Cluster Director roles and permissions

This page lists the IAM roles and permissions for Cluster Director. To search through all roles and permissions, see the role and permission index .

Cluster Director roles

Role
Permissions

( roles/ hypercomputecluster.editor )

Edit access to Cluster Director resources.

hypercomputecluster.*

  • hypercomputecluster. clusters. create
  • hypercomputecluster. clusters. delete
  • hypercomputecluster. clusters. get
  • hypercomputecluster. clusters. list
  • hypercomputecluster. clusters. update
  • hypercomputecluster. locations. get
  • hypercomputecluster. locations. list
  • hypercomputecluster. machineLearningRuns. create
  • hypercomputecluster. machineLearningRuns. delete
  • hypercomputecluster. machineLearningRuns. get
  • hypercomputecluster. machineLearningRuns. list
  • hypercomputecluster. machineLearningRuns. update
  • hypercomputecluster. operations. cancel
  • hypercomputecluster. operations. delete
  • hypercomputecluster. operations. get
  • hypercomputecluster. operations. list

resourcemanager.projects.get

resourcemanager.projects.list

( roles/ hypercomputecluster.serviceAgent )

Grants Cluster Director Service Agent access to necessary GCP resources.

cloudbuild.connections.list

cloudbuild. repositories. accessReadToken

cloudbuild.repositories.list

cloudquotas.quotas.get

compute.acceleratorTypes.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list

compute.addresses.create

compute.addresses.delete

compute.addresses.get

compute.addresses.list

compute.addresses.setLabels

compute.disks.create

compute.disks.createTagBinding

compute.disks.delete

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.setLabels

compute.disks.update

compute.disks.use

compute. firewallPolicies. cloneRules

compute. firewallPolicies. create

compute. firewallPolicies. delete

compute.firewallPolicies.get

compute.firewallPolicies.list

compute. firewallPolicies. update

compute.firewallPolicies.use

compute.firewalls.create

compute.firewalls.delete

compute.firewalls.get

compute.firewalls.list

compute.firewalls.update

compute.futureReservations.get

compute. futureReservations. list

compute. globalAddresses. createInternal

compute. globalAddresses. deleteInternal

compute.globalAddresses.get

compute.globalAddresses.list

compute. globalAddresses. setLabels

compute.globalOperations.get

compute.globalOperations.list

compute.healthChecks.create

compute.healthChecks.delete

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.update

compute.healthChecks.use

compute. httpHealthChecks. create

compute. httpHealthChecks. delete

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute. httpHealthChecks. update

compute.httpHealthChecks.use

compute. httpsHealthChecks. create

compute. httpsHealthChecks. delete

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute. httpsHealthChecks. update

compute.httpsHealthChecks.use

compute.images.get

compute.images.getFromFamily

compute.images.list

compute.images.useReadOnly

compute. instanceGroupManagers. create

compute. instanceGroupManagers. delete

compute. instanceGroupManagers. get

compute. instanceGroupManagers. list

compute. instanceGroupManagers. update

compute. instanceGroupManagers. use

compute.instanceGroups.create

compute.instanceGroups.delete

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceGroups.update

compute.instanceGroups.use

compute. instanceTemplates. create

compute. instanceTemplates. delete

compute.instanceTemplates.get

compute.instanceTemplates.list

compute. instanceTemplates. useReadOnly

compute.instances.create

compute. instances. createTagBinding

compute.instances.delete

compute.instances.get

compute.instances.list

compute. instances. pscInterfaceCreate

compute.instances.setLabels

compute.instances.setMetadata

compute. instances. setServiceAccount

compute.instances.setTags

compute.instances.suspend

compute.instances.update

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute. networkAttachments. create

compute. networkAttachments. delete

compute.networkAttachments.get

compute. networkAttachments. list

compute.networks.addPeering

compute.networks.create

compute.networks.delete

compute.networks.get

compute. networks. getEffectiveFirewalls

compute.networks.list

compute. networks. listPeeringRoutes

compute.networks.removePeering

compute.networks.updatePeering

compute.networks.updatePolicy

compute.networks.use

compute.projects.get

compute.regionOperations.get

compute.regionOperations.list

compute.reservationBlocks.get

compute.reservationBlocks.list

compute. reservationSubBlocks. get

compute. reservationSubBlocks. list

compute.reservations.get

compute.reservations.list

compute. resourcePolicies. create

compute. resourcePolicies. delete

compute.resourcePolicies.get

compute.resourcePolicies.list

compute.resourcePolicies.use

compute.routers.create

compute.routers.delete

compute.routers.get

compute.routers.list

compute.routers.update

compute.subnetworks.create

compute.subnetworks.delete

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

compute. subnetworks. useExternalIp

compute.zoneOperations.get

compute.zoneOperations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

config.artifacts.import

config.deployments.deleteState

config.deployments.getLock

config.deployments.getState

config.deployments.updateState

config.previews.upload

config.revisions.getState

container.clusters.connect

container.clusters.create

container.clusters.delete

container.clusters.get

container.clusters.list

container.clusters.update

container.operations.*

  • container.operations.get
  • container.operations.list

container.pods.get

container.pods.list

container.thirdPartyObjects.*

  • container. thirdPartyObjects. create
  • container. thirdPartyObjects. delete
  • container. thirdPartyObjects. get
  • container. thirdPartyObjects. list
  • container. thirdPartyObjects. update

dns.changes.*

  • dns.changes.create
  • dns.changes.get
  • dns.changes.list

dns.managedZones.create

dns.managedZones.delete

dns.managedZones.get

dns.managedZones.list

dns.managedZones.update

dns. networks. bindPrivateDNSZone

dns. networks. targetWithPeeringZone

dns.resourceRecordSets.*

  • dns.resourceRecordSets.create
  • dns.resourceRecordSets.delete
  • dns.resourceRecordSets.get
  • dns.resourceRecordSets.list
  • dns.resourceRecordSets.update

file.instances.create

file.instances.delete

file.instances.get

file.instances.list

file.instances.update

file.locations.*

  • file.locations.get
  • file.locations.list

file.operations.get

file.operations.list

iam.serviceAccounts.actAs

iam. serviceAccounts. getAccessToken

logging.logEntries.create

logging.logEntries.list

logging.logEntries.route

logging.sinks.create

logging.sinks.delete

logging.sinks.get

logging.sinks.list

lustre.instances.create

lustre.instances.delete

lustre.instances.get

lustre.instances.list

lustre.instances.update

lustre.locations.*

  • lustre.locations.get
  • lustre.locations.list

lustre.operations.get

lustre.operations.list

monitoring. metricDescriptors. create

monitoring. metricDescriptors. get

monitoring. metricDescriptors. list

monitoring. monitoredResourceDescriptors.*

  • monitoring. monitoredResourceDescriptors. get
  • monitoring. monitoredResourceDescriptors. list

monitoring.timeSeries.*

  • monitoring.timeSeries.create
  • monitoring.timeSeries.list

resourcemanager.projects.get

servicenetworking. operations. get

servicenetworking. services. addPeering

servicenetworking. services. deleteConnection

servicenetworking. services. deletePeeredDnsDomain

servicenetworking.services.get

servicenetworking. services. listPeeredDnsDomains

serviceusage.services.use

storage.anywhereCaches.get

storage.anywhereCaches.list

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.getIamPolicy

storage.buckets.list

storage.buckets.setIamPolicy

storage.buckets.update

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

( roles/ hypercomputecluster.viewer )

Readonly access to Cluster Director resources.

hypercomputecluster. clusters. get

hypercomputecluster. clusters. list

hypercomputecluster. locations.*

  • hypercomputecluster. locations. get
  • hypercomputecluster. locations. list

hypercomputecluster. machineLearningRuns. get

hypercomputecluster. machineLearningRuns. list

hypercomputecluster. operations. get

hypercomputecluster. operations. list

resourcemanager.projects.get

resourcemanager.projects.list

Cluster Director permissions

Permission
Included in roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Support User ( roles/ iam.supportUser )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Support User ( roles/ iam.supportUser )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Support User ( roles/ iam.supportUser )

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Support User ( roles/ iam.supportUser )

Service agent roles

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Cluster Director Editor ( roles/ hypercomputecluster.editor )

Cluster Director Viewer ( roles/ hypercomputecluster.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

Service agent roles

Create a Mobile Website
View Site in Mobile | Classic
Share by: