Send feedback
Access Approval roles and permissions Stay organized with collections
Save and categorize content based on your preferences.
This page lists the IAM roles and permissions for Access Approval. To
search through all roles and permissions, see the role and
permission index
.
Access Approval roles
Access Approval Approver
( roles/ accessapproval.approver )
Ability to view or act on access approval requests and view configuration.
accessapproval.requests.*
accessapproval. requests. approve
accessapproval. requests. dismiss
accessapproval.requests.get
accessapproval. requests. invalidate
accessapproval.requests.list
accessapproval. serviceAccounts. get
accessapproval.settings.get
resourcemanager.projects.get
resourcemanager.projects.list
Access Approval Config Editor
( roles/ accessapproval.configEditor )
Ability to update the Access Approval configuration
accessapproval. serviceAccounts. get
accessapproval.settings.*
accessapproval.settings.delete
accessapproval.settings.get
accessapproval.settings.update
resourcemanager.projects.get
resourcemanager.projects.list
Access Approval Invalidator
( roles/ accessapproval.invalidator )
Ability to invalidate existing approved approval requests
accessapproval. requests. invalidate
accessapproval. serviceAccounts. get
accessapproval.settings.get
resourcemanager.projects.get
resourcemanager.projects.list
Access Approval Viewer
( roles/ accessapproval.viewer )
Ability to view access approval requests and configuration
accessapproval.requests.get
accessapproval.requests.list
accessapproval. serviceAccounts. get
accessapproval.settings.get
resourcemanager.projects.get
resourcemanager.projects.list
Access Approval permissions
Permission
Included in roles
accessapproval. requests. approve
accessapproval. requests. dismiss
accessapproval.requests.get
accessapproval. requests. invalidate
accessapproval.requests.list
accessapproval. serviceAccounts. get
accessapproval.settings.delete
accessapproval.settings.get
accessapproval.settings.update
Send feedback
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License
, and code samples are licensed under the Apache 2.0 License
. For details, see the Google Developers Site Policies
. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-09-04 UTC.
Need to tell us more?
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Access Approval roles and permissions\n\nThis page lists the IAM roles and permissions for Access Approval. To\nsearch through all roles and permissions, see the [role and\npermission index](/iam/docs/roles-permissions).\n\nAccess Approval roles\n---------------------\n\nAccess Approval permissions\n---------------------------"]]
