Network Management API roles and permissions

This page lists the IAM roles and permissions for Network Management API. To search through all roles and permissions, see the role and permission index.

Network Management API roles

Role Permissions

Role	Permissions
Network Management Admin (`roles/networkmanagement.admin`) Full access to Network Management resources. Lowest-level resources where you can grant this role: Project	`networkmanagement.*` `networkmanagement.connectivitytests.create` `networkmanagement.connectivitytests.delete` `networkmanagement.connectivitytests.get` `networkmanagement.connectivitytests.getIamPolicy` `networkmanagement.connectivitytests.list` `networkmanagement.connectivitytests.rerun` `networkmanagement.connectivitytests.setIamPolicy` `networkmanagement.connectivitytests.update` `networkmanagement.locations.get` `networkmanagement.locations.list` `networkmanagement.monitoringpoints.downloadConfig` `networkmanagement.monitoringpoints.get` `networkmanagement.monitoringpoints.list` `networkmanagement.networkpaths.get` `networkmanagement.networkpaths.list` `networkmanagement.operations.cancel` `networkmanagement.operations.delete` `networkmanagement.operations.get` `networkmanagement.operations.list` `networkmanagement.providers.create` `networkmanagement.providers.delete` `networkmanagement.providers.generateProviderAccessToken` `networkmanagement.providers.get` `networkmanagement.providers.list` `networkmanagement.topologygraphs.read` `networkmanagement.vpcflowlogsconfigs.create` `networkmanagement.vpcflowlogsconfigs.delete` `networkmanagement.vpcflowlogsconfigs.get` `networkmanagement.vpcflowlogsconfigs.list` `networkmanagement.vpcflowlogsconfigs.update` `networkmanagement.webpaths.get` `networkmanagement.webpaths.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Networkmanagement Editor (`roles/networkmanagement.editor`) Editor role for networkmanagement	`networkmanagement.connectivitytests.create` `networkmanagement.connectivitytests.delete` `networkmanagement.connectivitytests.get` `networkmanagement.connectivitytests.getIamPolicy` `networkmanagement.connectivitytests.list` `networkmanagement.connectivitytests.rerun` `networkmanagement.connectivitytests.update` `networkmanagement.locations.` `networkmanagement.locations.get` `networkmanagement.locations.list` `networkmanagement.monitoringpoints.get` `networkmanagement.monitoringpoints.list` `networkmanagement.networkpaths.` `networkmanagement.networkpaths.get` `networkmanagement.networkpaths.list` `networkmanagement.operations.` `networkmanagement.operations.cancel` `networkmanagement.operations.delete` `networkmanagement.operations.get` `networkmanagement.operations.list` `networkmanagement.providers.get` `networkmanagement.providers.list` `networkmanagement.topologygraphs.read` `networkmanagement.vpcflowlogsconfigs.` `networkmanagement.vpcflowlogsconfigs.create` `networkmanagement.vpcflowlogsconfigs.delete` `networkmanagement.vpcflowlogsconfigs.get` `networkmanagement.vpcflowlogsconfigs.list` `networkmanagement.vpcflowlogsconfigs.update` `networkmanagement.webpaths.*` `networkmanagement.webpaths.get` `networkmanagement.webpaths.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Network Management Viewer (`roles/networkmanagement.viewer`) Read-only access to Network Management resources. Lowest-level resources where you can grant this role: Project	`networkmanagement.connectivitytests.get` `networkmanagement.connectivitytests.getIamPolicy` `networkmanagement.connectivitytests.list` `networkmanagement.locations.` `networkmanagement.locations.get` `networkmanagement.locations.list` `networkmanagement.monitoringpoints.get` `networkmanagement.monitoringpoints.list` `networkmanagement.networkpaths.` `networkmanagement.networkpaths.get` `networkmanagement.networkpaths.list` `networkmanagement.operations.get` `networkmanagement.operations.list` `networkmanagement.providers.get` `networkmanagement.providers.list` `networkmanagement.topologygraphs.read` `networkmanagement.vpcflowlogsconfigs.get` `networkmanagement.vpcflowlogsconfigs.list` `networkmanagement.webpaths.*` `networkmanagement.webpaths.get` `networkmanagement.webpaths.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Network Insights Admin ^Beta (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Full access to Cloud Network Insights resources.	`networkmanagement.locations.` `networkmanagement.locations.get` `networkmanagement.locations.list` `networkmanagement.monitoringpoints.` `networkmanagement.monitoringpoints.downloadConfig` `networkmanagement.monitoringpoints.get` `networkmanagement.monitoringpoints.list` `networkmanagement.networkpaths.` `networkmanagement.networkpaths.get` `networkmanagement.networkpaths.list` `networkmanagement.operations.get` `networkmanagement.operations.list` `networkmanagement.providers.` `networkmanagement.providers.create` `networkmanagement.providers.delete` `networkmanagement.providers.generateProviderAccessToken` `networkmanagement.providers.get` `networkmanagement.providers.list` `networkmanagement.webpaths.*` `networkmanagement.webpaths.get` `networkmanagement.webpaths.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Network Insights Editor ^Beta (`roles/networkmanagement.CloudNetworkInsightsEditor`) Editor access to Cloud Network Insights resources.	`networkmanagement.locations.` `networkmanagement.locations.get` `networkmanagement.locations.list` `networkmanagement.monitoringpoints.` `networkmanagement.monitoringpoints.downloadConfig` `networkmanagement.monitoringpoints.get` `networkmanagement.monitoringpoints.list` `networkmanagement.networkpaths.` `networkmanagement.networkpaths.get` `networkmanagement.networkpaths.list` `networkmanagement.operations.get` `networkmanagement.operations.list` `networkmanagement.providers.` `networkmanagement.providers.create` `networkmanagement.providers.delete` `networkmanagement.providers.generateProviderAccessToken` `networkmanagement.providers.get` `networkmanagement.providers.list` `networkmanagement.webpaths.*` `networkmanagement.webpaths.get` `networkmanagement.webpaths.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Network Insights Viewer ^Beta (`roles/networkmanagement.CloudNetworkInsightsViewer`) Read-only access to Cloud Network Insights resources.	`networkmanagement.monitoringpoints.get` `networkmanagement.monitoringpoints.list` `networkmanagement.networkpaths.` `networkmanagement.networkpaths.get` `networkmanagement.networkpaths.list` `networkmanagement.providers.generateProviderAccessToken` `networkmanagement.providers.get` `networkmanagement.providers.list` `networkmanagement.webpaths.` `networkmanagement.webpaths.get` `networkmanagement.webpaths.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`

Network Management Admin

(roles/networkmanagement.admin)

Full access to Network Management resources.

Lowest-level resources where you can grant this role:

Project

networkmanagement.*

networkmanagement.connectivitytests.create
networkmanagement.connectivitytests.delete
networkmanagement.connectivitytests.get
networkmanagement.connectivitytests.getIamPolicy
networkmanagement.connectivitytests.list
networkmanagement.connectivitytests.rerun
networkmanagement.connectivitytests.setIamPolicy
networkmanagement.connectivitytests.update
networkmanagement.locations.get
networkmanagement.locations.list
networkmanagement.monitoringpoints.downloadConfig
networkmanagement.monitoringpoints.get
networkmanagement.monitoringpoints.list
networkmanagement.networkpaths.get
networkmanagement.networkpaths.list
networkmanagement.operations.cancel
networkmanagement.operations.delete
networkmanagement.operations.get
networkmanagement.operations.list
networkmanagement.providers.create
networkmanagement.providers.delete
networkmanagement.providers.generateProviderAccessToken
networkmanagement.providers.get
networkmanagement.providers.list
networkmanagement.topologygraphs.read
networkmanagement.vpcflowlogsconfigs.create
networkmanagement.vpcflowlogsconfigs.delete
networkmanagement.vpcflowlogsconfigs.get
networkmanagement.vpcflowlogsconfigs.list
networkmanagement.vpcflowlogsconfigs.update
networkmanagement.webpaths.get
networkmanagement.webpaths.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Networkmanagement Editor

(roles/networkmanagement.editor)

Editor role for networkmanagement

networkmanagement.connectivitytests.create

networkmanagement.connectivitytests.delete

networkmanagement.connectivitytests.get

networkmanagement.connectivitytests.getIamPolicy

networkmanagement.connectivitytests.list

networkmanagement.connectivitytests.rerun

networkmanagement.connectivitytests.update

networkmanagement.locations.*

networkmanagement.locations.get
networkmanagement.locations.list

networkmanagement.monitoringpoints.get

networkmanagement.monitoringpoints.list

networkmanagement.networkpaths.*

networkmanagement.networkpaths.get
networkmanagement.networkpaths.list

networkmanagement.operations.*

networkmanagement.operations.cancel
networkmanagement.operations.delete
networkmanagement.operations.get
networkmanagement.operations.list

networkmanagement.providers.get

networkmanagement.providers.list

networkmanagement.topologygraphs.read

networkmanagement.vpcflowlogsconfigs.*

networkmanagement.vpcflowlogsconfigs.create
networkmanagement.vpcflowlogsconfigs.delete
networkmanagement.vpcflowlogsconfigs.get
networkmanagement.vpcflowlogsconfigs.list
networkmanagement.vpcflowlogsconfigs.update

networkmanagement.webpaths.*

networkmanagement.webpaths.get
networkmanagement.webpaths.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Network Management Viewer

(roles/networkmanagement.viewer)

Read-only access to Network Management resources.

Lowest-level resources where you can grant this role:

Project

networkmanagement.connectivitytests.get

networkmanagement.connectivitytests.getIamPolicy

networkmanagement.connectivitytests.list

networkmanagement.locations.*

networkmanagement.locations.get
networkmanagement.locations.list

networkmanagement.monitoringpoints.get

networkmanagement.monitoringpoints.list

networkmanagement.networkpaths.*

networkmanagement.networkpaths.get
networkmanagement.networkpaths.list

networkmanagement.operations.get

networkmanagement.operations.list

networkmanagement.providers.get

networkmanagement.providers.list

networkmanagement.topologygraphs.read

networkmanagement.vpcflowlogsconfigs.get

networkmanagement.vpcflowlogsconfigs.list

networkmanagement.webpaths.*

networkmanagement.webpaths.get
networkmanagement.webpaths.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Network Insights Admin ^Beta

(roles/networkmanagement.CloudNetworkInsightsAdmin)

Full access to Cloud Network Insights resources.

networkmanagement.locations.*

networkmanagement.locations.get
networkmanagement.locations.list

networkmanagement.monitoringpoints.*

networkmanagement.monitoringpoints.downloadConfig
networkmanagement.monitoringpoints.get
networkmanagement.monitoringpoints.list

networkmanagement.networkpaths.*

networkmanagement.networkpaths.get
networkmanagement.networkpaths.list

networkmanagement.operations.get

networkmanagement.operations.list

networkmanagement.providers.*

networkmanagement.providers.create
networkmanagement.providers.delete
networkmanagement.providers.generateProviderAccessToken
networkmanagement.providers.get
networkmanagement.providers.list

networkmanagement.webpaths.*

networkmanagement.webpaths.get
networkmanagement.webpaths.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Network Insights Editor ^Beta

(roles/networkmanagement.CloudNetworkInsightsEditor)

Editor access to Cloud Network Insights resources.

networkmanagement.locations.*

networkmanagement.locations.get
networkmanagement.locations.list

networkmanagement.monitoringpoints.*

networkmanagement.monitoringpoints.downloadConfig
networkmanagement.monitoringpoints.get
networkmanagement.monitoringpoints.list

networkmanagement.networkpaths.*

networkmanagement.networkpaths.get
networkmanagement.networkpaths.list

networkmanagement.operations.get

networkmanagement.operations.list

networkmanagement.providers.*

networkmanagement.providers.create
networkmanagement.providers.delete
networkmanagement.providers.generateProviderAccessToken
networkmanagement.providers.get
networkmanagement.providers.list

networkmanagement.webpaths.*

networkmanagement.webpaths.get
networkmanagement.webpaths.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Network Insights Viewer ^Beta

(roles/networkmanagement.CloudNetworkInsightsViewer)

Read-only access to Cloud Network Insights resources.

networkmanagement.monitoringpoints.get

networkmanagement.monitoringpoints.list

networkmanagement.networkpaths.*

networkmanagement.networkpaths.get
networkmanagement.networkpaths.list

networkmanagement.providers.generateProviderAccessToken

networkmanagement.providers.get

networkmanagement.providers.list

networkmanagement.webpaths.*

networkmanagement.webpaths.get
networkmanagement.webpaths.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Service agent roles

Service agent roles should only be granted to service agents.

Role Permissions

Role	Permissions
GCP Network Management Service Agent (`roles/networkmanagement.serviceAgent`) Grants the GCP Network Management API the authority to complete analysis based on network configurations from Compute Engine and Container Engine. Warning: Do not grant service agent roles to any principals except service agents.	`cloudsql.instances.get` `cloudsql.instances.list` `compute.addresses.get` `compute.addresses.list` `compute.backendServices.get` `compute.backendServices.list` `compute.externalVpnGateways.get` `compute.externalVpnGateways.list` `compute.firewalls.get` `compute.firewalls.list` `compute.forwardingRules.get` `compute.forwardingRules.list` `compute.globalAddresses.get` `compute.globalAddresses.list` `compute.globalForwardingRules.get` `compute.globalForwardingRules.list` `compute.globalNetworkEndpointGroups.get` `compute.globalNetworkEndpointGroups.list` `compute.healthChecks.get` `compute.healthChecks.list` `compute.httpHealthChecks.get` `compute.httpHealthChecks.list` `compute.httpsHealthChecks.get` `compute.httpsHealthChecks.list` `compute.instanceGroups.get` `compute.instanceGroups.list` `compute.instances.get` `compute.instances.list` `compute.networkEndpointGroups.get` `compute.networkEndpointGroups.list` `compute.networks.get` `compute.networks.getEffectiveFirewalls` `compute.networks.list` `compute.networks.listPeeringRoutes` `compute.packetMirrorings.get` `compute.packetMirrorings.list` `compute.regionBackendServices.get` `compute.regionBackendServices.list` `compute.regionHealthChecks.get` `compute.regionHealthChecks.list` `compute.regionNetworkEndpointGroups.get` `compute.regionNetworkEndpointGroups.list` `compute.regionTargetHttpProxies.get` `compute.regionTargetHttpProxies.list` `compute.regionTargetHttpsProxies.get` `compute.regionTargetHttpsProxies.list` `compute.regionTargetTcpProxies.get` `compute.regionTargetTcpProxies.list` `compute.regionUrlMaps.get` `compute.regionUrlMaps.list` `compute.routers.get` `compute.routers.list` `compute.routes.get` `compute.routes.list` `compute.subnetworks.get` `compute.subnetworks.list` `compute.targetGrpcProxies.get` `compute.targetGrpcProxies.list` `compute.targetHttpProxies.get` `compute.targetHttpProxies.list` `compute.targetHttpsProxies.get` `compute.targetHttpsProxies.list` `compute.targetInstances.get` `compute.targetInstances.list` `compute.targetPools.get` `compute.targetPools.list` `compute.targetSslProxies.get` `compute.targetSslProxies.list` `compute.targetTcpProxies.get` `compute.targetTcpProxies.list` `compute.targetVpnGateways.get` `compute.targetVpnGateways.list` `compute.urlMaps.get` `compute.urlMaps.list` `compute.vpnGateways.get` `compute.vpnGateways.list` `compute.vpnTunnels.get` `compute.vpnTunnels.list` `container.clusters.get` `container.clusters.list` `container.nodes.get` `container.nodes.list`

GCP Network Management Service Agent

(roles/networkmanagement.serviceAgent)

Grants the GCP Network Management API the authority to complete analysis based on network configurations from Compute Engine and Container Engine.

cloudsql.instances.get

cloudsql.instances.list

compute.addresses.get

compute.addresses.list

compute.backendServices.get

compute.backendServices.list

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewalls.get

compute.firewalls.list

compute.forwardingRules.get

compute.forwardingRules.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.healthChecks.get

compute.healthChecks.list

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instances.get

compute.instances.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.list

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.list

compute.networks.listPeeringRoutes

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.regionBackendServices.get

compute.regionBackendServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.subnetworks.get

compute.subnetworks.list

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetInstances.get

compute.targetInstances.list

compute.targetPools.get

compute.targetPools.list

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

container.clusters.get

container.clusters.list

container.nodes.get

container.nodes.list

Network Management API permissions

Permission	Included in roles
`networkmanagement.connectivitytests.create`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.connectivitytests.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.connectivitytests.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Compute Network Admin (`roles/compute.networkAdmin`) Compute Network User (`roles/compute.networkUser`) Compute Network Viewer (`roles/compute.networkViewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Infrastructure Administrator (`roles/iam.infrastructureAdmin`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud TPU V2 API Service Agent (`roles/cloudtpu.serviceAgent`) Cloud Composer API Service Agent (`roles/composer.serviceAgent`) Kubernetes Engine Service Agent (`roles/container.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) External Exposure Service Agent (`roles/externalexposure.serviceAgent`) Cluster Director Shared VPC Service Agent (`roles/hypercomputecluster.sharedVpcServiceAgent`)
`networkmanagement.connectivitytests.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`)
`networkmanagement.connectivitytests.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Compute Network Admin (`roles/compute.networkAdmin`) Compute Network User (`roles/compute.networkUser`) Compute Network Viewer (`roles/compute.networkViewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Infrastructure Administrator (`roles/iam.infrastructureAdmin`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud TPU V2 API Service Agent (`roles/cloudtpu.serviceAgent`) Cloud Composer API Service Agent (`roles/composer.serviceAgent`) Kubernetes Engine Service Agent (`roles/container.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Database Migration Service Agent (`roles/datamigration.serviceAgent`) External Exposure Service Agent (`roles/externalexposure.serviceAgent`) Cluster Director Shared VPC Service Agent (`roles/hypercomputecluster.sharedVpcServiceAgent`)
`networkmanagement.connectivitytests.rerun`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.connectivitytests.setIamPolicy`	Owner (`roles/owner`) Security Admin (`roles/iam.securityAdmin`) Network Management Admin (`roles/networkmanagement.admin`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.connectivitytests.update`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.locations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.locations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.monitoringpoints.downloadConfig`	Owner (`roles/owner`) Network Management Admin (`roles/networkmanagement.admin`) Network Administrator (`roles/iam.networkAdmin`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.monitoringpoints.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.monitoringpoints.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.networkpaths.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.networkpaths.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.providers.create`	Owner (`roles/owner`) Network Management Admin (`roles/networkmanagement.admin`) Network Administrator (`roles/iam.networkAdmin`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.providers.delete`	Owner (`roles/owner`) Network Management Admin (`roles/networkmanagement.admin`) Network Administrator (`roles/iam.networkAdmin`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`)
`networkmanagement.providers.generateProviderAccessToken`	Owner (`roles/owner`) Network Management Admin (`roles/networkmanagement.admin`) Network Administrator (`roles/iam.networkAdmin`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.providers.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.providers.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.topologygraphs.read`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`)
`networkmanagement.vpcflowlogsconfigs.create`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.vpcflowlogsconfigs.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.vpcflowlogsconfigs.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`)
`networkmanagement.vpcflowlogsconfigs.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`)
`networkmanagement.vpcflowlogsconfigs.update`	Owner (`roles/owner`) Editor (`roles/editor`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Administrator (`roles/iam.networkAdmin`)
`networkmanagement.webpaths.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)
`networkmanagement.webpaths.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Network Management Admin (`roles/networkmanagement.admin`) Networkmanagement Editor (`roles/networkmanagement.editor`) Network Management Viewer (`roles/networkmanagement.viewer`) Network Administrator (`roles/iam.networkAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Cloud Network Insights Admin (`roles/networkmanagement.CloudNetworkInsightsAdmin`) Cloud Network Insights Editor (`roles/networkmanagement.CloudNetworkInsightsEditor`) Cloud Network Insights Viewer (`roles/networkmanagement.CloudNetworkInsightsViewer`)

Network Management API roles and permissions Stay organized with collections Save and categorize content based on your preferences.