Console
    Contact Us Start free

    Serverless VPC Access roles and permissions

    This page lists the IAM roles and permissions for Serverless VPC Access. To search through all roles and permissions, see the role and permission index .

    Serverless VPC Access roles

    Role
    Permissions

    ( roles/ vpcaccess.admin )

    Full access to all Serverless VPC Access resources

    resourcemanager.projects.get

    resourcemanager.projects.list

    vpcaccess.*

    • vpcaccess.connectors.create
    • vpcaccess.connectors.delete
    • vpcaccess.connectors.get
    • vpcaccess.connectors.list
    • vpcaccess.connectors.update
    • vpcaccess.connectors.use
    • vpcaccess.locations.list
    • vpcaccess.operations.get
    • vpcaccess.operations.list

    ( roles/ vpcaccess.serviceAgent )

    Can create and manage resources to support serverless application to connect to virtual private cloud.

    billing.accounts.get

    compute.autoscalers.*

    • compute.autoscalers.create
    • compute.autoscalers.delete
    • compute.autoscalers.get
    • compute.autoscalers.list
    • compute.autoscalers.update

    compute.disks.create

    compute.firewalls.create

    compute.firewalls.delete

    compute.firewalls.get

    compute.firewalls.list

    compute.firewalls.update

    compute.healthChecks.create

    compute.healthChecks.delete

    compute.healthChecks.get

    compute.healthChecks.list

    compute.healthChecks.update

    compute.healthChecks.use

    compute. healthChecks. useReadOnly

    compute. httpHealthChecks. create

    compute. httpHealthChecks. delete

    compute.httpHealthChecks.get

    compute.httpHealthChecks.list

    compute.httpHealthChecks.use

    compute. httpHealthChecks. useReadOnly

    compute. httpsHealthChecks. create

    compute. httpsHealthChecks. delete

    compute.httpsHealthChecks.get

    compute. httpsHealthChecks. update

    compute.httpsHealthChecks.use

    compute. httpsHealthChecks. useReadOnly

    compute.images.get

    compute.images.useReadOnly

    compute. instanceGroupManagers. create

    compute. instanceGroupManagers. delete

    compute. instanceGroupManagers. get

    compute. instanceGroupManagers. update

    compute. instanceGroupManagers. use

    compute.instanceGroups.create

    compute.instanceGroups.delete

    compute.instanceGroups.get

    compute.instanceGroups.update

    compute. instanceTemplates. create

    compute. instanceTemplates. delete

    compute.instanceTemplates.get

    compute. instanceTemplates. useReadOnly

    compute.instances.create

    compute.instances.delete

    compute.instances.get

    compute. instances. getGuestAttributes

    compute.instances.list

    compute.instances.reset

    compute.instances.setLabels

    compute.instances.setMetadata

    compute.instances.setTags

    compute.instances.start

    compute.instances.stop

    compute.instances.use

    compute.machineTypes.get

    compute.networks.get

    compute.networks.use

    compute.projects.get

    compute. projects. setCommonInstanceMetadata

    compute.regionOperations.get

    compute.regionOperations.list

    compute.regions.*

    • compute.regions.get
    • compute.regions.list

    compute.subnetworks.create

    compute.subnetworks.delete

    compute.subnetworks.get

    compute.subnetworks.list

    compute.subnetworks.use

    compute.zoneOperations.get

    compute.zoneOperations.list

    compute.zones.*

    • compute.zones.get
    • compute.zones.list

    deploymentmanager. compositeTypes. get

    deploymentmanager. deployments. create

    deploymentmanager. deployments. delete

    deploymentmanager. deployments. get

    deploymentmanager. deployments. list

    deploymentmanager. deployments. update

    deploymentmanager.manifests.*

    • deploymentmanager. manifests. get
    • deploymentmanager. manifests. list

    deploymentmanager.operations.*

    • deploymentmanager. operations. get
    • deploymentmanager. operations. list

    deploymentmanager. typeProviders. create

    deploymentmanager. typeProviders. get

    logging.logEntries.create

    logging.logMetrics.create

    logging.logMetrics.delete

    logging.logMetrics.get

    logging.logMetrics.update

    resourcemanager.projects.get

    ( roles/ vpcaccess.user )

    User of Serverless VPC Access connectors

    compute.networks.access

    resourcemanager.projects.get

    resourcemanager.projects.list

    vpcaccess.connectors.get

    vpcaccess.connectors.list

    vpcaccess.connectors.use

    vpcaccess.locations.list

    vpcaccess.operations.*

    • vpcaccess.operations.get
    • vpcaccess.operations.list

    ( roles/ vpcaccess.viewer )

    Viewer of all Serverless VPC Access resources

    resourcemanager.projects.get

    resourcemanager.projects.list

    vpcaccess.connectors.get

    vpcaccess.connectors.list

    vpcaccess.locations.list

    vpcaccess.operations.*

    • vpcaccess.operations.get
    • vpcaccess.operations.list

    Serverless VPC Access permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Support User ( roles/ iam.supportUser )

    Cloud Run Service Agent ( roles/ serverless.serviceAgent )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Serverless VPC Access User ( roles/ vpcaccess.user )

    Serverless VPC Access Viewer ( roles/ vpcaccess.viewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Serverless VPC Access User ( roles/ vpcaccess.user )

    Serverless VPC Access Viewer ( roles/ vpcaccess.viewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Support User ( roles/ iam.supportUser )

    Cloud Run Service Agent ( roles/ serverless.serviceAgent )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Serverless VPC Access User ( roles/ vpcaccess.user )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Serverless VPC Access User ( roles/ vpcaccess.user )

    Serverless VPC Access Viewer ( roles/ vpcaccess.viewer )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Support User ( roles/ iam.supportUser )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Serverless VPC Access User ( roles/ vpcaccess.user )

    Serverless VPC Access Viewer ( roles/ vpcaccess.viewer )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Serverless VPC Access Admin ( roles/ vpcaccess.admin )

    Serverless VPC Access User ( roles/ vpcaccess.user )

    Serverless VPC Access Viewer ( roles/ vpcaccess.viewer )
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: