routers.use', 'compute.vpnGateways.create', 'compute.vpnGateways.delete', 'compute.vpnGateways.get', 'compute.vpnGateways.use', 'compute.vpnTunnels.create', 'compute.vpnTunnels.delete', 'compute.vpnTunnels.get', 'gkehub.memberships.create', 'gkehub.memberships.delete', 'gkehub.memberships.generateConnectManifest', 'gkehub.memberships.get', 'gkehub.memberships.list', 'gkehub.memberships.update', 'gkehub.operations.cancel', 'gkehub.operations.get', 'serviceusage.services.list'] GA