Roles Data

Name Description Title Included Permissions Copy Stage
roles/gkebackup.delegatedBackupAdmin Allows administrators to manage Backup resources for specific BackupPlans Backup for GKE Delegated Backup Admin ['gkebackup.backupPlans.get', 'gkebackup.backups.create', 'gkebackup.backups.delete', 'gkebackup.backups.get', 'gkebackup.backups.getBackupIndex', 'gkebackup.backups.list', 'gkebackup.backups.update', 'gkebackup.volumeBackups.get', 'gkebackup.volumeBackups.list'] GA
roles/gkebackup.admin Full access to all Backup for GKE resources. Backup for GKE Admin ['gkebackup.backupPlans.create', 'gkebackup.backupPlans.delete', 'gkebackup.backupPlans.get', 'gkebackup.backupPlans.getIamPolicy', 'gkebackup.backupPlans.list', 'gkebackup.backupPlans.setIamPolicy', 'gkebackup.backupPlans.update', 'gkebackup.backups.create', 'gkebackup.backups.delete', 'gkebackup.backups.get', 'gkebackup.backups.getBackupIndex', 'gkebackup.backups.list', 'gkebackup.backups.update', 'gkebackup.locations.get', 'gkebackup.locations.list', 'gkebackup.operations.cancel', 'gkebackup.operations.delete', 'gkebackup.operations.get', 'gkebackup.operations.list', 'gkebackup.restorePlans.create', 'gkebackup.restorePlans.delete', 'gkebackup.restorePlans.get', 'gkebackup.restorePlans.getIamPolicy', 'gkebackup.restorePlans.list', 'gkebackup.restorePlans.setIamPolicy', 'gkebackup.restorePlans.update', 'gkebackup.restores.create', 'gkebackup.restores.delete', 'gkebackup.restores.get', 'gkebackup.restores.list', 'gkebackup.restores.update', 'gkebackup.volumeBackups.get', 'gkebackup.volumeBackups.list', 'gkebackup.volumeRestores.get', 'gkebackup.volumeRestores.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/gkebackup.backupAdmin Allows administrators to manage all BackupPlan and Backup resources. Backup for GKE Backup Admin ['gkebackup.backupPlans.create', 'gkebackup.backupPlans.delete', 'gkebackup.backupPlans.get', 'gkebackup.backupPlans.getIamPolicy', 'gkebackup.backupPlans.list', 'gkebackup.backupPlans.setIamPolicy', 'gkebackup.backupPlans.update', 'gkebackup.backups.create', 'gkebackup.backups.delete', 'gkebackup.backups.get', 'gkebackup.backups.getBackupIndex', 'gkebackup.backups.list', 'gkebackup.backups.update', 'gkebackup.locations.get', 'gkebackup.locations.list', 'gkebackup.operations.get', 'gkebackup.operations.list', 'gkebackup.volumeBackups.get', 'gkebackup.volumeBackups.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/gkebackup.delegatedRestoreAdmin Allows administrators to manage Restore resources for specific RestorePlans Backup for GKE Delegated Restore Admin ['gkebackup.restorePlans.get', 'gkebackup.restores.create', 'gkebackup.restores.delete', 'gkebackup.restores.get', 'gkebackup.restores.list', 'gkebackup.restores.update', 'gkebackup.volumeRestores.get', 'gkebackup.volumeRestores.list'] GA
roles/gkebackup.serviceAgent Grants the Backup for GKE Service Account access to managed resources. Backup for GKE Service Agent ['compute.disks.create', 'compute.disks.createSnapshot', 'compute.disks.get', 'compute.disks.list', 'compute.disks.setLabels', 'compute.disks.useReadOnly', 'compute.globalOperations.get', 'compute.regionOperations.get', 'compute.snapshots.delete', 'compute.snapshots.get', 'compute.zoneOperations.get', 'container.apiServices.create', 'container.apiServices.delete', 'container.apiServices.get', 'container.apiServices.getStatus', 'container.apiServices.list', 'container.apiServices.update', 'container.apiServices.updateStatus', 'container.auditSinks.create', 'container.auditSinks.delete', 'container.auditSinks.get', 'container.auditSinks.list', 'container.auditSinks.update', 'container.backendConfigs.create', 'container.backendConfigs.delete', 'container.backendConfigs.get', 'container.backendConfigs.list', 'container.backendConfigs.update', 'container.bindings.create', 'container.bindings.delete', 'container.bindings.get', 'container.bindings.list', 'container.bindings.update', 'container.certificateSigningRequests.create', 'container.certificateSigningRequests.delete', 'container.certificateSigningRequests.get', 'container.certificateSigningRequests.list', 'container.certificateSigningRequests.update', 'container.certificateSigningRequests.updateStatus', 'container.clusterRoleBindings.get', 'container.clusterRoleBindings.list', 'container.clusterRoles.get', 'container.clusterRoles.list', 'container.clusters.connect', 'container.clusters.get', 'container.clusters.list', 'container.clusters.update', 'container.componentStatuses.get', 'container.componentStatuses.list', 'container.configMaps.create', 'container.configMaps.delete', 'container.configMaps.get', 'container.configMaps.list', 'container.configMaps.update', 'container.controllerRevisions.get', 'container.controllerRevisions.list', 'container.cronJobs.create', 'container.cronJobs.delete', 'container.cronJobs.get', 'container.cronJobs.getStatus', 'container.cronJobs.list', 'container.cronJobs.update', 'container.cronJobs.updateStatus', 'container.csiDrivers.create', 'container.csiDrivers.delete', 'container.csiDrivers.get', 'container.csiDrivers.list', 'container.csiDrivers.update', 'container.csiNodeInfos.create', 'container.csiNodeInfos.delete', 'container.csiNodeInfos.get', 'container.csiNodeInfos.list', 'container.csiNodeInfos.update', 'container.csiNodes.create', 'container.csiNodes.delete', 'container.csiNodes.get', 'container.csiNodes.list', 'container.csiNodes.update', 'container.customResourceDefinitions.create', 'container.customResourceDefinitions.delete', 'container.customResourceDefinitions.get', 'container.customResourceDefinitions.getStatus', 'container.customResourceDefinitions.list', 'container.customResourceDefinitions.update', 'container.customResourceDefinitions.updateStatus', 'container.daemonSets.create', 'container.daemonSets.delete', 'container.daemonSets.get', 'container.daemonSets.getStatus', 'container.daemonSets.list', 'container.daemonSets.update', 'container.daemonSets.updateStatus', 'container.deployments.create', 'container.deployments.delete', 'container.deployments.get', 'container.deployments.getScale', 'container.deployments.getStatus', 'container.deployments.list', 'container.deployments.rollback', 'container.deployments.update', 'container.deployments.updateScale', 'container.deployments.updateStatus', 'container.endpointSlices.create', 'container.endpointSlices.delete', 'container.endpointSlices.get', 'container.endpointSlices.list', 'container.endpointSlices.update', 'container.endpoints.create', 'container.endpoints.delete', 'container.endpoints.get', 'container.endpoints.list', 'container.endpoints.update', 'container.events.create', 'container.events.delete', 'container.events.get', 'container.events.list', 'container.events.update', 'container.frontendConfigs.create', 'container.frontendConfigs.delete', 'container.frontendConfigs.get', 'container.frontendConfigs.list', 'container.frontendConfigs.update', 'container.horizontalPodAutoscalers.create', 'container.horizontalPodAutoscalers.delete', 'container.horizontalPodAutoscalers.get', 'container.horizontalPodAutoscalers.getStatus', 'container.horizontalPodAutoscalers.list', 'container.horizontalPodAutoscalers.update', 'container.horizontalPodAutoscalers.updateStatus', 'container.ingresses.create', 'container.ingresses.delete', 'container.ingresses.get', 'container.ingresses.getStatus', 'container.ingresses.list', 'container.ingresses.update', 'container.ingresses.updateStatus', 'container.initializerConfigurations.create', 'container.initializerConfigurations.delete', 'container.initializerConfigurations.get', 'container.initializerConfigurations.list', 'container.initializerConfigurations.update', 'container.jobs.create', 'container.jobs.delete', 'container.jobs.get', 'container.jobs.getStatus', 'container.jobs.list', 'container.jobs.update', 'container.jobs.updateStatus', 'container.leases.create', 'container.leases.delete', 'container.leases.get', 'container.leases.list', 'container.leases.update', 'container.limitRanges.create', 'container.limitRanges.delete', 'container.limitRanges.get', 'container.limitRanges.list', 'container.limitRanges.update', 'container.localSubjectAccessReviews.create', 'container.localSubjectAccessReviews.list', 'container.managedCertificates.create', 'container.managedCertificates.delete', 'container.managedCertificates.get', 'container.managedCertificates.list', 'container.managedCertificates.update', 'container.mutatingWebhookConfigurations.get', 'container.mutatingWebhookConfigurations.list', 'container.namespaces.create', 'container.namespaces.delete', 'container.namespaces.finalize', 'container.namespaces.get', 'container.namespaces.getStatus', 'container.namespaces.list', 'container.namespaces.update', 'container.namespaces.updateStatus', 'container.networkPolicies.create', 'container.networkPolicies.delete', 'container.networkPolicies.get', 'container.networkPolicies.list', 'container.networkPolicies.update', 'container.nodes.create', 'container.nodes.delete', 'container.nodes.get', 'container.nodes.getStatus', 'container.nodes.list', 'container.nodes.proxy', 'container.nodes.update', 'container.nodes.updateStatus', 'container.operations.get', 'container.operations.list', 'container.persistentVolumeClaims.create', 'container.persistentVolumeClaims.delete', 'container.persistentVolumeClaims.get', 'container.persistentVolumeClaims.getStatus', 'container.persistentVolumeClaims.list', 'container.persistentVolumeClaims.update', 'container.persistentVolumeClaims.updateStatus', 'container.persistentVolumes.create', 'container.persistentVolumes.delete', 'container.persistentVolumes.get', 'container.persistentVolumes.getStatus', 'container.persistentVolumes.list', 'container.persistentVolumes.update', 'container.persistentVolumes.updateStatus', 'container.petSets.create', 'container.petSets.delete', 'container.petSets.get', 'container.petSets.list', 'container.petSets.update', 'container.petSets.updateStatus', 'container.podDisruptionBudgets.create', 'container.podDisruptionBudgets.delete', 'container.podDisruptionBudgets.get', 'container.podDisruptionBudgets.getStatus', 'container.podDisruptionBudgets.list', 'container.podDisruptionBudgets.update', 'container.podDisruptionBudgets.updateStatus', 'container.podPresets.create', 'container.podPresets.delete', 'container.podPresets.get', 'container.podPresets.list', 'container.podPresets.update', 'container.podSecurityPolicies.get', 'container.podSecurityPolicies.list', 'container.podTemplates.create', 'container.podTemplates.delete', 'container.podTemplates.get', 'container.podTemplates.list', 'container.podTemplates.update', 'container.pods.attach', 'container.pods.create', 'container.pods.delete', 'container.pods.evict', 'container.pods.exec', 'container.pods.get', 'container.pods.getLogs', 'container.pods.getStatus', 'container.pods.initialize', 'container.pods.list', 'container.pods.portForward', 'container.pods.proxy', 'container.pods.update', 'container.pods.updateStatus', 'container.priorityClasses.create', 'container.priorityClasses.delete', 'container.priorityClasses.get', 'container.priorityClasses.list', 'container.priorityClasses.update', 'container.replicaSets.create', 'container.replicaSets.delete', 'container.replicaSets.get', 'container.replicaSets.getScale', 'container.replicaSets.getStatus', 'container.replicaSets.list', 'container.replicaSets.update', 'container.replicaSets.updateScale', 'container.replicaSets.updateStatus', 'container.replicationControllers.create', 'container.replicationControllers.delete', 'container.replicationControllers.get', 'container.replicationControllers.getScale', 'container.replicationControllers.getStatus', 'container.replicationControllers.list', 'container.replicationControllers.update', 'container.replicationControllers.updateScale', 'container.replicationControllers.updateStatus', 'container.resourceQuotas.create', 'container.resourceQuotas.delete', 'container.resourceQuotas.get', 'container.resourceQuotas.getStatus', 'container.resourceQuotas.list', 'container.resourceQuotas.update', 'container.resourceQuotas.updateStatus', 'container.roleBindings.get', 'container.roleBindings.list', 'container.roles.get', 'container.roles.list', 'container.runtimeClasses.create', 'container.runtimeClasses.delete', 'container.runtimeClasses.get', 'container.runtimeClasses.list', 'container.runtimeClasses.update', 'container.scheduledJobs.create', 'container.scheduledJobs.delete', 'container.scheduledJobs.get', 'container.scheduledJobs.list', 'container.scheduledJobs.update', 'container.scheduledJobs.updateStatus', 'container.secrets.create', 'container.secrets.delete', 'container.secrets.get', 'container.secrets.list', 'container.secrets.update', 'container.selfSubjectAccessReviews.create', 'container.selfSubjectAccessReviews.list', 'container.selfSubjectRulesReviews.create', 'container.serviceAccounts.create', 'container.serviceAccounts.createToken', 'container.serviceAccounts.delete', 'container.serviceAccounts.get', 'container.serviceAccounts.list', 'container.serviceAccounts.update', 'container.services.create', 'container.services.delete', 'container.services.get', 'container.services.getStatus', 'container.services.list', 'container.services.proxy', 'container.services.update', 'container.services.updateStatus', 'container.statefulSets.create', 'container.statefulSets.delete', 'container.statefulSets.get', 'container.statefulSets.getScale', 'container.statefulSets.getStatus', 'container.statefulSets.list', 'container.statefulSets.update', 'container.statefulSets.updateScale', 'container.statefulSets.updateStatus', 'container.storageClasses.create', 'container.storageClasses.delete', 'container.storageClasses.get', 'container.storageClasses.list', 'container.storageClasses.update', 'container.storageStates.create', 'container.storageStates.delete', 'container.storageStates.get', 'container.storageStates.getStatus', 'container.storageStates.list', 'container.storageStates.update', 'container.storageStates.updateStatus', 'container.storageVersionMigrations.create', 'container.storageVersionMigrations.delete', 'container.storageVersionMigrations.get', 'container.storageVersionMigrations.getStatus', 'container.storageVersionMigrations.list', 'container.storageVersionMigrations.update', 'container.storageVersionMigrations.updateStatus', 'container.subjectAccessReviews.create', 'container.subjectAccessReviews.list', 'container.thirdPartyObjects.create', 'container.thirdPartyObjects.delete', 'container.thirdPartyObjects.get', 'container.thirdPartyObjects.list', 'container.thirdPartyObjects.update', 'container.thirdPartyResources.create', 'container.thirdPartyResources.delete', 'container.thirdPartyResources.get', 'container.thirdPartyResources.list', 'container.thirdPartyResources.update', 'container.tokenReviews.create', 'container.updateInfos.create', 'container.updateInfos.delete', 'container.updateInfos.get', 'container.updateInfos.list', 'container.updateInfos.update', 'container.validatingWebhookConfigurations.get', 'container.validatingWebhookConfigurations.list', 'container.volumeAttachments.create', 'container.volumeAttachments.delete', 'container.volumeAttachments.get', 'container.volumeAttachments.getStatus', 'container.volumeAttachments.list', 'container.volumeAttachments.update', 'container.volumeAttachments.updateStatus', 'container.volumeSnapshotClasses.create', 'container.volumeSnapshotClasses.delete', 'container.volumeSnapshotClasses.get', 'container.volumeSnapshotClasses.list', 'container.volumeSnapshotClasses.update', 'container.volumeSnapshotContents.create', 'container.volumeSnapshotContents.delete', 'container.volumeSnapshotContents.get', 'container.volumeSnapshotContents.getStatus', 'container.volumeSnapshotContents.list', 'container.volumeSnapshotContents.update', 'container.volumeSnapshotContents.updateStatus', 'container.volumeSnapshots.create', 'container.volumeSnapshots.delete', 'container.volumeSnapshots.get', 'container.volumeSnapshots.getStatus', 'container.volumeSnapshots.list', 'container.volumeSnapshots.update', 'container.volumeSnapshots.updateStatus', 'gkebackup.operations.get', 'recommender.containerDiagnosisInsights.get', 'recommender.containerDiagnosisInsights.list', 'recommender.containerDiagnosisInsights.update', 'recommender.containerDiagnosisRecommendations.get', 'recommender.containerDiagnosisRecommendations.list', 'recommender.containerDiagnosisRecommendations.update', 'recommender.locations.get', 'recommender.locations.list', 'recommender.networkAnalyzerGkeConnectivityInsights.get', 'recommender.networkAnalyzerGkeConnectivityInsights.list', 'recommender.networkAnalyzerGkeConnectivityInsights.update', 'recommender.networkAnalyzerGkeIpAddressInsights.get', 'recommender.networkAnalyzerGkeIpAddressInsights.list', 'recommender.networkAnalyzerGkeIpAddressInsights.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'resourcemanager.projects.updateLiens'] GA
roles/gkebackup.viewer Read-only access to all Backup for GKE resources. Backup for GKE Viewer ['gkebackup.backupPlans.get', 'gkebackup.backupPlans.getIamPolicy', 'gkebackup.backupPlans.list', 'gkebackup.backups.get', 'gkebackup.backups.getBackupIndex', 'gkebackup.backups.list', 'gkebackup.locations.get', 'gkebackup.locations.list', 'gkebackup.operations.get', 'gkebackup.operations.list', 'gkebackup.restorePlans.get', 'gkebackup.restorePlans.getIamPolicy', 'gkebackup.restorePlans.list', 'gkebackup.restores.get', 'gkebackup.restores.list', 'gkebackup.volumeBackups.get', 'gkebackup.volumeBackups.list', 'gkebackup.volumeRestores.get', 'gkebackup.volumeRestores.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA
roles/gkebackup.restoreAdmin Allows administrators to manage all RestorePlan and Restore resources. Backup for GKE Restore Admin ['gkebackup.backupPlans.get', 'gkebackup.backupPlans.list', 'gkebackup.backups.get', 'gkebackup.backups.getBackupIndex', 'gkebackup.backups.list', 'gkebackup.locations.get', 'gkebackup.locations.list', 'gkebackup.operations.get', 'gkebackup.operations.list', 'gkebackup.restorePlans.create', 'gkebackup.restorePlans.delete', 'gkebackup.restorePlans.get', 'gkebackup.restorePlans.getIamPolicy', 'gkebackup.restorePlans.list', 'gkebackup.restorePlans.setIamPolicy', 'gkebackup.restorePlans.update', 'gkebackup.restores.create', 'gkebackup.restores.delete', 'gkebackup.restores.get', 'gkebackup.restores.list', 'gkebackup.restores.update', 'gkebackup.volumeBackups.get', 'gkebackup.volumeBackups.list', 'gkebackup.volumeRestores.get', 'gkebackup.volumeRestores.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] GA