Backup and Disaster Recovery roles and permissions

This page lists the IAM roles and permissions for Backup and Disaster Recovery. To search through all roles and permissions, see the role and permission index .

Backup and Disaster Recovery roles

Role

Permissions

Backup and DR Admin

( roles/ backupdr.admin )

Provides full access to all Backup and DR resources.

backupdr. backupPlanAssociations.*

backupdr. backupPlanAssociations. createForAlloydbCluster
backupdr. backupPlanAssociations. createForCloudSqlInstance
backupdr. backupPlanAssociations. createForComputeDisk
backupdr. backupPlanAssociations. createForComputeInstance
backupdr. backupPlanAssociations. deleteForAlloydbCluster
backupdr. backupPlanAssociations. deleteForCloudSqlInstance
backupdr. backupPlanAssociations. deleteForComputeDisk
backupdr. backupPlanAssociations. deleteForComputeInstance
backupdr. backupPlanAssociations. fetchForAlloydbCluster
backupdr. backupPlanAssociations. fetchForCloudSqlInstance
backupdr. backupPlanAssociations. fetchForComputeDisk
backupdr. backupPlanAssociations. fetchForComputeInstance
backupdr. backupPlanAssociations. getForAlloydbCluster
backupdr. backupPlanAssociations. getForCloudSqlInstance
backupdr. backupPlanAssociations. getForComputeDisk
backupdr. backupPlanAssociations. getForComputeInstance
backupdr. backupPlanAssociations. list
backupdr. backupPlanAssociations. triggerBackupForAlloydbCluster
backupdr. backupPlanAssociations. triggerBackupForCloudSqlInstance
backupdr. backupPlanAssociations. triggerBackupForComputeDisk
backupdr. backupPlanAssociations. triggerBackupForComputeInstance
backupdr. backupPlanAssociations. updateForAlloydbCluster
backupdr. backupPlanAssociations. updateForComputeDisk
backupdr. backupPlanAssociations. updateForComputeInstance

backupdr.backupPlanRevisions.*

backupdr. backupPlanRevisions. get
backupdr. backupPlanRevisions. list

backupdr.backupPlans.*

backupdr.backupPlans.create
backupdr.backupPlans.delete
backupdr.backupPlans.get
backupdr.backupPlans.list
backupdr.backupPlans.update
backupdr. backupPlans. useForAlloydbCluster
backupdr. backupPlans. useForCloudSqlInstance
backupdr. backupPlans. useForComputeDisk
backupdr. backupPlans. useForComputeInstance

backupdr.backupVaults.*

backupdr. backupVaults. associate
backupdr.backupVaults.create
backupdr.backupVaults.delete
backupdr.backupVaults.get
backupdr.backupVaults.list
backupdr.backupVaults.update

backupdr.bvbackups.*

backupdr.bvbackups.delete
backupdr. bvbackups. fetchForCloudSqlInstance
backupdr. bvbackups. fetchForComputeDisk
backupdr. bvbackups. fetchForComputeInstance
backupdr.bvbackups.get
backupdr.bvbackups.list
backupdr.bvbackups.restore
backupdr.bvbackups.update
backupdr. bvbackups. useReadOnlyForAlloydbCluster
backupdr. bvbackups. useReadOnlyForCloudSqlInstance

backupdr.bvdataSources.*

backupdr. bvdataSources. abandonBackup
backupdr. bvdataSources. fetchAccessToken
backupdr. bvdataSources. finalizeBackup
backupdr.bvdataSources.get
backupdr. bvdataSources. initiateBackup
backupdr.bvdataSources.list
backupdr.bvdataSources.remove
backupdr. bvdataSources. setInternalStatus
backupdr.bvdataSources.update
backupdr. bvdataSources. useReadOnlyForAlloydbCluster
backupdr. bvdataSources. useReadOnlyForCloudSqlInstance

backupdr. compute. restoreFromBackupVault

backupdr. dataSourceReferences.*

backupdr. dataSourceReferences. fetchForAlloydbCluster
backupdr. dataSourceReferences. fetchForCloudSqlInstance
backupdr. dataSourceReferences. getForAlloydbCluster
backupdr. dataSourceReferences. getForCloudSqlInstance
backupdr. dataSourceReferences. list

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr.managementServers.*

backupdr. managementServers. access
backupdr. managementServers. accessSensitiveData
backupdr. managementServers. assignBackupPlans
backupdr. managementServers. backupAccess
backupdr. managementServers. create
backupdr. managementServers. createConnection
backupdr. managementServers. createDynamicProtection
backupdr. managementServers. delete
backupdr. managementServers. deleteDynamicProtection
backupdr.managementServers.get
backupdr. managementServers. getDynamicProtection
backupdr. managementServers. getIamPolicy
backupdr. managementServers. list
backupdr. managementServers. listDynamicProtection
backupdr. managementServers. manageApplications
backupdr. managementServers. manageBackupPlans
backupdr. managementServers. manageBackupServers
backupdr. managementServers. manageBackups
backupdr. managementServers. manageClones
backupdr. managementServers. manageExpiration
backupdr. managementServers. manageHosts
backupdr. managementServers. manageInternalACL
backupdr. managementServers. manageJobs
backupdr. managementServers. manageLiveClones
backupdr. managementServers. manageMigrations
backupdr. managementServers. manageMirroring
backupdr. managementServers. manageMounts
backupdr. managementServers. manageRestores
backupdr. managementServers. manageSensitiveData
backupdr. managementServers. manageStorage
backupdr. managementServers. manageSystem
backupdr. managementServers. manageWorkflows
backupdr. managementServers. refreshWorkflows
backupdr. managementServers. runWorkflows
backupdr. managementServers. setIamPolicy
backupdr. managementServers. testFailOvers
backupdr. managementServers. viewBackupPlans
backupdr. managementServers. viewBackupServers
backupdr. managementServers. viewReports
backupdr. managementServers. viewStorage
backupdr. managementServers. viewSystem
backupdr. managementServers. viewWorkflows

backupdr.operations.*

backupdr.operations.cancel
backupdr.operations.delete
backupdr.operations.get
backupdr.operations.list

backupdr. serviceConfig. initialize

backupdr.trial.*

backupdr.trial.get
backupdr.trial.subscribe

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR Backup Config Viewer ^Beta

( roles/ backupdr.backupConfigViewer )

Provides read access to resource backup config. Resource backup config has the metadata of a Google Cloud resource that can be backed up, along with its backup configurations.

backupdr.locations.list

backupdr. resourceBackupConfigs.*

backupdr. resourceBackupConfigs. get
backupdr. resourceBackupConfigs. list

Backup and DR Backup User

( roles/ backupdr.backupUser )

Allows the user to apply existing backup plans. This role cannot create backup plans or restore from a backup.

backupdr. backupPlanAssociations.*

backupdr. backupPlanAssociations. createForAlloydbCluster
backupdr. backupPlanAssociations. createForCloudSqlInstance
backupdr. backupPlanAssociations. createForComputeDisk
backupdr. backupPlanAssociations. createForComputeInstance
backupdr. backupPlanAssociations. deleteForAlloydbCluster
backupdr. backupPlanAssociations. deleteForCloudSqlInstance
backupdr. backupPlanAssociations. deleteForComputeDisk
backupdr. backupPlanAssociations. deleteForComputeInstance
backupdr. backupPlanAssociations. fetchForAlloydbCluster
backupdr. backupPlanAssociations. fetchForCloudSqlInstance
backupdr. backupPlanAssociations. fetchForComputeDisk
backupdr. backupPlanAssociations. fetchForComputeInstance
backupdr. backupPlanAssociations. getForAlloydbCluster
backupdr. backupPlanAssociations. getForCloudSqlInstance
backupdr. backupPlanAssociations. getForComputeDisk
backupdr. backupPlanAssociations. getForComputeInstance
backupdr. backupPlanAssociations. list
backupdr. backupPlanAssociations. triggerBackupForAlloydbCluster
backupdr. backupPlanAssociations. triggerBackupForCloudSqlInstance
backupdr. backupPlanAssociations. triggerBackupForComputeDisk
backupdr. backupPlanAssociations. triggerBackupForComputeInstance
backupdr. backupPlanAssociations. updateForAlloydbCluster
backupdr. backupPlanAssociations. updateForComputeDisk
backupdr. backupPlanAssociations. updateForComputeInstance

backupdr.backupPlanRevisions.*

backupdr. backupPlanRevisions. get
backupdr. backupPlanRevisions. list

backupdr.backupPlans.get

backupdr.backupPlans.list

backupdr. backupPlans. useForAlloydbCluster

backupdr. backupPlans. useForCloudSqlInstance

backupdr. backupPlans. useForComputeDisk

backupdr. backupPlans. useForComputeInstance

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr. bvbackups. fetchForCloudSqlInstance

backupdr. bvbackups. fetchForComputeDisk

backupdr. bvbackups. fetchForComputeInstance

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvdataSources.get

backupdr.bvdataSources.list

backupdr. dataSourceReferences.*

backupdr. dataSourceReferences. fetchForAlloydbCluster
backupdr. dataSourceReferences. fetchForCloudSqlInstance
backupdr. dataSourceReferences. getForAlloydbCluster
backupdr. dataSourceReferences. getForCloudSqlInstance
backupdr. dataSourceReferences. list

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr. managementServers. access

backupdr. managementServers. assignBackupPlans

backupdr. managementServers. createDynamicProtection

backupdr. managementServers. deleteDynamicProtection

backupdr.managementServers.get

backupdr. managementServers. getDynamicProtection

backupdr. managementServers. list

backupdr. managementServers. listDynamicProtection

backupdr. managementServers. manageApplications

backupdr. managementServers. manageBackups

backupdr. managementServers. manageHosts

backupdr. managementServers. viewBackupPlans

backupdr. managementServers. viewReports

backupdr. managementServers. viewStorage

backupdr. managementServers. viewSystem

backupdr.operations.get

backupdr.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR Backup Vault Accessor

( roles/ backupdr.backupvaultAccessor )

Allows the Backup Appliance permissions to create and manage backups in a backup vault.

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr.bvbackups.delete

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvbackups.update

backupdr. bvdataSources. abandonBackup

backupdr. bvdataSources. fetchAccessToken

backupdr. bvdataSources. finalizeBackup

backupdr.bvdataSources.get

backupdr. bvdataSources. initiateBackup

backupdr.bvdataSources.list

backupdr.bvdataSources.remove

backupdr. bvdataSources. setInternalStatus

backupdr.bvdataSources.update

backupdr.operations.*

backupdr.operations.cancel
backupdr.operations.delete
backupdr.operations.get
backupdr.operations.list

Backup and DR Backup Vault Admin

( roles/ backupdr.backupvaultAdmin )

Allows the Backup Appliance full administrative control of backup vault resources.

backupdr.backupVaults.*

backupdr. backupVaults. associate
backupdr.backupVaults.create
backupdr.backupVaults.delete
backupdr.backupVaults.get
backupdr.backupVaults.list
backupdr.backupVaults.update

backupdr.bvbackups.delete

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvbackups.restore

backupdr.bvbackups.update

backupdr.bvdataSources.get

backupdr.bvdataSources.list

backupdr.bvdataSources.update

backupdr. compute. restoreFromBackupVault

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr.operations.*

backupdr.operations.cancel
backupdr.operations.delete
backupdr.operations.get
backupdr.operations.list

Backup and DR Backup Vault Lister

( roles/ backupdr.backupvaultLister )

Allows the Backup Appliance permission to list backup vaults in a given project.

backupdr.backupVaults.list

Backup and DR Backup Vault Viewer

( roles/ backupdr.backupvaultViewer )

Allows read-only permissions to access backup vault resources and backups.

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvdataSources.get

backupdr.bvdataSources.list

backupdr.operations.get

backupdr.operations.list

Backup and DR Cloud SQL Operator ^Beta

( roles/ backupdr.cloudSqlOperator )

Allows a Backup and DR service account to discover and backup Cloud SQL instances.

cloudsql. instances. createBackupDrBackup

cloudsql.instances.get

Backup and DR Cloud Storage Operator

( roles/ backupdr.cloudStorageOperator )

Allows a Backup and DR service account to store and manage data (backups or metadata) in Cloud Storage.

storage.buckets.create

storage.buckets.get

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

Backup and DR Compute Engine Operator

( roles/ backupdr.computeEngineOperator )

Allows a Backup and DR service account to discover, back up, and restore Compute Engine VM instances.

backupdr. managementServers. createConnection

compute.addresses.list

compute.addresses.use

compute.addresses.useInternal

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.create

compute.disks.createSnapshot

compute.disks.delete

compute.disks.get

compute.disks.setLabels

compute.disks.use

compute.disks.useReadOnly

compute.firewalls.list

compute.globalOperations.get

compute.images.create

compute.images.delete

compute.images.get

compute.images.useReadOnly

compute.instances.attachDisk

compute.instances.create

compute. instances. createTagBinding

compute.instances.delete

compute.instances.detachDisk

compute.instances.get

compute.instances.list

compute. instances. listEffectiveTags

compute. instances. pscInterfaceCreate

compute. instances. setDeletionProtection

compute.instances.setLabels

compute.instances.setMetadata

compute. instances. setServiceAccount

compute.instances.setTags

compute.instances.start

compute.instances.stop

compute. instances. updateDisplayDevice

compute.instances.useReadOnly

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.networks.list

compute.nodeGroups.get

compute.nodeGroups.list

compute.nodeTemplates.get

compute.projects.get

compute.regionOperations.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.resourcePolicies.use

compute.snapshots.create

compute.snapshots.delete

compute.snapshots.get

compute.snapshots.setLabels

compute.snapshots.useReadOnly

compute.subnetworks.list

compute.subnetworks.use

compute. subnetworks. useExternalIp

compute.zoneOperations.get

compute.zones.list

iam.serviceAccounts.actAs

iam.serviceAccounts.get

iam.serviceAccounts.list

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR Disk Operator ^Beta

( roles/ backupdr.diskOperator )

Allows a Backup and DR service account to store and manage data (backups or metadata) in Disk.

compute.disks.create

compute.disks.createSnapshot

compute.disks.createTagBinding

compute.disks.get

compute.disks.list

compute.disks.setLabels

compute.disks.useReadOnly

compute.regionOperations.get

compute.resourcePolicies.use

compute.snapshots.setLabels

compute.snapshots.useReadOnly

compute.storagePools.use

compute.zoneOperations.get

Backup and DR Management Server Accessor

( roles/ backupdr.managementServerAccessor )

Grants the Backup and DR management server access role to Backup Appliances.

backupdr. managementServers. createConnection

Backup and DR Mount User

( roles/ backupdr.mountUser )

Allows the user to mount from a backup. This role cannot create a backup plan or restore from a backup.

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr. managementServers. access

backupdr.managementServers.get

backupdr. managementServers. getDynamicProtection

backupdr. managementServers. list

backupdr. managementServers. listDynamicProtection

backupdr. managementServers. manageApplications

backupdr. managementServers. manageClones

backupdr. managementServers. manageHosts

backupdr. managementServers. manageLiveClones

backupdr. managementServers. manageMirroring

backupdr. managementServers. manageMounts

backupdr. managementServers. manageWorkflows

backupdr. managementServers. refreshWorkflows

backupdr. managementServers. runWorkflows

backupdr. managementServers. viewBackupPlans

backupdr. managementServers. viewReports

backupdr. managementServers. viewStorage

backupdr. managementServers. viewSystem

backupdr. managementServers. viewWorkflows

backupdr.operations.get

backupdr.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR Restore User

( roles/ backupdr.restoreUser )

Allows the user to restore or mount from a backup. This role cannot create a backup plan.

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr. bvbackups. fetchForCloudSqlInstance

backupdr. bvbackups. fetchForComputeDisk

backupdr. bvbackups. fetchForComputeInstance

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvbackups.restore

backupdr. bvbackups. useReadOnlyForAlloydbCluster

backupdr. bvbackups. useReadOnlyForCloudSqlInstance

backupdr.bvdataSources.get

backupdr.bvdataSources.list

backupdr. bvdataSources. useReadOnlyForAlloydbCluster

backupdr. bvdataSources. useReadOnlyForCloudSqlInstance

backupdr. compute. restoreFromBackupVault

backupdr. dataSourceReferences.*

backupdr. dataSourceReferences. fetchForAlloydbCluster
backupdr. dataSourceReferences. fetchForCloudSqlInstance
backupdr. dataSourceReferences. getForAlloydbCluster
backupdr. dataSourceReferences. getForCloudSqlInstance
backupdr. dataSourceReferences. list

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr. managementServers. access

backupdr.managementServers.get

backupdr. managementServers. getDynamicProtection

backupdr. managementServers. list

backupdr. managementServers. listDynamicProtection

backupdr. managementServers. manageApplications

backupdr. managementServers. manageClones

backupdr. managementServers. manageHosts

backupdr. managementServers. manageLiveClones

backupdr. managementServers. manageMigrations

backupdr. managementServers. manageMirroring

backupdr. managementServers. manageMounts

backupdr. managementServers. manageRestores

backupdr. managementServers. manageWorkflows

backupdr. managementServers. refreshWorkflows

backupdr. managementServers. runWorkflows

backupdr. managementServers. testFailOvers

backupdr. managementServers. viewBackupPlans

backupdr. managementServers. viewReports

backupdr. managementServers. viewStorage

backupdr. managementServers. viewSystem

backupdr. managementServers. viewWorkflows

backupdr.operations.get

backupdr.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR Service Agent

( roles/ backupdr.serviceAgent )

Grants the Backup and DR Service access to protect Compute Engine instances.

alloydb.operations.get

cloudsql. instances. createBackupDrBackup

cloudsql.instances.get

compute.addresses.list

compute.addresses.use

compute.addresses.useInternal

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.create

compute.disks.createSnapshot

compute.disks.delete

compute.disks.get

compute.disks.list

compute.disks.setLabels

compute.disks.use

compute.disks.useReadOnly

compute.firewalls.list

compute.globalOperations.get

compute.images.create

compute.images.delete

compute.images.get

compute.images.useReadOnly

compute.instances.attachDisk

compute.instances.create

compute.instances.delete

compute.instances.detachDisk

compute.instances.get

compute.instances.list

compute.instances.setLabels

compute.instances.setMetadata

compute. instances. setServiceAccount

compute.instances.setTags

compute.instances.start

compute.instances.stop

compute.instances.useReadOnly

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.networks.list

compute.nodeGroups.get

compute.nodeGroups.list

compute.nodeTemplates.get

compute.projects.get

compute.regionOperations.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.snapshots.create

compute.snapshots.delete

compute.snapshots.get

compute.snapshots.setLabels

compute.snapshots.useReadOnly

compute.subnetworks.list

compute.subnetworks.use

compute. subnetworks. useExternalIp

compute.zoneOperations.get

compute.zones.list

file.backups.create

file.instances.get

iam.serviceAccounts.actAs

iam.serviceAccounts.get

iam.serviceAccounts.list

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR User

( roles/ backupdr.user )

Provides access to management console. Granular Backup and DR permissions depend on ACL configuration provided by Backup and DR admin within the management console.

backupdr. backupPlanAssociations. createForComputeInstance

backupdr. backupPlanAssociations. deleteForComputeInstance

backupdr. backupPlanAssociations. updateForComputeInstance

backupdr. managementServers. access

backupdr. managementServers. backupAccess

backupdr.managementServers.get

backupdr. managementServers. getDynamicProtection

backupdr. managementServers. getIamPolicy

backupdr. managementServers. list

backupdr. managementServers. listDynamicProtection

backupdr. managementServers. viewBackupPlans

backupdr. managementServers. viewBackupServers

backupdr. managementServers. viewReports

backupdr. managementServers. viewStorage

backupdr. managementServers. viewSystem

backupdr. managementServers. viewWorkflows

backupdr.operations.get

backupdr.operations.list

backupdr.trial.get

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR User V2

( roles/ backupdr.userv2 )

Provides full access to Backup and DR resources except deploying and managing backup infrastructure, expiring backups, changing data sensitivity and configuring on-premises billing.

backupdr. backupPlanAssociations.*

backupdr. backupPlanAssociations. createForAlloydbCluster
backupdr. backupPlanAssociations. createForCloudSqlInstance
backupdr. backupPlanAssociations. createForComputeDisk
backupdr. backupPlanAssociations. createForComputeInstance
backupdr. backupPlanAssociations. deleteForAlloydbCluster
backupdr. backupPlanAssociations. deleteForCloudSqlInstance
backupdr. backupPlanAssociations. deleteForComputeDisk
backupdr. backupPlanAssociations. deleteForComputeInstance
backupdr. backupPlanAssociations. fetchForAlloydbCluster
backupdr. backupPlanAssociations. fetchForCloudSqlInstance
backupdr. backupPlanAssociations. fetchForComputeDisk
backupdr. backupPlanAssociations. fetchForComputeInstance
backupdr. backupPlanAssociations. getForAlloydbCluster
backupdr. backupPlanAssociations. getForCloudSqlInstance
backupdr. backupPlanAssociations. getForComputeDisk
backupdr. backupPlanAssociations. getForComputeInstance
backupdr. backupPlanAssociations. list
backupdr. backupPlanAssociations. triggerBackupForAlloydbCluster
backupdr. backupPlanAssociations. triggerBackupForCloudSqlInstance
backupdr. backupPlanAssociations. triggerBackupForComputeDisk
backupdr. backupPlanAssociations. triggerBackupForComputeInstance
backupdr. backupPlanAssociations. updateForAlloydbCluster
backupdr. backupPlanAssociations. updateForComputeDisk
backupdr. backupPlanAssociations. updateForComputeInstance

backupdr.backupPlanRevisions.*

backupdr. backupPlanRevisions. get
backupdr. backupPlanRevisions. list

backupdr.backupPlans.*

backupdr.backupPlans.create
backupdr.backupPlans.delete
backupdr.backupPlans.get
backupdr.backupPlans.list
backupdr.backupPlans.update
backupdr. backupPlans. useForAlloydbCluster
backupdr. backupPlans. useForCloudSqlInstance
backupdr. backupPlans. useForComputeDisk
backupdr. backupPlans. useForComputeInstance

backupdr. backupVaults. associate

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr. bvbackups. fetchForCloudSqlInstance

backupdr. bvbackups. fetchForComputeDisk

backupdr. bvbackups. fetchForComputeInstance

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvbackups.restore

backupdr. bvbackups. useReadOnlyForAlloydbCluster

backupdr. bvbackups. useReadOnlyForCloudSqlInstance

backupdr.bvdataSources.get

backupdr.bvdataSources.list

backupdr. bvdataSources. useReadOnlyForAlloydbCluster

backupdr. bvdataSources. useReadOnlyForCloudSqlInstance

backupdr. compute. restoreFromBackupVault

backupdr. dataSourceReferences.*

backupdr. dataSourceReferences. fetchForAlloydbCluster
backupdr. dataSourceReferences. fetchForCloudSqlInstance
backupdr. dataSourceReferences. getForAlloydbCluster
backupdr. dataSourceReferences. getForCloudSqlInstance
backupdr. dataSourceReferences. list

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr. managementServers. access

backupdr. managementServers. assignBackupPlans

backupdr. managementServers. backupAccess

backupdr. managementServers. createDynamicProtection

backupdr. managementServers. deleteDynamicProtection

backupdr.managementServers.get

backupdr. managementServers. getDynamicProtection

backupdr. managementServers. getIamPolicy

backupdr. managementServers. list

backupdr. managementServers. listDynamicProtection

backupdr. managementServers. manageApplications

backupdr. managementServers. manageBackupPlans

backupdr. managementServers. manageBackups

backupdr. managementServers. manageClones

backupdr. managementServers. manageHosts

backupdr. managementServers. manageJobs

backupdr. managementServers. manageLiveClones

backupdr. managementServers. manageMigrations

backupdr. managementServers. manageMirroring

backupdr. managementServers. manageMounts

backupdr. managementServers. manageRestores

backupdr. managementServers. manageWorkflows

backupdr. managementServers. refreshWorkflows

backupdr. managementServers. runWorkflows

backupdr. managementServers. testFailOvers

backupdr. managementServers. viewBackupPlans

backupdr. managementServers. viewBackupServers

backupdr. managementServers. viewReports

backupdr. managementServers. viewStorage

backupdr. managementServers. viewSystem

backupdr. managementServers. viewWorkflows

backupdr.operations.get

backupdr.operations.list

backupdr.trial.get

resourcemanager.projects.get

resourcemanager.projects.list

Backup and DR Viewer

( roles/ backupdr.viewer )

Provides read-only access to all Backup and DR resources.

backupdr. backupPlanAssociations. fetchForAlloydbCluster

backupdr. backupPlanAssociations. fetchForCloudSqlInstance

backupdr. backupPlanAssociations. fetchForComputeDisk

backupdr. backupPlanAssociations. fetchForComputeInstance

backupdr. backupPlanAssociations. getForAlloydbCluster

backupdr. backupPlanAssociations. getForCloudSqlInstance

backupdr. backupPlanAssociations. getForComputeDisk

backupdr. backupPlanAssociations. getForComputeInstance

backupdr. backupPlanAssociations. list

backupdr.backupPlanRevisions.*

backupdr. backupPlanRevisions. get
backupdr. backupPlanRevisions. list

backupdr.backupPlans.get

backupdr.backupPlans.list

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr. bvbackups. fetchForCloudSqlInstance

backupdr. bvbackups. fetchForComputeDisk

backupdr. bvbackups. fetchForComputeInstance

backupdr.bvbackups.get

backupdr.bvbackups.list

backupdr.bvdataSources.get

backupdr.bvdataSources.list

backupdr. dataSourceReferences.*

backupdr. dataSourceReferences. fetchForAlloydbCluster
backupdr. dataSourceReferences. fetchForCloudSqlInstance
backupdr. dataSourceReferences. getForAlloydbCluster
backupdr. dataSourceReferences. getForCloudSqlInstance
backupdr. dataSourceReferences. list

backupdr.locations.*

backupdr.locations.get
backupdr.locations.list

backupdr. managementServers. access

backupdr. managementServers. backupAccess

backupdr.managementServers.get

backupdr. managementServers. getDynamicProtection

backupdr. managementServers. getIamPolicy

backupdr. managementServers. list

backupdr. managementServers. listDynamicProtection

backupdr. managementServers. viewBackupPlans

backupdr. managementServers. viewBackupServers

backupdr. managementServers. viewReports

backupdr. managementServers. viewStorage

backupdr. managementServers. viewSystem

backupdr. managementServers. viewWorkflows

backupdr.operations.get

backupdr.operations.list

backupdr.trial.get

resourcemanager.projects.get

resourcemanager.projects.list

Backup and Disaster Recovery permissions

Permission

Included in roles

`backupdr. backupPlanAssociations. createForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. backupPlanAssociations. createForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. backupPlanAssociations. createForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. createForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. deleteForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. backupPlanAssociations. deleteForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. backupPlanAssociations. deleteForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. deleteForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. fetchForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

`backupdr. backupPlanAssociations. fetchForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. backupPlanAssociations. fetchForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. fetchForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. backupPlanAssociations. getForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

`backupdr. backupPlanAssociations. getForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. backupPlanAssociations. getForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. getForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. backupPlanAssociations. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. triggerBackupForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. backupPlanAssociations. triggerBackupForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. backupPlanAssociations. triggerBackupForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. triggerBackupForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. updateForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. backupPlanAssociations. updateForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanAssociations. updateForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlanRevisions. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. backupPlanRevisions. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr.backupPlans.create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr.backupPlans.delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr.backupPlans.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr.backupPlans.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr.backupPlans.update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. backupPlans. useForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. backupPlans. useForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. backupPlans. useForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Compute Storage Admin ( roles/ compute.storageAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupPlans. useForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. backupVaults. associate`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr.backupVaults.create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr.backupVaults.delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr.backupVaults.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr.backupVaults.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Lister ( roles/ backupdr.backupvaultLister )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr.backupVaults.update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr.bvbackups.delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr. bvbackups. fetchForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. bvbackups. fetchForComputeDisk`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. bvbackups. fetchForComputeInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr.bvbackups.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr.bvbackups.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr.bvbackups.restore`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr.bvbackups.update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr. bvbackups. useReadOnlyForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. bvbackups. useReadOnlyForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. bvdataSources. abandonBackup`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

`backupdr. bvdataSources. fetchAccessToken`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

`backupdr. bvdataSources. finalizeBackup`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

`backupdr.bvdataSources.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. bvdataSources. initiateBackup`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

`backupdr.bvdataSources.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr.bvdataSources.remove`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

`backupdr. bvdataSources. setInternalStatus`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

`backupdr.bvdataSources.update`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr. bvdataSources. useReadOnlyForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Databases Admin ( roles/ iam.databasesAdmin )

`backupdr. bvdataSources. useReadOnlyForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. compute. restoreFromBackupVault`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. dataSourceReferences. fetchForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

`backupdr. dataSourceReferences. fetchForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. dataSourceReferences. getForAlloydbCluster`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

`backupdr. dataSourceReferences. getForCloudSqlInstance`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Databases Admin ( roles/ iam.databasesAdmin )

Support User ( roles/ iam.supportUser )

Service agent roles

Cloud Composer API Service Agent ( roles/ composer.serviceAgent )

`backupdr. dataSourceReferences. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr.locations.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr.locations.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Config Viewer ( roles/ backupdr.backupConfigViewer )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. managementServers. access`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. accessSensitiveData`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. assignBackupPlans`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. backupAccess`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. create`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. createConnection`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Compute Engine Operator ( roles/ backupdr.computeEngineOperator )

Backup and DR Management Server Accessor ( roles/ backupdr.managementServerAccessor )

`backupdr. managementServers. createDynamicProtection`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. deleteDynamicProtection`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr.managementServers.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. getDynamicProtection`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. getIamPolicy`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. listDynamicProtection`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. manageApplications`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageBackupPlans`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageBackupServers`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. manageBackups`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageClones`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageExpiration`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. manageHosts`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageInternalACL`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. manageJobs`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageLiveClones`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageMigrations`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageMirroring`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageMounts`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageRestores`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. manageSensitiveData`

Owner ( roles/ owner )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. manageStorage`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. manageSystem`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

`backupdr. managementServers. manageWorkflows`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. refreshWorkflows`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. runWorkflows`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. setIamPolicy`

Owner ( roles/ owner )

Backup and DR Admin ( roles/ backupdr.admin )

Security Admin ( roles/ iam.securityAdmin )

`backupdr. managementServers. testFailOvers`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User V2 ( roles/ backupdr.userv2 )

`backupdr. managementServers. viewBackupPlans`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. viewBackupServers`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. viewReports`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. viewStorage`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. viewSystem`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr. managementServers. viewWorkflows`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr.operations.cancel`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr.operations.delete`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

`backupdr.operations.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr.operations.list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR Backup User ( roles/ backupdr.backupUser )

Backup and DR Backup Vault Accessor ( roles/ backupdr.backupvaultAccessor )

Backup and DR Backup Vault Admin ( roles/ backupdr.backupvaultAdmin )

Backup and DR Backup Vault Viewer ( roles/ backupdr.backupvaultViewer )

Backup and DR Mount User ( roles/ backupdr.mountUser )

Backup and DR Restore User ( roles/ backupdr.restoreUser )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Support User ( roles/ iam.supportUser )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr. resourceBackupConfigs. get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Backup Config Viewer ( roles/ backupdr.backupConfigViewer )

Support User ( roles/ iam.supportUser )

`backupdr. resourceBackupConfigs. list`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Backup Config Viewer ( roles/ backupdr.backupConfigViewer )

Security Admin ( roles/ iam.securityAdmin )

Security Auditor ( roles/ iam.securityAuditor )

Security Reviewer ( roles/ iam.securityReviewer )

Support User ( roles/ iam.supportUser )

`backupdr. serviceConfig. initialize`

Owner ( roles/ owner )

Editor ( roles/ editor )

AlloyDB Admin ( roles/ alloydb.admin )

Backup and DR Admin ( roles/ backupdr.admin )

Cloud SQL Admin ( roles/ cloudsql.admin )

Compute Admin ( roles/ compute.admin )

Compute Instance Admin (beta) ( roles/ compute.instanceAdmin )

Compute Instance Admin (v1) ( roles/ compute.instanceAdmin.v1 )

Databases Admin ( roles/ iam.databasesAdmin )

Infrastructure Administrator ( roles/ iam.infrastructureAdmin )

Network Administrator ( roles/ iam.networkAdmin )

Site Reliability Engineer ( roles/ iam.siteReliabilityEngineer )

Notebooks Legacy Admin ( roles/ notebooks.legacyAdmin )

Service agent roles

Cloud TPU V2 API Service Agent ( roles/ cloudtpu.serviceAgent )
Cloud Composer API Service Agent ( roles/ composer.serviceAgent )
Kubernetes Engine Service Agent ( roles/ container.serviceAgent )
Cloud Dataflow Service Agent ( roles/ dataflow.serviceAgent )
Dataproc Service Agent ( roles/ dataproc.serviceAgent )
Genomics Service Agent ( roles/ genomics.serviceAgent )
Cloud Life Sciences Service Agent ( roles/ lifesciences.serviceAgent )
AI Platform Notebooks Service Agent ( roles/ notebooks.serviceAgent )
Google Batch Service Agent ( roles/ batch.serviceAgent )

`backupdr.trial.get`

Owner ( roles/ owner )

Editor ( roles/ editor )

Viewer ( roles/ viewer )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and DR User ( roles/ backupdr.user )

Backup and DR User V2 ( roles/ backupdr.userv2 )

Backup and DR Viewer ( roles/ backupdr.viewer )

Support User ( roles/ iam.supportUser )

`backupdr.trial.subscribe`

Owner ( roles/ owner )

Editor ( roles/ editor )

Backup and DR Admin ( roles/ backupdr.admin )

Backup and Disaster Recovery roles and permissions