使用 IAM 控管存取權

如要限制專案或機構中使用者的存取權,可以使用 Dataflow 的身分與存取權管理 (IAM) 角色。您可以控管 Dataflow 相關資源的存取權,而不將整個 Google Cloud Platform 專案的檢視者、編輯者或擁有者角色授予使用者。

本頁主要說明如何使用 Dataflow 的身分與存取權管理角色。如需 IAM 和其功能的詳細說明,請參閱 IAM 說明文件

每個 Dataflow 方法都要求呼叫者具備必要的權限。如需 Dataflow 支援的權限與角色清單,請參閱下節的說明。

權限與角色

本節概述 Dataflow IAM 支援的權限與角色。

所需權限

下表列出呼叫者呼叫每個方法所需的權限:

方法 所需權限
dataflow.jobs.create dataflow.jobs.create
dataflow.jobs.cancel dataflow.jobs.cancel
dataflow.jobs.updateContents dataflow.jobs.updateContents
dataflow.jobs.list dataflow.jobs.list
dataflow.jobs.get dataflow.jobs.get
dataflow.messages.list dataflow.messages.list
dataflow.metrics.get dataflow.metrics.get
dataflow.jobs.snapshot dataflow.jobs.snapshot

角色

下表列出 Dataflow IAM 角色,以及各角色具備的所有 Dataflow 相關權限對應清單。每個權限只適用於特定資源類型。如需權限清單,請參閱 Google Cloud 控制台的「角色」頁面。

Role Permissions

(roles/dataflow.admin)

Minimal role for creating and managing dataflow jobs.

cloudbuild.builds.create

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.builds.update

cloudbuild.locations.*

  • cloudbuild.locations.get
  • cloudbuild.locations.list

cloudbuild.operations.*

  • cloudbuild.operations.get
  • cloudbuild.operations.list

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

compute.machineTypes.get

compute.projects.get

compute.regions.list

compute.zones.list

dataflow.jobs.*

  • dataflow.jobs.cancel
  • dataflow.jobs.create
  • dataflow.jobs.get
  • dataflow.jobs.list
  • dataflow.jobs.snapshot
  • dataflow.jobs.updateContents

dataflow.messages.list

dataflow.metrics.get

dataflow.snapshots.*

  • dataflow.snapshots.delete
  • dataflow.snapshots.get
  • dataflow.snapshots.list

recommender.dataflowDiagnosticsInsights.*

  • recommender.dataflowDiagnosticsInsights.get
  • recommender.dataflowDiagnosticsInsights.list
  • recommender.dataflowDiagnosticsInsights.update

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

storage.buckets.get

storage.objects.create

storage.objects.get

storage.objects.list

(roles/dataflow.developer)

Provides the permissions necessary to execute and manipulate Dataflow jobs.

Lowest-level resources where you can grant this role:

  • Project

cloudbuild.builds.create

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.builds.update

cloudbuild.locations.*

  • cloudbuild.locations.get
  • cloudbuild.locations.list

cloudbuild.operations.*

  • cloudbuild.operations.get
  • cloudbuild.operations.list

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

compute.projects.get

compute.regions.list

compute.zones.list

dataflow.jobs.*

  • dataflow.jobs.cancel
  • dataflow.jobs.create
  • dataflow.jobs.get
  • dataflow.jobs.list
  • dataflow.jobs.snapshot
  • dataflow.jobs.updateContents

dataflow.messages.list

dataflow.metrics.get

dataflow.snapshots.*

  • dataflow.snapshots.delete
  • dataflow.snapshots.get
  • dataflow.snapshots.list

recommender.dataflowDiagnosticsInsights.*

  • recommender.dataflowDiagnosticsInsights.get
  • recommender.dataflowDiagnosticsInsights.list
  • recommender.dataflowDiagnosticsInsights.update

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/dataflow.serviceAgent)

Gives Cloud Dataflow service account access to managed resources. Includes access to service accounts.

backupdr.backupPlanAssociations.createForComputeDisk

backupdr.backupPlanAssociations.createForComputeInstance

backupdr.backupPlanAssociations.deleteForComputeDisk

backupdr.backupPlanAssociations.deleteForComputeInstance

backupdr.backupPlanAssociations.fetchForComputeDisk

backupdr.backupPlanAssociations.getForComputeDisk

backupdr.backupPlanAssociations.list

backupdr.backupPlanAssociations.triggerBackupForComputeDisk

backupdr.backupPlanAssociations.triggerBackupForComputeInstance

backupdr.backupPlanAssociations.updateForComputeDisk

backupdr.backupPlanAssociations.updateForComputeInstance

backupdr.backupPlans.get

backupdr.backupPlans.list

backupdr.backupPlans.useForComputeDisk

backupdr.backupPlans.useForComputeInstance

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr.locations.list

backupdr.operations.get

backupdr.operations.list

backupdr.serviceConfig.initialize

bigquery.bireservations.*

  • bigquery.bireservations.get
  • bigquery.bireservations.update

bigquery.capacityCommitments.*

  • bigquery.capacityCommitments.create
  • bigquery.capacityCommitments.delete
  • bigquery.capacityCommitments.get
  • bigquery.capacityCommitments.list
  • bigquery.capacityCommitments.update

bigquery.config.*

  • bigquery.config.get
  • bigquery.config.update

bigquery.connections.*

  • bigquery.connections.create
  • bigquery.connections.delegate
  • bigquery.connections.delete
  • bigquery.connections.get
  • bigquery.connections.getIamPolicy
  • bigquery.connections.list
  • bigquery.connections.setIamPolicy
  • bigquery.connections.update
  • bigquery.connections.updateTag
  • bigquery.connections.use

bigquery.dataPolicies.attach

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

bigquery.datasets.*

  • bigquery.datasets.create
  • bigquery.datasets.createTagBinding
  • bigquery.datasets.delete
  • bigquery.datasets.deleteTagBinding
  • bigquery.datasets.get
  • bigquery.datasets.getIamPolicy
  • bigquery.datasets.link
  • bigquery.datasets.listEffectiveTags
  • bigquery.datasets.listSharedDatasetUsage
  • bigquery.datasets.listTagBindings
  • bigquery.datasets.setIamPolicy
  • bigquery.datasets.update
  • bigquery.datasets.updateTag

bigquery.jobs.*

  • bigquery.jobs.create
  • bigquery.jobs.createGlobalQuery
  • bigquery.jobs.delete
  • bigquery.jobs.get
  • bigquery.jobs.list
  • bigquery.jobs.listAll
  • bigquery.jobs.listExecutionMetadata
  • bigquery.jobs.update

bigquery.models.*

  • bigquery.models.create
  • bigquery.models.delete
  • bigquery.models.export
  • bigquery.models.getData
  • bigquery.models.getMetadata
  • bigquery.models.list
  • bigquery.models.updateData
  • bigquery.models.updateMetadata
  • bigquery.models.updateTag

bigquery.objectRefs.*

  • bigquery.objectRefs.read
  • bigquery.objectRefs.write

bigquery.readsessions.*

  • bigquery.readsessions.create
  • bigquery.readsessions.getData
  • bigquery.readsessions.update

bigquery.reservationAssignments.*

  • bigquery.reservationAssignments.create
  • bigquery.reservationAssignments.delete
  • bigquery.reservationAssignments.list
  • bigquery.reservationAssignments.search

bigquery.reservationGroups.*

  • bigquery.reservationGroups.create
  • bigquery.reservationGroups.delete
  • bigquery.reservationGroups.get
  • bigquery.reservationGroups.list

bigquery.reservations.*

  • bigquery.reservations.create
  • bigquery.reservations.delete
  • bigquery.reservations.get
  • bigquery.reservations.list
  • bigquery.reservations.listFailoverDatasets
  • bigquery.reservations.update
  • bigquery.reservations.use

bigquery.routines.*

  • bigquery.routines.create
  • bigquery.routines.delete
  • bigquery.routines.get
  • bigquery.routines.list
  • bigquery.routines.update
  • bigquery.routines.updateTag

bigquery.rowAccessPolicies.create

bigquery.rowAccessPolicies.delete

bigquery.rowAccessPolicies.get

bigquery.rowAccessPolicies.getIamPolicy

bigquery.rowAccessPolicies.list

bigquery.rowAccessPolicies.overrideTimeTravelRestrictions

bigquery.rowAccessPolicies.setIamPolicy

bigquery.rowAccessPolicies.update

bigquery.savedqueries.*

  • bigquery.savedqueries.create
  • bigquery.savedqueries.delete
  • bigquery.savedqueries.get
  • bigquery.savedqueries.list
  • bigquery.savedqueries.update

bigquery.tables.*

  • bigquery.tables.create
  • bigquery.tables.createIndex
  • bigquery.tables.createSnapshot
  • bigquery.tables.createTagBinding
  • bigquery.tables.delete
  • bigquery.tables.deleteIndex
  • bigquery.tables.deleteSnapshot
  • bigquery.tables.deleteTagBinding
  • bigquery.tables.export
  • bigquery.tables.get
  • bigquery.tables.getData
  • bigquery.tables.getIamPolicy
  • bigquery.tables.list
  • bigquery.tables.listEffectiveTags
  • bigquery.tables.listTagBindings
  • bigquery.tables.replicateData
  • bigquery.tables.restoreSnapshot
  • bigquery.tables.setCategory
  • bigquery.tables.setColumnDataPolicy
  • bigquery.tables.setIamPolicy
  • bigquery.tables.update
  • bigquery.tables.updateData
  • bigquery.tables.updateIndex
  • bigquery.tables.updateTag

bigquery.transfers.*

  • bigquery.transfers.get
  • bigquery.transfers.update

bigquerymigration.translation.translate

clouddebugger.breakpoints.list

clouddebugger.breakpoints.listActive

clouddebugger.breakpoints.update

clouddebugger.debuggees.create

cloudnotifications.activities.list

compute.acceleratorTypes.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list

compute.addresses.*

  • compute.addresses.create
  • compute.addresses.createInternal
  • compute.addresses.createTagBinding
  • compute.addresses.delete
  • compute.addresses.deleteInternal
  • compute.addresses.deleteTagBinding
  • compute.addresses.get
  • compute.addresses.list
  • compute.addresses.listEffectiveTags
  • compute.addresses.listTagBindings
  • compute.addresses.setLabels
  • compute.addresses.use
  • compute.addresses.useInternal

compute.autoscalers.*

  • compute.autoscalers.create
  • compute.autoscalers.delete
  • compute.autoscalers.get
  • compute.autoscalers.list
  • compute.autoscalers.update

compute.backendBuckets.*

  • compute.backendBuckets.addSignedUrlKey
  • compute.backendBuckets.create
  • compute.backendBuckets.createTagBinding
  • compute.backendBuckets.delete
  • compute.backendBuckets.deleteSignedUrlKey
  • compute.backendBuckets.deleteTagBinding
  • compute.backendBuckets.get
  • compute.backendBuckets.getIamPolicy
  • compute.backendBuckets.list
  • compute.backendBuckets.listEffectiveTags
  • compute.backendBuckets.listTagBindings
  • compute.backendBuckets.setIamPolicy
  • compute.backendBuckets.setSecurityPolicy
  • compute.backendBuckets.update
  • compute.backendBuckets.use

compute.backendServices.*

  • compute.backendServices.addSignedUrlKey
  • compute.backendServices.create
  • compute.backendServices.createTagBinding
  • compute.backendServices.delete
  • compute.backendServices.deleteSignedUrlKey
  • compute.backendServices.deleteTagBinding
  • compute.backendServices.get
  • compute.backendServices.getIamPolicy
  • compute.backendServices.list
  • compute.backendServices.listEffectiveTags
  • compute.backendServices.listTagBindings
  • compute.backendServices.setIamPolicy
  • compute.backendServices.setSecurityPolicy
  • compute.backendServices.update
  • compute.backendServices.use

compute.crossSiteNetworks.*

  • compute.crossSiteNetworks.create
  • compute.crossSiteNetworks.delete
  • compute.crossSiteNetworks.get
  • compute.crossSiteNetworks.list
  • compute.crossSiteNetworks.update

compute.diskSettings.*

  • compute.diskSettings.get
  • compute.diskSettings.update

compute.diskTypes.*

  • compute.diskTypes.get
  • compute.diskTypes.list

compute.disks.*

  • compute.disks.addResourcePolicies
  • compute.disks.create
  • compute.disks.createSnapshot
  • compute.disks.createTagBinding
  • compute.disks.delete
  • compute.disks.deleteTagBinding
  • compute.disks.get
  • compute.disks.getIamPolicy
  • compute.disks.list
  • compute.disks.listEffectiveTags
  • compute.disks.listTagBindings
  • compute.disks.removeResourcePolicies
  • compute.disks.resize
  • compute.disks.setIamPolicy
  • compute.disks.setLabels
  • compute.disks.startAsyncReplication
  • compute.disks.stopAsyncReplication
  • compute.disks.stopGroupAsyncReplication
  • compute.disks.update
  • compute.disks.updateKmsKey
  • compute.disks.use
  • compute.disks.useReadOnly

compute.externalVpnGateways.*

  • compute.externalVpnGateways.create
  • compute.externalVpnGateways.createTagBinding
  • compute.externalVpnGateways.delete
  • compute.externalVpnGateways.deleteTagBinding
  • compute.externalVpnGateways.get
  • compute.externalVpnGateways.list
  • compute.externalVpnGateways.listEffectiveTags
  • compute.externalVpnGateways.listTagBindings
  • compute.externalVpnGateways.setLabels
  • compute.externalVpnGateways.use

compute.firewallPolicies.get

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewallPolicies.use

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.*

  • compute.forwardingRules.create
  • compute.forwardingRules.createTagBinding
  • compute.forwardingRules.delete
  • compute.forwardingRules.deleteTagBinding
  • compute.forwardingRules.get
  • compute.forwardingRules.list
  • compute.forwardingRules.listEffectiveTags
  • compute.forwardingRules.listTagBindings
  • compute.forwardingRules.pscCreate
  • compute.forwardingRules.pscDelete
  • compute.forwardingRules.pscSetLabels
  • compute.forwardingRules.pscUpdate
  • compute.forwardingRules.setLabels
  • compute.forwardingRules.setTarget
  • compute.forwardingRules.update
  • compute.forwardingRules.use

compute.globalAddresses.*

  • compute.globalAddresses.create
  • compute.globalAddresses.createInternal
  • compute.globalAddresses.createTagBinding
  • compute.globalAddresses.delete
  • compute.globalAddresses.deleteInternal
  • compute.globalAddresses.deleteTagBinding
  • compute.globalAddresses.get
  • compute.globalAddresses.list
  • compute.globalAddresses.listEffectiveTags
  • compute.globalAddresses.listTagBindings
  • compute.globalAddresses.setLabels
  • compute.globalAddresses.use

compute.globalForwardingRules.*

  • compute.globalForwardingRules.create
  • compute.globalForwardingRules.createTagBinding
  • compute.globalForwardingRules.delete
  • compute.globalForwardingRules.deleteTagBinding
  • compute.globalForwardingRules.get
  • compute.globalForwardingRules.list
  • compute.globalForwardingRules.listEffectiveTags
  • compute.globalForwardingRules.listTagBindings
  • compute.globalForwardingRules.pscCreate
  • compute.globalForwardingRules.pscDelete
  • compute.globalForwardingRules.pscSetLabels
  • compute.globalForwardingRules.pscUpdate
  • compute.globalForwardingRules.setLabels
  • compute.globalForwardingRules.setTarget
  • compute.globalForwardingRules.update

compute.globalNetworkEndpointGroups.*

  • compute.globalNetworkEndpointGroups.attachNetworkEndpoints
  • compute.globalNetworkEndpointGroups.create
  • compute.globalNetworkEndpointGroups.createTagBinding
  • compute.globalNetworkEndpointGroups.delete
  • compute.globalNetworkEndpointGroups.deleteTagBinding
  • compute.globalNetworkEndpointGroups.detachNetworkEndpoints
  • compute.globalNetworkEndpointGroups.get
  • compute.globalNetworkEndpointGroups.list
  • compute.globalNetworkEndpointGroups.listEffectiveTags
  • compute.globalNetworkEndpointGroups.listTagBindings
  • compute.globalNetworkEndpointGroups.use

compute.globalOperations.get

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.delete

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.globalPublicDelegatedPrefixes.updatePolicy

compute.healthChecks.*

  • compute.healthChecks.create
  • compute.healthChecks.createTagBinding
  • compute.healthChecks.delete
  • compute.healthChecks.deleteTagBinding
  • compute.healthChecks.get
  • compute.healthChecks.list
  • compute.healthChecks.listEffectiveTags
  • compute.healthChecks.listTagBindings
  • compute.healthChecks.update
  • compute.healthChecks.use
  • compute.healthChecks.useReadOnly

compute.httpHealthChecks.*

  • compute.httpHealthChecks.create
  • compute.httpHealthChecks.createTagBinding
  • compute.httpHealthChecks.delete
  • compute.httpHealthChecks.deleteTagBinding
  • compute.httpHealthChecks.get
  • compute.httpHealthChecks.list
  • compute.httpHealthChecks.listEffectiveTags
  • compute.httpHealthChecks.listTagBindings
  • compute.httpHealthChecks.update
  • compute.httpHealthChecks.use
  • compute.httpHealthChecks.useReadOnly

compute.httpsHealthChecks.*

  • compute.httpsHealthChecks.create
  • compute.httpsHealthChecks.createTagBinding
  • compute.httpsHealthChecks.delete
  • compute.httpsHealthChecks.deleteTagBinding
  • compute.httpsHealthChecks.get
  • compute.httpsHealthChecks.list
  • compute.httpsHealthChecks.listEffectiveTags
  • compute.httpsHealthChecks.listTagBindings
  • compute.httpsHealthChecks.update
  • compute.httpsHealthChecks.use
  • compute.httpsHealthChecks.useReadOnly

compute.images.*

  • compute.images.create
  • compute.images.createTagBinding
  • compute.images.delete
  • compute.images.deleteTagBinding
  • compute.images.deprecate
  • compute.images.get
  • compute.images.getFromFamily
  • compute.images.getIamPolicy
  • compute.images.list
  • compute.images.listEffectiveTags
  • compute.images.listTagBindings
  • compute.images.setIamPolicy
  • compute.images.setLabels
  • compute.images.update
  • compute.images.useReadOnly

compute.instanceGroupManagers.*

  • compute.instanceGroupManagers.create
  • compute.instanceGroupManagers.createTagBinding
  • compute.instanceGroupManagers.delete
  • compute.instanceGroupManagers.deleteTagBinding
  • compute.instanceGroupManagers.get
  • compute.instanceGroupManagers.list
  • compute.instanceGroupManagers.listEffectiveTags
  • compute.instanceGroupManagers.listTagBindings
  • compute.instanceGroupManagers.update
  • compute.instanceGroupManagers.use

compute.instanceGroups.*

  • compute.instanceGroups.create
  • compute.instanceGroups.createTagBinding
  • compute.instanceGroups.delete
  • compute.instanceGroups.deleteTagBinding
  • compute.instanceGroups.get
  • compute.instanceGroups.list
  • compute.instanceGroups.listEffectiveTags
  • compute.instanceGroups.listTagBindings
  • compute.instanceGroups.update
  • compute.instanceGroups.use

compute.instanceSettings.get

compute.instanceTemplates.*

  • compute.instanceTemplates.create
  • compute.instanceTemplates.delete
  • compute.instanceTemplates.get
  • compute.instanceTemplates.getIamPolicy
  • compute.instanceTemplates.list
  • compute.instanceTemplates.setIamPolicy
  • compute.instanceTemplates.useReadOnly

compute.instances.*

  • compute.instances.addAccessConfig
  • compute.instances.addNetworkInterface
  • compute.instances.addResourcePolicies
  • compute.instances.attachDisk
  • compute.instances.create
  • compute.instances.createTagBinding
  • compute.instances.delete
  • compute.instances.deleteAccessConfig
  • compute.instances.deleteNetworkInterface
  • compute.instances.deleteTagBinding
  • compute.instances.detachDisk
  • compute.instances.get
  • compute.instances.getEffectiveFirewalls
  • compute.instances.getGuestAttributes
  • compute.instances.getIamPolicy
  • compute.instances.getScreenshot
  • compute.instances.getSerialPortOutput
  • compute.instances.getShieldedInstanceIdentity
  • compute.instances.getShieldedVmIdentity
  • compute.instances.list
  • compute.instances.listEffectiveTags
  • compute.instances.listReferrers
  • compute.instances.listTagBindings
  • compute.instances.osAdminLogin
  • compute.instances.osLogin
  • compute.instances.pscInterfaceCreate
  • compute.instances.removeResourcePolicies
  • compute.instances.reset
  • compute.instances.resume
  • compute.instances.sendDiagnosticInterrupt
  • compute.instances.setDeletionProtection
  • compute.instances.setDiskAutoDelete
  • compute.instances.setIamPolicy
  • compute.instances.setLabels
  • compute.instances.setMachineResources
  • compute.instances.setMachineType
  • compute.instances.setMetadata
  • compute.instances.setMinCpuPlatform
  • compute.instances.setName
  • compute.instances.setScheduling
  • compute.instances.setSecurityPolicy
  • compute.instances.setServiceAccount
  • compute.instances.setShieldedInstanceIntegrityPolicy
  • compute.instances.setShieldedVmIntegrityPolicy
  • compute.instances.setTags
  • compute.instances.simulateMaintenanceEvent
  • compute.instances.start
  • compute.instances.startWithEncryptionKey
  • compute.instances.stop
  • compute.instances.suspend
  • compute.instances.update
  • compute.instances.updateAccessConfig
  • compute.instances.updateDisplayDevice
  • compute.instances.updateNetworkInterface
  • compute.instances.updateSecurity
  • compute.instances.updateShieldedInstanceConfig
  • compute.instances.updateShieldedVmConfig
  • compute.instances.use
  • compute.instances.useReadOnly

compute.instantSnapshots.*

  • compute.instantSnapshots.create
  • compute.instantSnapshots.delete
  • compute.instantSnapshots.export
  • compute.instantSnapshots.get
  • compute.instantSnapshots.getIamPolicy
  • compute.instantSnapshots.list
  • compute.instantSnapshots.setIamPolicy
  • compute.instantSnapshots.setLabels
  • compute.instantSnapshots.useReadOnly

compute.interconnectAttachmentGroups.*

  • compute.interconnectAttachmentGroups.create
  • compute.interconnectAttachmentGroups.delete
  • compute.interconnectAttachmentGroups.get
  • compute.interconnectAttachmentGroups.list
  • compute.interconnectAttachmentGroups.patch

compute.interconnectAttachments.*

  • compute.interconnectAttachments.create
  • compute.interconnectAttachments.createTagBinding
  • compute.interconnectAttachments.delete
  • compute.interconnectAttachments.deleteTagBinding
  • compute.interconnectAttachments.get
  • compute.interconnectAttachments.list
  • compute.interconnectAttachments.listEffectiveTags
  • compute.interconnectAttachments.listTagBindings
  • compute.interconnectAttachments.setLabels
  • compute.interconnectAttachments.update
  • compute.interconnectAttachments.use

compute.interconnectGroups.*

  • compute.interconnectGroups.create
  • compute.interconnectGroups.delete
  • compute.interconnectGroups.get
  • compute.interconnectGroups.list
  • compute.interconnectGroups.patch

compute.interconnectLocations.*

  • compute.interconnectLocations.get
  • compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

  • compute.interconnectRemoteLocations.get
  • compute.interconnectRemoteLocations.list

compute.interconnects.*

  • compute.interconnects.create
  • compute.interconnects.createTagBinding
  • compute.interconnects.delete
  • compute.interconnects.deleteTagBinding
  • compute.interconnects.get
  • compute.interconnects.getMacsecConfig
  • compute.interconnects.list
  • compute.interconnects.listEffectiveTags
  • compute.interconnects.listTagBindings
  • compute.interconnects.setLabels
  • compute.interconnects.update
  • compute.interconnects.use

compute.licenseCodes.*

  • compute.licenseCodes.get
  • compute.licenseCodes.getIamPolicy
  • compute.licenseCodes.list
  • compute.licenseCodes.setIamPolicy

compute.licenses.*

  • compute.licenses.create
  • compute.licenses.delete
  • compute.licenses.get
  • compute.licenses.getIamPolicy
  • compute.licenses.list
  • compute.licenses.setIamPolicy
  • compute.licenses.update

compute.machineImages.*

  • compute.machineImages.create
  • compute.machineImages.delete
  • compute.machineImages.get
  • compute.machineImages.getIamPolicy
  • compute.machineImages.list
  • compute.machineImages.setIamPolicy
  • compute.machineImages.setLabels
  • compute.machineImages.useReadOnly

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute.multiMig.*

  • compute.multiMig.create
  • compute.multiMig.delete
  • compute.multiMig.get
  • compute.multiMig.list

compute.networkAttachments.*

  • compute.networkAttachments.create
  • compute.networkAttachments.createTagBinding
  • compute.networkAttachments.delete
  • compute.networkAttachments.deleteTagBinding
  • compute.networkAttachments.get
  • compute.networkAttachments.getIamPolicy
  • compute.networkAttachments.list
  • compute.networkAttachments.listEffectiveTags
  • compute.networkAttachments.listTagBindings
  • compute.networkAttachments.setIamPolicy
  • compute.networkAttachments.update
  • compute.networkAttachments.use

compute.networkEndpointGroups.*

  • compute.networkEndpointGroups.attachNetworkEndpoints
  • compute.networkEndpointGroups.create
  • compute.networkEndpointGroups.createTagBinding
  • compute.networkEndpointGroups.delete
  • compute.networkEndpointGroups.deleteTagBinding
  • compute.networkEndpointGroups.detachNetworkEndpoints
  • compute.networkEndpointGroups.get
  • compute.networkEndpointGroups.list
  • compute.networkEndpointGroups.listEffectiveTags
  • compute.networkEndpointGroups.listTagBindings
  • compute.networkEndpointGroups.use

compute.networkProfiles.*

  • compute.networkProfiles.get
  • compute.networkProfiles.list

compute.networks.*

  • compute.networks.access
  • compute.networks.addPeering
  • compute.networks.create
  • compute.networks.createTagBinding
  • compute.networks.delete
  • compute.networks.deleteTagBinding
  • compute.networks.get
  • compute.networks.getEffectiveFirewalls
  • compute.networks.getRegionEffectiveFirewalls
  • compute.networks.list
  • compute.networks.listEffectiveTags
  • compute.networks.listPeeringRoutes
  • compute.networks.listTagBindings
  • compute.networks.mirror
  • compute.networks.removePeering
  • compute.networks.setFirewallPolicy
  • compute.networks.setNetworkPolicy
  • compute.networks.switchToCustomMode
  • compute.networks.update
  • compute.networks.updatePeering
  • compute.networks.updatePolicy
  • compute.networks.use
  • compute.networks.useExternalIp

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.packetMirrorings.listEffectiveTags

compute.packetMirrorings.listTagBindings

compute.projects.get

compute.publicDelegatedPrefixes.delete

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.publicDelegatedPrefixes.listEffectiveTags

compute.publicDelegatedPrefixes.listTagBindings

compute.publicDelegatedPrefixes.update

compute.publicDelegatedPrefixes.updatePolicy

compute.regionBackendBuckets.*

  • compute.regionBackendBuckets.create
  • compute.regionBackendBuckets.createTagBinding
  • compute.regionBackendBuckets.delete
  • compute.regionBackendBuckets.deleteTagBinding
  • compute.regionBackendBuckets.get
  • compute.regionBackendBuckets.getIamPolicy
  • compute.regionBackendBuckets.list
  • compute.regionBackendBuckets.listEffectiveTags
  • compute.regionBackendBuckets.listTagBindings
  • compute.regionBackendBuckets.setIamPolicy
  • compute.regionBackendBuckets.update
  • compute.regionBackendBuckets.use

compute.regionBackendServices.*

  • compute.regionBackendServices.create
  • compute.regionBackendServices.createTagBinding
  • compute.regionBackendServices.delete
  • compute.regionBackendServices.deleteTagBinding
  • compute.regionBackendServices.get
  • compute.regionBackendServices.getIamPolicy
  • compute.regionBackendServices.list
  • compute.regionBackendServices.listEffectiveTags
  • compute.regionBackendServices.listTagBindings
  • compute.regionBackendServices.setIamPolicy
  • compute.regionBackendServices.setSecurityPolicy
  • compute.regionBackendServices.update
  • compute.regionBackendServices.use

compute.regionCompositeHealthChecks.*

  • compute.regionCompositeHealthChecks.create
  • compute.regionCompositeHealthChecks.delete
  • compute.regionCompositeHealthChecks.get
  • compute.regionCompositeHealthChecks.list
  • compute.regionCompositeHealthChecks.update

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionFirewallPolicies.use

compute.regionHealthAggregationPolicies.*

  • compute.regionHealthAggregationPolicies.create
  • compute.regionHealthAggregationPolicies.delete
  • compute.regionHealthAggregationPolicies.get
  • compute.regionHealthAggregationPolicies.list
  • compute.regionHealthAggregationPolicies.update

compute.regionHealthCheckServices.*

  • compute.regionHealthCheckServices.create
  • compute.regionHealthCheckServices.delete
  • compute.regionHealthCheckServices.get
  • compute.regionHealthCheckServices.list
  • compute.regionHealthCheckServices.update
  • compute.regionHealthCheckServices.use

compute.regionHealthChecks.*

  • compute.regionHealthChecks.create
  • compute.regionHealthChecks.createTagBinding
  • compute.regionHealthChecks.delete
  • compute.regionHealthChecks.deleteTagBinding
  • compute.regionHealthChecks.get
  • compute.regionHealthChecks.list
  • compute.regionHealthChecks.listEffectiveTags
  • compute.regionHealthChecks.listTagBindings
  • compute.regionHealthChecks.update
  • compute.regionHealthChecks.use
  • compute.regionHealthChecks.useReadOnly

compute.regionHealthSources.*

  • compute.regionHealthSources.create
  • compute.regionHealthSources.delete
  • compute.regionHealthSources.get
  • compute.regionHealthSources.list
  • compute.regionHealthSources.update

compute.regionNetworkEndpointGroups.*

  • compute.regionNetworkEndpointGroups.attachNetworkEndpoints
  • compute.regionNetworkEndpointGroups.create
  • compute.regionNetworkEndpointGroups.createTagBinding
  • compute.regionNetworkEndpointGroups.delete
  • compute.regionNetworkEndpointGroups.deleteTagBinding
  • compute.regionNetworkEndpointGroups.detachNetworkEndpoints
  • compute.regionNetworkEndpointGroups.get
  • compute.regionNetworkEndpointGroups.list
  • compute.regionNetworkEndpointGroups.listEffectiveTags
  • compute.regionNetworkEndpointGroups.listTagBindings
  • compute.regionNetworkEndpointGroups.use

compute.regionNetworkPolicies.*

  • compute.regionNetworkPolicies.create
  • compute.regionNetworkPolicies.delete
  • compute.regionNetworkPolicies.get
  • compute.regionNetworkPolicies.list
  • compute.regionNetworkPolicies.update
  • compute.regionNetworkPolicies.use

compute.regionNotificationEndpoints.*

  • compute.regionNotificationEndpoints.create
  • compute.regionNotificationEndpoints.delete
  • compute.regionNotificationEndpoints.get
  • compute.regionNotificationEndpoints.list
  • compute.regionNotificationEndpoints.update
  • compute.regionNotificationEndpoints.use

compute.regionOperations.get

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSecurityPolicies.use

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.*

  • compute.regionSslPolicies.create
  • compute.regionSslPolicies.createTagBinding
  • compute.regionSslPolicies.delete
  • compute.regionSslPolicies.deleteTagBinding
  • compute.regionSslPolicies.get
  • compute.regionSslPolicies.list
  • compute.regionSslPolicies.listAvailableFeatures
  • compute.regionSslPolicies.listEffectiveTags
  • compute.regionSslPolicies.listTagBindings
  • compute.regionSslPolicies.update
  • compute.regionSslPolicies.use

compute.regionTargetHttpProxies.*

  • compute.regionTargetHttpProxies.create
  • compute.regionTargetHttpProxies.createTagBinding
  • compute.regionTargetHttpProxies.delete
  • compute.regionTargetHttpProxies.deleteTagBinding
  • compute.regionTargetHttpProxies.get
  • compute.regionTargetHttpProxies.list
  • compute.regionTargetHttpProxies.listEffectiveTags
  • compute.regionTargetHttpProxies.listTagBindings
  • compute.regionTargetHttpProxies.setUrlMap
  • compute.regionTargetHttpProxies.use

compute.regionTargetHttpsProxies.*

  • compute.regionTargetHttpsProxies.create
  • compute.regionTargetHttpsProxies.createTagBinding
  • compute.regionTargetHttpsProxies.delete
  • compute.regionTargetHttpsProxies.deleteTagBinding
  • compute.regionTargetHttpsProxies.get
  • compute.regionTargetHttpsProxies.list
  • compute.regionTargetHttpsProxies.listEffectiveTags
  • compute.regionTargetHttpsProxies.listTagBindings
  • compute.regionTargetHttpsProxies.setSslCertificates
  • compute.regionTargetHttpsProxies.setUrlMap
  • compute.regionTargetHttpsProxies.update
  • compute.regionTargetHttpsProxies.use

compute.regionTargetTcpProxies.*

  • compute.regionTargetTcpProxies.create
  • compute.regionTargetTcpProxies.createTagBinding
  • compute.regionTargetTcpProxies.delete
  • compute.regionTargetTcpProxies.deleteTagBinding
  • compute.regionTargetTcpProxies.get
  • compute.regionTargetTcpProxies.list
  • compute.regionTargetTcpProxies.listEffectiveTags
  • compute.regionTargetTcpProxies.listTagBindings
  • compute.regionTargetTcpProxies.use

compute.regionUrlMaps.*

  • compute.regionUrlMaps.create
  • compute.regionUrlMaps.createTagBinding
  • compute.regionUrlMaps.delete
  • compute.regionUrlMaps.deleteTagBinding
  • compute.regionUrlMaps.get
  • compute.regionUrlMaps.invalidateCache
  • compute.regionUrlMaps.list
  • compute.regionUrlMaps.listEffectiveTags
  • compute.regionUrlMaps.listTagBindings
  • compute.regionUrlMaps.update
  • compute.regionUrlMaps.use
  • compute.regionUrlMaps.validate

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.reservationBlocks.get

compute.reservationBlocks.list

compute.reservationSubBlocks.*

  • compute.reservationSubBlocks.get
  • compute.reservationSubBlocks.list
  • compute.reservationSubBlocks.performMaintenance
  • compute.reservationSubBlocks.reportFaulty

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.*

  • compute.resourcePolicies.create
  • compute.resourcePolicies.delete
  • compute.resourcePolicies.get
  • compute.resourcePolicies.getIamPolicy
  • compute.resourcePolicies.list
  • compute.resourcePolicies.setIamPolicy
  • compute.resourcePolicies.update
  • compute.resourcePolicies.use
  • compute.resourcePolicies.useReadOnly

compute.routers.*

  • compute.routers.create
  • compute.routers.createTagBinding
  • compute.routers.delete
  • compute.routers.deleteRoutePolicy
  • compute.routers.deleteTagBinding
  • compute.routers.get
  • compute.routers.getRoutePolicy
  • compute.routers.list
  • compute.routers.listBgpRoutes
  • compute.routers.listEffectiveTags
  • compute.routers.listRoutePolicies
  • compute.routers.listTagBindings
  • compute.routers.update
  • compute.routers.updateRoutePolicy
  • compute.routers.use

compute.routes.*

  • compute.routes.create
  • compute.routes.createTagBinding
  • compute.routes.delete
  • compute.routes.deleteTagBinding
  • compute.routes.get
  • compute.routes.list
  • compute.routes.listEffectiveTags
  • compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.securityPolicies.use

compute.serviceAttachments.*

  • compute.serviceAttachments.create
  • compute.serviceAttachments.createTagBinding
  • compute.serviceAttachments.delete
  • compute.serviceAttachments.deleteTagBinding
  • compute.serviceAttachments.get
  • compute.serviceAttachments.getIamPolicy
  • compute.serviceAttachments.list
  • compute.serviceAttachments.listEffectiveTags
  • compute.serviceAttachments.listTagBindings
  • compute.serviceAttachments.setIamPolicy
  • compute.serviceAttachments.update
  • compute.serviceAttachments.use

compute.snapshots.*

  • compute.snapshots.create
  • compute.snapshots.createTagBinding
  • compute.snapshots.delete
  • compute.snapshots.deleteTagBinding
  • compute.snapshots.get
  • compute.snapshots.getIamPolicy
  • compute.snapshots.list
  • compute.snapshots.listEffectiveTags
  • compute.snapshots.listTagBindings
  • compute.snapshots.setIamPolicy
  • compute.snapshots.setLabels
  • compute.snapshots.updateKmsKey
  • compute.snapshots.useReadOnly

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.*

  • compute.sslPolicies.create
  • compute.sslPolicies.createTagBinding
  • compute.sslPolicies.delete
  • compute.sslPolicies.deleteTagBinding
  • compute.sslPolicies.get
  • compute.sslPolicies.list
  • compute.sslPolicies.listAvailableFeatures
  • compute.sslPolicies.listEffectiveTags
  • compute.sslPolicies.listTagBindings
  • compute.sslPolicies.update
  • compute.sslPolicies.use

compute.storagePools.*

  • compute.storagePools.create
  • compute.storagePools.delete
  • compute.storagePools.get
  • compute.storagePools.getIamPolicy
  • compute.storagePools.list
  • compute.storagePools.setIamPolicy
  • compute.storagePools.update
  • compute.storagePools.use

compute.subnetworks.*

  • compute.subnetworks.create
  • compute.subnetworks.createTagBinding
  • compute.subnetworks.delete
  • compute.subnetworks.deleteTagBinding
  • compute.subnetworks.expandIpCidrRange
  • compute.subnetworks.get
  • compute.subnetworks.getIamPolicy
  • compute.subnetworks.list
  • compute.subnetworks.listEffectiveTags
  • compute.subnetworks.listTagBindings
  • compute.subnetworks.mirror
  • compute.subnetworks.setIamPolicy
  • compute.subnetworks.setPrivateIpGoogleAccess
  • compute.subnetworks.update
  • compute.subnetworks.use
  • compute.subnetworks.useExternalIp
  • compute.subnetworks.usePeerMigration

compute.targetGrpcProxies.*

  • compute.targetGrpcProxies.create
  • compute.targetGrpcProxies.createTagBinding
  • compute.targetGrpcProxies.delete
  • compute.targetGrpcProxies.deleteTagBinding
  • compute.targetGrpcProxies.get
  • compute.targetGrpcProxies.list
  • compute.targetGrpcProxies.listEffectiveTags
  • compute.targetGrpcProxies.listTagBindings
  • compute.targetGrpcProxies.update
  • compute.targetGrpcProxies.use

compute.targetHttpProxies.*

  • compute.targetHttpProxies.create
  • compute.targetHttpProxies.createTagBinding
  • compute.targetHttpProxies.delete
  • compute.targetHttpProxies.deleteTagBinding
  • compute.targetHttpProxies.get
  • compute.targetHttpProxies.list
  • compute.targetHttpProxies.listEffectiveTags
  • compute.targetHttpProxies.listTagBindings
  • compute.targetHttpProxies.setUrlMap
  • compute.targetHttpProxies.update
  • compute.targetHttpProxies.use

compute.targetHttpsProxies.*

  • compute.targetHttpsProxies.create
  • compute.targetHttpsProxies.createTagBinding
  • compute.targetHttpsProxies.delete
  • compute.targetHttpsProxies.deleteTagBinding
  • compute.targetHttpsProxies.get
  • compute.targetHttpsProxies.list
  • compute.targetHttpsProxies.listEffectiveTags
  • compute.targetHttpsProxies.listTagBindings
  • compute.targetHttpsProxies.setCertificateMap
  • compute.targetHttpsProxies.setQuicOverride
  • compute.targetHttpsProxies.setSslCertificates
  • compute.targetHttpsProxies.setSslPolicy
  • compute.targetHttpsProxies.setUrlMap
  • compute.targetHttpsProxies.update
  • compute.targetHttpsProxies.use

compute.targetInstances.*

  • compute.targetInstances.create
  • compute.targetInstances.createTagBinding
  • compute.targetInstances.delete
  • compute.targetInstances.deleteTagBinding
  • compute.targetInstances.get
  • compute.targetInstances.list
  • compute.targetInstances.listEffectiveTags
  • compute.targetInstances.listTagBindings
  • compute.targetInstances.setSecurityPolicy
  • compute.targetInstances.use

compute.targetPools.*

  • compute.targetPools.addHealthCheck
  • compute.targetPools.addInstance
  • compute.targetPools.create
  • compute.targetPools.createTagBinding
  • compute.targetPools.delete
  • compute.targetPools.deleteTagBinding
  • compute.targetPools.get
  • compute.targetPools.list
  • compute.targetPools.listEffectiveTags
  • compute.targetPools.listTagBindings
  • compute.targetPools.removeHealthCheck
  • compute.targetPools.removeInstance
  • compute.targetPools.setSecurityPolicy
  • compute.targetPools.update
  • compute.targetPools.use

compute.targetSslProxies.*

  • compute.targetSslProxies.create
  • compute.targetSslProxies.createTagBinding
  • compute.targetSslProxies.delete
  • compute.targetSslProxies.deleteTagBinding
  • compute.targetSslProxies.get
  • compute.targetSslProxies.list
  • compute.targetSslProxies.listEffectiveTags
  • compute.targetSslProxies.listTagBindings
  • compute.targetSslProxies.setBackendService
  • compute.targetSslProxies.setCertificateMap
  • compute.targetSslProxies.setProxyHeader
  • compute.targetSslProxies.setSslCertificates
  • compute.targetSslProxies.setSslPolicy
  • compute.targetSslProxies.update
  • compute.targetSslProxies.use

compute.targetTcpProxies.*

  • compute.targetTcpProxies.create
  • compute.targetTcpProxies.createTagBinding
  • compute.targetTcpProxies.delete
  • compute.targetTcpProxies.deleteTagBinding
  • compute.targetTcpProxies.get
  • compute.targetTcpProxies.list
  • compute.targetTcpProxies.listEffectiveTags
  • compute.targetTcpProxies.listTagBindings
  • compute.targetTcpProxies.update
  • compute.targetTcpProxies.use

compute.targetVpnGateways.*

  • compute.targetVpnGateways.create
  • compute.targetVpnGateways.createTagBinding
  • compute.targetVpnGateways.delete
  • compute.targetVpnGateways.deleteTagBinding
  • compute.targetVpnGateways.get
  • compute.targetVpnGateways.list
  • compute.targetVpnGateways.listEffectiveTags
  • compute.targetVpnGateways.listTagBindings
  • compute.targetVpnGateways.setLabels
  • compute.targetVpnGateways.use

compute.urlMaps.*

  • compute.urlMaps.create
  • compute.urlMaps.createTagBinding
  • compute.urlMaps.delete
  • compute.urlMaps.deleteTagBinding
  • compute.urlMaps.get
  • compute.urlMaps.invalidateCache
  • compute.urlMaps.list
  • compute.urlMaps.listEffectiveTags
  • compute.urlMaps.listTagBindings
  • compute.urlMaps.update
  • compute.urlMaps.use
  • compute.urlMaps.validate

compute.vpnGateways.*

  • compute.vpnGateways.create
  • compute.vpnGateways.createTagBinding
  • compute.vpnGateways.delete
  • compute.vpnGateways.deleteTagBinding
  • compute.vpnGateways.get
  • compute.vpnGateways.list
  • compute.vpnGateways.listEffectiveTags
  • compute.vpnGateways.listTagBindings
  • compute.vpnGateways.setLabels
  • compute.vpnGateways.use

compute.vpnTunnels.*

  • compute.vpnTunnels.create
  • compute.vpnTunnels.createTagBinding
  • compute.vpnTunnels.delete
  • compute.vpnTunnels.deleteTagBinding
  • compute.vpnTunnels.get
  • compute.vpnTunnels.list
  • compute.vpnTunnels.listEffectiveTags
  • compute.vpnTunnels.listTagBindings
  • compute.vpnTunnels.setLabels

compute.wireGroups.*

  • compute.wireGroups.create
  • compute.wireGroups.delete
  • compute.wireGroups.get
  • compute.wireGroups.list
  • compute.wireGroups.update

compute.zoneOperations.get

compute.zoneOperations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

dataflow.jobs.*

  • dataflow.jobs.cancel
  • dataflow.jobs.create
  • dataflow.jobs.get
  • dataflow.jobs.list
  • dataflow.jobs.snapshot
  • dataflow.jobs.updateContents

dataflow.messages.list

dataflow.metrics.get

dataflow.snapshots.*

  • dataflow.snapshots.delete
  • dataflow.snapshots.get
  • dataflow.snapshots.list

dataform.*

  • dataform.commentThreads.create
  • dataform.commentThreads.delete
  • dataform.commentThreads.get
  • dataform.commentThreads.list
  • dataform.commentThreads.update
  • dataform.comments.create
  • dataform.comments.delete
  • dataform.comments.get
  • dataform.comments.list
  • dataform.comments.update
  • dataform.compilationResults.create
  • dataform.compilationResults.get
  • dataform.compilationResults.list
  • dataform.compilationResults.query
  • dataform.config.get
  • dataform.config.update
  • dataform.folders.addContents
  • dataform.folders.create
  • dataform.folders.delete
  • dataform.folders.get
  • dataform.folders.getIamPolicy
  • dataform.folders.move
  • dataform.folders.queryContents
  • dataform.folders.setIamPolicy
  • dataform.folders.update
  • dataform.locations.get
  • dataform.locations.list
  • dataform.operations.cancel
  • dataform.operations.delete
  • dataform.operations.get
  • dataform.operations.list
  • dataform.releaseConfigs.create
  • dataform.releaseConfigs.delete
  • dataform.releaseConfigs.get
  • dataform.releaseConfigs.list
  • dataform.releaseConfigs.update
  • dataform.repositories.commit
  • dataform.repositories.computeAccessTokenStatus
  • dataform.repositories.create
  • dataform.repositories.delete
  • dataform.repositories.fetchHistory
  • dataform.repositories.fetchRemoteBranches
  • dataform.repositories.get
  • dataform.repositories.getIamPolicy
  • dataform.repositories.list
  • dataform.repositories.move
  • dataform.repositories.queryDirectoryContents
  • dataform.repositories.readFile
  • dataform.repositories.scheduleRelease
  • dataform.repositories.scheduleWorkflow
  • dataform.repositories.setIamPolicy
  • dataform.repositories.update
  • dataform.teamFolders.create
  • dataform.teamFolders.delete
  • dataform.teamFolders.get
  • dataform.teamFolders.getIamPolicy
  • dataform.teamFolders.setIamPolicy
  • dataform.teamFolders.update
  • dataform.workflowConfigs.create
  • dataform.workflowConfigs.delete
  • dataform.workflowConfigs.get
  • dataform.workflowConfigs.list
  • dataform.workflowConfigs.update
  • dataform.workflowInvocations.cancel
  • dataform.workflowInvocations.create
  • dataform.workflowInvocations.delete
  • dataform.workflowInvocations.get
  • dataform.workflowInvocations.list
  • dataform.workflowInvocations.query
  • dataform.workspaces.commit
  • dataform.workspaces.create
  • dataform.workspaces.delete
  • dataform.workspaces.fetchFileDiff
  • dataform.workspaces.fetchFileGitStatuses
  • dataform.workspaces.fetchGitAheadBehind
  • dataform.workspaces.get
  • dataform.workspaces.getIamPolicy
  • dataform.workspaces.installNpmPackages
  • dataform.workspaces.list
  • dataform.workspaces.makeDirectory
  • dataform.workspaces.moveDirectory
  • dataform.workspaces.moveFile
  • dataform.workspaces.pull
  • dataform.workspaces.push
  • dataform.workspaces.queryDirectoryContents
  • dataform.workspaces.readFile
  • dataform.workspaces.removeDirectory
  • dataform.workspaces.removeFile
  • dataform.workspaces.reset
  • dataform.workspaces.searchFiles
  • dataform.workspaces.setIamPolicy
  • dataform.workspaces.writeFile

dataplex.datascans.*

  • dataplex.datascans.create
  • dataplex.datascans.delete
  • dataplex.datascans.get
  • dataplex.datascans.getData
  • dataplex.datascans.getIamPolicy
  • dataplex.datascans.list
  • dataplex.datascans.run
  • dataplex.datascans.setIamPolicy
  • dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

dataplex.projects.search

dns.networks.targetWithPeeringZone

firebase.projects.get

iam.serviceAccounts.actAs

iam.serviceAccounts.get

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.implicitDelegation

iam.serviceAccounts.list

iam.serviceAccounts.signBlob

iam.serviceAccounts.signJwt

logging.buckets.create

logging.buckets.createTagBinding

logging.buckets.delete

logging.buckets.deleteTagBinding

logging.buckets.get

logging.buckets.list

logging.buckets.listEffectiveTags

logging.buckets.listTagBindings

logging.buckets.undelete

logging.buckets.update

logging.exclusions.*

  • logging.exclusions.create
  • logging.exclusions.delete
  • logging.exclusions.get
  • logging.exclusions.list
  • logging.exclusions.update

logging.links.*

  • logging.links.create
  • logging.links.delete
  • logging.links.get
  • logging.links.list

logging.locations.*

  • logging.locations.get
  • logging.locations.list

logging.logEntries.create

logging.logEntries.route

logging.logMetrics.*

  • logging.logMetrics.create
  • logging.logMetrics.delete
  • logging.logMetrics.get
  • logging.logMetrics.list
  • logging.logMetrics.update

logging.logScopes.*

  • logging.logScopes.create
  • logging.logScopes.delete
  • logging.logScopes.get
  • logging.logScopes.list
  • logging.logScopes.update

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.notificationRules.*

  • logging.notificationRules.create
  • logging.notificationRules.delete
  • logging.notificationRules.get
  • logging.notificationRules.list
  • logging.notificationRules.update

logging.operations.*

  • logging.operations.cancel
  • logging.operations.get
  • logging.operations.list

logging.settings.*

  • logging.settings.get
  • logging.settings.update

logging.sinks.*

  • logging.sinks.create
  • logging.sinks.delete
  • logging.sinks.get
  • logging.sinks.list
  • logging.sinks.update

logging.sqlAlerts.*

  • logging.sqlAlerts.create
  • logging.sqlAlerts.update

logging.views.create

logging.views.delete

logging.views.get

logging.views.getIamPolicy

logging.views.list

logging.views.update

monitoring.alertPolicies.get

monitoring.alertPolicies.list

monitoring.alertPolicies.listEffectiveTags

monitoring.alertPolicies.listTagBindings

monitoring.alerts.*

  • monitoring.alerts.get
  • monitoring.alerts.list

monitoring.dashboards.get

monitoring.dashboards.list

monitoring.dashboards.listEffectiveTags

monitoring.dashboards.listTagBindings

monitoring.groups.get

monitoring.groups.list

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.notificationChannelDescriptors.*

  • monitoring.notificationChannelDescriptors.get
  • monitoring.notificationChannelDescriptors.list

monitoring.notificationChannels.get

monitoring.notificationChannels.list

monitoring.services.get

monitoring.services.list

monitoring.slos.get

monitoring.slos.list

monitoring.snoozes.get

monitoring.snoozes.list

monitoring.timeSeries.*

  • monitoring.timeSeries.create
  • monitoring.timeSeries.list

monitoring.uptimeCheckConfigs.get

monitoring.uptimeCheckConfigs.list

networkconnectivity.internalRanges.*

  • networkconnectivity.internalRanges.create
  • networkconnectivity.internalRanges.delete
  • networkconnectivity.internalRanges.get
  • networkconnectivity.internalRanges.getIamPolicy
  • networkconnectivity.internalRanges.list
  • networkconnectivity.internalRanges.setIamPolicy
  • networkconnectivity.internalRanges.update

networkconnectivity.locations.*

  • networkconnectivity.locations.get
  • networkconnectivity.locations.list

networkconnectivity.operations.*

  • networkconnectivity.operations.cancel
  • networkconnectivity.operations.delete
  • networkconnectivity.operations.get
  • networkconnectivity.operations.list

networkconnectivity.policyBasedRoutes.*

  • networkconnectivity.policyBasedRoutes.create
  • networkconnectivity.policyBasedRoutes.delete
  • networkconnectivity.policyBasedRoutes.get
  • networkconnectivity.policyBasedRoutes.getIamPolicy
  • networkconnectivity.policyBasedRoutes.list
  • networkconnectivity.policyBasedRoutes.setIamPolicy

networkconnectivity.regionalEndpoints.*

  • networkconnectivity.regionalEndpoints.create
  • networkconnectivity.regionalEndpoints.delete
  • networkconnectivity.regionalEndpoints.get
  • networkconnectivity.regionalEndpoints.list

networkconnectivity.serviceClasses.*

  • networkconnectivity.serviceClasses.create
  • networkconnectivity.serviceClasses.delete
  • networkconnectivity.serviceClasses.get
  • networkconnectivity.serviceClasses.list
  • networkconnectivity.serviceClasses.update
  • networkconnectivity.serviceClasses.use

networkconnectivity.serviceConnectionMaps.*

  • networkconnectivity.serviceConnectionMaps.create
  • networkconnectivity.serviceConnectionMaps.delete
  • networkconnectivity.serviceConnectionMaps.get
  • networkconnectivity.serviceConnectionMaps.list
  • networkconnectivity.serviceConnectionMaps.update

networkconnectivity.serviceConnectionPolicies.*

  • networkconnectivity.serviceConnectionPolicies.create
  • networkconnectivity.serviceConnectionPolicies.delete
  • networkconnectivity.serviceConnectionPolicies.get
  • networkconnectivity.serviceConnectionPolicies.list
  • networkconnectivity.serviceConnectionPolicies.update

networkmanagement.connectivitytests.get

networkmanagement.connectivitytests.list

networksecurity.addressGroups.*

  • networksecurity.addressGroups.create
  • networksecurity.addressGroups.delete
  • networksecurity.addressGroups.get
  • networksecurity.addressGroups.getIamPolicy
  • networksecurity.addressGroups.list
  • networksecurity.addressGroups.setIamPolicy
  • networksecurity.addressGroups.update
  • networksecurity.addressGroups.use

networksecurity.authorizationPolicies.*

  • networksecurity.authorizationPolicies.create
  • networksecurity.authorizationPolicies.delete
  • networksecurity.authorizationPolicies.get
  • networksecurity.authorizationPolicies.getIamPolicy
  • networksecurity.authorizationPolicies.list
  • networksecurity.authorizationPolicies.setIamPolicy
  • networksecurity.authorizationPolicies.update
  • networksecurity.authorizationPolicies.use

networksecurity.authzPolicies.*

  • networksecurity.authzPolicies.create
  • networksecurity.authzPolicies.delete
  • networksecurity.authzPolicies.get
  • networksecurity.authzPolicies.getIamPolicy
  • networksecurity.authzPolicies.list
  • networksecurity.authzPolicies.setIamPolicy
  • networksecurity.authzPolicies.update

networksecurity.backendAuthenticationConfigs.*

  • networksecurity.backendAuthenticationConfigs.create
  • networksecurity.backendAuthenticationConfigs.delete
  • networksecurity.backendAuthenticationConfigs.get
  • networksecurity.backendAuthenticationConfigs.list
  • networksecurity.backendAuthenticationConfigs.update
  • networksecurity.backendAuthenticationConfigs.use

networksecurity.clientTlsPolicies.*

  • networksecurity.clientTlsPolicies.create
  • networksecurity.clientTlsPolicies.delete
  • networksecurity.clientTlsPolicies.get
  • networksecurity.clientTlsPolicies.getIamPolicy
  • networksecurity.clientTlsPolicies.list
  • networksecurity.clientTlsPolicies.setIamPolicy
  • networksecurity.clientTlsPolicies.update
  • networksecurity.clientTlsPolicies.use

networksecurity.firewallEndpointAssociations.*

  • networksecurity.firewallEndpointAssociations.create
  • networksecurity.firewallEndpointAssociations.delete
  • networksecurity.firewallEndpointAssociations.get
  • networksecurity.firewallEndpointAssociations.list
  • networksecurity.firewallEndpointAssociations.update

networksecurity.firewallEndpoints.*

  • networksecurity.firewallEndpoints.create
  • networksecurity.firewallEndpoints.delete
  • networksecurity.firewallEndpoints.get
  • networksecurity.firewallEndpoints.list
  • networksecurity.firewallEndpoints.update
  • networksecurity.firewallEndpoints.use

networksecurity.gatewaySecurityPolicies.*

  • networksecurity.gatewaySecurityPolicies.create
  • networksecurity.gatewaySecurityPolicies.delete
  • networksecurity.gatewaySecurityPolicies.get
  • networksecurity.gatewaySecurityPolicies.list
  • networksecurity.gatewaySecurityPolicies.update
  • networksecurity.gatewaySecurityPolicies.use

networksecurity.gatewaySecurityPolicyRules.*

  • networksecurity.gatewaySecurityPolicyRules.create
  • networksecurity.gatewaySecurityPolicyRules.delete
  • networksecurity.gatewaySecurityPolicyRules.get
  • networksecurity.gatewaySecurityPolicyRules.list
  • networksecurity.gatewaySecurityPolicyRules.update
  • networksecurity.gatewaySecurityPolicyRules.use

networksecurity.locations.*

  • networksecurity.locations.get
  • networksecurity.locations.list

networksecurity.operations.*

  • networksecurity.operations.cancel
  • networksecurity.operations.delete
  • networksecurity.operations.get
  • networksecurity.operations.list

networksecurity.sacAttachments.*

  • networksecurity.sacAttachments.create
  • networksecurity.sacAttachments.delete
  • networksecurity.sacAttachments.get
  • networksecurity.sacAttachments.list

networksecurity.sacRealms.*

  • networksecurity.sacRealms.create
  • networksecurity.sacRealms.delete
  • networksecurity.sacRealms.get
  • networksecurity.sacRealms.list

networksecurity.securityProfileGroups.*

  • networksecurity.securityProfileGroups.create
  • networksecurity.securityProfileGroups.delete
  • networksecurity.securityProfileGroups.get
  • networksecurity.securityProfileGroups.list
  • networksecurity.securityProfileGroups.update
  • networksecurity.securityProfileGroups.use

networksecurity.securityProfiles.*

  • networksecurity.securityProfiles.create
  • networksecurity.securityProfiles.delete
  • networksecurity.securityProfiles.get
  • networksecurity.securityProfiles.list
  • networksecurity.securityProfiles.update
  • networksecurity.securityProfiles.use

networksecurity.serverTlsPolicies.*

  • networksecurity.serverTlsPolicies.create
  • networksecurity.serverTlsPolicies.delete
  • networksecurity.serverTlsPolicies.get
  • networksecurity.serverTlsPolicies.getIamPolicy
  • networksecurity.serverTlsPolicies.list
  • networksecurity.serverTlsPolicies.setIamPolicy
  • networksecurity.serverTlsPolicies.update
  • networksecurity.serverTlsPolicies.use

networksecurity.tlsInspectionPolicies.*

  • networksecurity.tlsInspectionPolicies.create
  • networksecurity.tlsInspectionPolicies.delete
  • networksecurity.tlsInspectionPolicies.get
  • networksecurity.tlsInspectionPolicies.list
  • networksecurity.tlsInspectionPolicies.update
  • networksecurity.tlsInspectionPolicies.use

networksecurity.urlLists.*

  • networksecurity.urlLists.create
  • networksecurity.urlLists.delete
  • networksecurity.urlLists.get
  • networksecurity.urlLists.list
  • networksecurity.urlLists.update
  • networksecurity.urlLists.use

networkservices.*

  • networkservices.authzExtensions.create
  • networkservices.authzExtensions.delete
  • networkservices.authzExtensions.get
  • networkservices.authzExtensions.list
  • networkservices.authzExtensions.update
  • networkservices.authzExtensions.use
  • networkservices.endpointPolicies.create
  • networkservices.endpointPolicies.delete
  • networkservices.endpointPolicies.get
  • networkservices.endpointPolicies.list
  • networkservices.endpointPolicies.update
  • networkservices.gateways.create
  • networkservices.gateways.delete
  • networkservices.gateways.get
  • networkservices.gateways.list
  • networkservices.gateways.update
  • networkservices.gateways.use
  • networkservices.grpcRoutes.create
  • networkservices.grpcRoutes.delete
  • networkservices.grpcRoutes.get
  • networkservices.grpcRoutes.list
  • networkservices.grpcRoutes.update
  • networkservices.httpFilters.create
  • networkservices.httpFilters.delete
  • networkservices.httpFilters.get
  • networkservices.httpFilters.list
  • networkservices.httpFilters.update
  • networkservices.httpRoutes.create
  • networkservices.httpRoutes.delete
  • networkservices.httpRoutes.get
  • networkservices.httpRoutes.list
  • networkservices.httpRoutes.update
  • networkservices.httpfilters.create
  • networkservices.httpfilters.delete
  • networkservices.httpfilters.get
  • networkservices.httpfilters.getIamPolicy
  • networkservices.httpfilters.list
  • networkservices.httpfilters.setIamPolicy
  • networkservices.httpfilters.update
  • networkservices.httpfilters.use
  • networkservices.lbEdgeExtensions.create
  • networkservices.lbEdgeExtensions.delete
  • networkservices.lbEdgeExtensions.get
  • networkservices.lbEdgeExtensions.list
  • networkservices.lbEdgeExtensions.update
  • networkservices.lbRouteExtensions.create
  • networkservices.lbRouteExtensions.delete
  • networkservices.lbRouteExtensions.get
  • networkservices.lbRouteExtensions.list
  • networkservices.lbRouteExtensions.update
  • networkservices.lbTcpExtensions.createForNetwork
  • networkservices.lbTcpExtensions.deleteForNetwork
  • networkservices.lbTcpExtensions.getForNetwork
  • networkservices.lbTcpExtensions.listForNetwork
  • networkservices.lbTcpExtensions.updateForNetwork
  • networkservices.lbTrafficExtensions.create
  • networkservices.lbTrafficExtensions.delete
  • networkservices.lbTrafficExtensions.get
  • networkservices.lbTrafficExtensions.list
  • networkservices.lbTrafficExtensions.update
  • networkservices.locations.get
  • networkservices.locations.list
  • networkservices.meshes.create
  • networkservices.meshes.delete
  • networkservices.meshes.get
  • networkservices.meshes.list
  • networkservices.meshes.update
  • networkservices.meshes.use
  • networkservices.operations.cancel
  • networkservices.operations.delete
  • networkservices.operations.get
  • networkservices.operations.list
  • networkservices.route_views.get
  • networkservices.route_views.list
  • networkservices.serviceBindings.create
  • networkservices.serviceBindings.delete
  • networkservices.serviceBindings.get
  • networkservices.serviceBindings.list
  • networkservices.serviceBindings.update
  • networkservices.serviceLbPolicies.create
  • networkservices.serviceLbPolicies.delete
  • networkservices.serviceLbPolicies.get
  • networkservices.serviceLbPolicies.list
  • networkservices.serviceLbPolicies.update
  • networkservices.swpSecurityExtensions.create
  • networkservices.swpSecurityExtensions.delete
  • networkservices.swpSecurityExtensions.get
  • networkservices.swpSecurityExtensions.list
  • networkservices.swpSecurityExtensions.update
  • networkservices.tcpRoutes.create
  • networkservices.tcpRoutes.delete
  • networkservices.tcpRoutes.get
  • networkservices.tcpRoutes.list
  • networkservices.tcpRoutes.update
  • networkservices.tlsRoutes.create
  • networkservices.tlsRoutes.delete
  • networkservices.tlsRoutes.get
  • networkservices.tlsRoutes.list
  • networkservices.tlsRoutes.update
  • networkservices.wasmPlugins.create
  • networkservices.wasmPlugins.delete
  • networkservices.wasmPlugins.get
  • networkservices.wasmPlugins.list
  • networkservices.wasmPlugins.update
  • networkservices.wasmPlugins.use

observability.scopes.get

opsconfigmonitoring.resourceMetadata.list

orgpolicy.policy.get

pubsub.*

  • pubsub.messageTransforms.validate
  • pubsub.schemas.attach
  • pubsub.schemas.commit
  • pubsub.schemas.create
  • pubsub.schemas.delete
  • pubsub.schemas.get
  • pubsub.schemas.getIamPolicy
  • pubsub.schemas.list
  • pubsub.schemas.listRevisions
  • pubsub.schemas.rollback
  • pubsub.schemas.setIamPolicy
  • pubsub.schemas.validate
  • pubsub.snapshots.create
  • pubsub.snapshots.createTagBinding
  • pubsub.snapshots.delete
  • pubsub.snapshots.deleteTagBinding
  • pubsub.snapshots.get
  • pubsub.snapshots.getIamPolicy
  • pubsub.snapshots.list
  • pubsub.snapshots.listEffectiveTags
  • pubsub.snapshots.listTagBindings
  • pubsub.snapshots.seek
  • pubsub.snapshots.setIamPolicy
  • pubsub.snapshots.update
  • pubsub.subscriptions.consume
  • pubsub.subscriptions.create
  • pubsub.subscriptions.createTagBinding
  • pubsub.subscriptions.delete
  • pubsub.subscriptions.deleteTagBinding
  • pubsub.subscriptions.get
  • pubsub.subscriptions.getIamPolicy
  • pubsub.subscriptions.list
  • pubsub.subscriptions.listEffectiveTags
  • pubsub.subscriptions.listTagBindings
  • pubsub.subscriptions.setIamPolicy
  • pubsub.subscriptions.update
  • pubsub.topics.attachSubscription
  • pubsub.topics.create
  • pubsub.topics.createTagBinding
  • pubsub.topics.delete
  • pubsub.topics.deleteTagBinding
  • pubsub.topics.detachSubscription
  • pubsub.topics.get
  • pubsub.topics.getIamPolicy
  • pubsub.topics.list
  • pubsub.topics.listEffectiveTags
  • pubsub.topics.listTagBindings
  • pubsub.topics.publish
  • pubsub.topics.setIamPolicy
  • pubsub.topics.update
  • pubsub.topics.updateTag

recommender.dataflowDiagnosticsInsights.*

  • recommender.dataflowDiagnosticsInsights.get
  • recommender.dataflowDiagnosticsInsights.list
  • recommender.dataflowDiagnosticsInsights.update

recommender.iamPolicyInsights.*

  • recommender.iamPolicyInsights.get
  • recommender.iamPolicyInsights.list
  • recommender.iamPolicyInsights.update

recommender.iamPolicyRecommendations.*

  • recommender.iamPolicyRecommendations.get
  • recommender.iamPolicyRecommendations.list
  • recommender.iamPolicyRecommendations.update

recommender.storageBucketSoftDeleteInsights.*

  • recommender.storageBucketSoftDeleteInsights.get
  • recommender.storageBucketSoftDeleteInsights.list
  • recommender.storageBucketSoftDeleteInsights.update

recommender.storageBucketSoftDeleteRecommendations.*

  • recommender.storageBucketSoftDeleteRecommendations.get
  • recommender.storageBucketSoftDeleteRecommendations.list
  • recommender.storageBucketSoftDeleteRecommendations.update

resourcemanager.hierarchyNodes.listEffectiveTags

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.namespaces.create

servicedirectory.namespaces.delete

servicedirectory.services.create

servicedirectory.services.delete

servicenetworking.operations.get

servicenetworking.services.addPeering

servicenetworking.services.createPeeredDnsDomain

servicenetworking.services.deleteConnection

servicenetworking.services.deletePeeredDnsDomain

servicenetworking.services.disableVpcServiceControls

servicenetworking.services.enableVpcServiceControls

servicenetworking.services.get

servicenetworking.services.getVpcServiceControls

servicenetworking.services.listPeeredDnsDomains

serviceusage.consumerpolicy.analyze

serviceusage.consumerpolicy.get

serviceusage.effectivepolicy.get

serviceusage.groups.*

  • serviceusage.groups.list
  • serviceusage.groups.listExpandedMembers
  • serviceusage.groups.listMembers

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

serviceusage.services.use

serviceusage.values.test

stackdriver.projects.get

stackdriver.resourceMetadata.list

storage.anywhereCaches.*

  • storage.anywhereCaches.create
  • storage.anywhereCaches.disable
  • storage.anywhereCaches.get
  • storage.anywhereCaches.list
  • storage.anywhereCaches.pause
  • storage.anywhereCaches.resume
  • storage.anywhereCaches.update

storage.bucketOperations.*

  • storage.bucketOperations.cancel
  • storage.bucketOperations.get
  • storage.bucketOperations.list

storage.buckets.*

  • storage.buckets.create
  • storage.buckets.createTagBinding
  • storage.buckets.delete
  • storage.buckets.deleteTagBinding
  • storage.buckets.enableObjectRetention
  • storage.buckets.get
  • storage.buckets.getIamPolicy
  • storage.buckets.getIpFilter
  • storage.buckets.getObjectInsights
  • storage.buckets.list
  • storage.buckets.listEffectiveTags
  • storage.buckets.listTagBindings
  • storage.buckets.relocate
  • storage.buckets.restore
  • storage.buckets.setIamPolicy
  • storage.buckets.setIpFilter
  • storage.buckets.update

storage.folders.*

  • storage.folders.create
  • storage.folders.delete
  • storage.folders.get
  • storage.folders.list
  • storage.folders.rename

storage.intelligenceConfigs.*

  • storage.intelligenceConfigs.get
  • storage.intelligenceConfigs.update

storage.managedFolders.*

  • storage.managedFolders.create
  • storage.managedFolders.delete
  • storage.managedFolders.get
  • storage.managedFolders.getIamPolicy
  • storage.managedFolders.list
  • storage.managedFolders.setIamPolicy

storage.multipartUploads.*

  • storage.multipartUploads.abort
  • storage.multipartUploads.create
  • storage.multipartUploads.list
  • storage.multipartUploads.listParts

storage.objects.*

  • storage.objects.create
  • storage.objects.createContext
  • storage.objects.delete
  • storage.objects.deleteContext
  • storage.objects.get
  • storage.objects.getIamPolicy
  • storage.objects.list
  • storage.objects.move
  • storage.objects.overrideUnlockedRetention
  • storage.objects.restore
  • storage.objects.setIamPolicy
  • storage.objects.setRetention
  • storage.objects.update
  • storage.objects.updateContext

storagebatchoperations.*

  • storagebatchoperations.jobs.cancel
  • storagebatchoperations.jobs.create
  • storagebatchoperations.jobs.delete
  • storagebatchoperations.jobs.get
  • storagebatchoperations.jobs.list
  • storagebatchoperations.locations.get
  • storagebatchoperations.locations.list
  • storagebatchoperations.operations.cancel
  • storagebatchoperations.operations.delete
  • storagebatchoperations.operations.get
  • storagebatchoperations.operations.list

telemetry.metrics.write

trafficdirector.*

  • trafficdirector.networks.getConfigs
  • trafficdirector.networks.reportMetrics

(roles/dataflow.viewer)

Provides read-only access to all Dataflow-related resources.

Lowest-level resources where you can grant this role:

  • Project

dataflow.jobs.get

dataflow.jobs.list

dataflow.messages.list

dataflow.metrics.get

dataflow.snapshots.get

dataflow.snapshots.list

recommender.dataflowDiagnosticsInsights.get

recommender.dataflowDiagnosticsInsights.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/dataflow.worker)

Provides the permissions necessary for a Compute Engine service account to execute work units for a Dataflow pipeline.

Lowest-level resources where you can grant this role:

  • Project

autoscaling.sites.readRecommendations

autoscaling.sites.writeMetrics

autoscaling.sites.writeState

compute.instanceGroupManagers.update

compute.instances.delete

compute.instances.setDiskAutoDelete

dataflow.jobs.get

dataflow.shuffle.*

  • dataflow.shuffle.read
  • dataflow.shuffle.write

dataflow.streamingWorkItems.*

  • dataflow.streamingWorkItems.ImportState
  • dataflow.streamingWorkItems.commitWork
  • dataflow.streamingWorkItems.getData
  • dataflow.streamingWorkItems.getWork
  • dataflow.streamingWorkItems.getWorkerMetadata

dataflow.workItems.*

  • dataflow.workItems.lease
  • dataflow.workItems.sendMessage
  • dataflow.workItems.update

logging.logEntries.create

logging.logEntries.route

monitoring.timeSeries.create

storage.buckets.get

storage.objects.create

storage.objects.get

Dataflow 工作站角色 (roles/dataflow.worker) 提供 Compute Engine 服務帳戶執行 Apache Beam 管道工作單元所需的權限。Dataflow 工作者角色必須指派給可從 Dataflow 服務要求及更新工作的服務帳戶。

Dataflow 服務代理程式角色 (roles/dataflow.serviceAgent) 僅供 Dataflow 服務帳戶使用。這項角色可授予服務帳戶存取專案中受管理資源的權限,以便執行 Dataflow 工作。 Google Cloud 當您透過 Google Cloud 控制台的「APIs」(API) 頁面為專案啟用 Dataflow API 時,系統會自動將這個角色指派給服務帳戶。

建立工作

如要建立工作,roles/dataflow.admin 角色包含執行及檢查工作所需的最低權限。

或者需要以下權限:

角色指派範例

為說明不同 Dataflow 角色的功用,請參考以下細分資訊:

指派 Dataflow 角色

目前只能針對機構和專案設定 Dataflow 角色。

如要管理機構層級的角色,請參閱使用 IAM 對機構進行存取權控管一文。

如要設定專案層級的角色,請參閱「授予、變更及撤銷資源存取權」一文。