Console
    Contact Us Start free

    Cloud Deployment Manager roles and permissions

    This page lists the IAM roles and permissions for Cloud Deployment Manager. To search through all roles and permissions, see the role and permission index .

    Cloud Deployment Manager roles

    Role
    Permissions

    ( roles/ clouddeploymentmanager.serviceAgent )

    Allows Deployment Manager service to actuate resources across DM projects and folders

    accesscontextmanager. accessLevels. create

    accesscontextmanager. accessLevels. delete

    accesscontextmanager. accessLevels. get

    accesscontextmanager. accessLevels. update

    accesscontextmanager. policies. list

    accesscontextmanager. servicePerimeters. create

    accesscontextmanager. servicePerimeters. delete

    accesscontextmanager. servicePerimeters. get

    accesscontextmanager. servicePerimeters. update

    appengine.applications.get

    appengine.operations.get

    appengine.services.update

    appengine.versions.create

    appengine.versions.delete

    appengine.versions.get

    appengine.versions.list

    artifactregistry. repositories. create

    artifactregistry. repositories. delete

    artifactregistry. repositories. get

    artifactregistry. repositories. update

    bigquery.connections.get

    bigquery.datasets.create

    bigquery.datasets.delete

    bigquery.datasets.get

    bigquery.datasets.getIamPolicy

    bigquery.datasets.update

    bigquery.jobs.create

    bigquery.routines.create

    bigquery.routines.get

    bigquery.routines.update

    bigquery.tables.create

    bigquery.tables.delete

    bigquery.tables.get

    bigquery.tables.getData

    bigquery.tables.setCategory

    bigquery.tables.update

    bigquery.tables.updateData

    bigtable.instances.create

    bigtable.instances.delete

    bigtable.instances.get

    bigtable.instances.update

    bigtable.tables.create

    bigtable.tables.delete

    bigtable.tables.get

    bigtable.tables.update

    billing. resourceAssociations. create

    billing.resourcebudgets.write

    cloudbuild.builds.create

    cloudbuild.builds.get

    cloudfunctions.functions.call

    cloudfunctions. functions. create

    cloudfunctions. functions. delete

    cloudfunctions.functions.get

    cloudfunctions. functions. getIamPolicy

    cloudfunctions.functions.list

    cloudfunctions. functions. update

    cloudfunctions.operations.get

    cloudprivatecatalog. targets. get

    cloudscheduler.jobs.create

    cloudscheduler.jobs.delete

    cloudscheduler.jobs.get

    cloudscheduler.jobs.update

    cloudsql.backupRuns.create

    cloudsql.databases.*

    • cloudsql.databases.create
    • cloudsql.databases.delete
    • cloudsql.databases.get
    • cloudsql.databases.list
    • cloudsql.databases.update

    cloudsql.instances.create

    cloudsql.instances.delete

    cloudsql.instances.get

    cloudsql.instances.import

    cloudsql.instances.restart

    cloudsql.instances.update

    cloudsql.sslCerts.create

    cloudsql.sslCerts.delete

    cloudsql.sslCerts.get

    cloudsql.users.create

    cloudsql.users.delete

    cloudtasks.queues.create

    cloudtasks.queues.delete

    cloudtasks.queues.get

    compute.addresses.create

    compute. addresses. createInternal

    compute.addresses.delete

    compute. addresses. deleteInternal

    compute.addresses.get

    compute.addresses.list

    compute.addresses.setLabels

    compute.addresses.use

    compute.addresses.useInternal

    compute.autoscalers.create

    compute.autoscalers.delete

    compute.autoscalers.get

    compute.autoscalers.update

    compute.backendBuckets.create

    compute.backendBuckets.delete

    compute.backendBuckets.get

    compute.backendBuckets.update

    compute.backendBuckets.use

    compute.backendServices.create

    compute.backendServices.delete

    compute.backendServices.get

    compute. backendServices. setSecurityPolicy

    compute.backendServices.update

    compute.backendServices.use

    compute. disks. addResourcePolicies

    compute.disks.create

    compute.disks.delete

    compute.disks.get

    compute. disks. removeResourcePolicies

    compute.disks.resize

    compute.disks.setLabels

    compute.disks.update

    compute.disks.use

    compute.disks.useReadOnly

    compute. externalVpnGateways. create

    compute. externalVpnGateways. delete

    compute. externalVpnGateways. get

    compute. externalVpnGateways. setLabels

    compute. externalVpnGateways. use

    compute. firewallPolicies. create

    compute. firewallPolicies. delete

    compute.firewallPolicies.get

    compute.firewalls.create

    compute.firewalls.delete

    compute.firewalls.get

    compute.firewalls.list

    compute.firewalls.update

    compute.forwardingRules.create

    compute.forwardingRules.delete

    compute.forwardingRules.get

    compute. forwardingRules. pscCreate

    compute. forwardingRules. pscSetLabels

    compute. forwardingRules. setLabels

    compute. forwardingRules. setTarget

    compute.forwardingRules.update

    compute.forwardingRules.use

    compute.globalAddresses.create

    compute. globalAddresses. createInternal

    compute.globalAddresses.delete

    compute. globalAddresses. deleteInternal

    compute.globalAddresses.get

    compute. globalAddresses. setLabels

    compute.globalAddresses.use

    compute. globalForwardingRules. create

    compute. globalForwardingRules. delete

    compute. globalForwardingRules. get

    compute. globalForwardingRules. pscCreate

    compute. globalForwardingRules. pscDelete

    compute. globalForwardingRules. pscSetLabels

    compute. globalForwardingRules. setLabels

    compute. globalNetworkEndpointGroups. attachNetworkEndpoints

    compute. globalNetworkEndpointGroups. create

    compute. globalNetworkEndpointGroups. delete

    compute. globalNetworkEndpointGroups. get

    compute. globalNetworkEndpointGroups. use

    compute.globalOperations.get

    compute.healthChecks.create

    compute.healthChecks.delete

    compute.healthChecks.get

    compute.healthChecks.update

    compute.healthChecks.use

    compute. healthChecks. useReadOnly

    compute. httpHealthChecks. create

    compute. httpHealthChecks. delete

    compute.httpHealthChecks.get

    compute. httpHealthChecks. update

    compute.httpHealthChecks.use

    compute. httpHealthChecks. useReadOnly

    compute. httpsHealthChecks. create

    compute. httpsHealthChecks. delete

    compute.httpsHealthChecks.get

    compute. httpsHealthChecks. update

    compute.httpsHealthChecks.use

    compute. httpsHealthChecks. useReadOnly

    compute.images.create

    compute.images.delete

    compute.images.deprecate

    compute.images.get

    compute.images.setLabels

    compute.images.useReadOnly

    compute. instanceGroupManagers. create

    compute. instanceGroupManagers. delete

    compute. instanceGroupManagers. get

    compute. instanceGroupManagers. update

    compute. instanceGroupManagers. use

    compute.instanceGroups.create

    compute.instanceGroups.delete

    compute.instanceGroups.get

    compute.instanceGroups.update

    compute.instanceGroups.use

    compute. instanceTemplates. create

    compute. instanceTemplates. delete

    compute.instanceTemplates.get

    compute. instanceTemplates. useReadOnly

    compute. instances. addAccessConfig

    compute.instances.create

    compute.instances.delete

    compute. instances. deleteAccessConfig

    compute.instances.get

    compute. instances. listTagBindings

    compute.instances.resume

    compute. instances. setDeletionProtection

    compute. instances. setDiskAutoDelete

    compute.instances.setLabels

    compute.instances.setMetadata

    compute. instances. setServiceAccount

    compute.instances.setTags

    compute.instances.start

    compute.instances.stop

    compute.instances.suspend

    compute.instances.update

    compute. instances. updateDisplayDevice

    compute.instances.use

    compute. interconnectAttachments. create

    compute. interconnectAttachments. delete

    compute. interconnectAttachments. get

    compute. interconnectAttachments. setLabels

    compute. interconnectAttachments. update

    compute.interconnects.create

    compute.interconnects.delete

    compute.interconnects.get

    compute. interconnects. setLabels

    compute.interconnects.use

    compute. machineImages. useReadOnly

    compute.machineTypes.get

    compute. networkEndpointGroups. attachNetworkEndpoints

    compute. networkEndpointGroups. create

    compute. networkEndpointGroups. delete

    compute. networkEndpointGroups. get

    compute. networkEndpointGroups. use

    compute.networks.addPeering

    compute.networks.create

    compute.networks.delete

    compute.networks.get

    compute. networks. listPeeringRoutes

    compute.networks.removePeering

    compute. networks. switchToCustomMode

    compute.networks.update

    compute.networks.updatePolicy

    compute.networks.use

    compute.networks.useExternalIp

    compute. organizations. disableXpnResource

    compute. organizations. enableXpnHost

    compute. organizations. enableXpnResource

    compute. packetMirrorings. create

    compute. packetMirrorings. delete

    compute.packetMirrorings.get

    compute.projects.get

    compute. projects. setUsageExportBucket

    compute. regionBackendServices. create

    compute. regionBackendServices. delete

    compute. regionBackendServices. get

    compute. regionBackendServices. update

    compute. regionBackendServices. use

    compute. regionHealthChecks. create

    compute. regionHealthChecks. delete

    compute.regionHealthChecks.get

    compute. regionHealthChecks. update

    compute.regionHealthChecks.use

    compute. regionHealthChecks. useReadOnly

    compute. regionNetworkEndpointGroups. create

    compute. regionNetworkEndpointGroups. delete

    compute. regionNetworkEndpointGroups. get

    compute. regionNetworkEndpointGroups. use

    compute.regionOperations.get

    compute. regionSslCertificates. create

    compute. regionSslCertificates. delete

    compute. regionSslCertificates. get

    compute. regionTargetHttpProxies. create

    compute. regionTargetHttpProxies. delete

    compute. regionTargetHttpProxies. get

    compute. regionTargetHttpProxies. use

    compute. regionTargetHttpsProxies. create

    compute. regionTargetHttpsProxies. delete

    compute. regionTargetHttpsProxies. get

    compute. regionTargetHttpsProxies. use

    compute.regionUrlMaps.create

    compute.regionUrlMaps.delete

    compute.regionUrlMaps.get

    compute.regionUrlMaps.use

    compute.regions.get

    compute.reservations.list

    compute. resourcePolicies. create

    compute. resourcePolicies. delete

    compute.resourcePolicies.get

    compute.resourcePolicies.use

    compute.routers.create

    compute.routers.delete

    compute.routers.get

    compute.routers.update

    compute.routers.use

    compute.routes.create

    compute.routes.delete

    compute.routes.get

    compute. securityPolicies. create

    compute. securityPolicies. delete

    compute.securityPolicies.get

    compute. securityPolicies. setLabels

    compute. securityPolicies. update

    compute.securityPolicies.use

    compute. serviceAttachments. create

    compute.serviceAttachments.get

    compute.snapshots.useReadOnly

    compute.sslCertificates.create

    compute.sslCertificates.delete

    compute.sslCertificates.get

    compute.sslPolicies.create

    compute.sslPolicies.delete

    compute.sslPolicies.get

    compute.sslPolicies.use

    compute.subnetworks.create

    compute.subnetworks.delete

    compute. subnetworks. expandIpCidrRange

    compute.subnetworks.get

    compute.subnetworks.list

    compute.subnetworks.mirror

    compute.subnetworks.update

    compute.subnetworks.use

    compute. subnetworks. useExternalIp

    compute. targetHttpProxies. create

    compute. targetHttpProxies. delete

    compute.targetHttpProxies.get

    compute.targetHttpProxies.use

    compute. targetHttpsProxies. create

    compute. targetHttpsProxies. delete

    compute.targetHttpsProxies.get

    compute. targetHttpsProxies. setSslCertificates

    compute. targetHttpsProxies. setSslPolicy

    compute.targetHttpsProxies.use

    compute.targetInstances.create

    compute.targetInstances.delete

    compute.targetInstances.get

    compute.targetInstances.use

    compute. targetPools. addHealthCheck

    compute. targetPools. addInstance

    compute.targetPools.create

    compute.targetPools.delete

    compute.targetPools.get

    compute. targetPools. removeHealthCheck

    compute. targetPools. removeInstance

    compute.targetPools.use

    compute. targetSslProxies. create

    compute. targetSslProxies. delete

    compute.targetSslProxies.get

    compute. targetSslProxies. setSslCertificates

    compute.targetSslProxies.use

    compute. targetTcpProxies. create

    compute. targetTcpProxies. delete

    compute.targetTcpProxies.get

    compute.targetTcpProxies.use

    compute. targetVpnGateways. create

    compute. targetVpnGateways. delete

    compute.targetVpnGateways.get

    compute. targetVpnGateways. setLabels

    compute.targetVpnGateways.use

    compute.urlMaps.create

    compute.urlMaps.delete

    compute.urlMaps.get

    compute.urlMaps.update

    compute.urlMaps.use

    compute.vpnGateways.create

    compute.vpnGateways.delete

    compute.vpnGateways.get

    compute.vpnGateways.setLabels

    compute.vpnGateways.use

    compute.vpnTunnels.create

    compute.vpnTunnels.delete

    compute.vpnTunnels.get

    compute.vpnTunnels.setLabels

    compute.zoneOperations.get

    compute.zoneOperations.list

    compute.zones.get

    container. backendConfigs. create

    container. backendConfigs. delete

    container.backendConfigs.get

    container. clusterRoleBindings. create

    container. clusterRoleBindings. delete

    container. clusterRoleBindings. get

    container.clusterRoles.bind

    container.clusterRoles.create

    container.clusterRoles.delete

    container. clusterRoles. escalate

    container.clusterRoles.get

    container.clusters.create

    container.clusters.delete

    container.clusters.get

    container. clusters. getCredentials

    container.clusters.update

    container.configMaps.create

    container.configMaps.delete

    container.configMaps.get

    container.configMaps.update

    container.cronJobs.create

    container.cronJobs.delete

    container.cronJobs.get

    container.cronJobs.update

    container.daemonSets.create

    container.daemonSets.delete

    container.daemonSets.get

    container.daemonSets.update

    container.deployments.create

    container.deployments.delete

    container.deployments.get

    container.deployments.update

    container. frontendConfigs. create

    container. frontendConfigs. delete

    container.frontendConfigs.get

    container. horizontalPodAutoscalers. create

    container. horizontalPodAutoscalers. delete

    container. horizontalPodAutoscalers. get

    container.ingresses.create

    container.ingresses.delete

    container.ingresses.get

    container.jobs.create

    container.jobs.delete

    container.jobs.get

    container. managedCertificates. create

    container. managedCertificates. delete

    container. managedCertificates. get

    container. mutatingWebhookConfigurations. delete

    container. mutatingWebhookConfigurations. get

    container.namespaces.create

    container.namespaces.delete

    container.namespaces.get

    container. networkPolicies. create

    container. networkPolicies. delete

    container.networkPolicies.get

    container.operations.get

    container. podDisruptionBudgets. create

    container. podDisruptionBudgets. delete

    container. podDisruptionBudgets. get

    container. podSecurityPolicies. delete

    container. podSecurityPolicies. get

    container. priorityClasses. create

    container. priorityClasses. delete

    container.priorityClasses.get

    container. replicationControllers. create

    container. replicationControllers. delete

    container. replicationControllers. get

    container.roleBindings.create

    container.roleBindings.delete

    container.roleBindings.get

    container.roles.bind

    container.roles.create

    container.roles.delete

    container.roles.escalate

    container.roles.get

    container.roles.update

    container.secrets.create

    container.secrets.delete

    container.secrets.get

    container.secrets.update

    container. serviceAccounts. create

    container. serviceAccounts. delete

    container.serviceAccounts.get

    container. serviceAccounts. update

    container.services.create

    container.services.delete

    container.services.get

    container.statefulSets.create

    container.statefulSets.delete

    container.statefulSets.get

    container.statefulSets.update

    container. storageClasses. create

    container. storageClasses. delete

    container.storageClasses.get

    container. thirdPartyObjects. create

    container. thirdPartyObjects. delete

    container. thirdPartyObjects. get

    container. thirdPartyObjects. update

    container. validatingWebhookConfigurations. delete

    container. validatingWebhookConfigurations. get

    datacatalog.taxonomies.get

    dataproc. autoscalingPolicies. create

    dataproc. autoscalingPolicies. delete

    dataproc. autoscalingPolicies. get

    dataproc. autoscalingPolicies. use

    dataproc.clusters.create

    dataproc.clusters.delete

    dataproc.clusters.get

    dataproc.nodeGroups.create

    dataproc.operations.get

    dataproc. workflowTemplates. create

    dataproc. workflowTemplates. delete

    dataproc.workflowTemplates.get

    deploymentmanager. compositeTypes. get

    deploymentmanager. deployments. create

    deploymentmanager. deployments. delete

    deploymentmanager. deployments. get

    deploymentmanager. deployments. update

    deploymentmanager. operations. get

    deploymentmanager. typeProviders. create

    deploymentmanager. typeProviders. delete

    deploymentmanager. typeProviders. get

    deploymentmanager. typeProviders. update

    dns.changes.*

    • dns.changes.create
    • dns.changes.get
    • dns.changes.list

    dns.managedZones.create

    dns.managedZones.delete

    dns.managedZones.get

    dns.managedZones.list

    dns.managedZones.update

    dns. networks. bindPrivateDNSZone

    dns. networks. targetWithPeeringZone

    dns.policies.delete

    dns.policies.get

    dns.resourceRecordSets.create

    dns.resourceRecordSets.delete

    dns.resourceRecordSets.list

    dns.resourceRecordSets.update

    file.instances.create

    file.instances.delete

    file.instances.get

    file.instances.update

    file.operations.get

    firebase.projects.get

    firebase.projects.update

    firebaseanalytics. resources. googleAnalyticsEdit

    iam.roles.create

    iam.roles.delete

    iam.roles.get

    iam.roles.list

    iam.roles.update

    iam.serviceAccountKeys.delete

    iam.serviceAccountKeys.get

    iam.serviceAccounts.actAs

    iam.serviceAccounts.create

    iam.serviceAccounts.delete

    iam.serviceAccounts.get

    iam.serviceAccounts.list

    iam.serviceAccounts.update

    logging.buckets.update

    logging.exclusions.create

    logging.exclusions.delete

    logging.exclusions.get

    logging.exclusions.update

    logging.logEntries.create

    logging.logMetrics.create

    logging.logMetrics.delete

    logging.logMetrics.get

    logging.logMetrics.update

    logging. notificationRules. create

    logging.sinks.create

    logging.sinks.delete

    logging.sinks.get

    logging.sinks.update

    monitoring. alertPolicies. create

    monitoring. alertPolicies. delete

    monitoring.alertPolicies.get

    monitoring.alertPolicies.list

    monitoring. alertPolicies. update

    monitoring.dashboards.create

    monitoring.dashboards.delete

    monitoring.dashboards.get

    monitoring.dashboards.update

    monitoring.groups.create

    monitoring.groups.delete

    monitoring.groups.get

    monitoring.groups.update

    monitoring. metricDescriptors. create

    monitoring. metricDescriptors. delete

    monitoring. metricDescriptors. get

    monitoring. notificationChannels. create

    monitoring. notificationChannels. delete

    monitoring. notificationChannels. get

    monitoring. notificationChannels. update

    monitoring. uptimeCheckConfigs. create

    monitoring. uptimeCheckConfigs. delete

    monitoring. uptimeCheckConfigs. get

    monitoring. uptimeCheckConfigs. update

    networksecurity. serverTlsPolicies. use

    pubsub.schemas.attach

    pubsub.subscriptions.create

    pubsub.subscriptions.delete

    pubsub.subscriptions.get

    pubsub.subscriptions.update

    pubsub. topics. attachSubscription

    pubsub.topics.create

    pubsub.topics.delete

    pubsub.topics.get

    pubsub.topics.getIamPolicy

    pubsub.topics.publish

    pubsub.topics.update

    redis.instances.create

    redis.instances.delete

    redis.instances.get

    redis.instances.update

    redis.instances.updateAuth

    redis.operations.get

    resourcemanager.folders.create

    resourcemanager.folders.delete

    resourcemanager.folders.get

    resourcemanager. folders. getIamPolicy

    resourcemanager.folders.list

    resourcemanager.folders.update

    resourcemanager. organizations. getIamPolicy

    resourcemanager. projects. create

    resourcemanager. projects. createBillingAssignment

    resourcemanager. projects. delete

    resourcemanager. projects. deleteBillingAssignment

    resourcemanager.projects.get

    resourcemanager. projects. getIamPolicy

    resourcemanager.projects.list

    resourcemanager.projects.move

    resourcemanager. projects. update

    resourcemanager. projects. updateLiens

    resourcemanager. tagHolds. create

    resourcemanager. tagHolds. delete

    resourcemanager. tagValueBindings.*

    • resourcemanager. tagValueBindings. create
    • resourcemanager. tagValueBindings. delete

    resourcemanager.tagValues.get

    runtimeconfig.configs.create

    runtimeconfig.configs.delete

    runtimeconfig.configs.get

    runtimeconfig.configs.list

    runtimeconfig.configs.update

    runtimeconfig.variables.create

    runtimeconfig.variables.delete

    runtimeconfig.variables.get

    runtimeconfig.variables.list

    runtimeconfig.variables.update

    runtimeconfig.waiters.create

    runtimeconfig.waiters.delete

    runtimeconfig.waiters.get

    runtimeconfig.waiters.list

    servicedirectory. namespaces. associatePrivateZone

    servicedirectory. namespaces. create

    servicedirectory. namespaces. delete

    servicedirectory. services. create

    servicemanagement. services. bind

    servicenetworking. operations. get

    servicenetworking. services. addPeering

    servicenetworking.services.get

    serviceusage.operations.get

    serviceusage.services.disable

    serviceusage.services.enable

    serviceusage.services.get

    serviceusage.services.use

    source.repos.create

    spanner.databaseOperations.get

    spanner.databases.create

    spanner.databases.drop

    spanner.databases.get

    spanner.databases.updateDdl

    spanner.instanceOperations.get

    spanner.instances.create

    spanner.instances.delete

    spanner.instances.get

    spanner.instances.update

    storage.buckets.create

    storage.buckets.delete

    storage.buckets.get

    storage.buckets.getIamPolicy

    storage.buckets.update

    storage.hmacKeys.create

    storage.objects.create

    storage.objects.delete

    storage.objects.get

    storage.objects.getIamPolicy

    storage.objects.list

    vpcaccess.connectors.create

    vpcaccess.connectors.delete

    vpcaccess.operations.get

    workflows.operations.get

    workflows.workflows.create

    workflows.workflows.delete

    workflows.workflows.get

    ( roles/ deploymentmanager.editor )

    Provides the permissions necessary to create and manage deployments.

    Lowest-level resources where you can grant this role:

    • Project

    deploymentmanager. compositeTypes.*

    • deploymentmanager. compositeTypes. create
    • deploymentmanager. compositeTypes. delete
    • deploymentmanager. compositeTypes. get
    • deploymentmanager. compositeTypes. list
    • deploymentmanager. compositeTypes. update

    deploymentmanager. deployments. cancelPreview

    deploymentmanager. deployments. create

    deploymentmanager. deployments. delete

    deploymentmanager. deployments. get

    deploymentmanager. deployments. list

    deploymentmanager. deployments. stop

    deploymentmanager. deployments. update

    deploymentmanager.manifests.*

    • deploymentmanager. manifests. get
    • deploymentmanager. manifests. list

    deploymentmanager.operations.*

    • deploymentmanager. operations. get
    • deploymentmanager. operations. list

    deploymentmanager.resources.*

    • deploymentmanager. resources. get
    • deploymentmanager. resources. list

    deploymentmanager. typeProviders.*

    • deploymentmanager. typeProviders. create
    • deploymentmanager. typeProviders. delete
    • deploymentmanager. typeProviders. get
    • deploymentmanager. typeProviders. getType
    • deploymentmanager. typeProviders. list
    • deploymentmanager. typeProviders. listTypes
    • deploymentmanager. typeProviders. update

    deploymentmanager.types.*

    • deploymentmanager.types.create
    • deploymentmanager.types.delete
    • deploymentmanager.types.get
    • deploymentmanager.types.list
    • deploymentmanager.types.update

    resourcemanager.projects.get

    resourcemanager.projects.list

    serviceusage.quotas.get

    serviceusage.services.get

    serviceusage.services.list

    ( roles/ deploymentmanager.typeEditor )

    Provides read and write access to all Type Registry resources.

    Lowest-level resources where you can grant this role:

    • Project

    deploymentmanager. compositeTypes.*

    • deploymentmanager. compositeTypes. create
    • deploymentmanager. compositeTypes. delete
    • deploymentmanager. compositeTypes. get
    • deploymentmanager. compositeTypes. list
    • deploymentmanager. compositeTypes. update

    deploymentmanager. operations. get

    deploymentmanager. typeProviders.*

    • deploymentmanager. typeProviders. create
    • deploymentmanager. typeProviders. delete
    • deploymentmanager. typeProviders. get
    • deploymentmanager. typeProviders. getType
    • deploymentmanager. typeProviders. list
    • deploymentmanager. typeProviders. listTypes
    • deploymentmanager. typeProviders. update

    deploymentmanager.types.*

    • deploymentmanager.types.create
    • deploymentmanager.types.delete
    • deploymentmanager.types.get
    • deploymentmanager.types.list
    • deploymentmanager.types.update

    resourcemanager.projects.get

    resourcemanager.projects.list

    serviceusage.quotas.get

    serviceusage.services.get

    ( roles/ deploymentmanager.typeViewer )

    Provides read-only access to all Type Registry resources.

    Lowest-level resources where you can grant this role:

    • Project

    deploymentmanager. compositeTypes. get

    deploymentmanager. compositeTypes. list

    deploymentmanager. typeProviders. get

    deploymentmanager. typeProviders. getType

    deploymentmanager. typeProviders. list

    deploymentmanager. typeProviders. listTypes

    deploymentmanager.types.get

    deploymentmanager.types.list

    resourcemanager.projects.get

    resourcemanager.projects.list

    serviceusage.quotas.get

    serviceusage.services.get

    ( roles/ deploymentmanager.viewer )

    Provides read-only access to all Deployment Manager-related resources.

    Lowest-level resources where you can grant this role:

    • Project

    deploymentmanager. compositeTypes. get

    deploymentmanager. compositeTypes. list

    deploymentmanager. deployments. get

    deploymentmanager. deployments. list

    deploymentmanager.manifests.*

    • deploymentmanager. manifests. get
    • deploymentmanager. manifests. list

    deploymentmanager.operations.*

    • deploymentmanager. operations. get
    • deploymentmanager. operations. list

    deploymentmanager.resources.*

    • deploymentmanager. resources. get
    • deploymentmanager. resources. list

    deploymentmanager. typeProviders. get

    deploymentmanager. typeProviders. getType

    deploymentmanager. typeProviders. list

    deploymentmanager. typeProviders. listTypes

    deploymentmanager.types.get

    deploymentmanager.types.list

    resourcemanager.projects.get

    resourcemanager.projects.list

    serviceusage.quotas.get

    serviceusage.services.get

    serviceusage.services.list

    Cloud Deployment Manager permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Security Admin ( roles/ iam.securityAdmin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Deployment Manager Type Viewer ( roles/ deploymentmanager.typeViewer )

    Deployment Manager Viewer ( roles/ deploymentmanager.viewer )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Deployment Manager Editor ( roles/ deploymentmanager.editor )

    Deployment Manager Type Editor ( roles/ deploymentmanager.typeEditor )

    Firebase Extensions API Service Agent ( roles/ firebasemods.serviceAgent )

    Service agent roles

    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: