The following Identity and Access Management (IAM) permission will be deprecated and shut down for Gemini Cloud Assist April 8, 2026:
cloudaicompanion.instances.completeTask
To prepare for this change, take the following steps:
Identify any custom IAM roles that you have that control access to the Gemini for Google Cloud API:
In the Google Cloud console, go to the Roles page.
In the Google Cloud console toolbar, select your organization or project from the list.
To view role permissions, select the checkbox for one or more roles. An adjacent pane displays any permissions contained in the roles.
The icons in the Type column indicate if it's a custom role or a predefined role
If you want to find all the roles that include a specific permission, type the permission name in the Filter field at the beginning of the Roles list.
Add new permissions. Before April 8, 2026, add the following new permissions to your custom roles:
geminicloudassist.agents.invoke
Retain old permissions. Until April 8, 2026, keep the following permissions in your custom roles:
cloudaicompanion.instances.completeTask
After April 8, 2026, the old permission is no longer used by Gemini Cloud Assist. You might need to retain this permission in your custom roles if you use other Gemini services, such as Gemini in BigQuery or Gemini Code Assist.
For more information about updating custom roles, see
Create and manage custom roles.