Network Connectivity Center roles and permissions

This page lists the IAM roles and permissions for Network Connectivity Center. To search through all roles and permissions, see the role and permission index .

Network Connectivity Center roles

Role

Permissions

Networkconnectivity Editor

( roles/ networkconnectivity.editor )

Editor role for networkconnectivity

networkconnectivity. gatewayAdvertisedRoutes.*

networkconnectivity. gatewayAdvertisedRoutes. create
networkconnectivity. gatewayAdvertisedRoutes. delete
networkconnectivity. gatewayAdvertisedRoutes. get
networkconnectivity. gatewayAdvertisedRoutes. list
networkconnectivity. gatewayAdvertisedRoutes. update

networkconnectivity. groups. acceptSpoke

networkconnectivity. groups. acceptSpokeUpdate

networkconnectivity.groups.get

networkconnectivity. groups. getIamPolicy

networkconnectivity. groups. list

networkconnectivity. groups. rejectSpoke

networkconnectivity. groups. rejectSpokeUpdate

networkconnectivity.groups.use

networkconnectivity. hubRouteTables. get

networkconnectivity. hubRouteTables. getIamPolicy

networkconnectivity. hubRouteTables. list

networkconnectivity. hubRoutes. get

networkconnectivity. hubRoutes. getIamPolicy

networkconnectivity. hubRoutes. list

networkconnectivity. hubs. create

networkconnectivity. hubs. delete

networkconnectivity.hubs.get

networkconnectivity. hubs. getIamPolicy

networkconnectivity.hubs.list

networkconnectivity. hubs. listSpokes

networkconnectivity. hubs. queryStatus

networkconnectivity. hubs. update

networkconnectivity. internalRanges. create

networkconnectivity. internalRanges. delete

networkconnectivity. internalRanges. get

networkconnectivity. internalRanges. getIamPolicy

networkconnectivity. internalRanges. list

networkconnectivity. internalRanges. update

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity. multicloudDataTransferConfigs.*

networkconnectivity. multicloudDataTransferConfigs. create
networkconnectivity. multicloudDataTransferConfigs. delete
networkconnectivity. multicloudDataTransferConfigs. get
networkconnectivity. multicloudDataTransferConfigs. list
networkconnectivity. multicloudDataTransferConfigs. update

networkconnectivity. multicloudDataTransferDestinations.*

networkconnectivity. multicloudDataTransferDestinations. create
networkconnectivity. multicloudDataTransferDestinations. delete
networkconnectivity. multicloudDataTransferDestinations. get
networkconnectivity. multicloudDataTransferDestinations. list
networkconnectivity. multicloudDataTransferDestinations. update

networkconnectivity. multicloudDataTransferSupportedServices.*

networkconnectivity. multicloudDataTransferSupportedServices. get
networkconnectivity. multicloudDataTransferSupportedServices. list

networkconnectivity. operations.*

networkconnectivity. operations. cancel
networkconnectivity. operations. delete
networkconnectivity. operations. get
networkconnectivity. operations. list

networkconnectivity. policyBasedRoutes. create

networkconnectivity. policyBasedRoutes. delete

networkconnectivity. policyBasedRoutes. get

networkconnectivity. policyBasedRoutes. getIamPolicy

networkconnectivity. policyBasedRoutes. list

networkconnectivity. regionalEndpoints.*

networkconnectivity. regionalEndpoints. create
networkconnectivity. regionalEndpoints. delete
networkconnectivity. regionalEndpoints. get
networkconnectivity. regionalEndpoints. list

networkconnectivity. remoteTransportProfiles.*

networkconnectivity. remoteTransportProfiles. get
networkconnectivity. remoteTransportProfiles. list

networkconnectivity. serviceClasses.*

networkconnectivity. serviceClasses. create
networkconnectivity. serviceClasses. delete
networkconnectivity. serviceClasses. get
networkconnectivity. serviceClasses. list
networkconnectivity. serviceClasses. update
networkconnectivity. serviceClasses. use

networkconnectivity. serviceConnectionMaps.*

networkconnectivity. serviceConnectionMaps. create
networkconnectivity. serviceConnectionMaps. delete
networkconnectivity. serviceConnectionMaps. get
networkconnectivity. serviceConnectionMaps. list
networkconnectivity. serviceConnectionMaps. update

networkconnectivity. serviceConnectionPolicies.*

networkconnectivity. serviceConnectionPolicies. create
networkconnectivity. serviceConnectionPolicies. delete
networkconnectivity. serviceConnectionPolicies. get
networkconnectivity. serviceConnectionPolicies. list
networkconnectivity. serviceConnectionPolicies. update

networkconnectivity. spokes. create

networkconnectivity. spokes. delete

networkconnectivity.spokes.get

networkconnectivity. spokes. getIamPolicy

networkconnectivity. spokes. list

networkconnectivity. spokes. update

networkconnectivity. transports.*

networkconnectivity. transports. create
networkconnectivity. transports. delete
networkconnectivity. transports. get
networkconnectivity. transports. list
networkconnectivity. transports. update

resourcemanager.projects.get

resourcemanager.projects.list

Service Automation Consumer Network Admin

( roles/ networkconnectivity.consumerNetworkAdmin )

Service Automation Consumer Network Admin is responsible for setting up ServiceConnectionPolicies.

networkconnectivity. serviceConnectionPolicies.*

networkconnectivity. serviceConnectionPolicies. create
networkconnectivity. serviceConnectionPolicies. delete
networkconnectivity. serviceConnectionPolicies. get
networkconnectivity. serviceConnectionPolicies. list
networkconnectivity. serviceConnectionPolicies. update

resourcemanager.projects.get

resourcemanager.projects.list

Group Admin

( roles/ networkconnectivity.groupAdmin )

Enables full access to group resources and read-only access to hub and spoke resources

networkconnectivity. gatewayAdvertisedRoutes. get

networkconnectivity. gatewayAdvertisedRoutes. list

networkconnectivity.groups.*

networkconnectivity. groups. acceptSpoke
networkconnectivity. groups. acceptSpokeUpdate
networkconnectivity.groups.get
networkconnectivity. groups. getIamPolicy
networkconnectivity. groups. list
networkconnectivity. groups. rejectSpoke
networkconnectivity. groups. rejectSpokeUpdate
networkconnectivity. groups. setIamPolicy
networkconnectivity.groups.use

networkconnectivity. hubRouteTables. get

networkconnectivity. hubRouteTables. getIamPolicy

networkconnectivity. hubRouteTables. list

networkconnectivity. hubRoutes. get

networkconnectivity. hubRoutes. getIamPolicy

networkconnectivity. hubRoutes. list

networkconnectivity.hubs.get

networkconnectivity. hubs. getIamPolicy

networkconnectivity.hubs.list

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity. operations. get

networkconnectivity. operations. list

networkconnectivity.spokes.get

networkconnectivity. spokes. getIamPolicy

networkconnectivity. spokes. list

resourcemanager.projects.get

resourcemanager.projects.list

Group User

( roles/ networkconnectivity.groupUser )

Enables use access on group resources

networkconnectivity.groups.use

Hub & Spoke Admin

( roles/ networkconnectivity.hubAdmin )

Enables full access to hub and spoke resources.

Lowest-level resources where you can grant this role:

Project

networkconnectivity. gatewayAdvertisedRoutes.*

networkconnectivity. gatewayAdvertisedRoutes. create
networkconnectivity. gatewayAdvertisedRoutes. delete
networkconnectivity. gatewayAdvertisedRoutes. get
networkconnectivity. gatewayAdvertisedRoutes. list
networkconnectivity. gatewayAdvertisedRoutes. update

networkconnectivity.groups.*

networkconnectivity. groups. acceptSpoke
networkconnectivity. groups. acceptSpokeUpdate
networkconnectivity.groups.get
networkconnectivity. groups. getIamPolicy
networkconnectivity. groups. list
networkconnectivity. groups. rejectSpoke
networkconnectivity. groups. rejectSpokeUpdate
networkconnectivity. groups. setIamPolicy
networkconnectivity.groups.use

networkconnectivity. hubRouteTables.*

networkconnectivity. hubRouteTables. get
networkconnectivity. hubRouteTables. getIamPolicy
networkconnectivity. hubRouteTables. list
networkconnectivity. hubRouteTables. setIamPolicy

networkconnectivity. hubRoutes.*

networkconnectivity. hubRoutes. get
networkconnectivity. hubRoutes. getIamPolicy
networkconnectivity. hubRoutes. list
networkconnectivity. hubRoutes. setIamPolicy

networkconnectivity.hubs.*

networkconnectivity. hubs. create
networkconnectivity. hubs. delete
networkconnectivity.hubs.get
networkconnectivity. hubs. getIamPolicy
networkconnectivity.hubs.list
networkconnectivity. hubs. listSpokes
networkconnectivity. hubs. queryStatus
networkconnectivity. hubs. setIamPolicy
networkconnectivity. hubs. update

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity. operations.*

networkconnectivity. operations. cancel
networkconnectivity. operations. delete
networkconnectivity. operations. get
networkconnectivity. operations. list

networkconnectivity.spokes.*

networkconnectivity. spokes. create
networkconnectivity. spokes. delete
networkconnectivity.spokes.get
networkconnectivity. spokes. getIamPolicy
networkconnectivity. spokes. list
networkconnectivity. spokes. setIamPolicy
networkconnectivity. spokes. update

resourcemanager.projects.get

resourcemanager.projects.list

Hub & Spoke Viewer

( roles/ networkconnectivity.hubViewer )

Enables read-only access to hub and spoke resources.

Lowest-level resources where you can grant this role:

Project

networkconnectivity. gatewayAdvertisedRoutes. get

networkconnectivity. gatewayAdvertisedRoutes. list

networkconnectivity.groups.get

networkconnectivity. groups. getIamPolicy

networkconnectivity. groups. list

networkconnectivity. hubRouteTables. get

networkconnectivity. hubRouteTables. getIamPolicy

networkconnectivity. hubRouteTables. list

networkconnectivity. hubRoutes. get

networkconnectivity. hubRoutes. getIamPolicy

networkconnectivity. hubRoutes. list

networkconnectivity.hubs.get

networkconnectivity. hubs. getIamPolicy

networkconnectivity.hubs.list

networkconnectivity. hubs. listSpokes

networkconnectivity. hubs. queryStatus

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity.spokes.get

networkconnectivity. spokes. getIamPolicy

networkconnectivity. spokes. list

resourcemanager.projects.get

resourcemanager.projects.list

Multicloud Data Transfer Config Admin

( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Full access to all Multicloud Data Transfer Config resources.

networkconnectivity. multicloudDataTransferConfigs.*

networkconnectivity. multicloudDataTransferConfigs. create
networkconnectivity. multicloudDataTransferConfigs. delete
networkconnectivity. multicloudDataTransferConfigs. get
networkconnectivity. multicloudDataTransferConfigs. list
networkconnectivity. multicloudDataTransferConfigs. update

networkconnectivity. multicloudDataTransferDestinations.*

networkconnectivity. multicloudDataTransferDestinations. create
networkconnectivity. multicloudDataTransferDestinations. delete
networkconnectivity. multicloudDataTransferDestinations. get
networkconnectivity. multicloudDataTransferDestinations. list
networkconnectivity. multicloudDataTransferDestinations. update

networkconnectivity. multicloudDataTransferSupportedServices.*

networkconnectivity. multicloudDataTransferSupportedServices. get
networkconnectivity. multicloudDataTransferSupportedServices. list

networkconnectivity. operations. get

networkconnectivity. operations. list

resourcemanager.projects.get

resourcemanager.projects.list

Multicloud Data Transfer Config Viewer

( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Read-only access to all Multicloud Data Transfer Config resources.

networkconnectivity. multicloudDataTransferConfigs. get

networkconnectivity. multicloudDataTransferConfigs. list

networkconnectivity. multicloudDataTransferDestinations. get

networkconnectivity. multicloudDataTransferDestinations. list

networkconnectivity. multicloudDataTransferSupportedServices.*

networkconnectivity. multicloudDataTransferSupportedServices. get
networkconnectivity. multicloudDataTransferSupportedServices. list

networkconnectivity. operations. get

networkconnectivity. operations. list

resourcemanager.projects.get

resourcemanager.projects.list

Destination Admin

( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Access to all Destination resources.

networkconnectivity. multicloudDataTransferDestinations.*

networkconnectivity. multicloudDataTransferDestinations. create
networkconnectivity. multicloudDataTransferDestinations. delete
networkconnectivity. multicloudDataTransferDestinations. get
networkconnectivity. multicloudDataTransferDestinations. list
networkconnectivity. multicloudDataTransferDestinations. update

networkconnectivity. multicloudDataTransferSupportedServices.*

networkconnectivity. multicloudDataTransferSupportedServices. get
networkconnectivity. multicloudDataTransferSupportedServices. list

networkconnectivity. operations. get

networkconnectivity. operations. list

resourcemanager.projects.get

resourcemanager.projects.list

Destination Viewer

( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

Read-only access to all Destination resources.

networkconnectivity. multicloudDataTransferDestinations. get

networkconnectivity. multicloudDataTransferDestinations. list

networkconnectivity. multicloudDataTransferSupportedServices.*

networkconnectivity. multicloudDataTransferSupportedServices. get
networkconnectivity. multicloudDataTransferSupportedServices. list

networkconnectivity. operations. get

networkconnectivity. operations. list

resourcemanager.projects.get

resourcemanager.projects.list

Regional Endpoint Admin

( roles/ networkconnectivity.regionalEndpointAdmin )

Full access to all Regional Endpoint resources.

networkconnectivity. regionalEndpoints.*

networkconnectivity. regionalEndpoints. create
networkconnectivity. regionalEndpoints. delete
networkconnectivity. regionalEndpoints. get
networkconnectivity. regionalEndpoints. list

resourcemanager.projects.get

resourcemanager.projects.list

Regional Endpoint Viewer

( roles/ networkconnectivity.regionalEndpointViewer )

Read-only access to all Regional Endpoint resources.

networkconnectivity. regionalEndpoints. get

networkconnectivity. regionalEndpoints. list

resourcemanager.projects.get

resourcemanager.projects.list

Service Class User

( roles/ networkconnectivity.serviceClassUser )

Service Class User uses a ServiceClass

networkconnectivity. serviceClasses. get

networkconnectivity. serviceClasses. list

networkconnectivity. serviceClasses. use

resourcemanager.projects.get

resourcemanager.projects.list

Service Automation Service Producer Admin

( roles/ networkconnectivity.serviceProducerAdmin )

Service Automation Producer Admin uses information from a consumer request to manage ServiceClasses and ServiceConnectionMaps

networkconnectivity. operations. get

networkconnectivity. operations. list

networkconnectivity. serviceClasses.*

networkconnectivity. serviceClasses. create
networkconnectivity. serviceClasses. delete
networkconnectivity. serviceClasses. get
networkconnectivity. serviceClasses. list
networkconnectivity. serviceClasses. update
networkconnectivity. serviceClasses. use

networkconnectivity. serviceConnectionMaps.*

networkconnectivity. serviceConnectionMaps. create
networkconnectivity. serviceConnectionMaps. delete
networkconnectivity. serviceConnectionMaps. get
networkconnectivity. serviceConnectionMaps. list
networkconnectivity. serviceConnectionMaps. update

resourcemanager.projects.get

resourcemanager.projects.list

Spoke Admin

( roles/ networkconnectivity.spokeAdmin )

Enables full access to spoke resources and read-only access to hub resources.

Lowest-level resources where you can grant this role:

Project

networkconnectivity. gatewayAdvertisedRoutes.*

networkconnectivity. gatewayAdvertisedRoutes. create
networkconnectivity. gatewayAdvertisedRoutes. delete
networkconnectivity. gatewayAdvertisedRoutes. get
networkconnectivity. gatewayAdvertisedRoutes. list
networkconnectivity. gatewayAdvertisedRoutes. update

networkconnectivity. hubRouteTables. get

networkconnectivity. hubRouteTables. getIamPolicy

networkconnectivity. hubRouteTables. list

networkconnectivity. hubRoutes. get

networkconnectivity. hubRoutes. getIamPolicy

networkconnectivity. hubRoutes. list

networkconnectivity.hubs.get

networkconnectivity. hubs. getIamPolicy

networkconnectivity.hubs.list

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity. operations. get

networkconnectivity. operations. list

networkconnectivity.spokes.*

networkconnectivity. spokes. create
networkconnectivity. spokes. delete
networkconnectivity.spokes.get
networkconnectivity. spokes. getIamPolicy
networkconnectivity. spokes. list
networkconnectivity. spokes. setIamPolicy
networkconnectivity. spokes. update

resourcemanager.projects.get

resourcemanager.projects.list

Transport Admin

( roles/ networkconnectivity.transportAdmin )

Enables full access to Transport resources

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity. operations.*

networkconnectivity. operations. cancel
networkconnectivity. operations. delete
networkconnectivity. operations. get
networkconnectivity. operations. list

networkconnectivity. remoteTransportProfiles.*

networkconnectivity. remoteTransportProfiles. get
networkconnectivity. remoteTransportProfiles. list

networkconnectivity. transports.*

networkconnectivity. transports. create
networkconnectivity. transports. delete
networkconnectivity. transports. get
networkconnectivity. transports. list
networkconnectivity. transports. update

resourcemanager.projects.get

resourcemanager.projects.list

Transport Viewer

( roles/ networkconnectivity.transportViewer )

Enables view access to Transport resources

networkconnectivity. locations.*

networkconnectivity. locations. get
networkconnectivity. locations. list

networkconnectivity. operations. get

networkconnectivity. operations. list

networkconnectivity. remoteTransportProfiles.*

networkconnectivity. remoteTransportProfiles. get
networkconnectivity. remoteTransportProfiles. list

networkconnectivity. transports. get

networkconnectivity. transports. list

resourcemanager.projects.get

resourcemanager.projects.list

Service agent roles

Service agent roles should only be granted to service agents .

Role

Permissions

Network Connectivity Service Agent

( roles/ networkconnectivity.serviceAgent )

Grants the Network Connectivity API authority to read some networking resources. It does not mutate these resources.

compute.addresses.create

compute. addresses. createInternal

compute.addresses.delete

compute. addresses. deleteInternal

compute.addresses.get

compute.addresses.setLabels

compute.addresses.use

compute.forwardingRules.create

compute.forwardingRules.delete

compute.forwardingRules.get

compute. forwardingRules. pscCreate

compute. forwardingRules. pscDelete

compute. forwardingRules. pscSetLabels

compute. forwardingRules. pscUpdate

compute. forwardingRules. setLabels

compute.instances.get

compute. interconnectAttachments. get

compute.networks.get

compute.networks.updatePolicy

compute.networks.use

compute.projects.get

compute.regionOperations.get

compute.routers.get

compute.subnetworks.create

compute.subnetworks.delete

compute.subnetworks.get

compute. subnetworks. getIamPolicy

compute.subnetworks.list

compute. subnetworks. setIamPolicy

compute.subnetworks.use

compute.vpnTunnels.get

dns.changes.create

dns.managedZoneOperations.*

dns.managedZoneOperations.get
dns.managedZoneOperations.list

dns.managedZones.create

dns.managedZones.delete

dns.managedZones.get

dns.managedZones.list

dns.managedZones.update

dns. networks. bindPrivateDNSZone

dns.resourceRecordSets.*

dns.resourceRecordSets.create
dns.resourceRecordSets.delete
dns.resourceRecordSets.get
dns.resourceRecordSets.list
dns.resourceRecordSets.update

networkconnectivity.groups.use

networkconnectivity. hubRouteTables. get

networkconnectivity. hubRouteTables. list

networkconnectivity. hubRoutes. get

networkconnectivity. hubRoutes. list

networkconnectivity. internalRanges. create

networkconnectivity. internalRanges. delete

networkconnectivity. internalRanges. get

networkconnectivity. internalRanges. list

networkconnectivity. operations. get

servicedirectory. namespaces. associatePrivateZone

servicedirectory. namespaces. create

servicedirectory. namespaces. delete

servicedirectory. services. create

servicedirectory. services. delete

Network Connectivity Center permissions

Permission

Included in roles

`networkconnectivity. gatewayAdvertisedRoutes. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. gatewayAdvertisedRoutes. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. gatewayAdvertisedRoutes. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. gatewayAdvertisedRoutes. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. gatewayAdvertisedRoutes. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. groups. acceptSpoke`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. groups. acceptSpokeUpdate`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity.groups.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

`networkconnectivity. groups. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

`networkconnectivity. groups. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

`networkconnectivity. groups. rejectSpoke`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. groups. rejectSpokeUpdate`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. groups. setIamPolicy`

Owner ( roles/ owner )

Security Admin ( roles/ iam.securityAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity.groups.use`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Group User ( roles/ networkconnectivity.groupUser )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Service agent roles

Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )

`networkconnectivity. hubRouteTables. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Service agent roles

Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )

`networkconnectivity. hubRouteTables. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. hubRouteTables. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Service agent roles

Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )

`networkconnectivity. hubRouteTables. setIamPolicy`

Owner ( roles/ owner )

Security Admin ( roles/ iam.securityAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. hubRoutes. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Service agent roles

Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )

`networkconnectivity. hubRoutes. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. hubRoutes. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Service agent roles

Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )

`networkconnectivity. hubRoutes. setIamPolicy`

Owner ( roles/ owner )

Security Admin ( roles/ iam.securityAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. hubs. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. hubs. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity.hubs.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. hubs. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity.hubs.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. hubs. listSpokes`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

`networkconnectivity. hubs. queryStatus`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

`networkconnectivity. hubs. setIamPolicy`

Owner ( roles/ owner )

Security Admin ( roles/ iam.securityAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. hubs. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

`networkconnectivity. internalRanges. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )

`networkconnectivity. internalRanges. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )

`networkconnectivity. internalRanges. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )
Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )

`networkconnectivity. internalRanges. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. internalRanges. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )
Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )
Service Networking Service Agent ( roles/ servicenetworking.serviceAgent )

`networkconnectivity. internalRanges. setIamPolicy`

Owner ( roles/ owner )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. internalRanges. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )

`networkconnectivity. locations. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )

`networkconnectivity. locations. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )

`networkconnectivity. multicloudDataTransferConfigs. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

`networkconnectivity. multicloudDataTransferConfigs. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

`networkconnectivity. multicloudDataTransferConfigs. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Support User ( roles/ iam.supportUser )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

`networkconnectivity. multicloudDataTransferConfigs. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

`networkconnectivity. multicloudDataTransferConfigs. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

`networkconnectivity. multicloudDataTransferDestinations. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

`networkconnectivity. multicloudDataTransferDestinations. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

`networkconnectivity. multicloudDataTransferDestinations. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Support User ( roles/ iam.supportUser )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Destination Viewer ( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

`networkconnectivity. multicloudDataTransferDestinations. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Destination Viewer ( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

`networkconnectivity. multicloudDataTransferDestinations. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

`networkconnectivity. multicloudDataTransferSupportedServices. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Support User ( roles/ iam.supportUser )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Destination Viewer ( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

`networkconnectivity. multicloudDataTransferSupportedServices. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Destination Viewer ( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

`networkconnectivity. operations. cancel`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. operations. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. operations. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Destination Viewer ( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )
Network Connectivity Service Agent ( roles/ networkconnectivity.serviceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )

`networkconnectivity. operations. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Multicloud Data Transfer Config Admin ( roles/ networkconnectivity.multicloudDataTransferConfigAdmin )

Multicloud Data Transfer Config Viewer ( roles/ networkconnectivity.multicloudDataTransferConfigViewer )

Destination Admin ( roles/ networkconnectivity.multicloudDataTransferDestinationAdmin )

Destination Viewer ( roles/ networkconnectivity.multicloudDataTransferDestinationViewer )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )
Oracle Database@Google Cloud Service Agent ( roles/ oci.serviceAgent )

`networkconnectivity. policyBasedRoutes. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. policyBasedRoutes. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. policyBasedRoutes. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )

`networkconnectivity. policyBasedRoutes. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. policyBasedRoutes. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Compute Network User ( roles/ compute.networkUser )

Compute Network Viewer ( roles/ compute.networkViewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Cloud Data Fusion API Service Agent ( roles/ datafusion.serviceAgent )
External Exposure Service Agent ( roles/ externalexposure.serviceAgent )
Cluster Director Shared VPC Service Agent ( roles/ hypercomputecluster.sharedVpcServiceAgent )

`networkconnectivity. policyBasedRoutes. setIamPolicy`

Owner ( roles/ owner )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. regionalEndpoints. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Regional Endpoint Admin ( roles/ networkconnectivity.regionalEndpointAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. regionalEndpoints. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Regional Endpoint Admin ( roles/ networkconnectivity.regionalEndpointAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. regionalEndpoints. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Regional Endpoint Admin ( roles/ networkconnectivity.regionalEndpointAdmin )

Regional Endpoint Viewer ( roles/ networkconnectivity.regionalEndpointViewer )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. regionalEndpoints. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Regional Endpoint Admin ( roles/ networkconnectivity.regionalEndpointAdmin )

Regional Endpoint Viewer ( roles/ networkconnectivity.regionalEndpointViewer )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. remoteTransportProfiles. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Support User ( roles/ iam.supportUser )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

`networkconnectivity. remoteTransportProfiles. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

`networkconnectivity. serviceClasses. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceClasses. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceClasses. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Service Class User ( roles/ networkconnectivity.serviceClassUser )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceClasses. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service Class User ( roles/ networkconnectivity.serviceClassUser )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceClasses. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceClasses. use`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Class User ( roles/ networkconnectivity.serviceClassUser )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Instance Group Manager Service Agent ( roles/ compute.instanceGroupManagerServiceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionMaps. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionMaps. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionMaps. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionMaps. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionMaps. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Service Producer Admin ( roles/ networkconnectivity.serviceProducerAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionPolicies. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Consumer Network Admin ( roles/ networkconnectivity.consumerNetworkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionPolicies. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Consumer Network Admin ( roles/ networkconnectivity.consumerNetworkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionPolicies. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Service Automation Consumer Network Admin ( roles/ networkconnectivity.consumerNetworkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionPolicies. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Compute Network Admin ( roles/ compute.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Cloud Memorystore Redis Admin ( roles/ redis.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Service Automation Consumer Network Admin ( roles/ networkconnectivity.consumerNetworkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. serviceConnectionPolicies. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Compute Network Admin ( roles/ compute.networkAdmin )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Service Automation Consumer Network Admin ( roles/ networkconnectivity.consumerNetworkAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )

`networkconnectivity. spokes. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. spokes. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity.spokes.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. spokes. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. spokes. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Group Admin ( roles/ networkconnectivity.groupAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Hub & Spoke Viewer ( roles/ networkconnectivity.hubViewer )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. spokes. setIamPolicy`

Owner ( roles/ owner )

Security Admin ( roles/ iam.securityAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. spokes. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Network Administrator ( roles/ iam.networkAdmin )

Hub & Spoke Admin ( roles/ networkconnectivity.hubAdmin )

Spoke Admin ( roles/ networkconnectivity.spokeAdmin )

`networkconnectivity. transports. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

`networkconnectivity. transports. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

`networkconnectivity. transports. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Support User ( roles/ iam.supportUser )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

`networkconnectivity. transports. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Reviewer ( roles/ iam.securityReviewer )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Security Auditor ( roles/ iam.securityAuditor )

Support User ( roles/ iam.supportUser )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Transport Viewer ( roles/ networkconnectivity.transportViewer )

`networkconnectivity. transports. update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Networkconnectivity Editor ( roles/ networkconnectivity.editor )

Transport Admin ( roles/ networkconnectivity.transportAdmin )

Network Connectivity Center roles and permissions Stay organized with collections Save and categorize content based on your preferences.