roles/managedidentities.backupViewer |
Read-only access to Google Cloud Managed Identities Backup and related resources. |
Google Cloud Managed Identities Backup Viewer |
['managedidentities.backups.get', 'managedidentities.backups.getIamPolicy', 'managedidentities.backups.list', 'managedidentities.domains.get', 'managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.get', 'managedidentities.operations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.domainJoin |
Access to domain join VMs with Cloud AD |
Google Cloud Managed Identities Domain Join |
['managedidentities.domains.domainJoinMachine', 'managedidentities.domains.get'] |
|
BETA |
roles/managedidentities.domainAdmin |
Read-Update-Delete to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a resource (domain) level. |
Google Cloud Managed Identities Domain Admin |
['managedidentities.backups.create', 'managedidentities.backups.delete', 'managedidentities.backups.get', 'managedidentities.backups.getIamPolicy', 'managedidentities.backups.list', 'managedidentities.backups.setIamPolicy', 'managedidentities.backups.update', 'managedidentities.domains.attachTrust', 'managedidentities.domains.checkMigrationPermission', 'managedidentities.domains.createTagBinding', 'managedidentities.domains.delete', 'managedidentities.domains.deleteTagBinding', 'managedidentities.domains.detachTrust', 'managedidentities.domains.disableMigration', 'managedidentities.domains.domainJoinMachine', 'managedidentities.domains.enableMigration', 'managedidentities.domains.extendSchema', 'managedidentities.domains.get', 'managedidentities.domains.getIamPolicy', 'managedidentities.domains.listEffectiveTags', 'managedidentities.domains.listTagBindings', 'managedidentities.domains.reconfigureTrust', 'managedidentities.domains.resetpassword', 'managedidentities.domains.restore', 'managedidentities.domains.update', 'managedidentities.domains.updateLDAPSSettings', 'managedidentities.domains.validateTrust', 'managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.get', 'managedidentities.operations.list', 'managedidentities.sqlintegrations.get', 'managedidentities.sqlintegrations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.peeringAdmin |
Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level |
Google Cloud Managed Identities Peering Admin |
['managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.cancel', 'managedidentities.operations.delete', 'managedidentities.operations.get', 'managedidentities.operations.list', 'managedidentities.peerings.create', 'managedidentities.peerings.delete', 'managedidentities.peerings.get', 'managedidentities.peerings.getIamPolicy', 'managedidentities.peerings.list', 'managedidentities.peerings.setIamPolicy', 'managedidentities.peerings.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.backupAdmin |
Full access to Google Cloud Managed Identities Backup and related resources. Intended to be granted on a project-level |
Google Cloud Managed Identities Backup Admin |
['managedidentities.backups.create', 'managedidentities.backups.delete', 'managedidentities.backups.get', 'managedidentities.backups.getIamPolicy', 'managedidentities.backups.list', 'managedidentities.backups.setIamPolicy', 'managedidentities.backups.update', 'managedidentities.domains.get', 'managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.cancel', 'managedidentities.operations.delete', 'managedidentities.operations.get', 'managedidentities.operations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.serviceAgent |
Gives Managed Identities service account access to managed resources. |
Cloud Managed Identities Service Agent |
['compute.globalOperations.get', 'compute.networks.addPeering', 'compute.networks.get', 'compute.networks.removePeering', 'compute.networks.update', 'compute.routes.list', 'dns.changes.create', 'dns.changes.get', 'dns.changes.list', 'dns.dnsKeys.get', 'dns.dnsKeys.list', 'dns.managedZoneOperations.get', 'dns.managedZoneOperations.list', 'dns.managedZones.create', 'dns.managedZones.delete', 'dns.managedZones.get', 'dns.managedZones.list', 'dns.managedZones.update', 'dns.networks.bindPrivateDNSPolicy', 'dns.networks.bindPrivateDNSZone', 'dns.policies.create', 'dns.policies.delete', 'dns.policies.get', 'dns.policies.list', 'dns.policies.update', 'dns.projects.get', 'dns.resourceRecordSets.create', 'dns.resourceRecordSets.delete', 'dns.resourceRecordSets.get', 'dns.resourceRecordSets.list', 'dns.resourceRecordSets.update', 'dns.responsePolicies.create', 'dns.responsePolicies.delete', 'dns.responsePolicies.get', 'dns.responsePolicies.list', 'dns.responsePolicies.update', 'dns.responsePolicyRules.create', 'dns.responsePolicyRules.delete', 'dns.responsePolicyRules.get', 'dns.responsePolicyRules.list', 'dns.responsePolicyRules.update', 'monitoring.metricDescriptors.create', 'monitoring.metricDescriptors.get', 'monitoring.metricDescriptors.list', 'monitoring.monitoredResourceDescriptors.get', 'monitoring.monitoredResourceDescriptors.list', 'monitoring.timeSeries.create', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.admin |
Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level. |
Google Cloud Managed Identities Admin |
['managedidentities.backups.create', 'managedidentities.backups.delete', 'managedidentities.backups.get', 'managedidentities.backups.getIamPolicy', 'managedidentities.backups.list', 'managedidentities.backups.setIamPolicy', 'managedidentities.backups.update', 'managedidentities.domains.attachTrust', 'managedidentities.domains.checkMigrationPermission', 'managedidentities.domains.create', 'managedidentities.domains.createTagBinding', 'managedidentities.domains.delete', 'managedidentities.domains.deleteTagBinding', 'managedidentities.domains.detachTrust', 'managedidentities.domains.disableMigration', 'managedidentities.domains.domainJoinMachine', 'managedidentities.domains.enableMigration', 'managedidentities.domains.extendSchema', 'managedidentities.domains.get', 'managedidentities.domains.getIamPolicy', 'managedidentities.domains.list', 'managedidentities.domains.listEffectiveTags', 'managedidentities.domains.listTagBindings', 'managedidentities.domains.reconfigureTrust', 'managedidentities.domains.resetpassword', 'managedidentities.domains.restore', 'managedidentities.domains.setIamPolicy', 'managedidentities.domains.update', 'managedidentities.domains.updateLDAPSSettings', 'managedidentities.domains.validateTrust', 'managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.cancel', 'managedidentities.operations.delete', 'managedidentities.operations.get', 'managedidentities.operations.list', 'managedidentities.peerings.create', 'managedidentities.peerings.delete', 'managedidentities.peerings.get', 'managedidentities.peerings.getIamPolicy', 'managedidentities.peerings.list', 'managedidentities.peerings.setIamPolicy', 'managedidentities.peerings.update', 'managedidentities.sqlintegrations.get', 'managedidentities.sqlintegrations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.peeringViewer |
Read-only access to Google Cloud Managed Identities Peering and related resources. |
Google Cloud Managed Identities Peering Viewer |
['managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.get', 'managedidentities.operations.list', 'managedidentities.peerings.get', 'managedidentities.peerings.getIamPolicy', 'managedidentities.peerings.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
roles/managedidentities.viewer |
Read-only access to Google Cloud Managed Identities Domains and related resources. |
Google Cloud Managed Identities Viewer |
['managedidentities.backups.get', 'managedidentities.backups.getIamPolicy', 'managedidentities.backups.list', 'managedidentities.domains.get', 'managedidentities.domains.getIamPolicy', 'managedidentities.domains.list', 'managedidentities.domains.listEffectiveTags', 'managedidentities.domains.listTagBindings', 'managedidentities.locations.get', 'managedidentities.locations.list', 'managedidentities.operations.get', 'managedidentities.operations.list', 'managedidentities.peerings.get', 'managedidentities.peerings.getIamPolicy', 'managedidentities.peerings.list', 'managedidentities.sqlintegrations.get', 'managedidentities.sqlintegrations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |