roles/vmwareengine.serviceAgent |
Gives permission to manage network configuration, such as establishing network peering, necessary for GCVE |
VMware Engine Service Agent |
['compute.globalAddresses.get', 'compute.globalAddresses.list', 'compute.globalOperations.get', 'compute.networks.addPeering', 'compute.networks.get', 'compute.networks.list', 'compute.networks.listPeeringRoutes', 'compute.networks.removePeering', 'compute.networks.update', 'compute.networks.updatePeering', 'compute.networks.updatePolicy', 'compute.projects.get', 'compute.regionOperations.get', 'compute.routers.get', 'compute.routers.list', 'compute.routes.list', 'compute.subnetworks.get', 'compute.subnetworks.list', 'dns.changes.create', 'dns.changes.get', 'dns.changes.list', 'dns.dnsKeys.get', 'dns.dnsKeys.list', 'dns.gkeClusters.bindDNSResponsePolicy', 'dns.gkeClusters.bindPrivateDNSZone', 'dns.managedZoneOperations.get', 'dns.managedZoneOperations.list', 'dns.managedZones.create', 'dns.managedZones.delete', 'dns.managedZones.get', 'dns.managedZones.getIamPolicy', 'dns.managedZones.list', 'dns.managedZones.update', 'dns.networks.bindDNSResponsePolicy', 'dns.networks.bindPrivateDNSPolicy', 'dns.networks.bindPrivateDNSZone', 'dns.networks.targetWithPeeringZone', 'dns.networks.useHealthSignals', 'dns.policies.create', 'dns.policies.delete', 'dns.policies.get', 'dns.policies.getIamPolicy', 'dns.policies.list', 'dns.policies.update', 'dns.projects.get', 'dns.resourceRecordSets.create', 'dns.resourceRecordSets.delete', 'dns.resourceRecordSets.get', 'dns.resourceRecordSets.list', 'dns.resourceRecordSets.update', 'dns.responsePolicies.create', 'dns.responsePolicies.delete', 'dns.responsePolicies.get', 'dns.responsePolicies.list', 'dns.responsePolicies.update', 'dns.responsePolicyRules.create', 'dns.responsePolicyRules.delete', 'dns.responsePolicyRules.get', 'dns.responsePolicyRules.list', 'dns.responsePolicyRules.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'vmwareengine.externalAddresses.get', 'vmwareengine.externalAddresses.list', 'vmwareengine.nodes.get', 'vmwareengine.nodes.list'] |
|
GA |
roles/vmwareengine.vmwareengineAdmin |
Admin has full access to VMware Engine Service |
VMware Engine Service Admin |
['resourcemanager.projects.get', 'resourcemanager.projects.list', 'vmwareengine.clusters.create', 'vmwareengine.clusters.delete', 'vmwareengine.clusters.get', 'vmwareengine.clusters.getIamPolicy', 'vmwareengine.clusters.list', 'vmwareengine.clusters.setIamPolicy', 'vmwareengine.clusters.update', 'vmwareengine.dnsBindPermission.get', 'vmwareengine.dnsBindPermission.grant', 'vmwareengine.dnsBindPermission.revoke', 'vmwareengine.dnsForwarding.get', 'vmwareengine.dnsForwarding.update', 'vmwareengine.externalAccessRules.create', 'vmwareengine.externalAccessRules.delete', 'vmwareengine.externalAccessRules.get', 'vmwareengine.externalAccessRules.list', 'vmwareengine.externalAccessRules.update', 'vmwareengine.externalAddresses.create', 'vmwareengine.externalAddresses.delete', 'vmwareengine.externalAddresses.get', 'vmwareengine.externalAddresses.list', 'vmwareengine.externalAddresses.update', 'vmwareengine.hcxActivationKeys.create', 'vmwareengine.hcxActivationKeys.get', 'vmwareengine.hcxActivationKeys.getIamPolicy', 'vmwareengine.hcxActivationKeys.list', 'vmwareengine.hcxActivationKeys.setIamPolicy', 'vmwareengine.locations.get', 'vmwareengine.locations.list', 'vmwareengine.loggingServers.create', 'vmwareengine.loggingServers.delete', 'vmwareengine.loggingServers.get', 'vmwareengine.loggingServers.list', 'vmwareengine.loggingServers.update', 'vmwareengine.managementDnsZoneBindings.create', 'vmwareengine.managementDnsZoneBindings.delete', 'vmwareengine.managementDnsZoneBindings.get', 'vmwareengine.managementDnsZoneBindings.list', 'vmwareengine.managementDnsZoneBindings.repair', 'vmwareengine.managementDnsZoneBindings.update', 'vmwareengine.networkPeerings.create', 'vmwareengine.networkPeerings.delete', 'vmwareengine.networkPeerings.get', 'vmwareengine.networkPeerings.list', 'vmwareengine.networkPeerings.listPeeringRoutes', 'vmwareengine.networkPeerings.update', 'vmwareengine.networkPolicies.create', 'vmwareengine.networkPolicies.delete', 'vmwareengine.networkPolicies.fetchExternalAddresses', 'vmwareengine.networkPolicies.get', 'vmwareengine.networkPolicies.list', 'vmwareengine.networkPolicies.update', 'vmwareengine.nodeTypes.get', 'vmwareengine.nodeTypes.list', 'vmwareengine.nodes.get', 'vmwareengine.nodes.list', 'vmwareengine.operations.delete', 'vmwareengine.operations.get', 'vmwareengine.operations.list', 'vmwareengine.privateClouds.create', 'vmwareengine.privateClouds.delete', 'vmwareengine.privateClouds.get', 'vmwareengine.privateClouds.getIamPolicy', 'vmwareengine.privateClouds.list', 'vmwareengine.privateClouds.resetNsxCredentials', 'vmwareengine.privateClouds.resetVcenterCredentials', 'vmwareengine.privateClouds.setIamPolicy', 'vmwareengine.privateClouds.showNsxCredentials', 'vmwareengine.privateClouds.showVcenterCredentials', 'vmwareengine.privateClouds.undelete', 'vmwareengine.privateClouds.update', 'vmwareengine.privateConnections.create', 'vmwareengine.privateConnections.delete', 'vmwareengine.privateConnections.get', 'vmwareengine.privateConnections.list', 'vmwareengine.privateConnections.listPeeringRoutes', 'vmwareengine.privateConnections.update', 'vmwareengine.projectState.get', 'vmwareengine.services.use', 'vmwareengine.services.view', 'vmwareengine.subnets.get', 'vmwareengine.subnets.list', 'vmwareengine.subnets.update', 'vmwareengine.vmwareEngineNetworks.create', 'vmwareengine.vmwareEngineNetworks.delete', 'vmwareengine.vmwareEngineNetworks.get', 'vmwareengine.vmwareEngineNetworks.list', 'vmwareengine.vmwareEngineNetworks.update'] |
|
GA |
roles/vmwareengine.vmwareengineViewer |
Viewer has read-only access to VMware Engine Service |
VMware Engine Service Viewer |
['resourcemanager.projects.get', 'resourcemanager.projects.list', 'vmwareengine.clusters.get', 'vmwareengine.clusters.getIamPolicy', 'vmwareengine.clusters.list', 'vmwareengine.dnsBindPermission.get', 'vmwareengine.dnsForwarding.get', 'vmwareengine.externalAccessRules.get', 'vmwareengine.externalAccessRules.list', 'vmwareengine.externalAddresses.get', 'vmwareengine.externalAddresses.list', 'vmwareengine.hcxActivationKeys.get', 'vmwareengine.hcxActivationKeys.getIamPolicy', 'vmwareengine.hcxActivationKeys.list', 'vmwareengine.locations.get', 'vmwareengine.locations.list', 'vmwareengine.loggingServers.get', 'vmwareengine.loggingServers.list', 'vmwareengine.managementDnsZoneBindings.get', 'vmwareengine.managementDnsZoneBindings.list', 'vmwareengine.networkPeerings.get', 'vmwareengine.networkPeerings.list', 'vmwareengine.networkPeerings.listPeeringRoutes', 'vmwareengine.networkPolicies.fetchExternalAddresses', 'vmwareengine.networkPolicies.get', 'vmwareengine.networkPolicies.list', 'vmwareengine.nodeTypes.get', 'vmwareengine.nodeTypes.list', 'vmwareengine.nodes.get', 'vmwareengine.nodes.list', 'vmwareengine.operations.get', 'vmwareengine.operations.list', 'vmwareengine.privateClouds.get', 'vmwareengine.privateClouds.getIamPolicy', 'vmwareengine.privateClouds.list', 'vmwareengine.privateConnections.get', 'vmwareengine.privateConnections.list', 'vmwareengine.privateConnections.listPeeringRoutes', 'vmwareengine.projectState.get', 'vmwareengine.services.view', 'vmwareengine.subnets.get', 'vmwareengine.subnets.list', 'vmwareengine.vmwareEngineNetworks.get', 'vmwareengine.vmwareEngineNetworks.list'] |
|
GA |