Console
    Start free

    Network Management API roles and permissions

    This page lists the IAM roles and permissions for Network Management API. To search through all roles and permissions, see the role and permission index .

    Network Management API roles

    Role
    Permissions

    ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Full access to Cloud Network Insights resources.

    networkmanagement.locations.*

    • networkmanagement. locations. get
    • networkmanagement. locations. list

    networkmanagement. monitoringpoints.*

    • networkmanagement. monitoringpoints. downloadConfig
    • networkmanagement. monitoringpoints. get
    • networkmanagement. monitoringpoints. list

    networkmanagement. networkpaths.*

    • networkmanagement. networkpaths. get
    • networkmanagement. networkpaths. list

    networkmanagement. operations. get

    networkmanagement. operations. list

    networkmanagement.providers.*

    • networkmanagement. providers. create
    • networkmanagement. providers. delete
    • networkmanagement. providers. generateProviderAccessToken
    • networkmanagement. providers. get
    • networkmanagement. providers. list

    networkmanagement.webpaths.*

    • networkmanagement.webpaths.get
    • networkmanagement. webpaths. list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Editor access to Cloud Network Insights resources.

    networkmanagement.locations.*

    • networkmanagement. locations. get
    • networkmanagement. locations. list

    networkmanagement. monitoringpoints.*

    • networkmanagement. monitoringpoints. downloadConfig
    • networkmanagement. monitoringpoints. get
    • networkmanagement. monitoringpoints. list

    networkmanagement. networkpaths.*

    • networkmanagement. networkpaths. get
    • networkmanagement. networkpaths. list

    networkmanagement. operations. get

    networkmanagement. operations. list

    networkmanagement.providers.*

    • networkmanagement. providers. create
    • networkmanagement. providers. delete
    • networkmanagement. providers. generateProviderAccessToken
    • networkmanagement. providers. get
    • networkmanagement. providers. list

    networkmanagement.webpaths.*

    • networkmanagement.webpaths.get
    • networkmanagement. webpaths. list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Read-only access to Cloud Network Insights resources.

    networkmanagement. monitoringpoints. get

    networkmanagement. monitoringpoints. list

    networkmanagement. networkpaths.*

    • networkmanagement. networkpaths. get
    • networkmanagement. networkpaths. list

    networkmanagement. providers. generateProviderAccessToken

    networkmanagement. providers. get

    networkmanagement. providers. list

    networkmanagement.webpaths.*

    • networkmanagement.webpaths.get
    • networkmanagement. webpaths. list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ networkmanagement.admin )

    Full access to Network Management resources.

    Lowest-level resources where you can grant this role:

    • Project

    networkmanagement.*

    • networkmanagement. connectivitytests. create
    • networkmanagement. connectivitytests. delete
    • networkmanagement. connectivitytests. get
    • networkmanagement. connectivitytests. getIamPolicy
    • networkmanagement. connectivitytests. list
    • networkmanagement. connectivitytests. rerun
    • networkmanagement. connectivitytests. setIamPolicy
    • networkmanagement. connectivitytests. update
    • networkmanagement. locations. get
    • networkmanagement. locations. list
    • networkmanagement. monitoringpoints. downloadConfig
    • networkmanagement. monitoringpoints. get
    • networkmanagement. monitoringpoints. list
    • networkmanagement. networkpaths. get
    • networkmanagement. networkpaths. list
    • networkmanagement. operations. cancel
    • networkmanagement. operations. delete
    • networkmanagement. operations. get
    • networkmanagement. operations. list
    • networkmanagement. providers. create
    • networkmanagement. providers. delete
    • networkmanagement. providers. generateProviderAccessToken
    • networkmanagement. providers. get
    • networkmanagement. providers. list
    • networkmanagement. topologygraphs. read
    • networkmanagement. vpcflowlogsconfigs. create
    • networkmanagement. vpcflowlogsconfigs. delete
    • networkmanagement. vpcflowlogsconfigs. get
    • networkmanagement. vpcflowlogsconfigs. list
    • networkmanagement. vpcflowlogsconfigs. update
    • networkmanagement.webpaths.get
    • networkmanagement. webpaths. list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ networkmanagement.serviceAgent )

    Grants the GCP Network Management API the authority to complete analysis based on network configurations from Compute Engine and Container Engine.

    cloudsql.instances.get

    cloudsql.instances.list

    compute.addresses.get

    compute.addresses.list

    compute.backendServices.get

    compute.backendServices.list

    compute. externalVpnGateways. get

    compute. externalVpnGateways. list

    compute.firewalls.get

    compute.firewalls.list

    compute.forwardingRules.get

    compute.forwardingRules.list

    compute.globalAddresses.get

    compute.globalAddresses.list

    compute. globalForwardingRules. get

    compute. globalForwardingRules. list

    compute. globalNetworkEndpointGroups. get

    compute. globalNetworkEndpointGroups. list

    compute.healthChecks.get

    compute.healthChecks.list

    compute.httpHealthChecks.get

    compute.httpHealthChecks.list

    compute.httpsHealthChecks.get

    compute.httpsHealthChecks.list

    compute.instanceGroups.get

    compute.instanceGroups.list

    compute.instances.get

    compute.instances.list

    compute. networkEndpointGroups. get

    compute. networkEndpointGroups. list

    compute.networks.get

    compute. networks. getEffectiveFirewalls

    compute.networks.list

    compute. networks. listPeeringRoutes

    compute.packetMirrorings.get

    compute.packetMirrorings.list

    compute. regionBackendServices. get

    compute. regionBackendServices. list

    compute.regionHealthChecks.get

    compute. regionHealthChecks. list

    compute. regionNetworkEndpointGroups. get

    compute. regionNetworkEndpointGroups. list

    compute. regionTargetHttpProxies. get

    compute. regionTargetHttpProxies. list

    compute. regionTargetHttpsProxies. get

    compute. regionTargetHttpsProxies. list

    compute. regionTargetTcpProxies. get

    compute. regionTargetTcpProxies. list

    compute.regionUrlMaps.get

    compute.regionUrlMaps.list

    compute.routers.get

    compute.routers.list

    compute.routes.get

    compute.routes.list

    compute.subnetworks.get

    compute.subnetworks.list

    compute.targetGrpcProxies.get

    compute.targetGrpcProxies.list

    compute.targetHttpProxies.get

    compute.targetHttpProxies.list

    compute.targetHttpsProxies.get

    compute. targetHttpsProxies. list

    compute.targetInstances.get

    compute.targetInstances.list

    compute.targetPools.get

    compute.targetPools.list

    compute.targetSslProxies.get

    compute.targetSslProxies.list

    compute.targetTcpProxies.get

    compute.targetTcpProxies.list

    compute.targetVpnGateways.get

    compute.targetVpnGateways.list

    compute.urlMaps.get

    compute.urlMaps.list

    compute.vpnGateways.get

    compute.vpnGateways.list

    compute.vpnTunnels.get

    compute.vpnTunnels.list

    container.clusters.get

    container.clusters.list

    container.nodes.get

    container.nodes.list

    ( roles/ networkmanagement.viewer )

    Read-only access to Network Management resources.

    Lowest-level resources where you can grant this role:

    • Project

    networkmanagement. connectivitytests. get

    networkmanagement. connectivitytests. getIamPolicy

    networkmanagement. connectivitytests. list

    networkmanagement.locations.*

    • networkmanagement. locations. get
    • networkmanagement. locations. list

    networkmanagement. monitoringpoints. get

    networkmanagement. monitoringpoints. list

    networkmanagement. networkpaths.*

    • networkmanagement. networkpaths. get
    • networkmanagement. networkpaths. list

    networkmanagement. operations. get

    networkmanagement. operations. list

    networkmanagement. providers. get

    networkmanagement. providers. list

    networkmanagement. topologygraphs. read

    networkmanagement. vpcflowlogsconfigs. get

    networkmanagement. vpcflowlogsconfigs. list

    networkmanagement.webpaths.*

    • networkmanagement.webpaths.get
    • networkmanagement. webpaths. list

    resourcemanager. organizations. get

    resourcemanager.projects.get

    resourcemanager.projects.list

    Network Management API permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Compute Network Admin ( roles/ compute.networkAdmin )

    Compute Network User ( roles/ compute.networkUser )

    Compute Network Viewer ( roles/ compute.networkViewer )

    Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Support User ( roles/ iam.supportUser )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Compute Network Admin ( roles/ compute.networkAdmin )

    Compute Network User ( roles/ compute.networkUser )

    Compute Network Viewer ( roles/ compute.networkViewer )

    Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Network Administrator ( roles/ iam.networkAdmin )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Network Administrator ( roles/ iam.networkAdmin )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Network Administrator ( roles/ iam.networkAdmin )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Network Administrator ( roles/ iam.networkAdmin )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Network Administrator ( roles/ iam.networkAdmin )

    Network Management Admin ( roles/ networkmanagement.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Network Administrator ( roles/ iam.networkAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Cloud Network Insights Admin ( roles/ networkmanagement.CloudNetworkInsightsAdmin )

    Cloud Network Insights Editor ( roles/ networkmanagement.CloudNetworkInsightsEditor )

    Cloud Network Insights Viewer ( roles/ networkmanagement.CloudNetworkInsightsViewer )

    Network Management Admin ( roles/ networkmanagement.admin )

    Network Management Viewer ( roles/ networkmanagement.viewer )
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: