Console
    Contact Us Start free

    Web Security Scanner roles and permissions

    This page lists the IAM roles and permissions for Web Security Scanner. To search through all roles and permissions, see the role and permission index .

    Web Security Scanner roles

    Role
    Permissions

    ( roles/ cloudsecurityscanner.editor )

    Full access to all Web Security Scanner resources

    Lowest-level resources where you can grant this role:

    • Project

    appengine.applications.get

    cloudsecurityscanner.*

    • cloudsecurityscanner. crawledurls. list
    • cloudsecurityscanner. results. get
    • cloudsecurityscanner. results. list
    • cloudsecurityscanner. scanruns. get
    • cloudsecurityscanner. scanruns. getSummary
    • cloudsecurityscanner. scanruns. list
    • cloudsecurityscanner. scanruns. stop
    • cloudsecurityscanner. scans. create
    • cloudsecurityscanner. scans. delete
    • cloudsecurityscanner.scans.get
    • cloudsecurityscanner. scans. list
    • cloudsecurityscanner.scans.run
    • cloudsecurityscanner. scans. update

    compute.addresses.list

    resourcemanager.projects.get

    resourcemanager.projects.list

    serviceusage.quotas.get

    serviceusage.services.get

    serviceusage.services.list

    ( roles/ cloudsecurityscanner.runner )

    Read access to Scan and ScanRun, plus the ability to start scans

    Lowest-level resources where you can grant this role:

    • Project

    cloudsecurityscanner. crawledurls. list

    cloudsecurityscanner. scanruns. get

    cloudsecurityscanner. scanruns. list

    cloudsecurityscanner. scanruns. stop

    cloudsecurityscanner.scans.get

    cloudsecurityscanner. scans. list

    cloudsecurityscanner.scans.run

    ( roles/ cloudsecurityscanner.viewer )

    Read access to all Web Security Scanner resources

    Lowest-level resources where you can grant this role:

    • Project

    cloudsecurityscanner. crawledurls. list

    cloudsecurityscanner.results.*

    • cloudsecurityscanner. results. get
    • cloudsecurityscanner. results. list

    cloudsecurityscanner. scanruns. get

    cloudsecurityscanner. scanruns. getSummary

    cloudsecurityscanner. scanruns. list

    cloudsecurityscanner.scans.get

    cloudsecurityscanner. scans. list

    serviceusage.quotas.get

    serviceusage.services.get

    serviceusage.services.list

    ( roles/ websecurityscanner.serviceAgent )

    Gives the Cloud Web Security Scanner service account access to compute engine details and app engine details.

    appengine.applications.get

    cloudasset.assets.listResource

    compute.addresses.list

    compute.backendServices.get

    compute.forwardingRules.get

    compute. globalForwardingRules. get

    compute.sslCertificates.list

    compute.targetHttpProxies.get

    compute.targetHttpsProxies.get

    compute.urlMaps.get

    Web Security Scanner permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Web Security Scanner Viewer ( roles/ cloudsecurityscanner.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Security Center Admin Viewer ( roles/ securitycenter.adminViewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Web Security Scanner Runner ( roles/ cloudsecurityscanner.runner )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Web Security Scanner Editor ( roles/ cloudsecurityscanner.editor )

    Security Center Admin ( roles/ securitycenter.admin )

    Security Center Admin Editor ( roles/ securitycenter.adminEditor )
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: