Console
    Start free

    Cluster Director roles and permissions

    This page lists the IAM roles and permissions for Cluster Director. To search through all roles and permissions, see the role and permission index .

    Cluster Director roles

    Role
    Permissions

    ( roles/ hypercomputecluster.editor )

    Edit access to Cluster Director resources.

    hypercomputecluster.*

    • hypercomputecluster. clusters. create
    • hypercomputecluster. clusters. delete
    • hypercomputecluster. clusters. get
    • hypercomputecluster. clusters. list
    • hypercomputecluster. clusters. update
    • hypercomputecluster. locations. get
    • hypercomputecluster. locations. list
    • hypercomputecluster. machineLearningRuns. create
    • hypercomputecluster. machineLearningRuns. delete
    • hypercomputecluster. machineLearningRuns. get
    • hypercomputecluster. machineLearningRuns. list
    • hypercomputecluster. machineLearningRuns. update
    • hypercomputecluster. operations. cancel
    • hypercomputecluster. operations. delete
    • hypercomputecluster. operations. get
    • hypercomputecluster. operations. list

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ hypercomputecluster.serviceAgent )

    Grants Cluster Director Service Agent access to necessary GCP resources.

    cloudbuild.connections.list

    cloudbuild. repositories. accessReadToken

    cloudbuild.repositories.list

    cloudquotas.quotas.get

    compute.acceleratorTypes.*

    • compute.acceleratorTypes.get
    • compute.acceleratorTypes.list

    compute.addresses.create

    compute.addresses.delete

    compute.addresses.get

    compute.addresses.list

    compute.addresses.setLabels

    compute.disks.create

    compute.disks.createTagBinding

    compute.disks.delete

    compute.disks.get

    compute.disks.getIamPolicy

    compute.disks.list

    compute.disks.setLabels

    compute.disks.update

    compute.disks.use

    compute. firewallPolicies. cloneRules

    compute. firewallPolicies. create

    compute. firewallPolicies. delete

    compute.firewallPolicies.get

    compute.firewallPolicies.list

    compute. firewallPolicies. update

    compute.firewallPolicies.use

    compute.firewalls.create

    compute.firewalls.delete

    compute.firewalls.get

    compute.firewalls.list

    compute.firewalls.update

    compute.futureReservations.get

    compute. futureReservations. list

    compute. globalAddresses. createInternal

    compute. globalAddresses. deleteInternal

    compute.globalAddresses.get

    compute.globalAddresses.list

    compute. globalAddresses. setLabels

    compute.globalOperations.get

    compute.globalOperations.list

    compute.healthChecks.create

    compute.healthChecks.delete

    compute.healthChecks.get

    compute.healthChecks.list

    compute.healthChecks.update

    compute.healthChecks.use

    compute. httpHealthChecks. create

    compute. httpHealthChecks. delete

    compute.httpHealthChecks.get

    compute.httpHealthChecks.list

    compute. httpHealthChecks. update

    compute.httpHealthChecks.use

    compute. httpsHealthChecks. create

    compute. httpsHealthChecks. delete

    compute.httpsHealthChecks.get

    compute.httpsHealthChecks.list

    compute. httpsHealthChecks. update

    compute.httpsHealthChecks.use

    compute.images.get

    compute.images.getFromFamily

    compute.images.list

    compute.images.useReadOnly

    compute. instanceGroupManagers. create

    compute. instanceGroupManagers. delete

    compute. instanceGroupManagers. get

    compute. instanceGroupManagers. list

    compute. instanceGroupManagers. update

    compute. instanceGroupManagers. use

    compute.instanceGroups.create

    compute.instanceGroups.delete

    compute.instanceGroups.get

    compute.instanceGroups.list

    compute.instanceGroups.update

    compute.instanceGroups.use

    compute. instanceTemplates. create

    compute. instanceTemplates. delete

    compute.instanceTemplates.get

    compute.instanceTemplates.list

    compute. instanceTemplates. useReadOnly

    compute.instances.create

    compute. instances. createTagBinding

    compute.instances.delete

    compute.instances.get

    compute.instances.list

    compute. instances. pscInterfaceCreate

    compute.instances.setLabels

    compute.instances.setMetadata

    compute. instances. setServiceAccount

    compute.instances.setTags

    compute.instances.suspend

    compute.instances.update

    compute.machineTypes.*

    • compute.machineTypes.get
    • compute.machineTypes.list

    compute. networkAttachments. create

    compute. networkAttachments. delete

    compute.networkAttachments.get

    compute. networkAttachments. list

    compute.networks.addPeering

    compute.networks.create

    compute.networks.delete

    compute.networks.get

    compute. networks. getEffectiveFirewalls

    compute.networks.list

    compute. networks. listPeeringRoutes

    compute.networks.removePeering

    compute.networks.updatePeering

    compute.networks.updatePolicy

    compute.networks.use

    compute.projects.get

    compute.regionOperations.get

    compute.regionOperations.list

    compute.reservationBlocks.get

    compute.reservationBlocks.list

    compute. reservationSubBlocks. get

    compute. reservationSubBlocks. list

    compute.reservations.get

    compute.reservations.list

    compute. resourcePolicies. create

    compute. resourcePolicies. delete

    compute.resourcePolicies.get

    compute.resourcePolicies.list

    compute.resourcePolicies.use

    compute.routers.create

    compute.routers.delete

    compute.routers.get

    compute.routers.list

    compute.routers.update

    compute.subnetworks.create

    compute.subnetworks.delete

    compute.subnetworks.get

    compute.subnetworks.list

    compute.subnetworks.use

    compute. subnetworks. useExternalIp

    compute.zoneOperations.get

    compute.zoneOperations.list

    compute.zones.*

    • compute.zones.get
    • compute.zones.list

    config.artifacts.import

    config.deployments.deleteState

    config.deployments.getLock

    config.deployments.getState

    config.deployments.updateState

    config.previews.upload

    config.revisions.getState

    container.clusters.connect

    container.clusters.create

    container.clusters.delete

    container.clusters.get

    container.clusters.list

    container.clusters.update

    container.operations.*

    • container.operations.get
    • container.operations.list

    container.pods.get

    container.pods.list

    container.thirdPartyObjects.*

    • container. thirdPartyObjects. create
    • container. thirdPartyObjects. delete
    • container. thirdPartyObjects. get
    • container. thirdPartyObjects. list
    • container. thirdPartyObjects. update

    dns.changes.*

    • dns.changes.create
    • dns.changes.get
    • dns.changes.list

    dns.managedZones.create

    dns.managedZones.delete

    dns.managedZones.get

    dns.managedZones.list

    dns.managedZones.update

    dns. networks. bindPrivateDNSZone

    dns. networks. targetWithPeeringZone

    dns.resourceRecordSets.*

    • dns.resourceRecordSets.create
    • dns.resourceRecordSets.delete
    • dns.resourceRecordSets.get
    • dns.resourceRecordSets.list
    • dns.resourceRecordSets.update

    file.instances.create

    file.instances.delete

    file.instances.get

    file.instances.list

    file.instances.update

    file.locations.*

    • file.locations.get
    • file.locations.list

    file.operations.get

    file.operations.list

    iam.serviceAccounts.actAs

    iam. serviceAccounts. getAccessToken

    logging.logEntries.create

    logging.logEntries.list

    logging.logEntries.route

    logging.sinks.create

    logging.sinks.delete

    logging.sinks.get

    logging.sinks.list

    lustre.instances.create

    lustre.instances.delete

    lustre.instances.get

    lustre.instances.list

    lustre.instances.update

    lustre.locations.*

    • lustre.locations.get
    • lustre.locations.list

    lustre.operations.get

    lustre.operations.list

    monitoring. metricDescriptors. create

    monitoring. metricDescriptors. get

    monitoring. metricDescriptors. list

    monitoring. monitoredResourceDescriptors.*

    • monitoring. monitoredResourceDescriptors. get
    • monitoring. monitoredResourceDescriptors. list

    monitoring.timeSeries.*

    • monitoring.timeSeries.create
    • monitoring.timeSeries.list

    resourcemanager.projects.get

    servicenetworking. operations. get

    servicenetworking. services. addPeering

    servicenetworking. services. deleteConnection

    servicenetworking. services. deletePeeredDnsDomain

    servicenetworking.services.get

    servicenetworking. services. listPeeredDnsDomains

    serviceusage.services.use

    storage.anywhereCaches.get

    storage.anywhereCaches.list

    storage.buckets.create

    storage.buckets.delete

    storage.buckets.get

    storage.buckets.getIamPolicy

    storage.buckets.list

    storage.buckets.setIamPolicy

    storage.buckets.update

    storage.objects.create

    storage.objects.delete

    storage.objects.get

    storage.objects.list

    storage.objects.update

    ( roles/ hypercomputecluster.viewer )

    Readonly access to Cluster Director resources.

    hypercomputecluster. clusters. get

    hypercomputecluster. clusters. list

    hypercomputecluster. locations.*

    • hypercomputecluster. locations. get
    • hypercomputecluster. locations. list

    hypercomputecluster. machineLearningRuns. get

    hypercomputecluster. machineLearningRuns. list

    hypercomputecluster. operations. get

    hypercomputecluster. operations. list

    resourcemanager.projects.get

    resourcemanager.projects.list

    Cluster Director permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Cluster Director Editor ( roles/ hypercomputecluster.editor )

    Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: