| roles/securitycentermanagement.viewer |
Readonly access to Cloud Security Command Center services and custom modules configuration. |
Security Center Management Viewer |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.organizationsettings.get', 'securitycenter.securitycentersettings.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test'] |
|
GA |
| roles/securitycenter.findingsMuteSetter |
Set mute access to findings |
Security Center Findings Mute Setter |
['securitycenter.findings.setMute'] |
|
GA |
| roles/securitycenter.assetSecurityMarksWriter |
Write access to asset security marks |
Security Center Asset Security Marks Writer |
['securitycenter.assetsecuritymarks.update', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.resourceValueConfigsEditor |
Read-Write access to security center resource value configurations |
Security Center Resource Value Configurations Editor |
['resourcemanager.tagValues.get', 'securitycenter.resourcevalueconfigs.create', 'securitycenter.resourcevalueconfigs.delete', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list', 'securitycenter.resourcevalueconfigs.update'] |
|
GA |
| roles/securitycenter.findingSecurityMarksWriter |
Write access to finding security marks |
Security Center Finding Security Marks Writer |
['securitycenter.findingsecuritymarks.update', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycentermanagement.admin |
Full access to manage Cloud Security Command Center services and custom modules configuration. |
Security Center Management Admin |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.organizationsettings.get', 'securitycenter.organizationsettings.update', 'securitycenter.securitycentersettings.get', 'securitycenter.securitycentersettings.update', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCenterServices.update', 'securitycentermanagement.securityCommandCenter.activate', 'securitycentermanagement.securityCommandCenter.checkActivationOperation', 'securitycentermanagement.securityCommandCenter.checkEligibility', 'securitycentermanagement.securityCommandCenter.generateServiceAccounts', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityCommandCenter.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update'] |
|
GA |
| roles/securitycenter.adminEditor |
Admin Read-write access to security center |
Security Center Admin Editor |
['appengine.applications.get', 'artifactregistry.attachments.get', 'artifactregistry.attachments.list', 'artifactregistry.dockerimages.get', 'artifactregistry.dockerimages.list', 'artifactregistry.files.download', 'artifactregistry.files.get', 'artifactregistry.files.list', 'artifactregistry.locations.get', 'artifactregistry.locations.list', 'artifactregistry.mavenartifacts.get', 'artifactregistry.mavenartifacts.list', 'artifactregistry.npmpackages.get', 'artifactregistry.npmpackages.list', 'artifactregistry.packages.get', 'artifactregistry.packages.list', 'artifactregistry.projectsettings.get', 'artifactregistry.pythonpackages.get', 'artifactregistry.pythonpackages.list', 'artifactregistry.repositories.downloadArtifacts', 'artifactregistry.repositories.get', 'artifactregistry.repositories.list', 'artifactregistry.repositories.listEffectiveTags', 'artifactregistry.repositories.listTagBindings', 'artifactregistry.repositories.readViaVirtualRepository', 'artifactregistry.rules.get', 'artifactregistry.rules.list', 'artifactregistry.tags.get', 'artifactregistry.tags.list', 'artifactregistry.versions.get', 'artifactregistry.versions.list', 'assuredoss.config.get', 'assuredoss.locations.get', 'assuredoss.locations.list', 'assuredoss.metadata.get', 'assuredoss.metadata.list', 'assuredoss.operations.get', 'assuredoss.operations.list', 'cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportResource', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.assets.searchEnrichmentResourceOwners', 'cloudsecurityscanner.crawledurls.list', 'cloudsecurityscanner.results.get', 'cloudsecurityscanner.results.list', 'cloudsecurityscanner.scanruns.get', 'cloudsecurityscanner.scanruns.getSummary', 'cloudsecurityscanner.scanruns.list', 'cloudsecurityscanner.scanruns.stop', 'cloudsecurityscanner.scans.create', 'cloudsecurityscanner.scans.delete', 'cloudsecurityscanner.scans.get', 'cloudsecurityscanner.scans.list', 'cloudsecurityscanner.scans.run', 'cloudsecurityscanner.scans.update', 'compute.addresses.list', 'pubsub.schemas.get', 'pubsub.schemas.list', 'pubsub.schemas.listRevisions', 'pubsub.schemas.validate', 'pubsub.snapshots.get', 'pubsub.snapshots.list', 'pubsub.subscriptions.get', 'pubsub.subscriptions.list', 'pubsub.topics.get', 'pubsub.topics.list', 'resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'resourcemanager.tagValues.get', 'securitycenter.assets.group', 'securitycenter.assets.list', 'securitycenter.assets.listAssetPropertyNames', 'securitycenter.assets.runDiscovery', 'securitycenter.assetsecuritymarks.update', 'securitycenter.attackpaths.list', 'securitycenter.bigQueryExports.create', 'securitycenter.bigQueryExports.delete', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.bigQueryExports.update', 'securitycenter.complianceReports.aggregate', 'securitycenter.compliancesnapshots.list', 'securitycenter.containerthreatdetectionsettings.calculate', 'securitycenter.containerthreatdetectionsettings.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.list', 'securitycenter.eventthreatdetectionsettings.calculate', 'securitycenter.eventthreatdetectionsettings.get', 'securitycenter.exposurepathexplan.get', 'securitycenter.findingexplanations.get', 'securitycenter.findingexternalsystems.update', 'securitycenter.findings.bulkMuteUpdate', 'securitycenter.findings.group', 'securitycenter.findings.list', 'securitycenter.findings.listFindingPropertyNames', 'securitycenter.findings.setMute', 'securitycenter.findings.setState', 'securitycenter.findings.setWorkflowState', 'securitycenter.findings.update', 'securitycenter.findingsecuritymarks.update', 'securitycenter.integratedvulnerabilityscannersettings.calculate', 'securitycenter.integratedvulnerabilityscannersettings.get', 'securitycenter.muteconfigs.create', 'securitycenter.muteconfigs.delete', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.muteconfigs.update', 'securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.notificationconfig.update', 'securitycenter.organizationsettings.get', 'securitycenter.rapidvulnerabilitydetectionsettings.calculate', 'securitycenter.rapidvulnerabilitydetectionsettings.get', 'securitycenter.resourcevalueconfigs.create', 'securitycenter.resourcevalueconfigs.delete', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list', 'securitycenter.resourcevalueconfigs.update', 'securitycenter.securitycentersettings.get', 'securitycenter.securityhealthanalyticscustommodules.get', 'securitycenter.securityhealthanalyticscustommodules.list', 'securitycenter.securityhealthanalyticscustommodules.simulate', 'securitycenter.securityhealthanalyticscustommodules.test', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.simulations.get', 'securitycenter.sources.get', 'securitycenter.sources.list', 'securitycenter.sources.update', 'securitycenter.subscription.get', 'securitycenter.userinterfacemetadata.get', 'securitycenter.valuedresources.list', 'securitycenter.virtualmachinethreatdetectionsettings.calculate', 'securitycenter.virtualmachinethreatdetectionsettings.get', 'securitycenter.vulnerabilitysnapshots.list', 'securitycenter.websecurityscannersettings.calculate', 'securitycenter.websecurityscannersettings.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCommandCenter.generateServiceAccounts', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityCommandCenter.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'serviceusage.quotas.get', 'serviceusage.services.get', 'serviceusage.services.list'] |
|
GA |
| roles/securitycenter.admin |
Admin(super user) access to security center |
Security Center Admin |
['appengine.applications.get', 'artifactregistry.attachments.get', 'artifactregistry.attachments.list', 'artifactregistry.dockerimages.get', 'artifactregistry.dockerimages.list', 'artifactregistry.files.download', 'artifactregistry.files.get', 'artifactregistry.files.list', 'artifactregistry.locations.get', 'artifactregistry.locations.list', 'artifactregistry.mavenartifacts.get', 'artifactregistry.mavenartifacts.list', 'artifactregistry.npmpackages.get', 'artifactregistry.npmpackages.list', 'artifactregistry.packages.get', 'artifactregistry.packages.list', 'artifactregistry.projectsettings.get', 'artifactregistry.pythonpackages.get', 'artifactregistry.pythonpackages.list', 'artifactregistry.repositories.create', 'artifactregistry.repositories.downloadArtifacts', 'artifactregistry.repositories.get', 'artifactregistry.repositories.list', 'artifactregistry.repositories.listEffectiveTags', 'artifactregistry.repositories.listTagBindings', 'artifactregistry.repositories.readViaVirtualRepository', 'artifactregistry.rules.get', 'artifactregistry.rules.list', 'artifactregistry.tags.get', 'artifactregistry.tags.list', 'artifactregistry.versions.get', 'artifactregistry.versions.list', 'assuredoss.config.get', 'assuredoss.customers.create', 'assuredoss.locations.get', 'assuredoss.locations.list', 'assuredoss.metadata.get', 'assuredoss.metadata.list', 'assuredoss.operations.cancel', 'assuredoss.operations.delete', 'assuredoss.operations.get', 'assuredoss.operations.list', 'cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportResource', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.assets.searchEnrichmentResourceOwners', 'cloudsecurityscanner.crawledurls.list', 'cloudsecurityscanner.results.get', 'cloudsecurityscanner.results.list', 'cloudsecurityscanner.scanruns.get', 'cloudsecurityscanner.scanruns.getSummary', 'cloudsecurityscanner.scanruns.list', 'cloudsecurityscanner.scanruns.stop', 'cloudsecurityscanner.scans.create', 'cloudsecurityscanner.scans.delete', 'cloudsecurityscanner.scans.get', 'cloudsecurityscanner.scans.list', 'cloudsecurityscanner.scans.run', 'cloudsecurityscanner.scans.update', 'compute.addresses.list', 'iam.serviceAccountKeys.create', 'iam.serviceAccounts.create', 'iam.serviceAccounts.get', 'pubsub.schemas.get', 'pubsub.schemas.list', 'pubsub.schemas.listRevisions', 'pubsub.schemas.validate', 'pubsub.snapshots.get', 'pubsub.snapshots.list', 'pubsub.subscriptions.create', 'pubsub.subscriptions.get', 'pubsub.subscriptions.list', 'pubsub.subscriptions.update', 'pubsub.topics.get', 'pubsub.topics.list', 'resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'resourcemanager.tagValues.get', 'securitycenter.assets.group', 'securitycenter.assets.list', 'securitycenter.assets.listAssetPropertyNames', 'securitycenter.assets.runDiscovery', 'securitycenter.assetsecuritymarks.update', 'securitycenter.attackpaths.list', 'securitycenter.bigQueryExports.create', 'securitycenter.bigQueryExports.delete', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.bigQueryExports.update', 'securitycenter.billingtier.update', 'securitycenter.complianceReports.aggregate', 'securitycenter.compliancesnapshots.list', 'securitycenter.containerthreatdetectionsettings.calculate', 'securitycenter.containerthreatdetectionsettings.get', 'securitycenter.containerthreatdetectionsettings.update', 'securitycenter.effectivesecurityhealthanalyticscustommodules.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.list', 'securitycenter.eventthreatdetectionsettings.calculate', 'securitycenter.eventthreatdetectionsettings.get', 'securitycenter.eventthreatdetectionsettings.update', 'securitycenter.exposurepathexplan.get', 'securitycenter.findingexplanations.get', 'securitycenter.findingexternalsystems.update', 'securitycenter.findings.bulkMuteUpdate', 'securitycenter.findings.group', 'securitycenter.findings.list', 'securitycenter.findings.listFindingPropertyNames', 'securitycenter.findings.setMute', 'securitycenter.findings.setState', 'securitycenter.findings.setWorkflowState', 'securitycenter.findings.update', 'securitycenter.findingsecuritymarks.update', 'securitycenter.integratedvulnerabilityscannersettings.calculate', 'securitycenter.integratedvulnerabilityscannersettings.get', 'securitycenter.integratedvulnerabilityscannersettings.update', 'securitycenter.muteconfigs.create', 'securitycenter.muteconfigs.delete', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.muteconfigs.update', 'securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.notificationconfig.update', 'securitycenter.organizationsettings.get', 'securitycenter.organizationsettings.update', 'securitycenter.rapidvulnerabilitydetectionsettings.calculate', 'securitycenter.rapidvulnerabilitydetectionsettings.get', 'securitycenter.rapidvulnerabilitydetectionsettings.update', 'securitycenter.resourcevalueconfigs.create', 'securitycenter.resourcevalueconfigs.delete', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list', 'securitycenter.resourcevalueconfigs.update', 'securitycenter.securitycentersettings.get', 'securitycenter.securitycentersettings.update', 'securitycenter.securityhealthanalyticscustommodules.create', 'securitycenter.securityhealthanalyticscustommodules.delete', 'securitycenter.securityhealthanalyticscustommodules.get', 'securitycenter.securityhealthanalyticscustommodules.list', 'securitycenter.securityhealthanalyticscustommodules.simulate', 'securitycenter.securityhealthanalyticscustommodules.test', 'securitycenter.securityhealthanalyticscustommodules.update', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.securityhealthanalyticssettings.update', 'securitycenter.simulations.get', 'securitycenter.sources.get', 'securitycenter.sources.getIamPolicy', 'securitycenter.sources.list', 'securitycenter.sources.setIamPolicy', 'securitycenter.sources.update', 'securitycenter.subscription.get', 'securitycenter.userinterfacemetadata.get', 'securitycenter.valuedresources.list', 'securitycenter.virtualmachinethreatdetectionsettings.calculate', 'securitycenter.virtualmachinethreatdetectionsettings.get', 'securitycenter.virtualmachinethreatdetectionsettings.update', 'securitycenter.vulnerabilitysnapshots.list', 'securitycenter.websecurityscannersettings.calculate', 'securitycenter.websecurityscannersettings.get', 'securitycenter.websecurityscannersettings.update', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCenterServices.update', 'securitycentermanagement.securityCommandCenter.activate', 'securitycentermanagement.securityCommandCenter.checkActivationOperation', 'securitycentermanagement.securityCommandCenter.checkEligibility', 'securitycentermanagement.securityCommandCenter.generateServiceAccounts', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityCommandCenter.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update', 'serviceusage.quotas.get', 'serviceusage.services.enable', 'serviceusage.services.get', 'serviceusage.services.list'] |
|
GA |
| roles/securitycenter.complianceSnapshotsViewer |
Read access to security center compliance snapshots |
Security Center Compliance Snapshots Viewer |
['securitycenter.complianceReports.aggregate', 'securitycenter.compliancesnapshots.list'] |
|
BETA |
| roles/securitycenter.findingsBulkMuteEditor |
Ability to mute findings in bulk |
Security Center Findings Bulk Mute Editor |
['securitycenter.findings.bulkMuteUpdate'] |
|
GA |
| roles/securitycenter.sourcesAdmin |
Admin access to sources |
Security Center Sources Admin |
['resourcemanager.organizations.get', 'securitycenter.sources.get', 'securitycenter.sources.getIamPolicy', 'securitycenter.sources.list', 'securitycenter.sources.setIamPolicy', 'securitycenter.sources.update', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.findingsStateSetter |
Set state access to findings |
Security Center Findings State Setter |
['securitycenter.findings.setState', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycentermanagement.settingsViewer |
Readonly access to Cloud Security Command Center settings |
Security Center Management Settings Viewer |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.organizationsettings.get', 'securitycenter.securitycentersettings.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test'] |
|
GA |
| roles/securitycenter.integrationExecutorServiceAgent |
Gives Security Center access to execute Integrations. |
Security Center Integration Executor Service Agent |
['integrations.securityExecutions.cancel', 'integrations.securityExecutions.list', 'integrations.securityIntegrations.invoke'] |
|
GA |
| roles/securitycenter.sourcesEditor |
Read-write access to sources |
Security Center Sources Editor |
['resourcemanager.organizations.get', 'securitycenter.sources.get', 'securitycenter.sources.list', 'securitycenter.sources.update', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.automationServiceAgent |
Security Center automation service agent can configure GCP resources to enable security scanning. |
Security Center Automation Service Agent |
['cloudasset.feeds.create', 'cloudasset.feeds.delete', 'cloudasset.feeds.get', 'cloudasset.feeds.list', 'cloudasset.feeds.update', 'resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.getIamPolicy', 'resourcemanager.projects.list', 'serviceusage.services.enable', 'serviceusage.services.get'] |
|
GA |
| roles/securitycenter.externalSystemsEditor |
Write access to security center external systems |
Security Center External Systems Editor |
['securitycenter.findingexternalsystems.update'] |
|
GA |
| roles/securitycenter.attackSurfaceManagementScannerServiceAgent |
Gives Mandiant Attack Surface Management the ability to scan Cloud Platform resources. |
Attack Surface Management Scanner Service Agent |
['apigateway.apiconfigs.get', 'cloudasset.assets.listResource', 'dns.managedZones.list', 'dns.resourceRecordSets.list', 'resourcemanager.projects.get'] |
|
GA |
| roles/securitycenter.notificationConfigEditor |
Write access to notification configurations |
Security Center Notification Configurations Editor |
['securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.notificationconfig.update', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycentermanagement.customModulesViewer |
Readonly access to Cloud Security Command Center custom modules. |
Security Center Management Custom Modules Viewer |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test'] |
|
GA |
| roles/securitycenter.attackPathsViewer |
Read access to security center attack paths |
Security Center Attack Paths Reader |
['securitycenter.attackpaths.list'] |
|
GA |
| roles/securitycentermanagement.shaCustomModulesViewer |
Readonly access to Cloud Security Command Center SHA custom modules. |
Security Center Management SHA Custom Modules Viewer |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test'] |
|
GA |
| roles/securitycenter.findingsWorkflowStateSetter |
Set workflow state access to findings |
Security Center Findings Workflow State Setter |
['securitycenter.findings.setWorkflowState', 'securitycenter.userinterfacemetadata.get'] |
|
BETA |
| roles/securitycentermanagement.shaCustomModulesEditor |
Full access to manage Cloud Security Command Center SHA custom modules. |
Security Center Management SHA Custom Modules Editor |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update'] |
|
GA |
| roles/securitycenter.muteConfigsEditor |
Read-Write access to security center mute configurations |
Security Center Mute Configurations Editor |
['securitycenter.muteconfigs.create', 'securitycenter.muteconfigs.delete', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.muteconfigs.update'] |
|
GA |
| roles/securitycentermanagement.etdCustomModulesViewer |
Readonly access to Cloud Security Command Center ETD custom modules. |
Security Center Management ETD Custom Modules Viewer |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list'] |
|
GA |
| roles/securitycenter.adminViewer |
Admin Read access to security center |
Security Center Admin Viewer |
['artifactregistry.attachments.get', 'artifactregistry.attachments.list', 'artifactregistry.dockerimages.get', 'artifactregistry.dockerimages.list', 'artifactregistry.files.download', 'artifactregistry.files.get', 'artifactregistry.files.list', 'artifactregistry.locations.get', 'artifactregistry.locations.list', 'artifactregistry.mavenartifacts.get', 'artifactregistry.mavenartifacts.list', 'artifactregistry.npmpackages.get', 'artifactregistry.npmpackages.list', 'artifactregistry.packages.get', 'artifactregistry.packages.list', 'artifactregistry.projectsettings.get', 'artifactregistry.pythonpackages.get', 'artifactregistry.pythonpackages.list', 'artifactregistry.repositories.downloadArtifacts', 'artifactregistry.repositories.get', 'artifactregistry.repositories.list', 'artifactregistry.repositories.listEffectiveTags', 'artifactregistry.repositories.listTagBindings', 'artifactregistry.repositories.readViaVirtualRepository', 'artifactregistry.rules.get', 'artifactregistry.rules.list', 'artifactregistry.tags.get', 'artifactregistry.tags.list', 'artifactregistry.versions.get', 'artifactregistry.versions.list', 'assuredoss.config.get', 'assuredoss.locations.get', 'assuredoss.locations.list', 'assuredoss.metadata.get', 'assuredoss.metadata.list', 'assuredoss.operations.get', 'assuredoss.operations.list', 'cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportResource', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.assets.searchEnrichmentResourceOwners', 'cloudsecurityscanner.crawledurls.list', 'cloudsecurityscanner.results.get', 'cloudsecurityscanner.results.list', 'cloudsecurityscanner.scanruns.get', 'cloudsecurityscanner.scanruns.getSummary', 'cloudsecurityscanner.scanruns.list', 'cloudsecurityscanner.scans.get', 'cloudsecurityscanner.scans.list', 'pubsub.schemas.get', 'pubsub.schemas.list', 'pubsub.schemas.listRevisions', 'pubsub.schemas.validate', 'pubsub.snapshots.get', 'pubsub.snapshots.list', 'pubsub.subscriptions.get', 'pubsub.subscriptions.list', 'pubsub.topics.get', 'pubsub.topics.list', 'resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'resourcemanager.tagValues.get', 'securitycenter.assets.group', 'securitycenter.assets.list', 'securitycenter.assets.listAssetPropertyNames', 'securitycenter.attackpaths.list', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.complianceReports.aggregate', 'securitycenter.compliancesnapshots.list', 'securitycenter.containerthreatdetectionsettings.calculate', 'securitycenter.containerthreatdetectionsettings.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.list', 'securitycenter.eventthreatdetectionsettings.calculate', 'securitycenter.eventthreatdetectionsettings.get', 'securitycenter.exposurepathexplan.get', 'securitycenter.findingexplanations.get', 'securitycenter.findings.group', 'securitycenter.findings.list', 'securitycenter.findings.listFindingPropertyNames', 'securitycenter.integratedvulnerabilityscannersettings.calculate', 'securitycenter.integratedvulnerabilityscannersettings.get', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.organizationsettings.get', 'securitycenter.rapidvulnerabilitydetectionsettings.calculate', 'securitycenter.rapidvulnerabilitydetectionsettings.get', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list', 'securitycenter.securitycentersettings.get', 'securitycenter.securityhealthanalyticscustommodules.get', 'securitycenter.securityhealthanalyticscustommodules.list', 'securitycenter.securityhealthanalyticscustommodules.simulate', 'securitycenter.securityhealthanalyticscustommodules.test', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.simulations.get', 'securitycenter.sources.get', 'securitycenter.sources.list', 'securitycenter.subscription.get', 'securitycenter.userinterfacemetadata.get', 'securitycenter.valuedresources.list', 'securitycenter.virtualmachinethreatdetectionsettings.calculate', 'securitycenter.virtualmachinethreatdetectionsettings.get', 'securitycenter.vulnerabilitysnapshots.list', 'securitycenter.websecurityscannersettings.calculate', 'securitycenter.websecurityscannersettings.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'serviceusage.quotas.get', 'serviceusage.services.get', 'serviceusage.services.list'] |
|
GA |
| roles/securitycenter.notificationConfigViewer |
Read access to notification configurations |
Security Center Notification Configurations Viewer |
['securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.notificationServiceAgent |
Security Center service agent can publish notifications to Pub/Sub topics. |
Security Center Notification Service Agent |
['pubsub.topics.publish'] |
|
GA |
| roles/securitycenter.settingsAdmin |
Admin(super user) access to security center settings |
Security Center Settings Admin |
['resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.bigQueryExports.create', 'securitycenter.bigQueryExports.delete', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.bigQueryExports.update', 'securitycenter.billingtier.update', 'securitycenter.containerthreatdetectionsettings.calculate', 'securitycenter.containerthreatdetectionsettings.get', 'securitycenter.containerthreatdetectionsettings.update', 'securitycenter.effectivesecurityhealthanalyticscustommodules.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.list', 'securitycenter.eventthreatdetectionsettings.calculate', 'securitycenter.eventthreatdetectionsettings.get', 'securitycenter.eventthreatdetectionsettings.update', 'securitycenter.integratedvulnerabilityscannersettings.calculate', 'securitycenter.integratedvulnerabilityscannersettings.get', 'securitycenter.integratedvulnerabilityscannersettings.update', 'securitycenter.muteconfigs.create', 'securitycenter.muteconfigs.delete', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.muteconfigs.update', 'securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.notificationconfig.update', 'securitycenter.organizationsettings.get', 'securitycenter.organizationsettings.update', 'securitycenter.rapidvulnerabilitydetectionsettings.calculate', 'securitycenter.rapidvulnerabilitydetectionsettings.get', 'securitycenter.rapidvulnerabilitydetectionsettings.update', 'securitycenter.securitycentersettings.get', 'securitycenter.securitycentersettings.update', 'securitycenter.securityhealthanalyticscustommodules.create', 'securitycenter.securityhealthanalyticscustommodules.delete', 'securitycenter.securityhealthanalyticscustommodules.get', 'securitycenter.securityhealthanalyticscustommodules.list', 'securitycenter.securityhealthanalyticscustommodules.update', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.securityhealthanalyticssettings.update', 'securitycenter.subscription.get', 'securitycenter.userinterfacemetadata.get', 'securitycenter.virtualmachinethreatdetectionsettings.calculate', 'securitycenter.virtualmachinethreatdetectionsettings.get', 'securitycenter.virtualmachinethreatdetectionsettings.update', 'securitycenter.websecurityscannersettings.calculate', 'securitycenter.websecurityscannersettings.get', 'securitycenter.websecurityscannersettings.update', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCenterServices.update', 'securitycentermanagement.securityCommandCenter.activate', 'securitycentermanagement.securityCommandCenter.checkActivationOperation', 'securitycentermanagement.securityCommandCenter.checkEligibility', 'securitycentermanagement.securityCommandCenter.generateServiceAccounts', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityCommandCenter.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update'] |
|
GA |
| roles/securitycenter.sourcesViewer |
Read access to sources |
Security Center Sources Viewer |
['resourcemanager.organizations.get', 'securitycenter.sources.get', 'securitycenter.sources.list', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.bigQueryExportsEditor |
Read-Write access to security center BigQuery Exports |
Security Center BigQuery Exports Editor |
['resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.bigQueryExports.create', 'securitycenter.bigQueryExports.delete', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.bigQueryExports.update'] |
|
GA |
| roles/securitycenter.settingsViewer |
Read access to security center settings |
Security Center Settings Viewer |
['resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.containerthreatdetectionsettings.calculate', 'securitycenter.containerthreatdetectionsettings.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.list', 'securitycenter.eventthreatdetectionsettings.calculate', 'securitycenter.eventthreatdetectionsettings.get', 'securitycenter.integratedvulnerabilityscannersettings.calculate', 'securitycenter.integratedvulnerabilityscannersettings.get', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.organizationsettings.get', 'securitycenter.rapidvulnerabilitydetectionsettings.calculate', 'securitycenter.rapidvulnerabilitydetectionsettings.get', 'securitycenter.securitycentersettings.get', 'securitycenter.securityhealthanalyticscustommodules.get', 'securitycenter.securityhealthanalyticscustommodules.list', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.subscription.get', 'securitycenter.userinterfacemetadata.get', 'securitycenter.virtualmachinethreatdetectionsettings.calculate', 'securitycenter.virtualmachinethreatdetectionsettings.get', 'securitycenter.websecurityscannersettings.calculate', 'securitycenter.websecurityscannersettings.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test'] |
|
GA |
| roles/securitycentermanagement.securityCenterServicesEditor |
Full access to manage Cloud Security Command Center services configuration. |
Security Center Management Services Editor |
['securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCenterServices.update'] |
|
GA |
| roles/securitycenter.controlServiceAgent |
Security Center Control service agent can monitor and configure GCP resources and import security findings. |
Security Center Control Service Agent |
['bigquery.datasets.get', 'binaryauthorization.policy.get', 'cloudasset.assets.analyzeIamPolicy', 'cloudasset.assets.analyzeMove', 'cloudasset.assets.analyzeOrgPolicy', 'cloudasset.assets.exportAccessLevel', 'cloudasset.assets.exportAccessPolicy', 'cloudasset.assets.exportAiplatformBatchPredictionJobs', 'cloudasset.assets.exportAiplatformCustomJobs', 'cloudasset.assets.exportAiplatformDataLabelingJobs', 'cloudasset.assets.exportAiplatformDatasets', 'cloudasset.assets.exportAiplatformEndpoints', 'cloudasset.assets.exportAiplatformHyperparameterTuningJobs', 'cloudasset.assets.exportAiplatformMetadataStores', 'cloudasset.assets.exportAiplatformModelDeploymentMonitoringJobs', 'cloudasset.assets.exportAiplatformModels', 'cloudasset.assets.exportAiplatformPipelineJobs', 'cloudasset.assets.exportAiplatformSpecialistPools', 'cloudasset.assets.exportAiplatformTrainingPipelines', 'cloudasset.assets.exportAllAccessPolicy', 'cloudasset.assets.exportAnthosConnectedCluster', 'cloudasset.assets.exportAnthosedgeCluster', 'cloudasset.assets.exportApigatewayApi', 'cloudasset.assets.exportApigatewayApiConfig', 'cloudasset.assets.exportApigatewayGateway', 'cloudasset.assets.exportApikeysKeys', 'cloudasset.assets.exportAppengineApplications', 'cloudasset.assets.exportAppengineServices', 'cloudasset.assets.exportAppengineVersions', 'cloudasset.assets.exportArtifactregistryDockerImages', 'cloudasset.assets.exportArtifactregistryRepositories', 'cloudasset.assets.exportAssuredWorkloadsWorkloads', 'cloudasset.assets.exportBeyondCorpApiGateways', 'cloudasset.assets.exportBeyondCorpAppConnections', 'cloudasset.assets.exportBeyondCorpAppConnectors', 'cloudasset.assets.exportBeyondCorpAppGateways', 'cloudasset.assets.exportBeyondCorpClientConnectorServices', 'cloudasset.assets.exportBeyondCorpClientGateways', 'cloudasset.assets.exportBigqueryDatasets', 'cloudasset.assets.exportBigqueryModels', 'cloudasset.assets.exportBigqueryTables', 'cloudasset.assets.exportBigtableAppProfile', 'cloudasset.assets.exportBigtableBackup', 'cloudasset.assets.exportBigtableCluster', 'cloudasset.assets.exportBigtableInstance', 'cloudasset.assets.exportBigtableTable', 'cloudasset.assets.exportCloudAssetFeeds', 'cloudasset.assets.exportCloudDeployDeliveryPipelines', 'cloudasset.assets.exportCloudDeployReleases', 'cloudasset.assets.exportCloudDeployRollouts', 'cloudasset.assets.exportCloudDeployTargets', 'cloudasset.assets.exportCloudDocumentAIEvaluation', 'cloudasset.assets.exportCloudDocumentAIHumanReviewConfig', 'cloudasset.assets.exportCloudDocumentAILabelerPool', 'cloudasset.assets.exportCloudDocumentAIProcessor', 'cloudasset.assets.exportCloudDocumentAIProcessorVersion', 'cloudasset.assets.exportCloudbillingBillingAccounts', 'cloudasset.assets.exportCloudbillingProjectBillingInfos', 'cloudasset.assets.exportCloudfunctionsFunctions', 'cloudasset.assets.exportCloudfunctionsGen2Functions', 'cloudasset.assets.exportCloudkmsCryptoKeyVersions', 'cloudasset.assets.exportCloudkmsCryptoKeys', 'cloudasset.assets.exportCloudkmsEkmConnections', 'cloudasset.assets.exportCloudkmsImportJobs', 'cloudasset.assets.exportCloudkmsKeyRings', 'cloudasset.assets.exportCloudmemcacheInstances', 'cloudasset.assets.exportCloudresourcemanagerFolders', 'cloudasset.assets.exportCloudresourcemanagerOrganizations', 'cloudasset.assets.exportCloudresourcemanagerProjects', 'cloudasset.assets.exportCloudresourcemanagerTagBindings', 'cloudasset.assets.exportCloudresourcemanagerTagKeys', 'cloudasset.assets.exportCloudresourcemanagerTagValues', 'cloudasset.assets.exportComposerEnvironments', 'cloudasset.assets.exportComputeAddress', 'cloudasset.assets.exportComputeAutoscalers', 'cloudasset.assets.exportComputeBackendBuckets', 'cloudasset.assets.exportComputeBackendServices', 'cloudasset.assets.exportComputeCommitments', 'cloudasset.assets.exportComputeDisks', 'cloudasset.assets.exportComputeExternalVpnGateways', 'cloudasset.assets.exportComputeFirewallPolicies', 'cloudasset.assets.exportComputeFirewalls', 'cloudasset.assets.exportComputeForwardingRules', 'cloudasset.assets.exportComputeGlobalAddress', 'cloudasset.assets.exportComputeGlobalForwardingRules', 'cloudasset.assets.exportComputeHealthChecks', 'cloudasset.assets.exportComputeHttpHealthChecks', 'cloudasset.assets.exportComputeHttpsHealthChecks', 'cloudasset.assets.exportComputeImages', 'cloudasset.assets.exportComputeInstanceGroupManagers', 'cloudasset.assets.exportComputeInstanceGroups', 'cloudasset.assets.exportComputeInstanceTemplates', 'cloudasset.assets.exportComputeInstances', 'cloudasset.assets.exportComputeInterconnect', 'cloudasset.assets.exportComputeInterconnectAttachment', 'cloudasset.assets.exportComputeLicenses', 'cloudasset.assets.exportComputeNetworkEndpointGroups', 'cloudasset.assets.exportComputeNetworks', 'cloudasset.assets.exportComputeNodeGroups', 'cloudasset.assets.exportComputeNodeTemplates', 'cloudasset.assets.exportComputePacketMirrorings', 'cloudasset.assets.exportComputeProjects', 'cloudasset.assets.exportComputeRegionAutoscaler', 'cloudasset.assets.exportComputeRegionBackendServices', 'cloudasset.assets.exportComputeRegionDisk', 'cloudasset.assets.exportComputeRegionInstanceGroup', 'cloudasset.assets.exportComputeRegionInstanceGroupManager', 'cloudasset.assets.exportComputeReservations', 'cloudasset.assets.exportComputeResourcePolicies', 'cloudasset.assets.exportComputeRouters', 'cloudasset.assets.exportComputeRoutes', 'cloudasset.assets.exportComputeSecurityPolicy', 'cloudasset.assets.exportComputeServiceAttachments', 'cloudasset.assets.exportComputeSnapshots', 'cloudasset.assets.exportComputeSslCertificates', 'cloudasset.assets.exportComputeSslPolicies', 'cloudasset.assets.exportComputeSubnetworks', 'cloudasset.assets.exportComputeTargetHttpProxies', 'cloudasset.assets.exportComputeTargetHttpsProxies', 'cloudasset.assets.exportComputeTargetInstances', 'cloudasset.assets.exportComputeTargetPools', 'cloudasset.assets.exportComputeTargetSslProxies', 'cloudasset.assets.exportComputeTargetTcpProxies', 'cloudasset.assets.exportComputeTargetVpnGateways', 'cloudasset.assets.exportComputeUrlMaps', 'cloudasset.assets.exportComputeVpnGateways', 'cloudasset.assets.exportComputeVpnTunnels', 'cloudasset.assets.exportConnectorsConnections', 'cloudasset.assets.exportConnectorsConnectorVersions', 'cloudasset.assets.exportConnectorsConnectors', 'cloudasset.assets.exportConnectorsProviders', 'cloudasset.assets.exportConnectorsRuntimeConfigs', 'cloudasset.assets.exportContainerAppsDeployment', 'cloudasset.assets.exportContainerAppsReplicaSets', 'cloudasset.assets.exportContainerBatchJobs', 'cloudasset.assets.exportContainerClusterrole', 'cloudasset.assets.exportContainerClusterrolebinding', 'cloudasset.assets.exportContainerClusters', 'cloudasset.assets.exportContainerExtensionsIngresses', 'cloudasset.assets.exportContainerJobs', 'cloudasset.assets.exportContainerNamespace', 'cloudasset.assets.exportContainerNetworkingIngresses', 'cloudasset.assets.exportContainerNetworkingNetworkPolicies', 'cloudasset.assets.exportContainerNode', 'cloudasset.assets.exportContainerNodepool', 'cloudasset.assets.exportContainerPod', 'cloudasset.assets.exportContainerReplicaSets', 'cloudasset.assets.exportContainerRole', 'cloudasset.assets.exportContainerRolebinding', 'cloudasset.assets.exportContainerServices', 'cloudasset.assets.exportContainerregistryImage', 'cloudasset.assets.exportDataMigrationConnectionProfiles', 'cloudasset.assets.exportDataMigrationMigrationJobs', 'cloudasset.assets.exportDataflowJobs', 'cloudasset.assets.exportDatafusionInstance', 'cloudasset.assets.exportDataplexAssets', 'cloudasset.assets.exportDataplexLakes', 'cloudasset.assets.exportDataplexTasks', 'cloudasset.assets.exportDataplexZones', 'cloudasset.assets.exportDataprocAutoscalingPolicies', 'cloudasset.assets.exportDataprocBatches', 'cloudasset.assets.exportDataprocClusters', 'cloudasset.assets.exportDataprocJobs', 'cloudasset.assets.exportDataprocSessions', 'cloudasset.assets.exportDataprocWorkflowTemplates', 'cloudasset.assets.exportDatastreamConnectionProfile', 'cloudasset.assets.exportDatastreamPrivateConnection', 'cloudasset.assets.exportDatastreamStream', 'cloudasset.assets.exportDialogflowAgents', 'cloudasset.assets.exportDialogflowConversationProfiles', 'cloudasset.assets.exportDialogflowKnowledgeBases', 'cloudasset.assets.exportDialogflowLocationSettings', 'cloudasset.assets.exportDlpDeidentifyTemplates', 'cloudasset.assets.exportDlpDlpJobs', 'cloudasset.assets.exportDlpInspectTemplates', 'cloudasset.assets.exportDlpJobTriggers', 'cloudasset.assets.exportDlpStoredInfoTypes', 'cloudasset.assets.exportDnsManagedZones', 'cloudasset.assets.exportDnsPolicies', 'cloudasset.assets.exportDomainsRegistrations', 'cloudasset.assets.exportEventarcTriggers', 'cloudasset.assets.exportFileBackups', 'cloudasset.assets.exportFileInstances', 'cloudasset.assets.exportFirebaseAppInfos', 'cloudasset.assets.exportFirebaseProjects', 'cloudasset.assets.exportFirestoreDatabases', 'cloudasset.assets.exportGKEHubFeatures', 'cloudasset.assets.exportGKEHubMemberships', 'cloudasset.assets.exportGameservicesGameServerClusters', 'cloudasset.assets.exportGameservicesGameServerConfigs', 'cloudasset.assets.exportGameservicesGameServerDeployments', 'cloudasset.assets.exportGameservicesRealms', 'cloudasset.assets.exportGkeBackupBackupPlans', 'cloudasset.assets.exportGkeBackupBackups', 'cloudasset.assets.exportGkeBackupRestorePlans', 'cloudasset.assets.exportGkeBackupRestores', 'cloudasset.assets.exportGkeBackupVolumeBackups', 'cloudasset.assets.exportGkeBackupVolumeRestores', 'cloudasset.assets.exportHealthcareConsentStores', 'cloudasset.assets.exportHealthcareDatasets', 'cloudasset.assets.exportHealthcareDicomStores', 'cloudasset.assets.exportHealthcareFhirStores', 'cloudasset.assets.exportHealthcareHl7V2Stores', 'cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportIamRoles', 'cloudasset.assets.exportIamServiceAccountKeys', 'cloudasset.assets.exportIamServiceAccounts', 'cloudasset.assets.exportIapTunnel', 'cloudasset.assets.exportIapTunnelInstances', 'cloudasset.assets.exportIapTunnelZones', 'cloudasset.assets.exportIapWeb', 'cloudasset.assets.exportIapWebServiceVersion', 'cloudasset.assets.exportIapWebServices', 'cloudasset.assets.exportIapWebType', 'cloudasset.assets.exportIdsEndpoints', 'cloudasset.assets.exportIntegrationsAuthConfigs', 'cloudasset.assets.exportIntegrationsCertificates', 'cloudasset.assets.exportIntegrationsExecutions', 'cloudasset.assets.exportIntegrationsIntegrationVersions', 'cloudasset.assets.exportIntegrationsIntegrations', 'cloudasset.assets.exportIntegrationsSfdcChannels', 'cloudasset.assets.exportIntegrationsSfdcInstances', 'cloudasset.assets.exportIntegrationsSuspensions', 'cloudasset.assets.exportLoggingLogMetrics', 'cloudasset.assets.exportLoggingLogSinks', 'cloudasset.assets.exportManagedidentitiesDomain', 'cloudasset.assets.exportMetastoreBackups', 'cloudasset.assets.exportMetastoreMetadataImports', 'cloudasset.assets.exportMetastoreServices', 'cloudasset.assets.exportMonitoringAlertPolicies', 'cloudasset.assets.exportNetworkConnectivityHubs', 'cloudasset.assets.exportNetworkConnectivitySpokes', 'cloudasset.assets.exportNetworkManagementConnectivityTests', 'cloudasset.assets.exportNetworkServicesEndpointPolicies', 'cloudasset.assets.exportNetworkServicesGateways', 'cloudasset.assets.exportNetworkServicesGrpcRoutes', 'cloudasset.assets.exportNetworkServicesHttpRoutes', 'cloudasset.assets.exportNetworkServicesMeshes', 'cloudasset.assets.exportNetworkServicesServiceBindings', 'cloudasset.assets.exportNetworkServicesTcpRoutes', 'cloudasset.assets.exportNetworkServicesTlsRoutes', 'cloudasset.assets.exportOSConfigOSPolicyAssignmentReports', 'cloudasset.assets.exportOSConfigOSPolicyAssignments', 'cloudasset.assets.exportOSConfigVulnerabilityReports', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportOrgPolicy', 'cloudasset.assets.exportPatchDeployments', 'cloudasset.assets.exportPubsubSnapshots', 'cloudasset.assets.exportPubsubSubscriptions', 'cloudasset.assets.exportPubsubTopics', 'cloudasset.assets.exportRedisInstances', 'cloudasset.assets.exportResource', 'cloudasset.assets.exportSecretManagerSecretVersions', 'cloudasset.assets.exportSecretManagerSecrets', 'cloudasset.assets.exportServiceDirectoryNamespaces', 'cloudasset.assets.exportServicePerimeter', 'cloudasset.assets.exportServiceconsumermanagementConsumerProperty', 'cloudasset.assets.exportServiceconsumermanagementConsumerQuotaLimits', 'cloudasset.assets.exportServiceconsumermanagementConsumers', 'cloudasset.assets.exportServiceconsumermanagementProducerOverrides', 'cloudasset.assets.exportServiceconsumermanagementTenancyUnits', 'cloudasset.assets.exportServiceconsumermanagementVisibility', 'cloudasset.assets.exportServicemanagementServices', 'cloudasset.assets.exportServiceusageAdminOverrides', 'cloudasset.assets.exportServiceusageConsumerOverrides', 'cloudasset.assets.exportServiceusageServices', 'cloudasset.assets.exportSpannerBackups', 'cloudasset.assets.exportSpannerDatabases', 'cloudasset.assets.exportSpannerInstances', 'cloudasset.assets.exportSpeakerIdPhrases', 'cloudasset.assets.exportSpeakerIdSettings', 'cloudasset.assets.exportSpeakerIdSpeakers', 'cloudasset.assets.exportSpeechCustomClasses', 'cloudasset.assets.exportSpeechPhraseSets', 'cloudasset.assets.exportSqladminBackupRuns', 'cloudasset.assets.exportSqladminInstances', 'cloudasset.assets.exportStorageBuckets', 'cloudasset.assets.exportTpuNodes', 'cloudasset.assets.exportVpcaccessConnector', 'cloudasset.assets.listAccessLevel', 'cloudasset.assets.listAccessPolicy', 'cloudasset.assets.listAiplatformBatchPredictionJobs', 'cloudasset.assets.listAiplatformCustomJobs', 'cloudasset.assets.listAiplatformDataLabelingJobs', 'cloudasset.assets.listAiplatformDatasets', 'cloudasset.assets.listAiplatformEndpoints', 'cloudasset.assets.listAiplatformHyperparameterTuningJobs', 'cloudasset.assets.listAiplatformMetadataStores', 'cloudasset.assets.listAiplatformModelDeploymentMonitoringJobs', 'cloudasset.assets.listAiplatformModels', 'cloudasset.assets.listAiplatformPipelineJobs', 'cloudasset.assets.listAiplatformSpecialistPools', 'cloudasset.assets.listAiplatformTrainingPipelines', 'cloudasset.assets.listAllAccessPolicy', 'cloudasset.assets.listAnthosConnectedCluster', 'cloudasset.assets.listAnthosedgeCluster', 'cloudasset.assets.listApigatewayApi', 'cloudasset.assets.listApigatewayApiConfig', 'cloudasset.assets.listApigatewayGateway', 'cloudasset.assets.listApikeysKeys', 'cloudasset.assets.listAppengineApplications', 'cloudasset.assets.listAppengineServices', 'cloudasset.assets.listAppengineVersions', 'cloudasset.assets.listArtifactregistryDockerImages', 'cloudasset.assets.listArtifactregistryRepositories', 'cloudasset.assets.listAssuredWorkloadsWorkloads', 'cloudasset.assets.listBeyondCorpApiGateways', 'cloudasset.assets.listBeyondCorpAppConnections', 'cloudasset.assets.listBeyondCorpAppConnectors', 'cloudasset.assets.listBeyondCorpAppGateways', 'cloudasset.assets.listBeyondCorpClientConnectorServices', 'cloudasset.assets.listBeyondCorpClientGateways', 'cloudasset.assets.listBigqueryDatasets', 'cloudasset.assets.listBigqueryModels', 'cloudasset.assets.listBigqueryTables', 'cloudasset.assets.listBigtableAppProfile', 'cloudasset.assets.listBigtableBackup', 'cloudasset.assets.listBigtableCluster', 'cloudasset.assets.listBigtableInstance', 'cloudasset.assets.listBigtableTable', 'cloudasset.assets.listCloudAssetFeeds', 'cloudasset.assets.listCloudDeployDeliveryPipelines', 'cloudasset.assets.listCloudDeployReleases', 'cloudasset.assets.listCloudDeployRollouts', 'cloudasset.assets.listCloudDeployTargets', 'cloudasset.assets.listCloudDocumentAIEvaluation', 'cloudasset.assets.listCloudDocumentAIHumanReviewConfig', 'cloudasset.assets.listCloudDocumentAILabelerPool', 'cloudasset.assets.listCloudDocumentAIProcessor', 'cloudasset.assets.listCloudDocumentAIProcessorVersion', 'cloudasset.assets.listCloudbillingBillingAccounts', 'cloudasset.assets.listCloudbillingProjectBillingInfos', 'cloudasset.assets.listCloudfunctionsFunctions', 'cloudasset.assets.listCloudfunctionsGen2Functions', 'cloudasset.assets.listCloudkmsCryptoKeyVersions', 'cloudasset.assets.listCloudkmsCryptoKeys', 'cloudasset.assets.listCloudkmsEkmConnections', 'cloudasset.assets.listCloudkmsImportJobs', 'cloudasset.assets.listCloudkmsKeyRings', 'cloudasset.assets.listCloudmemcacheInstances', 'cloudasset.assets.listCloudresourcemanagerFolders', 'cloudasset.assets.listCloudresourcemanagerOrganizations', 'cloudasset.assets.listCloudresourcemanagerProjects', 'cloudasset.assets.listCloudresourcemanagerTagBindings', 'cloudasset.assets.listCloudresourcemanagerTagKeys', 'cloudasset.assets.listCloudresourcemanagerTagValues', 'cloudasset.assets.listComposerEnvironments', 'cloudasset.assets.listComputeAddress', 'cloudasset.assets.listComputeAutoscalers', 'cloudasset.assets.listComputeBackendBuckets', 'cloudasset.assets.listComputeBackendServices', 'cloudasset.assets.listComputeCommitments', 'cloudasset.assets.listComputeDisks', 'cloudasset.assets.listComputeExternalVpnGateways', 'cloudasset.assets.listComputeFirewallPolicies', 'cloudasset.assets.listComputeFirewalls', 'cloudasset.assets.listComputeForwardingRules', 'cloudasset.assets.listComputeGlobalAddress', 'cloudasset.assets.listComputeGlobalForwardingRules', 'cloudasset.assets.listComputeHealthChecks', 'cloudasset.assets.listComputeHttpHealthChecks', 'cloudasset.assets.listComputeHttpsHealthChecks', 'cloudasset.assets.listComputeImages', 'cloudasset.assets.listComputeInstanceGroupManagers', 'cloudasset.assets.listComputeInstanceGroups', 'cloudasset.assets.listComputeInstanceTemplates', 'cloudasset.assets.listComputeInstances', 'cloudasset.assets.listComputeInterconnect', 'cloudasset.assets.listComputeInterconnectAttachment', 'cloudasset.assets.listComputeLicenses', 'cloudasset.assets.listComputeNetworkEndpointGroups', 'cloudasset.assets.listComputeNetworks', 'cloudasset.assets.listComputeNodeGroups', 'cloudasset.assets.listComputeNodeTemplates', 'cloudasset.assets.listComputePacketMirrorings', 'cloudasset.assets.listComputeProjects', 'cloudasset.assets.listComputeRegionAutoscaler', 'cloudasset.assets.listComputeRegionBackendServices', 'cloudasset.assets.listComputeRegionDisk', 'cloudasset.assets.listComputeRegionInstanceGroup', 'cloudasset.assets.listComputeRegionInstanceGroupManager', 'cloudasset.assets.listComputeReservations', 'cloudasset.assets.listComputeResourcePolicies', 'cloudasset.assets.listComputeRouters', 'cloudasset.assets.listComputeRoutes', 'cloudasset.assets.listComputeSecurityPolicy', 'cloudasset.assets.listComputeServiceAttachments', 'cloudasset.assets.listComputeSnapshots', 'cloudasset.assets.listComputeSslCertificates', 'cloudasset.assets.listComputeSslPolicies', 'cloudasset.assets.listComputeSubnetworks', 'cloudasset.assets.listComputeTargetHttpProxies', 'cloudasset.assets.listComputeTargetHttpsProxies', 'cloudasset.assets.listComputeTargetInstances', 'cloudasset.assets.listComputeTargetPools', 'cloudasset.assets.listComputeTargetSslProxies', 'cloudasset.assets.listComputeTargetTcpProxies', 'cloudasset.assets.listComputeTargetVpnGateways', 'cloudasset.assets.listComputeUrlMaps', 'cloudasset.assets.listComputeVpnGateways', 'cloudasset.assets.listComputeVpnTunnels', 'cloudasset.assets.listConnectorsConnections', 'cloudasset.assets.listConnectorsConnectorVersions', 'cloudasset.assets.listConnectorsConnectors', 'cloudasset.assets.listConnectorsProviders', 'cloudasset.assets.listConnectorsRuntimeConfigs', 'cloudasset.assets.listContainerAppsDeployment', 'cloudasset.assets.listContainerAppsReplicaSets', 'cloudasset.assets.listContainerBatchJobs', 'cloudasset.assets.listContainerClusterrole', 'cloudasset.assets.listContainerClusterrolebinding', 'cloudasset.assets.listContainerClusters', 'cloudasset.assets.listContainerExtensionsIngresses', 'cloudasset.assets.listContainerJobs', 'cloudasset.assets.listContainerNamespace', 'cloudasset.assets.listContainerNetworkingIngresses', 'cloudasset.assets.listContainerNetworkingNetworkPolicies', 'cloudasset.assets.listContainerNode', 'cloudasset.assets.listContainerNodepool', 'cloudasset.assets.listContainerPod', 'cloudasset.assets.listContainerReplicaSets', 'cloudasset.assets.listContainerRole', 'cloudasset.assets.listContainerRolebinding', 'cloudasset.assets.listContainerServices', 'cloudasset.assets.listContainerregistryImage', 'cloudasset.assets.listDataMigrationConnectionProfiles', 'cloudasset.assets.listDataMigrationMigrationJobs', 'cloudasset.assets.listDataflowJobs', 'cloudasset.assets.listDatafusionInstance', 'cloudasset.assets.listDataplexAssets', 'cloudasset.assets.listDataplexLakes', 'cloudasset.assets.listDataplexTasks', 'cloudasset.assets.listDataplexZones', 'cloudasset.assets.listDataprocAutoscalingPolicies', 'cloudasset.assets.listDataprocBatches', 'cloudasset.assets.listDataprocClusters', 'cloudasset.assets.listDataprocJobs', 'cloudasset.assets.listDataprocSessions', 'cloudasset.assets.listDataprocWorkflowTemplates', 'cloudasset.assets.listDatastreamConnectionProfile', 'cloudasset.assets.listDatastreamPrivateConnection', 'cloudasset.assets.listDatastreamStream', 'cloudasset.assets.listDialogflowAgents', 'cloudasset.assets.listDialogflowConversationProfiles', 'cloudasset.assets.listDialogflowKnowledgeBases', 'cloudasset.assets.listDialogflowLocationSettings', 'cloudasset.assets.listDlpDeidentifyTemplates', 'cloudasset.assets.listDlpDlpJobs', 'cloudasset.assets.listDlpInspectTemplates', 'cloudasset.assets.listDlpJobTriggers', 'cloudasset.assets.listDlpStoredInfoTypes', 'cloudasset.assets.listDnsManagedZones', 'cloudasset.assets.listDnsPolicies', 'cloudasset.assets.listDomainsRegistrations', 'cloudasset.assets.listEventarcTriggers', 'cloudasset.assets.listFileBackups', 'cloudasset.assets.listFileInstances', 'cloudasset.assets.listFirebaseAppInfos', 'cloudasset.assets.listFirebaseProjects', 'cloudasset.assets.listFirestoreDatabases', 'cloudasset.assets.listGKEHubFeatures', 'cloudasset.assets.listGKEHubMemberships', 'cloudasset.assets.listGameservicesGameServerClusters', 'cloudasset.assets.listGameservicesGameServerConfigs', 'cloudasset.assets.listGameservicesGameServerDeployments', 'cloudasset.assets.listGameservicesRealms', 'cloudasset.assets.listGkeBackupBackupPlans', 'cloudasset.assets.listGkeBackupBackups', 'cloudasset.assets.listGkeBackupRestorePlans', 'cloudasset.assets.listGkeBackupRestores', 'cloudasset.assets.listGkeBackupVolumeBackups', 'cloudasset.assets.listGkeBackupVolumeRestores', 'cloudasset.assets.listHealthcareConsentStores', 'cloudasset.assets.listHealthcareDatasets', 'cloudasset.assets.listHealthcareDicomStores', 'cloudasset.assets.listHealthcareFhirStores', 'cloudasset.assets.listHealthcareHl7V2Stores', 'cloudasset.assets.listIamPolicy', 'cloudasset.assets.listIamRoles', 'cloudasset.assets.listIamServiceAccountKeys', 'cloudasset.assets.listIamServiceAccounts', 'cloudasset.assets.listIapTunnel', 'cloudasset.assets.listIapTunnelInstances', 'cloudasset.assets.listIapTunnelZones', 'cloudasset.assets.listIapWeb', 'cloudasset.assets.listIapWebServiceVersion', 'cloudasset.assets.listIapWebServices', 'cloudasset.assets.listIapWebType', 'cloudasset.assets.listIdsEndpoints', 'cloudasset.assets.listIntegrationsAuthConfigs', 'cloudasset.assets.listIntegrationsCertificates', 'cloudasset.assets.listIntegrationsExecutions', 'cloudasset.assets.listIntegrationsIntegrationVersions', 'cloudasset.assets.listIntegrationsIntegrations', 'cloudasset.assets.listIntegrationsSfdcChannels', 'cloudasset.assets.listIntegrationsSfdcInstances', 'cloudasset.assets.listIntegrationsSuspensions', 'cloudasset.assets.listLoggingLogMetrics', 'cloudasset.assets.listLoggingLogSinks', 'cloudasset.assets.listManagedidentitiesDomain', 'cloudasset.assets.listMetastoreBackups', 'cloudasset.assets.listMetastoreMetadataImports', 'cloudasset.assets.listMetastoreServices', 'cloudasset.assets.listMonitoringAlertPolicies', 'cloudasset.assets.listNetworkConnectivityHubs', 'cloudasset.assets.listNetworkConnectivitySpokes', 'cloudasset.assets.listNetworkManagementConnectivityTests', 'cloudasset.assets.listNetworkServicesEndpointPolicies', 'cloudasset.assets.listNetworkServicesGateways', 'cloudasset.assets.listNetworkServicesGrpcRoutes', 'cloudasset.assets.listNetworkServicesHttpRoutes', 'cloudasset.assets.listNetworkServicesMeshes', 'cloudasset.assets.listNetworkServicesServiceBindings', 'cloudasset.assets.listNetworkServicesTcpRoutes', 'cloudasset.assets.listNetworkServicesTlsRoutes', 'cloudasset.assets.listOSConfigOSPolicyAssignmentReports', 'cloudasset.assets.listOSConfigOSPolicyAssignments', 'cloudasset.assets.listOSConfigVulnerabilityReports', 'cloudasset.assets.listOSInventories', 'cloudasset.assets.listOrgPolicy', 'cloudasset.assets.listPatchDeployments', 'cloudasset.assets.listPubsubSnapshots', 'cloudasset.assets.listPubsubSubscriptions', 'cloudasset.assets.listPubsubTopics', 'cloudasset.assets.listRedisInstances', 'cloudasset.assets.listResource', 'cloudasset.assets.listRunDomainMapping', 'cloudasset.assets.listRunRevision', 'cloudasset.assets.listRunService', 'cloudasset.assets.listSecretManagerSecretVersions', 'cloudasset.assets.listSecretManagerSecrets', 'cloudasset.assets.listServiceDirectoryNamespaces', 'cloudasset.assets.listServicePerimeter', 'cloudasset.assets.listServiceconsumermanagementConsumerProperty', 'cloudasset.assets.listServiceconsumermanagementConsumerQuotaLimits', 'cloudasset.assets.listServiceconsumermanagementConsumers', 'cloudasset.assets.listServiceconsumermanagementProducerOverrides', 'cloudasset.assets.listServiceconsumermanagementTenancyUnits', 'cloudasset.assets.listServiceconsumermanagementVisibility', 'cloudasset.assets.listServicemanagementServices', 'cloudasset.assets.listServiceusageAdminOverrides', 'cloudasset.assets.listServiceusageConsumerOverrides', 'cloudasset.assets.listServiceusageServices', 'cloudasset.assets.listSpannerBackups', 'cloudasset.assets.listSpannerDatabases', 'cloudasset.assets.listSpannerInstances', 'cloudasset.assets.listSpeakerIdPhrases', 'cloudasset.assets.listSpeakerIdSettings', 'cloudasset.assets.listSpeakerIdSpeakers', 'cloudasset.assets.listSpeechCustomClasses', 'cloudasset.assets.listSpeechPhraseSets', 'cloudasset.assets.listSqladminBackupRuns', 'cloudasset.assets.listSqladminInstances', 'cloudasset.assets.listStorageBuckets', 'cloudasset.assets.listTpuNodes', 'cloudasset.assets.listVpcaccessConnector', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.feeds.create', 'cloudasset.feeds.delete', 'cloudasset.feeds.get', 'cloudasset.feeds.list', 'cloudasset.feeds.update', 'cloudsql.instances.connect', 'cloudsql.users.list', 'compute.disks.useReadOnly', 'compute.globalOperations.get', 'compute.instances.get', 'compute.instances.list', 'compute.networkEndpointGroups.get', 'compute.projects.get', 'container.clusters.get', 'iam.denypolicies.get', 'iam.denypolicies.list', 'iam.googleapis.com/workloadIdentityPoolProviders.list', 'iam.googleapis.com/workloadIdentityPools.list', 'logging.logEntries.list', 'monitoring.alertPolicies.list', 'monitoring.timeSeries.list', 'orgpolicy.policies.list', 'orgpolicy.policy.get', 'recommender.cloudAssetInsights.get', 'recommender.cloudAssetInsights.list', 'recommender.locations.get', 'recommender.locations.list', 'resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.getIamPolicy', 'resourcemanager.projects.list', 'resourcemanager.tagValues.get', 'securitycenter.assets.list', 'securitycenter.assetsecuritymarks.update', 'securitycenter.findings.list', 'securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.update', 'securitycenter.organizationsettings.get', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list', 'securitycenter.sources.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update', 'serviceusage.quotas.get', 'serviceusage.services.disable', 'serviceusage.services.enable', 'serviceusage.services.get', 'serviceusage.services.list', 'stackdriver.projects.get', 'storage.buckets.get', 'storage.buckets.getIamPolicy', 'storage.buckets.list'] |
|
GA |
| roles/securitycenter.securityResponseServiceAgent |
Gives Playbook Runner permissions to execute all Google authored Playbooks. This role will keep evolving as we add more playbooks |
Google Cloud Security Response Service Agent |
['compute.instances.deleteAccessConfig', 'compute.instances.get', 'compute.instances.setMetadata', 'iam.serviceAccounts.actAs', 'pubsub.topics.publish', 'securitycenter.findings.list', 'storage.buckets.get', 'storage.buckets.update'] |
|
GA |
| roles/securitycenter.valuedResourcesViewer |
Read access to security center valued resources |
Security Center Valued Resources Reader |
['securitycenter.valuedresources.list'] |
|
GA |
| roles/securitycenter.assetsViewer |
Read access to assets |
Security Center Assets Viewer |
['cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportResource', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.assets.searchEnrichmentResourceOwners', 'resourcemanager.folders.get', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'securitycenter.assets.group', 'securitycenter.assets.list', 'securitycenter.assets.listAssetPropertyNames', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.bigQueryExportsViewer |
Read access to security center BigQuery Exports |
Security Center BigQuery Exports Viewer |
['resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list'] |
|
GA |
| roles/securitycenter.resourceValueConfigsViewer |
Read access to security center resource value configurations |
Security Center Resource Value Configurations Viewer |
['resourcemanager.tagValues.get', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list'] |
|
GA |
| roles/securitycentermanagement.securityCenterServicesViewer |
Readonly access to Cloud Security Command Center services configuration. |
Security Center Management Services Viewer |
['securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list'] |
|
GA |
| roles/securitycenter.complianceReportsViewer |
Read access to security center compliance reports |
Security Center Compliance Reports Viewer |
['securitycenter.complianceReports.aggregate'] |
|
BETA |
| roles/securitycenter.settingsEditor |
Read-Write access to security center settings |
Security Center Settings Editor |
['resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.bigQueryExports.create', 'securitycenter.bigQueryExports.delete', 'securitycenter.bigQueryExports.get', 'securitycenter.bigQueryExports.list', 'securitycenter.bigQueryExports.update', 'securitycenter.billingtier.update', 'securitycenter.containerthreatdetectionsettings.calculate', 'securitycenter.containerthreatdetectionsettings.get', 'securitycenter.containerthreatdetectionsettings.update', 'securitycenter.effectivesecurityhealthanalyticscustommodules.get', 'securitycenter.effectivesecurityhealthanalyticscustommodules.list', 'securitycenter.eventthreatdetectionsettings.calculate', 'securitycenter.eventthreatdetectionsettings.get', 'securitycenter.eventthreatdetectionsettings.update', 'securitycenter.integratedvulnerabilityscannersettings.calculate', 'securitycenter.integratedvulnerabilityscannersettings.get', 'securitycenter.integratedvulnerabilityscannersettings.update', 'securitycenter.muteconfigs.create', 'securitycenter.muteconfigs.delete', 'securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list', 'securitycenter.muteconfigs.update', 'securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.get', 'securitycenter.notificationconfig.list', 'securitycenter.notificationconfig.update', 'securitycenter.organizationsettings.get', 'securitycenter.organizationsettings.update', 'securitycenter.rapidvulnerabilitydetectionsettings.calculate', 'securitycenter.rapidvulnerabilitydetectionsettings.get', 'securitycenter.rapidvulnerabilitydetectionsettings.update', 'securitycenter.securitycentersettings.get', 'securitycenter.securitycentersettings.update', 'securitycenter.securityhealthanalyticscustommodules.create', 'securitycenter.securityhealthanalyticscustommodules.delete', 'securitycenter.securityhealthanalyticscustommodules.get', 'securitycenter.securityhealthanalyticscustommodules.list', 'securitycenter.securityhealthanalyticscustommodules.update', 'securitycenter.securityhealthanalyticssettings.calculate', 'securitycenter.securityhealthanalyticssettings.get', 'securitycenter.securityhealthanalyticssettings.update', 'securitycenter.subscription.get', 'securitycenter.userinterfacemetadata.get', 'securitycenter.virtualmachinethreatdetectionsettings.calculate', 'securitycenter.virtualmachinethreatdetectionsettings.get', 'securitycenter.virtualmachinethreatdetectionsettings.update', 'securitycenter.websecurityscannersettings.calculate', 'securitycenter.websecurityscannersettings.get', 'securitycenter.websecurityscannersettings.update', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCenterServices.update', 'securitycentermanagement.securityCommandCenter.activate', 'securitycentermanagement.securityCommandCenter.checkActivationOperation', 'securitycentermanagement.securityCommandCenter.checkEligibility', 'securitycentermanagement.securityCommandCenter.generateServiceAccounts', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityCommandCenter.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update'] |
|
GA |
| roles/securitycenter.serviceAgent |
Security Center service agent can scan GCP resources and import security scans. |
Security Center Service Agent |
['bigquery.datasets.get', 'binaryauthorization.policy.get', 'cloudasset.assets.analyzeIamPolicy', 'cloudasset.assets.analyzeMove', 'cloudasset.assets.analyzeOrgPolicy', 'cloudasset.assets.exportAccessLevel', 'cloudasset.assets.exportAccessPolicy', 'cloudasset.assets.exportAiplatformBatchPredictionJobs', 'cloudasset.assets.exportAiplatformCustomJobs', 'cloudasset.assets.exportAiplatformDataLabelingJobs', 'cloudasset.assets.exportAiplatformDatasets', 'cloudasset.assets.exportAiplatformEndpoints', 'cloudasset.assets.exportAiplatformHyperparameterTuningJobs', 'cloudasset.assets.exportAiplatformMetadataStores', 'cloudasset.assets.exportAiplatformModelDeploymentMonitoringJobs', 'cloudasset.assets.exportAiplatformModels', 'cloudasset.assets.exportAiplatformPipelineJobs', 'cloudasset.assets.exportAiplatformSpecialistPools', 'cloudasset.assets.exportAiplatformTrainingPipelines', 'cloudasset.assets.exportAllAccessPolicy', 'cloudasset.assets.exportAnthosConnectedCluster', 'cloudasset.assets.exportAnthosedgeCluster', 'cloudasset.assets.exportApigatewayApi', 'cloudasset.assets.exportApigatewayApiConfig', 'cloudasset.assets.exportApigatewayGateway', 'cloudasset.assets.exportApikeysKeys', 'cloudasset.assets.exportAppengineApplications', 'cloudasset.assets.exportAppengineServices', 'cloudasset.assets.exportAppengineVersions', 'cloudasset.assets.exportArtifactregistryDockerImages', 'cloudasset.assets.exportArtifactregistryRepositories', 'cloudasset.assets.exportAssuredWorkloadsWorkloads', 'cloudasset.assets.exportBeyondCorpApiGateways', 'cloudasset.assets.exportBeyondCorpAppConnections', 'cloudasset.assets.exportBeyondCorpAppConnectors', 'cloudasset.assets.exportBeyondCorpAppGateways', 'cloudasset.assets.exportBeyondCorpClientConnectorServices', 'cloudasset.assets.exportBeyondCorpClientGateways', 'cloudasset.assets.exportBigqueryDatasets', 'cloudasset.assets.exportBigqueryModels', 'cloudasset.assets.exportBigqueryTables', 'cloudasset.assets.exportBigtableAppProfile', 'cloudasset.assets.exportBigtableBackup', 'cloudasset.assets.exportBigtableCluster', 'cloudasset.assets.exportBigtableInstance', 'cloudasset.assets.exportBigtableTable', 'cloudasset.assets.exportCloudAssetFeeds', 'cloudasset.assets.exportCloudDeployDeliveryPipelines', 'cloudasset.assets.exportCloudDeployReleases', 'cloudasset.assets.exportCloudDeployRollouts', 'cloudasset.assets.exportCloudDeployTargets', 'cloudasset.assets.exportCloudDocumentAIEvaluation', 'cloudasset.assets.exportCloudDocumentAIHumanReviewConfig', 'cloudasset.assets.exportCloudDocumentAILabelerPool', 'cloudasset.assets.exportCloudDocumentAIProcessor', 'cloudasset.assets.exportCloudDocumentAIProcessorVersion', 'cloudasset.assets.exportCloudbillingBillingAccounts', 'cloudasset.assets.exportCloudbillingProjectBillingInfos', 'cloudasset.assets.exportCloudfunctionsFunctions', 'cloudasset.assets.exportCloudfunctionsGen2Functions', 'cloudasset.assets.exportCloudkmsCryptoKeyVersions', 'cloudasset.assets.exportCloudkmsCryptoKeys', 'cloudasset.assets.exportCloudkmsEkmConnections', 'cloudasset.assets.exportCloudkmsImportJobs', 'cloudasset.assets.exportCloudkmsKeyRings', 'cloudasset.assets.exportCloudmemcacheInstances', 'cloudasset.assets.exportCloudresourcemanagerFolders', 'cloudasset.assets.exportCloudresourcemanagerOrganizations', 'cloudasset.assets.exportCloudresourcemanagerProjects', 'cloudasset.assets.exportCloudresourcemanagerTagBindings', 'cloudasset.assets.exportCloudresourcemanagerTagKeys', 'cloudasset.assets.exportCloudresourcemanagerTagValues', 'cloudasset.assets.exportComposerEnvironments', 'cloudasset.assets.exportComputeAddress', 'cloudasset.assets.exportComputeAutoscalers', 'cloudasset.assets.exportComputeBackendBuckets', 'cloudasset.assets.exportComputeBackendServices', 'cloudasset.assets.exportComputeCommitments', 'cloudasset.assets.exportComputeDisks', 'cloudasset.assets.exportComputeExternalVpnGateways', 'cloudasset.assets.exportComputeFirewallPolicies', 'cloudasset.assets.exportComputeFirewalls', 'cloudasset.assets.exportComputeForwardingRules', 'cloudasset.assets.exportComputeGlobalAddress', 'cloudasset.assets.exportComputeGlobalForwardingRules', 'cloudasset.assets.exportComputeHealthChecks', 'cloudasset.assets.exportComputeHttpHealthChecks', 'cloudasset.assets.exportComputeHttpsHealthChecks', 'cloudasset.assets.exportComputeImages', 'cloudasset.assets.exportComputeInstanceGroupManagers', 'cloudasset.assets.exportComputeInstanceGroups', 'cloudasset.assets.exportComputeInstanceTemplates', 'cloudasset.assets.exportComputeInstances', 'cloudasset.assets.exportComputeInterconnect', 'cloudasset.assets.exportComputeInterconnectAttachment', 'cloudasset.assets.exportComputeLicenses', 'cloudasset.assets.exportComputeNetworkEndpointGroups', 'cloudasset.assets.exportComputeNetworks', 'cloudasset.assets.exportComputeNodeGroups', 'cloudasset.assets.exportComputeNodeTemplates', 'cloudasset.assets.exportComputePacketMirrorings', 'cloudasset.assets.exportComputeProjects', 'cloudasset.assets.exportComputeRegionAutoscaler', 'cloudasset.assets.exportComputeRegionBackendServices', 'cloudasset.assets.exportComputeRegionDisk', 'cloudasset.assets.exportComputeRegionInstanceGroup', 'cloudasset.assets.exportComputeRegionInstanceGroupManager', 'cloudasset.assets.exportComputeReservations', 'cloudasset.assets.exportComputeResourcePolicies', 'cloudasset.assets.exportComputeRouters', 'cloudasset.assets.exportComputeRoutes', 'cloudasset.assets.exportComputeSecurityPolicy', 'cloudasset.assets.exportComputeServiceAttachments', 'cloudasset.assets.exportComputeSnapshots', 'cloudasset.assets.exportComputeSslCertificates', 'cloudasset.assets.exportComputeSslPolicies', 'cloudasset.assets.exportComputeSubnetworks', 'cloudasset.assets.exportComputeTargetHttpProxies', 'cloudasset.assets.exportComputeTargetHttpsProxies', 'cloudasset.assets.exportComputeTargetInstances', 'cloudasset.assets.exportComputeTargetPools', 'cloudasset.assets.exportComputeTargetSslProxies', 'cloudasset.assets.exportComputeTargetTcpProxies', 'cloudasset.assets.exportComputeTargetVpnGateways', 'cloudasset.assets.exportComputeUrlMaps', 'cloudasset.assets.exportComputeVpnGateways', 'cloudasset.assets.exportComputeVpnTunnels', 'cloudasset.assets.exportConnectorsConnections', 'cloudasset.assets.exportConnectorsConnectorVersions', 'cloudasset.assets.exportConnectorsConnectors', 'cloudasset.assets.exportConnectorsProviders', 'cloudasset.assets.exportConnectorsRuntimeConfigs', 'cloudasset.assets.exportContainerAppsDeployment', 'cloudasset.assets.exportContainerAppsReplicaSets', 'cloudasset.assets.exportContainerBatchJobs', 'cloudasset.assets.exportContainerClusterrole', 'cloudasset.assets.exportContainerClusterrolebinding', 'cloudasset.assets.exportContainerClusters', 'cloudasset.assets.exportContainerExtensionsIngresses', 'cloudasset.assets.exportContainerJobs', 'cloudasset.assets.exportContainerNamespace', 'cloudasset.assets.exportContainerNetworkingIngresses', 'cloudasset.assets.exportContainerNetworkingNetworkPolicies', 'cloudasset.assets.exportContainerNode', 'cloudasset.assets.exportContainerNodepool', 'cloudasset.assets.exportContainerPod', 'cloudasset.assets.exportContainerReplicaSets', 'cloudasset.assets.exportContainerRole', 'cloudasset.assets.exportContainerRolebinding', 'cloudasset.assets.exportContainerServices', 'cloudasset.assets.exportContainerregistryImage', 'cloudasset.assets.exportDataMigrationConnectionProfiles', 'cloudasset.assets.exportDataMigrationMigrationJobs', 'cloudasset.assets.exportDataflowJobs', 'cloudasset.assets.exportDatafusionInstance', 'cloudasset.assets.exportDataplexAssets', 'cloudasset.assets.exportDataplexLakes', 'cloudasset.assets.exportDataplexTasks', 'cloudasset.assets.exportDataplexZones', 'cloudasset.assets.exportDataprocAutoscalingPolicies', 'cloudasset.assets.exportDataprocBatches', 'cloudasset.assets.exportDataprocClusters', 'cloudasset.assets.exportDataprocJobs', 'cloudasset.assets.exportDataprocSessions', 'cloudasset.assets.exportDataprocWorkflowTemplates', 'cloudasset.assets.exportDatastreamConnectionProfile', 'cloudasset.assets.exportDatastreamPrivateConnection', 'cloudasset.assets.exportDatastreamStream', 'cloudasset.assets.exportDialogflowAgents', 'cloudasset.assets.exportDialogflowConversationProfiles', 'cloudasset.assets.exportDialogflowKnowledgeBases', 'cloudasset.assets.exportDialogflowLocationSettings', 'cloudasset.assets.exportDlpDeidentifyTemplates', 'cloudasset.assets.exportDlpDlpJobs', 'cloudasset.assets.exportDlpInspectTemplates', 'cloudasset.assets.exportDlpJobTriggers', 'cloudasset.assets.exportDlpStoredInfoTypes', 'cloudasset.assets.exportDnsManagedZones', 'cloudasset.assets.exportDnsPolicies', 'cloudasset.assets.exportDomainsRegistrations', 'cloudasset.assets.exportEventarcTriggers', 'cloudasset.assets.exportFileBackups', 'cloudasset.assets.exportFileInstances', 'cloudasset.assets.exportFirebaseAppInfos', 'cloudasset.assets.exportFirebaseProjects', 'cloudasset.assets.exportFirestoreDatabases', 'cloudasset.assets.exportGKEHubFeatures', 'cloudasset.assets.exportGKEHubMemberships', 'cloudasset.assets.exportGameservicesGameServerClusters', 'cloudasset.assets.exportGameservicesGameServerConfigs', 'cloudasset.assets.exportGameservicesGameServerDeployments', 'cloudasset.assets.exportGameservicesRealms', 'cloudasset.assets.exportGkeBackupBackupPlans', 'cloudasset.assets.exportGkeBackupBackups', 'cloudasset.assets.exportGkeBackupRestorePlans', 'cloudasset.assets.exportGkeBackupRestores', 'cloudasset.assets.exportGkeBackupVolumeBackups', 'cloudasset.assets.exportGkeBackupVolumeRestores', 'cloudasset.assets.exportHealthcareConsentStores', 'cloudasset.assets.exportHealthcareDatasets', 'cloudasset.assets.exportHealthcareDicomStores', 'cloudasset.assets.exportHealthcareFhirStores', 'cloudasset.assets.exportHealthcareHl7V2Stores', 'cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportIamRoles', 'cloudasset.assets.exportIamServiceAccountKeys', 'cloudasset.assets.exportIamServiceAccounts', 'cloudasset.assets.exportIapTunnel', 'cloudasset.assets.exportIapTunnelInstances', 'cloudasset.assets.exportIapTunnelZones', 'cloudasset.assets.exportIapWeb', 'cloudasset.assets.exportIapWebServiceVersion', 'cloudasset.assets.exportIapWebServices', 'cloudasset.assets.exportIapWebType', 'cloudasset.assets.exportIdsEndpoints', 'cloudasset.assets.exportIntegrationsAuthConfigs', 'cloudasset.assets.exportIntegrationsCertificates', 'cloudasset.assets.exportIntegrationsExecutions', 'cloudasset.assets.exportIntegrationsIntegrationVersions', 'cloudasset.assets.exportIntegrationsIntegrations', 'cloudasset.assets.exportIntegrationsSfdcChannels', 'cloudasset.assets.exportIntegrationsSfdcInstances', 'cloudasset.assets.exportIntegrationsSuspensions', 'cloudasset.assets.exportLoggingLogMetrics', 'cloudasset.assets.exportLoggingLogSinks', 'cloudasset.assets.exportManagedidentitiesDomain', 'cloudasset.assets.exportMetastoreBackups', 'cloudasset.assets.exportMetastoreMetadataImports', 'cloudasset.assets.exportMetastoreServices', 'cloudasset.assets.exportMonitoringAlertPolicies', 'cloudasset.assets.exportNetworkConnectivityHubs', 'cloudasset.assets.exportNetworkConnectivitySpokes', 'cloudasset.assets.exportNetworkManagementConnectivityTests', 'cloudasset.assets.exportNetworkServicesEndpointPolicies', 'cloudasset.assets.exportNetworkServicesGateways', 'cloudasset.assets.exportNetworkServicesGrpcRoutes', 'cloudasset.assets.exportNetworkServicesHttpRoutes', 'cloudasset.assets.exportNetworkServicesMeshes', 'cloudasset.assets.exportNetworkServicesServiceBindings', 'cloudasset.assets.exportNetworkServicesTcpRoutes', 'cloudasset.assets.exportNetworkServicesTlsRoutes', 'cloudasset.assets.exportOSConfigOSPolicyAssignmentReports', 'cloudasset.assets.exportOSConfigOSPolicyAssignments', 'cloudasset.assets.exportOSConfigVulnerabilityReports', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportOrgPolicy', 'cloudasset.assets.exportPatchDeployments', 'cloudasset.assets.exportPubsubSnapshots', 'cloudasset.assets.exportPubsubSubscriptions', 'cloudasset.assets.exportPubsubTopics', 'cloudasset.assets.exportRedisInstances', 'cloudasset.assets.exportResource', 'cloudasset.assets.exportSecretManagerSecretVersions', 'cloudasset.assets.exportSecretManagerSecrets', 'cloudasset.assets.exportServiceDirectoryNamespaces', 'cloudasset.assets.exportServicePerimeter', 'cloudasset.assets.exportServiceconsumermanagementConsumerProperty', 'cloudasset.assets.exportServiceconsumermanagementConsumerQuotaLimits', 'cloudasset.assets.exportServiceconsumermanagementConsumers', 'cloudasset.assets.exportServiceconsumermanagementProducerOverrides', 'cloudasset.assets.exportServiceconsumermanagementTenancyUnits', 'cloudasset.assets.exportServiceconsumermanagementVisibility', 'cloudasset.assets.exportServicemanagementServices', 'cloudasset.assets.exportServiceusageAdminOverrides', 'cloudasset.assets.exportServiceusageConsumerOverrides', 'cloudasset.assets.exportServiceusageServices', 'cloudasset.assets.exportSpannerBackups', 'cloudasset.assets.exportSpannerDatabases', 'cloudasset.assets.exportSpannerInstances', 'cloudasset.assets.exportSpeakerIdPhrases', 'cloudasset.assets.exportSpeakerIdSettings', 'cloudasset.assets.exportSpeakerIdSpeakers', 'cloudasset.assets.exportSpeechCustomClasses', 'cloudasset.assets.exportSpeechPhraseSets', 'cloudasset.assets.exportSqladminBackupRuns', 'cloudasset.assets.exportSqladminInstances', 'cloudasset.assets.exportStorageBuckets', 'cloudasset.assets.exportTpuNodes', 'cloudasset.assets.exportVpcaccessConnector', 'cloudasset.assets.listAccessLevel', 'cloudasset.assets.listAccessPolicy', 'cloudasset.assets.listAiplatformBatchPredictionJobs', 'cloudasset.assets.listAiplatformCustomJobs', 'cloudasset.assets.listAiplatformDataLabelingJobs', 'cloudasset.assets.listAiplatformDatasets', 'cloudasset.assets.listAiplatformEndpoints', 'cloudasset.assets.listAiplatformHyperparameterTuningJobs', 'cloudasset.assets.listAiplatformMetadataStores', 'cloudasset.assets.listAiplatformModelDeploymentMonitoringJobs', 'cloudasset.assets.listAiplatformModels', 'cloudasset.assets.listAiplatformPipelineJobs', 'cloudasset.assets.listAiplatformSpecialistPools', 'cloudasset.assets.listAiplatformTrainingPipelines', 'cloudasset.assets.listAllAccessPolicy', 'cloudasset.assets.listAnthosConnectedCluster', 'cloudasset.assets.listAnthosedgeCluster', 'cloudasset.assets.listApigatewayApi', 'cloudasset.assets.listApigatewayApiConfig', 'cloudasset.assets.listApigatewayGateway', 'cloudasset.assets.listApikeysKeys', 'cloudasset.assets.listAppengineApplications', 'cloudasset.assets.listAppengineServices', 'cloudasset.assets.listAppengineVersions', 'cloudasset.assets.listArtifactregistryDockerImages', 'cloudasset.assets.listArtifactregistryRepositories', 'cloudasset.assets.listAssuredWorkloadsWorkloads', 'cloudasset.assets.listBeyondCorpApiGateways', 'cloudasset.assets.listBeyondCorpAppConnections', 'cloudasset.assets.listBeyondCorpAppConnectors', 'cloudasset.assets.listBeyondCorpAppGateways', 'cloudasset.assets.listBeyondCorpClientConnectorServices', 'cloudasset.assets.listBeyondCorpClientGateways', 'cloudasset.assets.listBigqueryDatasets', 'cloudasset.assets.listBigqueryModels', 'cloudasset.assets.listBigqueryTables', 'cloudasset.assets.listBigtableAppProfile', 'cloudasset.assets.listBigtableBackup', 'cloudasset.assets.listBigtableCluster', 'cloudasset.assets.listBigtableInstance', 'cloudasset.assets.listBigtableTable', 'cloudasset.assets.listCloudAssetFeeds', 'cloudasset.assets.listCloudDeployDeliveryPipelines', 'cloudasset.assets.listCloudDeployReleases', 'cloudasset.assets.listCloudDeployRollouts', 'cloudasset.assets.listCloudDeployTargets', 'cloudasset.assets.listCloudDocumentAIEvaluation', 'cloudasset.assets.listCloudDocumentAIHumanReviewConfig', 'cloudasset.assets.listCloudDocumentAILabelerPool', 'cloudasset.assets.listCloudDocumentAIProcessor', 'cloudasset.assets.listCloudDocumentAIProcessorVersion', 'cloudasset.assets.listCloudbillingBillingAccounts', 'cloudasset.assets.listCloudbillingProjectBillingInfos', 'cloudasset.assets.listCloudfunctionsFunctions', 'cloudasset.assets.listCloudfunctionsGen2Functions', 'cloudasset.assets.listCloudkmsCryptoKeyVersions', 'cloudasset.assets.listCloudkmsCryptoKeys', 'cloudasset.assets.listCloudkmsEkmConnections', 'cloudasset.assets.listCloudkmsImportJobs', 'cloudasset.assets.listCloudkmsKeyRings', 'cloudasset.assets.listCloudmemcacheInstances', 'cloudasset.assets.listCloudresourcemanagerFolders', 'cloudasset.assets.listCloudresourcemanagerOrganizations', 'cloudasset.assets.listCloudresourcemanagerProjects', 'cloudasset.assets.listCloudresourcemanagerTagBindings', 'cloudasset.assets.listCloudresourcemanagerTagKeys', 'cloudasset.assets.listCloudresourcemanagerTagValues', 'cloudasset.assets.listComposerEnvironments', 'cloudasset.assets.listComputeAddress', 'cloudasset.assets.listComputeAutoscalers', 'cloudasset.assets.listComputeBackendBuckets', 'cloudasset.assets.listComputeBackendServices', 'cloudasset.assets.listComputeCommitments', 'cloudasset.assets.listComputeDisks', 'cloudasset.assets.listComputeExternalVpnGateways', 'cloudasset.assets.listComputeFirewallPolicies', 'cloudasset.assets.listComputeFirewalls', 'cloudasset.assets.listComputeForwardingRules', 'cloudasset.assets.listComputeGlobalAddress', 'cloudasset.assets.listComputeGlobalForwardingRules', 'cloudasset.assets.listComputeHealthChecks', 'cloudasset.assets.listComputeHttpHealthChecks', 'cloudasset.assets.listComputeHttpsHealthChecks', 'cloudasset.assets.listComputeImages', 'cloudasset.assets.listComputeInstanceGroupManagers', 'cloudasset.assets.listComputeInstanceGroups', 'cloudasset.assets.listComputeInstanceTemplates', 'cloudasset.assets.listComputeInstances', 'cloudasset.assets.listComputeInterconnect', 'cloudasset.assets.listComputeInterconnectAttachment', 'cloudasset.assets.listComputeLicenses', 'cloudasset.assets.listComputeNetworkEndpointGroups', 'cloudasset.assets.listComputeNetworks', 'cloudasset.assets.listComputeNodeGroups', 'cloudasset.assets.listComputeNodeTemplates', 'cloudasset.assets.listComputePacketMirrorings', 'cloudasset.assets.listComputeProjects', 'cloudasset.assets.listComputeRegionAutoscaler', 'cloudasset.assets.listComputeRegionBackendServices', 'cloudasset.assets.listComputeRegionDisk', 'cloudasset.assets.listComputeRegionInstanceGroup', 'cloudasset.assets.listComputeRegionInstanceGroupManager', 'cloudasset.assets.listComputeReservations', 'cloudasset.assets.listComputeResourcePolicies', 'cloudasset.assets.listComputeRouters', 'cloudasset.assets.listComputeRoutes', 'cloudasset.assets.listComputeSecurityPolicy', 'cloudasset.assets.listComputeServiceAttachments', 'cloudasset.assets.listComputeSnapshots', 'cloudasset.assets.listComputeSslCertificates', 'cloudasset.assets.listComputeSslPolicies', 'cloudasset.assets.listComputeSubnetworks', 'cloudasset.assets.listComputeTargetHttpProxies', 'cloudasset.assets.listComputeTargetHttpsProxies', 'cloudasset.assets.listComputeTargetInstances', 'cloudasset.assets.listComputeTargetPools', 'cloudasset.assets.listComputeTargetSslProxies', 'cloudasset.assets.listComputeTargetTcpProxies', 'cloudasset.assets.listComputeTargetVpnGateways', 'cloudasset.assets.listComputeUrlMaps', 'cloudasset.assets.listComputeVpnGateways', 'cloudasset.assets.listComputeVpnTunnels', 'cloudasset.assets.listConnectorsConnections', 'cloudasset.assets.listConnectorsConnectorVersions', 'cloudasset.assets.listConnectorsConnectors', 'cloudasset.assets.listConnectorsProviders', 'cloudasset.assets.listConnectorsRuntimeConfigs', 'cloudasset.assets.listContainerAppsDeployment', 'cloudasset.assets.listContainerAppsReplicaSets', 'cloudasset.assets.listContainerBatchJobs', 'cloudasset.assets.listContainerClusterrole', 'cloudasset.assets.listContainerClusterrolebinding', 'cloudasset.assets.listContainerClusters', 'cloudasset.assets.listContainerExtensionsIngresses', 'cloudasset.assets.listContainerJobs', 'cloudasset.assets.listContainerNamespace', 'cloudasset.assets.listContainerNetworkingIngresses', 'cloudasset.assets.listContainerNetworkingNetworkPolicies', 'cloudasset.assets.listContainerNode', 'cloudasset.assets.listContainerNodepool', 'cloudasset.assets.listContainerPod', 'cloudasset.assets.listContainerReplicaSets', 'cloudasset.assets.listContainerRole', 'cloudasset.assets.listContainerRolebinding', 'cloudasset.assets.listContainerServices', 'cloudasset.assets.listContainerregistryImage', 'cloudasset.assets.listDataMigrationConnectionProfiles', 'cloudasset.assets.listDataMigrationMigrationJobs', 'cloudasset.assets.listDataflowJobs', 'cloudasset.assets.listDatafusionInstance', 'cloudasset.assets.listDataplexAssets', 'cloudasset.assets.listDataplexLakes', 'cloudasset.assets.listDataplexTasks', 'cloudasset.assets.listDataplexZones', 'cloudasset.assets.listDataprocAutoscalingPolicies', 'cloudasset.assets.listDataprocBatches', 'cloudasset.assets.listDataprocClusters', 'cloudasset.assets.listDataprocJobs', 'cloudasset.assets.listDataprocSessions', 'cloudasset.assets.listDataprocWorkflowTemplates', 'cloudasset.assets.listDatastreamConnectionProfile', 'cloudasset.assets.listDatastreamPrivateConnection', 'cloudasset.assets.listDatastreamStream', 'cloudasset.assets.listDialogflowAgents', 'cloudasset.assets.listDialogflowConversationProfiles', 'cloudasset.assets.listDialogflowKnowledgeBases', 'cloudasset.assets.listDialogflowLocationSettings', 'cloudasset.assets.listDlpDeidentifyTemplates', 'cloudasset.assets.listDlpDlpJobs', 'cloudasset.assets.listDlpInspectTemplates', 'cloudasset.assets.listDlpJobTriggers', 'cloudasset.assets.listDlpStoredInfoTypes', 'cloudasset.assets.listDnsManagedZones', 'cloudasset.assets.listDnsPolicies', 'cloudasset.assets.listDomainsRegistrations', 'cloudasset.assets.listEventarcTriggers', 'cloudasset.assets.listFileBackups', 'cloudasset.assets.listFileInstances', 'cloudasset.assets.listFirebaseAppInfos', 'cloudasset.assets.listFirebaseProjects', 'cloudasset.assets.listFirestoreDatabases', 'cloudasset.assets.listGKEHubFeatures', 'cloudasset.assets.listGKEHubMemberships', 'cloudasset.assets.listGameservicesGameServerClusters', 'cloudasset.assets.listGameservicesGameServerConfigs', 'cloudasset.assets.listGameservicesGameServerDeployments', 'cloudasset.assets.listGameservicesRealms', 'cloudasset.assets.listGkeBackupBackupPlans', 'cloudasset.assets.listGkeBackupBackups', 'cloudasset.assets.listGkeBackupRestorePlans', 'cloudasset.assets.listGkeBackupRestores', 'cloudasset.assets.listGkeBackupVolumeBackups', 'cloudasset.assets.listGkeBackupVolumeRestores', 'cloudasset.assets.listHealthcareConsentStores', 'cloudasset.assets.listHealthcareDatasets', 'cloudasset.assets.listHealthcareDicomStores', 'cloudasset.assets.listHealthcareFhirStores', 'cloudasset.assets.listHealthcareHl7V2Stores', 'cloudasset.assets.listIamPolicy', 'cloudasset.assets.listIamRoles', 'cloudasset.assets.listIamServiceAccountKeys', 'cloudasset.assets.listIamServiceAccounts', 'cloudasset.assets.listIapTunnel', 'cloudasset.assets.listIapTunnelInstances', 'cloudasset.assets.listIapTunnelZones', 'cloudasset.assets.listIapWeb', 'cloudasset.assets.listIapWebServiceVersion', 'cloudasset.assets.listIapWebServices', 'cloudasset.assets.listIapWebType', 'cloudasset.assets.listIdsEndpoints', 'cloudasset.assets.listIntegrationsAuthConfigs', 'cloudasset.assets.listIntegrationsCertificates', 'cloudasset.assets.listIntegrationsExecutions', 'cloudasset.assets.listIntegrationsIntegrationVersions', 'cloudasset.assets.listIntegrationsIntegrations', 'cloudasset.assets.listIntegrationsSfdcChannels', 'cloudasset.assets.listIntegrationsSfdcInstances', 'cloudasset.assets.listIntegrationsSuspensions', 'cloudasset.assets.listLoggingLogMetrics', 'cloudasset.assets.listLoggingLogSinks', 'cloudasset.assets.listManagedidentitiesDomain', 'cloudasset.assets.listMetastoreBackups', 'cloudasset.assets.listMetastoreMetadataImports', 'cloudasset.assets.listMetastoreServices', 'cloudasset.assets.listMonitoringAlertPolicies', 'cloudasset.assets.listNetworkConnectivityHubs', 'cloudasset.assets.listNetworkConnectivitySpokes', 'cloudasset.assets.listNetworkManagementConnectivityTests', 'cloudasset.assets.listNetworkServicesEndpointPolicies', 'cloudasset.assets.listNetworkServicesGateways', 'cloudasset.assets.listNetworkServicesGrpcRoutes', 'cloudasset.assets.listNetworkServicesHttpRoutes', 'cloudasset.assets.listNetworkServicesMeshes', 'cloudasset.assets.listNetworkServicesServiceBindings', 'cloudasset.assets.listNetworkServicesTcpRoutes', 'cloudasset.assets.listNetworkServicesTlsRoutes', 'cloudasset.assets.listOSConfigOSPolicyAssignmentReports', 'cloudasset.assets.listOSConfigOSPolicyAssignments', 'cloudasset.assets.listOSConfigVulnerabilityReports', 'cloudasset.assets.listOSInventories', 'cloudasset.assets.listOrgPolicy', 'cloudasset.assets.listPatchDeployments', 'cloudasset.assets.listPubsubSnapshots', 'cloudasset.assets.listPubsubSubscriptions', 'cloudasset.assets.listPubsubTopics', 'cloudasset.assets.listRedisInstances', 'cloudasset.assets.listResource', 'cloudasset.assets.listRunDomainMapping', 'cloudasset.assets.listRunRevision', 'cloudasset.assets.listRunService', 'cloudasset.assets.listSecretManagerSecretVersions', 'cloudasset.assets.listSecretManagerSecrets', 'cloudasset.assets.listServiceDirectoryNamespaces', 'cloudasset.assets.listServicePerimeter', 'cloudasset.assets.listServiceconsumermanagementConsumerProperty', 'cloudasset.assets.listServiceconsumermanagementConsumerQuotaLimits', 'cloudasset.assets.listServiceconsumermanagementConsumers', 'cloudasset.assets.listServiceconsumermanagementProducerOverrides', 'cloudasset.assets.listServiceconsumermanagementTenancyUnits', 'cloudasset.assets.listServiceconsumermanagementVisibility', 'cloudasset.assets.listServicemanagementServices', 'cloudasset.assets.listServiceusageAdminOverrides', 'cloudasset.assets.listServiceusageConsumerOverrides', 'cloudasset.assets.listServiceusageServices', 'cloudasset.assets.listSpannerBackups', 'cloudasset.assets.listSpannerDatabases', 'cloudasset.assets.listSpannerInstances', 'cloudasset.assets.listSpeakerIdPhrases', 'cloudasset.assets.listSpeakerIdSettings', 'cloudasset.assets.listSpeakerIdSpeakers', 'cloudasset.assets.listSpeechCustomClasses', 'cloudasset.assets.listSpeechPhraseSets', 'cloudasset.assets.listSqladminBackupRuns', 'cloudasset.assets.listSqladminInstances', 'cloudasset.assets.listStorageBuckets', 'cloudasset.assets.listTpuNodes', 'cloudasset.assets.listVpcaccessConnector', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.feeds.create', 'cloudasset.feeds.delete', 'cloudasset.feeds.get', 'cloudasset.feeds.list', 'cloudasset.feeds.update', 'cloudsql.instances.connect', 'cloudsql.users.list', 'compute.disks.useReadOnly', 'compute.globalOperations.get', 'compute.instances.get', 'compute.instances.list', 'compute.networkEndpointGroups.get', 'compute.projects.get', 'container.clusters.get', 'iam.denypolicies.get', 'iam.denypolicies.list', 'iam.googleapis.com/workloadIdentityPoolProviders.list', 'iam.googleapis.com/workloadIdentityPools.list', 'logging.logEntries.list', 'monitoring.alertPolicies.list', 'monitoring.timeSeries.list', 'orgpolicy.policies.list', 'orgpolicy.policy.get', 'recommender.cloudAssetInsights.get', 'recommender.cloudAssetInsights.list', 'recommender.locations.get', 'recommender.locations.list', 'resourcemanager.folders.get', 'resourcemanager.folders.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.getIamPolicy', 'resourcemanager.projects.list', 'resourcemanager.tagValues.get', 'securitycenter.assets.list', 'securitycenter.assetsecuritymarks.update', 'securitycenter.findings.list', 'securitycenter.notificationconfig.create', 'securitycenter.notificationconfig.delete', 'securitycenter.notificationconfig.update', 'securitycenter.organizationsettings.get', 'securitycenter.resourcevalueconfigs.get', 'securitycenter.resourcevalueconfigs.list', 'securitycenter.sources.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update', 'serviceusage.quotas.get', 'serviceusage.services.disable', 'serviceusage.services.enable', 'serviceusage.services.get', 'serviceusage.services.list', 'stackdriver.projects.get', 'storage.buckets.get', 'storage.buckets.getIamPolicy', 'storage.buckets.list'] |
|
GA |
| roles/securitycentermanagement.etdCustomModulesEditor |
Full access to manage Cloud Security Command Center ETD custom modules. |
Security Center Management Custom ETD Modules Editor |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list'] |
|
GA |
| roles/securitycenter.muteConfigsViewer |
Read access to security center mute configurations |
Security Center Mute Configurations Viewer |
['securitycenter.muteconfigs.get', 'securitycenter.muteconfigs.list'] |
|
GA |
| roles/securitycenter.assetsDiscoveryRunner |
Run asset discovery access to assets |
Security Center Assets Discovery Runner |
['securitycenter.assets.runDiscovery', 'securitycenter.userinterfacemetadata.get'] |
|
GA |
| roles/securitycenter.securityHealthAnalyticsCustomModulesTester |
Test access to Security Health Analytics Custom Modules |
Security Health Analytics Custom Modules Tester |
['securitycenter.securityhealthanalyticscustommodules.simulate', 'securitycenter.securityhealthanalyticscustommodules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test'] |
|
GA |
| roles/securitycenter.simulationsViewer |
Read access to security center simulations |
Security Center Simulations Reader |
['securitycenter.simulations.get'] |
|
GA |
| roles/securitycenter.findingsViewer |
Read access to findings |
Security Center Findings Viewer |
['resourcemanager.folders.get', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'securitycenter.complianceReports.aggregate', 'securitycenter.compliancesnapshots.list', 'securitycenter.findingexplanations.get', 'securitycenter.findings.group', 'securitycenter.findings.list', 'securitycenter.findings.listFindingPropertyNames', 'securitycenter.sources.get', 'securitycenter.sources.list', 'securitycenter.userinterfacemetadata.get', 'securitycenter.vulnerabilitysnapshots.list'] |
|
GA |
| roles/securitycenter.securityHealthAnalyticsServiceAgent |
Security Health Analytics service agent can scan GCP resource metadata to find security vulnerabilities. |
Security Health Analytics Service Agent |
['bigquery.datasets.get', 'binaryauthorization.policy.get', 'cloudasset.assets.analyzeIamPolicy', 'cloudasset.assets.analyzeMove', 'cloudasset.assets.analyzeOrgPolicy', 'cloudasset.assets.exportAccessLevel', 'cloudasset.assets.exportAccessPolicy', 'cloudasset.assets.exportAiplatformBatchPredictionJobs', 'cloudasset.assets.exportAiplatformCustomJobs', 'cloudasset.assets.exportAiplatformDataLabelingJobs', 'cloudasset.assets.exportAiplatformDatasets', 'cloudasset.assets.exportAiplatformEndpoints', 'cloudasset.assets.exportAiplatformHyperparameterTuningJobs', 'cloudasset.assets.exportAiplatformMetadataStores', 'cloudasset.assets.exportAiplatformModelDeploymentMonitoringJobs', 'cloudasset.assets.exportAiplatformModels', 'cloudasset.assets.exportAiplatformPipelineJobs', 'cloudasset.assets.exportAiplatformSpecialistPools', 'cloudasset.assets.exportAiplatformTrainingPipelines', 'cloudasset.assets.exportAllAccessPolicy', 'cloudasset.assets.exportAnthosConnectedCluster', 'cloudasset.assets.exportAnthosedgeCluster', 'cloudasset.assets.exportApigatewayApi', 'cloudasset.assets.exportApigatewayApiConfig', 'cloudasset.assets.exportApigatewayGateway', 'cloudasset.assets.exportApikeysKeys', 'cloudasset.assets.exportAppengineApplications', 'cloudasset.assets.exportAppengineServices', 'cloudasset.assets.exportAppengineVersions', 'cloudasset.assets.exportArtifactregistryDockerImages', 'cloudasset.assets.exportArtifactregistryRepositories', 'cloudasset.assets.exportAssuredWorkloadsWorkloads', 'cloudasset.assets.exportBeyondCorpApiGateways', 'cloudasset.assets.exportBeyondCorpAppConnections', 'cloudasset.assets.exportBeyondCorpAppConnectors', 'cloudasset.assets.exportBeyondCorpAppGateways', 'cloudasset.assets.exportBeyondCorpClientConnectorServices', 'cloudasset.assets.exportBeyondCorpClientGateways', 'cloudasset.assets.exportBigqueryDatasets', 'cloudasset.assets.exportBigqueryModels', 'cloudasset.assets.exportBigqueryTables', 'cloudasset.assets.exportBigtableAppProfile', 'cloudasset.assets.exportBigtableBackup', 'cloudasset.assets.exportBigtableCluster', 'cloudasset.assets.exportBigtableInstance', 'cloudasset.assets.exportBigtableTable', 'cloudasset.assets.exportCloudAssetFeeds', 'cloudasset.assets.exportCloudDeployDeliveryPipelines', 'cloudasset.assets.exportCloudDeployReleases', 'cloudasset.assets.exportCloudDeployRollouts', 'cloudasset.assets.exportCloudDeployTargets', 'cloudasset.assets.exportCloudDocumentAIEvaluation', 'cloudasset.assets.exportCloudDocumentAIHumanReviewConfig', 'cloudasset.assets.exportCloudDocumentAILabelerPool', 'cloudasset.assets.exportCloudDocumentAIProcessor', 'cloudasset.assets.exportCloudDocumentAIProcessorVersion', 'cloudasset.assets.exportCloudbillingBillingAccounts', 'cloudasset.assets.exportCloudbillingProjectBillingInfos', 'cloudasset.assets.exportCloudfunctionsFunctions', 'cloudasset.assets.exportCloudfunctionsGen2Functions', 'cloudasset.assets.exportCloudkmsCryptoKeyVersions', 'cloudasset.assets.exportCloudkmsCryptoKeys', 'cloudasset.assets.exportCloudkmsEkmConnections', 'cloudasset.assets.exportCloudkmsImportJobs', 'cloudasset.assets.exportCloudkmsKeyRings', 'cloudasset.assets.exportCloudmemcacheInstances', 'cloudasset.assets.exportCloudresourcemanagerFolders', 'cloudasset.assets.exportCloudresourcemanagerOrganizations', 'cloudasset.assets.exportCloudresourcemanagerProjects', 'cloudasset.assets.exportCloudresourcemanagerTagBindings', 'cloudasset.assets.exportCloudresourcemanagerTagKeys', 'cloudasset.assets.exportCloudresourcemanagerTagValues', 'cloudasset.assets.exportComposerEnvironments', 'cloudasset.assets.exportComputeAddress', 'cloudasset.assets.exportComputeAutoscalers', 'cloudasset.assets.exportComputeBackendBuckets', 'cloudasset.assets.exportComputeBackendServices', 'cloudasset.assets.exportComputeCommitments', 'cloudasset.assets.exportComputeDisks', 'cloudasset.assets.exportComputeExternalVpnGateways', 'cloudasset.assets.exportComputeFirewallPolicies', 'cloudasset.assets.exportComputeFirewalls', 'cloudasset.assets.exportComputeForwardingRules', 'cloudasset.assets.exportComputeGlobalAddress', 'cloudasset.assets.exportComputeGlobalForwardingRules', 'cloudasset.assets.exportComputeHealthChecks', 'cloudasset.assets.exportComputeHttpHealthChecks', 'cloudasset.assets.exportComputeHttpsHealthChecks', 'cloudasset.assets.exportComputeImages', 'cloudasset.assets.exportComputeInstanceGroupManagers', 'cloudasset.assets.exportComputeInstanceGroups', 'cloudasset.assets.exportComputeInstanceTemplates', 'cloudasset.assets.exportComputeInstances', 'cloudasset.assets.exportComputeInterconnect', 'cloudasset.assets.exportComputeInterconnectAttachment', 'cloudasset.assets.exportComputeLicenses', 'cloudasset.assets.exportComputeNetworkEndpointGroups', 'cloudasset.assets.exportComputeNetworks', 'cloudasset.assets.exportComputeNodeGroups', 'cloudasset.assets.exportComputeNodeTemplates', 'cloudasset.assets.exportComputePacketMirrorings', 'cloudasset.assets.exportComputeProjects', 'cloudasset.assets.exportComputeRegionAutoscaler', 'cloudasset.assets.exportComputeRegionBackendServices', 'cloudasset.assets.exportComputeRegionDisk', 'cloudasset.assets.exportComputeRegionInstanceGroup', 'cloudasset.assets.exportComputeRegionInstanceGroupManager', 'cloudasset.assets.exportComputeReservations', 'cloudasset.assets.exportComputeResourcePolicies', 'cloudasset.assets.exportComputeRouters', 'cloudasset.assets.exportComputeRoutes', 'cloudasset.assets.exportComputeSecurityPolicy', 'cloudasset.assets.exportComputeServiceAttachments', 'cloudasset.assets.exportComputeSnapshots', 'cloudasset.assets.exportComputeSslCertificates', 'cloudasset.assets.exportComputeSslPolicies', 'cloudasset.assets.exportComputeSubnetworks', 'cloudasset.assets.exportComputeTargetHttpProxies', 'cloudasset.assets.exportComputeTargetHttpsProxies', 'cloudasset.assets.exportComputeTargetInstances', 'cloudasset.assets.exportComputeTargetPools', 'cloudasset.assets.exportComputeTargetSslProxies', 'cloudasset.assets.exportComputeTargetTcpProxies', 'cloudasset.assets.exportComputeTargetVpnGateways', 'cloudasset.assets.exportComputeUrlMaps', 'cloudasset.assets.exportComputeVpnGateways', 'cloudasset.assets.exportComputeVpnTunnels', 'cloudasset.assets.exportConnectorsConnections', 'cloudasset.assets.exportConnectorsConnectorVersions', 'cloudasset.assets.exportConnectorsConnectors', 'cloudasset.assets.exportConnectorsProviders', 'cloudasset.assets.exportConnectorsRuntimeConfigs', 'cloudasset.assets.exportContainerAppsDeployment', 'cloudasset.assets.exportContainerAppsReplicaSets', 'cloudasset.assets.exportContainerBatchJobs', 'cloudasset.assets.exportContainerClusterrole', 'cloudasset.assets.exportContainerClusterrolebinding', 'cloudasset.assets.exportContainerClusters', 'cloudasset.assets.exportContainerExtensionsIngresses', 'cloudasset.assets.exportContainerJobs', 'cloudasset.assets.exportContainerNamespace', 'cloudasset.assets.exportContainerNetworkingIngresses', 'cloudasset.assets.exportContainerNetworkingNetworkPolicies', 'cloudasset.assets.exportContainerNode', 'cloudasset.assets.exportContainerNodepool', 'cloudasset.assets.exportContainerPod', 'cloudasset.assets.exportContainerReplicaSets', 'cloudasset.assets.exportContainerRole', 'cloudasset.assets.exportContainerRolebinding', 'cloudasset.assets.exportContainerServices', 'cloudasset.assets.exportContainerregistryImage', 'cloudasset.assets.exportDataMigrationConnectionProfiles', 'cloudasset.assets.exportDataMigrationMigrationJobs', 'cloudasset.assets.exportDataflowJobs', 'cloudasset.assets.exportDatafusionInstance', 'cloudasset.assets.exportDataplexAssets', 'cloudasset.assets.exportDataplexLakes', 'cloudasset.assets.exportDataplexTasks', 'cloudasset.assets.exportDataplexZones', 'cloudasset.assets.exportDataprocAutoscalingPolicies', 'cloudasset.assets.exportDataprocBatches', 'cloudasset.assets.exportDataprocClusters', 'cloudasset.assets.exportDataprocJobs', 'cloudasset.assets.exportDataprocSessions', 'cloudasset.assets.exportDataprocWorkflowTemplates', 'cloudasset.assets.exportDatastreamConnectionProfile', 'cloudasset.assets.exportDatastreamPrivateConnection', 'cloudasset.assets.exportDatastreamStream', 'cloudasset.assets.exportDialogflowAgents', 'cloudasset.assets.exportDialogflowConversationProfiles', 'cloudasset.assets.exportDialogflowKnowledgeBases', 'cloudasset.assets.exportDialogflowLocationSettings', 'cloudasset.assets.exportDlpDeidentifyTemplates', 'cloudasset.assets.exportDlpDlpJobs', 'cloudasset.assets.exportDlpInspectTemplates', 'cloudasset.assets.exportDlpJobTriggers', 'cloudasset.assets.exportDlpStoredInfoTypes', 'cloudasset.assets.exportDnsManagedZones', 'cloudasset.assets.exportDnsPolicies', 'cloudasset.assets.exportDomainsRegistrations', 'cloudasset.assets.exportEventarcTriggers', 'cloudasset.assets.exportFileBackups', 'cloudasset.assets.exportFileInstances', 'cloudasset.assets.exportFirebaseAppInfos', 'cloudasset.assets.exportFirebaseProjects', 'cloudasset.assets.exportFirestoreDatabases', 'cloudasset.assets.exportGKEHubFeatures', 'cloudasset.assets.exportGKEHubMemberships', 'cloudasset.assets.exportGameservicesGameServerClusters', 'cloudasset.assets.exportGameservicesGameServerConfigs', 'cloudasset.assets.exportGameservicesGameServerDeployments', 'cloudasset.assets.exportGameservicesRealms', 'cloudasset.assets.exportGkeBackupBackupPlans', 'cloudasset.assets.exportGkeBackupBackups', 'cloudasset.assets.exportGkeBackupRestorePlans', 'cloudasset.assets.exportGkeBackupRestores', 'cloudasset.assets.exportGkeBackupVolumeBackups', 'cloudasset.assets.exportGkeBackupVolumeRestores', 'cloudasset.assets.exportHealthcareConsentStores', 'cloudasset.assets.exportHealthcareDatasets', 'cloudasset.assets.exportHealthcareDicomStores', 'cloudasset.assets.exportHealthcareFhirStores', 'cloudasset.assets.exportHealthcareHl7V2Stores', 'cloudasset.assets.exportIamPolicy', 'cloudasset.assets.exportIamRoles', 'cloudasset.assets.exportIamServiceAccountKeys', 'cloudasset.assets.exportIamServiceAccounts', 'cloudasset.assets.exportIapTunnel', 'cloudasset.assets.exportIapTunnelInstances', 'cloudasset.assets.exportIapTunnelZones', 'cloudasset.assets.exportIapWeb', 'cloudasset.assets.exportIapWebServiceVersion', 'cloudasset.assets.exportIapWebServices', 'cloudasset.assets.exportIapWebType', 'cloudasset.assets.exportIdsEndpoints', 'cloudasset.assets.exportIntegrationsAuthConfigs', 'cloudasset.assets.exportIntegrationsCertificates', 'cloudasset.assets.exportIntegrationsExecutions', 'cloudasset.assets.exportIntegrationsIntegrationVersions', 'cloudasset.assets.exportIntegrationsIntegrations', 'cloudasset.assets.exportIntegrationsSfdcChannels', 'cloudasset.assets.exportIntegrationsSfdcInstances', 'cloudasset.assets.exportIntegrationsSuspensions', 'cloudasset.assets.exportLoggingLogMetrics', 'cloudasset.assets.exportLoggingLogSinks', 'cloudasset.assets.exportManagedidentitiesDomain', 'cloudasset.assets.exportMetastoreBackups', 'cloudasset.assets.exportMetastoreMetadataImports', 'cloudasset.assets.exportMetastoreServices', 'cloudasset.assets.exportMonitoringAlertPolicies', 'cloudasset.assets.exportNetworkConnectivityHubs', 'cloudasset.assets.exportNetworkConnectivitySpokes', 'cloudasset.assets.exportNetworkManagementConnectivityTests', 'cloudasset.assets.exportNetworkServicesEndpointPolicies', 'cloudasset.assets.exportNetworkServicesGateways', 'cloudasset.assets.exportNetworkServicesGrpcRoutes', 'cloudasset.assets.exportNetworkServicesHttpRoutes', 'cloudasset.assets.exportNetworkServicesMeshes', 'cloudasset.assets.exportNetworkServicesServiceBindings', 'cloudasset.assets.exportNetworkServicesTcpRoutes', 'cloudasset.assets.exportNetworkServicesTlsRoutes', 'cloudasset.assets.exportOSConfigOSPolicyAssignmentReports', 'cloudasset.assets.exportOSConfigOSPolicyAssignments', 'cloudasset.assets.exportOSConfigVulnerabilityReports', 'cloudasset.assets.exportOSInventories', 'cloudasset.assets.exportOrgPolicy', 'cloudasset.assets.exportPatchDeployments', 'cloudasset.assets.exportPubsubSnapshots', 'cloudasset.assets.exportPubsubSubscriptions', 'cloudasset.assets.exportPubsubTopics', 'cloudasset.assets.exportRedisInstances', 'cloudasset.assets.exportResource', 'cloudasset.assets.exportSecretManagerSecretVersions', 'cloudasset.assets.exportSecretManagerSecrets', 'cloudasset.assets.exportServiceDirectoryNamespaces', 'cloudasset.assets.exportServicePerimeter', 'cloudasset.assets.exportServiceconsumermanagementConsumerProperty', 'cloudasset.assets.exportServiceconsumermanagementConsumerQuotaLimits', 'cloudasset.assets.exportServiceconsumermanagementConsumers', 'cloudasset.assets.exportServiceconsumermanagementProducerOverrides', 'cloudasset.assets.exportServiceconsumermanagementTenancyUnits', 'cloudasset.assets.exportServiceconsumermanagementVisibility', 'cloudasset.assets.exportServicemanagementServices', 'cloudasset.assets.exportServiceusageAdminOverrides', 'cloudasset.assets.exportServiceusageConsumerOverrides', 'cloudasset.assets.exportServiceusageServices', 'cloudasset.assets.exportSpannerBackups', 'cloudasset.assets.exportSpannerDatabases', 'cloudasset.assets.exportSpannerInstances', 'cloudasset.assets.exportSpeakerIdPhrases', 'cloudasset.assets.exportSpeakerIdSettings', 'cloudasset.assets.exportSpeakerIdSpeakers', 'cloudasset.assets.exportSpeechCustomClasses', 'cloudasset.assets.exportSpeechPhraseSets', 'cloudasset.assets.exportSqladminBackupRuns', 'cloudasset.assets.exportSqladminInstances', 'cloudasset.assets.exportStorageBuckets', 'cloudasset.assets.exportTpuNodes', 'cloudasset.assets.exportVpcaccessConnector', 'cloudasset.assets.listAccessLevel', 'cloudasset.assets.listAccessPolicy', 'cloudasset.assets.listAiplatformBatchPredictionJobs', 'cloudasset.assets.listAiplatformCustomJobs', 'cloudasset.assets.listAiplatformDataLabelingJobs', 'cloudasset.assets.listAiplatformDatasets', 'cloudasset.assets.listAiplatformEndpoints', 'cloudasset.assets.listAiplatformHyperparameterTuningJobs', 'cloudasset.assets.listAiplatformMetadataStores', 'cloudasset.assets.listAiplatformModelDeploymentMonitoringJobs', 'cloudasset.assets.listAiplatformModels', 'cloudasset.assets.listAiplatformPipelineJobs', 'cloudasset.assets.listAiplatformSpecialistPools', 'cloudasset.assets.listAiplatformTrainingPipelines', 'cloudasset.assets.listAllAccessPolicy', 'cloudasset.assets.listAnthosConnectedCluster', 'cloudasset.assets.listAnthosedgeCluster', 'cloudasset.assets.listApigatewayApi', 'cloudasset.assets.listApigatewayApiConfig', 'cloudasset.assets.listApigatewayGateway', 'cloudasset.assets.listApikeysKeys', 'cloudasset.assets.listAppengineApplications', 'cloudasset.assets.listAppengineServices', 'cloudasset.assets.listAppengineVersions', 'cloudasset.assets.listArtifactregistryDockerImages', 'cloudasset.assets.listArtifactregistryRepositories', 'cloudasset.assets.listAssuredWorkloadsWorkloads', 'cloudasset.assets.listBeyondCorpApiGateways', 'cloudasset.assets.listBeyondCorpAppConnections', 'cloudasset.assets.listBeyondCorpAppConnectors', 'cloudasset.assets.listBeyondCorpAppGateways', 'cloudasset.assets.listBeyondCorpClientConnectorServices', 'cloudasset.assets.listBeyondCorpClientGateways', 'cloudasset.assets.listBigqueryDatasets', 'cloudasset.assets.listBigqueryModels', 'cloudasset.assets.listBigqueryTables', 'cloudasset.assets.listBigtableAppProfile', 'cloudasset.assets.listBigtableBackup', 'cloudasset.assets.listBigtableCluster', 'cloudasset.assets.listBigtableInstance', 'cloudasset.assets.listBigtableTable', 'cloudasset.assets.listCloudAssetFeeds', 'cloudasset.assets.listCloudDeployDeliveryPipelines', 'cloudasset.assets.listCloudDeployReleases', 'cloudasset.assets.listCloudDeployRollouts', 'cloudasset.assets.listCloudDeployTargets', 'cloudasset.assets.listCloudDocumentAIEvaluation', 'cloudasset.assets.listCloudDocumentAIHumanReviewConfig', 'cloudasset.assets.listCloudDocumentAILabelerPool', 'cloudasset.assets.listCloudDocumentAIProcessor', 'cloudasset.assets.listCloudDocumentAIProcessorVersion', 'cloudasset.assets.listCloudbillingBillingAccounts', 'cloudasset.assets.listCloudbillingProjectBillingInfos', 'cloudasset.assets.listCloudfunctionsFunctions', 'cloudasset.assets.listCloudfunctionsGen2Functions', 'cloudasset.assets.listCloudkmsCryptoKeyVersions', 'cloudasset.assets.listCloudkmsCryptoKeys', 'cloudasset.assets.listCloudkmsEkmConnections', 'cloudasset.assets.listCloudkmsImportJobs', 'cloudasset.assets.listCloudkmsKeyRings', 'cloudasset.assets.listCloudmemcacheInstances', 'cloudasset.assets.listCloudresourcemanagerFolders', 'cloudasset.assets.listCloudresourcemanagerOrganizations', 'cloudasset.assets.listCloudresourcemanagerProjects', 'cloudasset.assets.listCloudresourcemanagerTagBindings', 'cloudasset.assets.listCloudresourcemanagerTagKeys', 'cloudasset.assets.listCloudresourcemanagerTagValues', 'cloudasset.assets.listComposerEnvironments', 'cloudasset.assets.listComputeAddress', 'cloudasset.assets.listComputeAutoscalers', 'cloudasset.assets.listComputeBackendBuckets', 'cloudasset.assets.listComputeBackendServices', 'cloudasset.assets.listComputeCommitments', 'cloudasset.assets.listComputeDisks', 'cloudasset.assets.listComputeExternalVpnGateways', 'cloudasset.assets.listComputeFirewallPolicies', 'cloudasset.assets.listComputeFirewalls', 'cloudasset.assets.listComputeForwardingRules', 'cloudasset.assets.listComputeGlobalAddress', 'cloudasset.assets.listComputeGlobalForwardingRules', 'cloudasset.assets.listComputeHealthChecks', 'cloudasset.assets.listComputeHttpHealthChecks', 'cloudasset.assets.listComputeHttpsHealthChecks', 'cloudasset.assets.listComputeImages', 'cloudasset.assets.listComputeInstanceGroupManagers', 'cloudasset.assets.listComputeInstanceGroups', 'cloudasset.assets.listComputeInstanceTemplates', 'cloudasset.assets.listComputeInstances', 'cloudasset.assets.listComputeInterconnect', 'cloudasset.assets.listComputeInterconnectAttachment', 'cloudasset.assets.listComputeLicenses', 'cloudasset.assets.listComputeNetworkEndpointGroups', 'cloudasset.assets.listComputeNetworks', 'cloudasset.assets.listComputeNodeGroups', 'cloudasset.assets.listComputeNodeTemplates', 'cloudasset.assets.listComputePacketMirrorings', 'cloudasset.assets.listComputeProjects', 'cloudasset.assets.listComputeRegionAutoscaler', 'cloudasset.assets.listComputeRegionBackendServices', 'cloudasset.assets.listComputeRegionDisk', 'cloudasset.assets.listComputeRegionInstanceGroup', 'cloudasset.assets.listComputeRegionInstanceGroupManager', 'cloudasset.assets.listComputeReservations', 'cloudasset.assets.listComputeResourcePolicies', 'cloudasset.assets.listComputeRouters', 'cloudasset.assets.listComputeRoutes', 'cloudasset.assets.listComputeSecurityPolicy', 'cloudasset.assets.listComputeServiceAttachments', 'cloudasset.assets.listComputeSnapshots', 'cloudasset.assets.listComputeSslCertificates', 'cloudasset.assets.listComputeSslPolicies', 'cloudasset.assets.listComputeSubnetworks', 'cloudasset.assets.listComputeTargetHttpProxies', 'cloudasset.assets.listComputeTargetHttpsProxies', 'cloudasset.assets.listComputeTargetInstances', 'cloudasset.assets.listComputeTargetPools', 'cloudasset.assets.listComputeTargetSslProxies', 'cloudasset.assets.listComputeTargetTcpProxies', 'cloudasset.assets.listComputeTargetVpnGateways', 'cloudasset.assets.listComputeUrlMaps', 'cloudasset.assets.listComputeVpnGateways', 'cloudasset.assets.listComputeVpnTunnels', 'cloudasset.assets.listConnectorsConnections', 'cloudasset.assets.listConnectorsConnectorVersions', 'cloudasset.assets.listConnectorsConnectors', 'cloudasset.assets.listConnectorsProviders', 'cloudasset.assets.listConnectorsRuntimeConfigs', 'cloudasset.assets.listContainerAppsDeployment', 'cloudasset.assets.listContainerAppsReplicaSets', 'cloudasset.assets.listContainerBatchJobs', 'cloudasset.assets.listContainerClusterrole', 'cloudasset.assets.listContainerClusterrolebinding', 'cloudasset.assets.listContainerClusters', 'cloudasset.assets.listContainerExtensionsIngresses', 'cloudasset.assets.listContainerJobs', 'cloudasset.assets.listContainerNamespace', 'cloudasset.assets.listContainerNetworkingIngresses', 'cloudasset.assets.listContainerNetworkingNetworkPolicies', 'cloudasset.assets.listContainerNode', 'cloudasset.assets.listContainerNodepool', 'cloudasset.assets.listContainerPod', 'cloudasset.assets.listContainerReplicaSets', 'cloudasset.assets.listContainerRole', 'cloudasset.assets.listContainerRolebinding', 'cloudasset.assets.listContainerServices', 'cloudasset.assets.listContainerregistryImage', 'cloudasset.assets.listDataMigrationConnectionProfiles', 'cloudasset.assets.listDataMigrationMigrationJobs', 'cloudasset.assets.listDataflowJobs', 'cloudasset.assets.listDatafusionInstance', 'cloudasset.assets.listDataplexAssets', 'cloudasset.assets.listDataplexLakes', 'cloudasset.assets.listDataplexTasks', 'cloudasset.assets.listDataplexZones', 'cloudasset.assets.listDataprocAutoscalingPolicies', 'cloudasset.assets.listDataprocBatches', 'cloudasset.assets.listDataprocClusters', 'cloudasset.assets.listDataprocJobs', 'cloudasset.assets.listDataprocSessions', 'cloudasset.assets.listDataprocWorkflowTemplates', 'cloudasset.assets.listDatastreamConnectionProfile', 'cloudasset.assets.listDatastreamPrivateConnection', 'cloudasset.assets.listDatastreamStream', 'cloudasset.assets.listDialogflowAgents', 'cloudasset.assets.listDialogflowConversationProfiles', 'cloudasset.assets.listDialogflowKnowledgeBases', 'cloudasset.assets.listDialogflowLocationSettings', 'cloudasset.assets.listDlpDeidentifyTemplates', 'cloudasset.assets.listDlpDlpJobs', 'cloudasset.assets.listDlpInspectTemplates', 'cloudasset.assets.listDlpJobTriggers', 'cloudasset.assets.listDlpStoredInfoTypes', 'cloudasset.assets.listDnsManagedZones', 'cloudasset.assets.listDnsPolicies', 'cloudasset.assets.listDomainsRegistrations', 'cloudasset.assets.listEventarcTriggers', 'cloudasset.assets.listFileBackups', 'cloudasset.assets.listFileInstances', 'cloudasset.assets.listFirebaseAppInfos', 'cloudasset.assets.listFirebaseProjects', 'cloudasset.assets.listFirestoreDatabases', 'cloudasset.assets.listGKEHubFeatures', 'cloudasset.assets.listGKEHubMemberships', 'cloudasset.assets.listGameservicesGameServerClusters', 'cloudasset.assets.listGameservicesGameServerConfigs', 'cloudasset.assets.listGameservicesGameServerDeployments', 'cloudasset.assets.listGameservicesRealms', 'cloudasset.assets.listGkeBackupBackupPlans', 'cloudasset.assets.listGkeBackupBackups', 'cloudasset.assets.listGkeBackupRestorePlans', 'cloudasset.assets.listGkeBackupRestores', 'cloudasset.assets.listGkeBackupVolumeBackups', 'cloudasset.assets.listGkeBackupVolumeRestores', 'cloudasset.assets.listHealthcareConsentStores', 'cloudasset.assets.listHealthcareDatasets', 'cloudasset.assets.listHealthcareDicomStores', 'cloudasset.assets.listHealthcareFhirStores', 'cloudasset.assets.listHealthcareHl7V2Stores', 'cloudasset.assets.listIamPolicy', 'cloudasset.assets.listIamRoles', 'cloudasset.assets.listIamServiceAccountKeys', 'cloudasset.assets.listIamServiceAccounts', 'cloudasset.assets.listIapTunnel', 'cloudasset.assets.listIapTunnelInstances', 'cloudasset.assets.listIapTunnelZones', 'cloudasset.assets.listIapWeb', 'cloudasset.assets.listIapWebServiceVersion', 'cloudasset.assets.listIapWebServices', 'cloudasset.assets.listIapWebType', 'cloudasset.assets.listIdsEndpoints', 'cloudasset.assets.listIntegrationsAuthConfigs', 'cloudasset.assets.listIntegrationsCertificates', 'cloudasset.assets.listIntegrationsExecutions', 'cloudasset.assets.listIntegrationsIntegrationVersions', 'cloudasset.assets.listIntegrationsIntegrations', 'cloudasset.assets.listIntegrationsSfdcChannels', 'cloudasset.assets.listIntegrationsSfdcInstances', 'cloudasset.assets.listIntegrationsSuspensions', 'cloudasset.assets.listLoggingLogMetrics', 'cloudasset.assets.listLoggingLogSinks', 'cloudasset.assets.listManagedidentitiesDomain', 'cloudasset.assets.listMetastoreBackups', 'cloudasset.assets.listMetastoreMetadataImports', 'cloudasset.assets.listMetastoreServices', 'cloudasset.assets.listMonitoringAlertPolicies', 'cloudasset.assets.listNetworkConnectivityHubs', 'cloudasset.assets.listNetworkConnectivitySpokes', 'cloudasset.assets.listNetworkManagementConnectivityTests', 'cloudasset.assets.listNetworkServicesEndpointPolicies', 'cloudasset.assets.listNetworkServicesGateways', 'cloudasset.assets.listNetworkServicesGrpcRoutes', 'cloudasset.assets.listNetworkServicesHttpRoutes', 'cloudasset.assets.listNetworkServicesMeshes', 'cloudasset.assets.listNetworkServicesServiceBindings', 'cloudasset.assets.listNetworkServicesTcpRoutes', 'cloudasset.assets.listNetworkServicesTlsRoutes', 'cloudasset.assets.listOSConfigOSPolicyAssignmentReports', 'cloudasset.assets.listOSConfigOSPolicyAssignments', 'cloudasset.assets.listOSConfigVulnerabilityReports', 'cloudasset.assets.listOSInventories', 'cloudasset.assets.listOrgPolicy', 'cloudasset.assets.listPatchDeployments', 'cloudasset.assets.listPubsubSnapshots', 'cloudasset.assets.listPubsubSubscriptions', 'cloudasset.assets.listPubsubTopics', 'cloudasset.assets.listRedisInstances', 'cloudasset.assets.listResource', 'cloudasset.assets.listRunDomainMapping', 'cloudasset.assets.listRunRevision', 'cloudasset.assets.listRunService', 'cloudasset.assets.listSecretManagerSecretVersions', 'cloudasset.assets.listSecretManagerSecrets', 'cloudasset.assets.listServiceDirectoryNamespaces', 'cloudasset.assets.listServicePerimeter', 'cloudasset.assets.listServiceconsumermanagementConsumerProperty', 'cloudasset.assets.listServiceconsumermanagementConsumerQuotaLimits', 'cloudasset.assets.listServiceconsumermanagementConsumers', 'cloudasset.assets.listServiceconsumermanagementProducerOverrides', 'cloudasset.assets.listServiceconsumermanagementTenancyUnits', 'cloudasset.assets.listServiceconsumermanagementVisibility', 'cloudasset.assets.listServicemanagementServices', 'cloudasset.assets.listServiceusageAdminOverrides', 'cloudasset.assets.listServiceusageConsumerOverrides', 'cloudasset.assets.listServiceusageServices', 'cloudasset.assets.listSpannerBackups', 'cloudasset.assets.listSpannerDatabases', 'cloudasset.assets.listSpannerInstances', 'cloudasset.assets.listSpeakerIdPhrases', 'cloudasset.assets.listSpeakerIdSettings', 'cloudasset.assets.listSpeakerIdSpeakers', 'cloudasset.assets.listSpeechCustomClasses', 'cloudasset.assets.listSpeechPhraseSets', 'cloudasset.assets.listSqladminBackupRuns', 'cloudasset.assets.listSqladminInstances', 'cloudasset.assets.listStorageBuckets', 'cloudasset.assets.listTpuNodes', 'cloudasset.assets.listVpcaccessConnector', 'cloudasset.assets.queryAccessPolicy', 'cloudasset.assets.queryIamPolicy', 'cloudasset.assets.queryOSInventories', 'cloudasset.assets.queryResource', 'cloudasset.assets.searchAllIamPolicies', 'cloudasset.assets.searchAllResources', 'cloudasset.feeds.create', 'cloudasset.feeds.delete', 'cloudasset.feeds.get', 'cloudasset.feeds.list', 'cloudasset.feeds.update', 'cloudsql.instances.connect', 'cloudsql.users.list', 'compute.globalOperations.get', 'compute.instances.get', 'compute.instances.list', 'compute.networkEndpointGroups.get', 'compute.projects.get', 'container.clusters.get', 'monitoring.alertPolicies.list', 'orgpolicy.policy.get', 'recommender.cloudAssetInsights.get', 'recommender.cloudAssetInsights.list', 'recommender.locations.get', 'recommender.locations.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.organizationsettings.get', 'serviceusage.quotas.get', 'serviceusage.services.get', 'serviceusage.services.list', 'stackdriver.projects.get'] |
|
GA |
| roles/securitycentermanagement.customModulesEditor |
Full access to manage Cloud Security Command Center custom modules. |
Security Center Management Custom Modules Editor |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update'] |
|
GA |
| roles/securitycenter.findingsEditor |
Read-write access to findings |
Security Center Findings Editor |
['resourcemanager.folders.get', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'securitycenter.complianceReports.aggregate', 'securitycenter.compliancesnapshots.list', 'securitycenter.findingexplanations.get', 'securitycenter.findings.bulkMuteUpdate', 'securitycenter.findings.group', 'securitycenter.findings.list', 'securitycenter.findings.listFindingPropertyNames', 'securitycenter.findings.setMute', 'securitycenter.findings.setState', 'securitycenter.findings.update', 'securitycenter.sources.get', 'securitycenter.sources.list', 'securitycenter.userinterfacemetadata.get', 'securitycenter.vulnerabilitysnapshots.list'] |
|
GA |
| roles/securitycentermanagement.settingsEditor |
Full access to manage Cloud Security Command Center settings |
Security Center Management Settings Editor |
['resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'securitycenter.organizationsettings.get', 'securitycenter.organizationsettings.update', 'securitycenter.securitycentersettings.get', 'securitycenter.securitycentersettings.update', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.get', 'securitycentermanagement.effectiveEventThreatDetectionCustomModules.list', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get', 'securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.create', 'securitycentermanagement.eventThreatDetectionCustomModules.delete', 'securitycentermanagement.eventThreatDetectionCustomModules.get', 'securitycentermanagement.eventThreatDetectionCustomModules.list', 'securitycentermanagement.eventThreatDetectionCustomModules.update', 'securitycentermanagement.eventThreatDetectionCustomModules.validate', 'securitycentermanagement.locations.get', 'securitycentermanagement.locations.list', 'securitycentermanagement.securityCenterServices.get', 'securitycentermanagement.securityCenterServices.list', 'securitycentermanagement.securityCenterServices.update', 'securitycentermanagement.securityCommandCenter.activate', 'securitycentermanagement.securityCommandCenter.checkActivationOperation', 'securitycentermanagement.securityCommandCenter.checkEligibility', 'securitycentermanagement.securityCommandCenter.generateServiceAccounts', 'securitycentermanagement.securityCommandCenter.get', 'securitycentermanagement.securityCommandCenter.update', 'securitycentermanagement.securityHealthAnalyticsCustomModules.create', 'securitycentermanagement.securityHealthAnalyticsCustomModules.delete', 'securitycentermanagement.securityHealthAnalyticsCustomModules.get', 'securitycentermanagement.securityHealthAnalyticsCustomModules.list', 'securitycentermanagement.securityHealthAnalyticsCustomModules.simulate', 'securitycentermanagement.securityHealthAnalyticsCustomModules.test', 'securitycentermanagement.securityHealthAnalyticsCustomModules.update'] |
|
GA |