Console
    Contact Us Start free

    Model Armor roles and permissions

    This page lists the IAM roles and permissions for Model Armor. To search through all roles and permissions, see the role and permission index .

    Model Armor roles

    Role
    Permissions

    ( roles/ modelarmor.admin )

    Grants full access to all modelarmor resources. Intended for administrators & owners.

    modelarmor.locations.*

    • modelarmor.locations.get
    • modelarmor.locations.list

    modelarmor.templates.*

    • modelarmor.templates.create
    • modelarmor.templates.delete
    • modelarmor.templates.get
    • modelarmor.templates.list
    • modelarmor.templates.update
    • modelarmor. templates. useToSanitizeModelResponse
    • modelarmor. templates. useToSanitizeUserPrompt

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ modelarmor.calloutUser )

    Grants access to use Model Armor Callout service. Intended for users & applications which plan to use Model Armor Callout service.

    modelarmor.callouts.invoke

    modelarmor.locations.*

    • modelarmor.locations.get
    • modelarmor.locations.list

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ modelarmor.floorSettingsAdmin )

    Grants full access to all Model Armor Floor Setting resources. Intended for administrators & owners.

    modelarmor.floorSettings.*

    • modelarmor.floorSettings.get
    • modelarmor. floorSettings. update

    modelarmor.locations.*

    • modelarmor.locations.get
    • modelarmor.locations.list

    resourcemanager.folders.get

    resourcemanager.folders.list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ modelarmor.floorSettingsViewer )

    Grants read access to all Model Armor Floor Setting resources. Intended for viewers.

    modelarmor.floorSettings.get

    modelarmor.locations.*

    • modelarmor.locations.get
    • modelarmor.locations.list

    resourcemanager.folders.get

    resourcemanager.folders.list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ modelarmor.serviceAgent )

    Gives Model Armor Service Account permission to make DLP calls.

    dlp.analyzeRiskTemplates.get

    dlp.analyzeRiskTemplates.list

    dlp.deidentifyTemplates.get

    dlp.deidentifyTemplates.list

    dlp.inspectFindings.list

    dlp.inspectTemplates.get

    dlp.inspectTemplates.list

    dlp.jobTriggers.get

    dlp.jobTriggers.list

    dlp.jobs.get

    dlp.jobs.list

    dlp.kms.encrypt

    dlp.locations.*

    • dlp.locations.get
    • dlp.locations.list

    dlp.storedInfoTypes.get

    dlp.storedInfoTypes.list

    serviceusage.services.use

    ( roles/ modelarmor.user )

    Grants access to sanitize APIs for templates. Intended for users & applications which plan to use a template.

    modelarmor.locations.*

    • modelarmor.locations.get
    • modelarmor.locations.list

    modelarmor. templates. useToSanitizeModelResponse

    modelarmor. templates. useToSanitizeUserPrompt

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ modelarmor.viewer )

    Grants read access to all model armor resources. Intended for viewers.

    modelarmor.locations.*

    • modelarmor.locations.get
    • modelarmor.locations.list

    modelarmor.templates.get

    modelarmor.templates.list

    resourcemanager.projects.get

    resourcemanager.projects.list

    Model Armor permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Model Armor Callout User ( roles/ modelarmor.calloutUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Support User ( roles/ iam.supportUser )

    Model Armor Floor Setting Admin ( roles/ modelarmor.floorSettingsAdmin )

    Model Armor Floor Setting Viewer ( roles/ modelarmor.floorSettingsViewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Model Armor Floor Setting Admin ( roles/ modelarmor.floorSettingsAdmin )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Support User ( roles/ iam.supportUser )

    Model Armor Admin ( roles/ modelarmor.admin )

    Model Armor Callout User ( roles/ modelarmor.calloutUser )

    Model Armor Floor Setting Admin ( roles/ modelarmor.floorSettingsAdmin )

    Model Armor Floor Setting Viewer ( roles/ modelarmor.floorSettingsViewer )

    Model Armor User ( roles/ modelarmor.user )

    Model Armor Viewer ( roles/ modelarmor.viewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Model Armor Admin ( roles/ modelarmor.admin )

    Model Armor Callout User ( roles/ modelarmor.calloutUser )

    Model Armor Floor Setting Admin ( roles/ modelarmor.floorSettingsAdmin )

    Model Armor Floor Setting Viewer ( roles/ modelarmor.floorSettingsViewer )

    Model Armor User ( roles/ modelarmor.user )

    Model Armor Viewer ( roles/ modelarmor.viewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Model Armor Admin ( roles/ modelarmor.admin )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Model Armor Admin ( roles/ modelarmor.admin )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Support User ( roles/ iam.supportUser )

    Model Armor Admin ( roles/ modelarmor.admin )

    Model Armor Viewer ( roles/ modelarmor.viewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Model Armor Admin ( roles/ modelarmor.admin )

    Model Armor Viewer ( roles/ modelarmor.viewer )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Model Armor Admin ( roles/ modelarmor.admin )

    Security Center Admin ( roles/ securitycenter.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Model Armor Admin ( roles/ modelarmor.admin )

    Model Armor User ( roles/ modelarmor.user )

    Security Center Admin ( roles/ securitycenter.admin )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Model Armor Admin ( roles/ modelarmor.admin )

    Model Armor User ( roles/ modelarmor.user )

    Security Center Admin ( roles/ securitycenter.admin )

    Service agent roles

    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: