Console
    Contact Us Start free

    Roles and permissions

    This page describes the Identity and Access Management (IAM) roles and permissions needed for setting up a Secure Web Proxy instance.

    You can grant users or service accounts permissions or a predefined role, or you can create a custom role that uses permissions that you specify. The following table describes the IAM predefined roles and their associated permissions.

    For more information, see the IAM permissions reference .

    Description
    Role
    Permissions (methods)
    Provision and manage a Secure Web Proxy instance

    Create a custom role with the specified permissions. For information about creating a custom role, see Create a custom role.

    • certificatemanager.certs.get
    • certificatemanager.certs.list
    • certificatemanager.certs.use
    • compute.addresses.create
    • compute.addresses.createInternal
    • compute.addresses.list
    • compute.instances.update
    • compute.networks.get
    • compute.networks.list
    • compute.projects.get
    • compute.projects.get
    • compute.regionOperations.get
    • compute.routers.create
    • compute.routers.delete
    • compute.routers.get
    • compute.routers.list
    • compute.routers.update
    • compute.subnetworks.get
    • compute.subnetworks.list
    • networksecurity.gatewaySecurityPolicies.get
    • networksecurity.gatewaySecurityPolicies.list
    • networksecurity.gatewaySecurityPolicies.use
    • networksecurity.gatewaySecurityPolicyRules.get
    • networksecurity.gatewaySecurityPolicyRules.list
    • networksecurity.locations.list
    • networksecurity.urlLists.get
    • networksecurity.urlLists.list
    • networksecurity.urlLists.use
    • networkservices.gateways.create
    • networkservices.gateways.delete
    • networkservices.gateways.get
    • networkservices.gateways.list
    • networkservices.gateways.update
    • networkservices.gateways.use
    • networkservices.locations.list
    • networkservices.operations.get
    • networkservices.operations.list
    • resourcemanager.projects.get
    • resourcemanager.projects.list
    • serviceusage.quotas.get
    • serviceusage.services.get
    • serviceusage.services.list
    View, create, update, list, and delete Secure Web Proxy policies

    Create a custom role with the specified permissions. For information about creating a custom role, see Create a custom role.

    • networksecurity.gatewaySecurityPolicies.create
    • networksecurity.gatewaySecurityPolicies.delete
    • networksecurity.gatewaySecurityPolicies.get
    • networksecurity.gatewaySecurityPolicies.list
    • networksecurity.gatewaySecurityPolicies.update
    • networksecurity.gatewaySecurityPolicyRules.create
    • networksecurity.gatewaySecurityPolicyRules.delete
    • networksecurity.gatewaySecurityPolicyRules.get
    • networksecurity.gatewaySecurityPolicyRules.list
    • networksecurity.gatewaySecurityPolicyRules.update
    • networksecurity.operations.get
    • networksecurity.tlsInspectionPolicies.create
    • networksecurity.tlsInspectionPolicies.delete
    • networksecurity.tlsInspectionPolicies.get
    • networksecurity.tlsInspectionPolicies.list
    • networksecurity.tlsInspectionPolicies.update
    • networksecurity.tlsInspectionPolicies.use
    • networksecurity.urlLists.create
    • networksecurity.urlLists.delete
    • networksecurity.urlLists.get
    • networksecurity.urlLists.list
    • networksecurity.urlLists.update
    • networksecurity.urlLists.use

    For more information about project roles and permissions, see the following:

    What's next
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: