Dataplex Universal Catalog roles and permissions

This page lists the IAM roles and permissions for Dataplex Universal Catalog. Tosearch through all roles and permissions, see therole andpermission index.

Dataplex Universal Catalog roles

Role Permissions

Role	Permissions
Dataplex Administrator (`roles/dataplex.admin`) Full access to Dataplex Universal Catalog resources, except for catalog resources like entries and entry groups.	`cloudasset.assets.analyzeIamPolicy` `cloudasset.assets.searchAllIamPolicies` `cloudasset.assets.searchAllResources` `dataplex.assetActions.list` `dataplex.assets.create` `dataplex.assets.delete` `dataplex.assets.get` `dataplex.assets.getIamPolicy` `dataplex.assets.list` `dataplex.assets.setIamPolicy` `dataplex.assets.update` `dataplex.content.` `dataplex.content.create` `dataplex.content.delete` `dataplex.content.get` `dataplex.content.getIamPolicy` `dataplex.content.list` `dataplex.content.setIamPolicy` `dataplex.content.update` `dataplex.dataAssets.` `dataplex.dataAssets.create` `dataplex.dataAssets.delete` `dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataAssets.update` `dataplex.dataAttributeBindings.` `dataplex.dataAttributeBindings.create` `dataplex.dataAttributeBindings.delete` `dataplex.dataAttributeBindings.get` `dataplex.dataAttributeBindings.getIamPolicy` `dataplex.dataAttributeBindings.list` `dataplex.dataAttributeBindings.setIamPolicy` `dataplex.dataAttributeBindings.update` `dataplex.dataAttributes.` `dataplex.dataAttributes.bind` `dataplex.dataAttributes.create` `dataplex.dataAttributes.delete` `dataplex.dataAttributes.get` `dataplex.dataAttributes.getIamPolicy` `dataplex.dataAttributes.list` `dataplex.dataAttributes.setIamPolicy` `dataplex.dataAttributes.update` `dataplex.dataProducts.` `dataplex.dataProducts.create` `dataplex.dataProducts.delete` `dataplex.dataProducts.get` `dataplex.dataProducts.getIamPolicy` `dataplex.dataProducts.list` `dataplex.dataProducts.setIamPolicy` `dataplex.dataProducts.update` `dataplex.dataTaxonomies.` `dataplex.dataTaxonomies.configureDataAccess` `dataplex.dataTaxonomies.configureResourceAccess` `dataplex.dataTaxonomies.create` `dataplex.dataTaxonomies.delete` `dataplex.dataTaxonomies.get` `dataplex.dataTaxonomies.getIamPolicy` `dataplex.dataTaxonomies.list` `dataplex.dataTaxonomies.setIamPolicy` `dataplex.dataTaxonomies.update` `dataplex.datascans.` `dataplex.datascans.create` `dataplex.datascans.delete` `dataplex.datascans.get` `dataplex.datascans.getData` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list` `dataplex.datascans.run` `dataplex.datascans.setIamPolicy` `dataplex.datascans.update` `dataplex.entities.` `dataplex.entities.create` `dataplex.entities.delete` `dataplex.entities.get` `dataplex.entities.list` `dataplex.entities.update` `dataplex.entries.link` `dataplex.entryGroups.export` `dataplex.entryGroups.import` `dataplex.entryGroups.useDefinitionEntryLink` `dataplex.entryGroups.useRelatedEntryLink` `dataplex.entryGroups.useSynonymEntryLink` `dataplex.entryLinks.` `dataplex.entryLinks.create` `dataplex.entryLinks.delete` `dataplex.entryLinks.get` `dataplex.entryLinks.reference` `dataplex.environments.` `dataplex.environments.create` `dataplex.environments.delete` `dataplex.environments.execute` `dataplex.environments.get` `dataplex.environments.getIamPolicy` `dataplex.environments.list` `dataplex.environments.setIamPolicy` `dataplex.environments.update` `dataplex.glossaries.` `dataplex.glossaries.create` `dataplex.glossaries.delete` `dataplex.glossaries.get` `dataplex.glossaries.getIamPolicy` `dataplex.glossaries.import` `dataplex.glossaries.list` `dataplex.glossaries.setIamPolicy` `dataplex.glossaries.update` `dataplex.glossaryCategories.` `dataplex.glossaryCategories.create` `dataplex.glossaryCategories.delete` `dataplex.glossaryCategories.get` `dataplex.glossaryCategories.list` `dataplex.glossaryCategories.update` `dataplex.glossaryTerms.` `dataplex.glossaryTerms.create` `dataplex.glossaryTerms.delete` `dataplex.glossaryTerms.get` `dataplex.glossaryTerms.list` `dataplex.glossaryTerms.update` `dataplex.glossaryTerms.use` `dataplex.lakeActions.list` `dataplex.lakes.` `dataplex.lakes.create` `dataplex.lakes.delete` `dataplex.lakes.get` `dataplex.lakes.getIamPolicy` `dataplex.lakes.list` `dataplex.lakes.setIamPolicy` `dataplex.lakes.update` `dataplex.locations.` `dataplex.locations.get` `dataplex.locations.list` `dataplex.metadataJobs.` `dataplex.metadataJobs.cancel` `dataplex.metadataJobs.create` `dataplex.metadataJobs.get` `dataplex.metadataJobs.list` `dataplex.operations.` `dataplex.operations.cancel` `dataplex.operations.delete` `dataplex.operations.get` `dataplex.operations.list` `dataplex.partitions.` `dataplex.partitions.create` `dataplex.partitions.delete` `dataplex.partitions.get` `dataplex.partitions.list` `dataplex.partitions.update` `dataplex.tasks.` `dataplex.tasks.cancel` `dataplex.tasks.create` `dataplex.tasks.delete` `dataplex.tasks.get` `dataplex.tasks.getIamPolicy` `dataplex.tasks.list` `dataplex.tasks.run` `dataplex.tasks.setIamPolicy` `dataplex.tasks.update` `dataplex.zoneActions.list` `dataplex.zones.` `dataplex.zones.create` `dataplex.zones.delete` `dataplex.zones.get` `dataplex.zones.getIamPolicy` `dataplex.zones.list` `dataplex.zones.setIamPolicy` `dataplex.zones.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Grants access to creating and managing Aspect Types. Does not give the right to create/modify Entries.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.*` `dataplex.aspectTypes.create` `dataplex.aspectTypes.delete` `dataplex.aspectTypes.get` `dataplex.aspectTypes.getIamPolicy` `dataplex.aspectTypes.list` `dataplex.aspectTypes.setIamPolicy` `dataplex.aspectTypes.update` `dataplex.aspectTypes.use` `dataplex.operations.get` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Aspect Type User (`roles/dataplex.aspectTypeUser`) Grants access to use Aspect Types to create/modify Entries with the corresponding aspects.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.get` `dataplex.aspectTypes.list` `dataplex.aspectTypes.use` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Full access on DataAttribute Binding resources.	`dataplex.dataAttributeBindings.*` `dataplex.dataAttributeBindings.create` `dataplex.dataAttributeBindings.delete` `dataplex.dataAttributeBindings.get` `dataplex.dataAttributeBindings.getIamPolicy` `dataplex.dataAttributeBindings.list` `dataplex.dataAttributeBindings.setIamPolicy` `dataplex.dataAttributeBindings.update`
Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Full access to catalog resources, including entries, entry groups, and glossaries.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.` `dataplex.aspectTypes.create` `dataplex.aspectTypes.delete` `dataplex.aspectTypes.get` `dataplex.aspectTypes.getIamPolicy` `dataplex.aspectTypes.list` `dataplex.aspectTypes.setIamPolicy` `dataplex.aspectTypes.update` `dataplex.aspectTypes.use` `dataplex.entries.` `dataplex.entries.create` `dataplex.entries.delete` `dataplex.entries.get` `dataplex.entries.getData` `dataplex.entries.link` `dataplex.entries.list` `dataplex.entries.update` `dataplex.entryGroups.` `dataplex.entryGroups.create` `dataplex.entryGroups.delete` `dataplex.entryGroups.export` `dataplex.entryGroups.get` `dataplex.entryGroups.getIamPolicy` `dataplex.entryGroups.import` `dataplex.entryGroups.list` `dataplex.entryGroups.setIamPolicy` `dataplex.entryGroups.update` `dataplex.entryGroups.useContactsAspect` `dataplex.entryGroups.useDataProfileAspect` `dataplex.entryGroups.useDataQualityScorecardAspect` `dataplex.entryGroups.useDefinitionEntryLink` `dataplex.entryGroups.useDescriptionsAspect` `dataplex.entryGroups.useGenericAspect` `dataplex.entryGroups.useGenericEntry` `dataplex.entryGroups.useOverviewAspect` `dataplex.entryGroups.useQueriesAspect` `dataplex.entryGroups.useRefreshCadenceAspect` `dataplex.entryGroups.useRelatedEntryLink` `dataplex.entryGroups.useSchemaAspect` `dataplex.entryGroups.useSynonymEntryLink` `dataplex.entryLinks.` `dataplex.entryLinks.create` `dataplex.entryLinks.delete` `dataplex.entryLinks.get` `dataplex.entryLinks.reference` `dataplex.entryTypes.` `dataplex.entryTypes.create` `dataplex.entryTypes.delete` `dataplex.entryTypes.get` `dataplex.entryTypes.getIamPolicy` `dataplex.entryTypes.list` `dataplex.entryTypes.setIamPolicy` `dataplex.entryTypes.update` `dataplex.entryTypes.use` `dataplex.glossaries.` `dataplex.glossaries.create` `dataplex.glossaries.delete` `dataplex.glossaries.get` `dataplex.glossaries.getIamPolicy` `dataplex.glossaries.import` `dataplex.glossaries.list` `dataplex.glossaries.setIamPolicy` `dataplex.glossaries.update` `dataplex.glossaryCategories.` `dataplex.glossaryCategories.create` `dataplex.glossaryCategories.delete` `dataplex.glossaryCategories.get` `dataplex.glossaryCategories.list` `dataplex.glossaryCategories.update` `dataplex.glossaryTerms.` `dataplex.glossaryTerms.create` `dataplex.glossaryTerms.delete` `dataplex.glossaryTerms.get` `dataplex.glossaryTerms.list` `dataplex.glossaryTerms.update` `dataplex.glossaryTerms.use` `dataplex.operations.get` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Write access to catalog resources, including entries, entry groups, and glossaries. Cannot set IAM policies on resources.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.create` `dataplex.aspectTypes.delete` `dataplex.aspectTypes.get` `dataplex.aspectTypes.getIamPolicy` `dataplex.aspectTypes.list` `dataplex.aspectTypes.update` `dataplex.aspectTypes.use` `dataplex.entries.` `dataplex.entries.create` `dataplex.entries.delete` `dataplex.entries.get` `dataplex.entries.getData` `dataplex.entries.link` `dataplex.entries.list` `dataplex.entries.update` `dataplex.entryGroups.create` `dataplex.entryGroups.delete` `dataplex.entryGroups.get` `dataplex.entryGroups.getIamPolicy` `dataplex.entryGroups.list` `dataplex.entryGroups.update` `dataplex.entryGroups.useContactsAspect` `dataplex.entryGroups.useDataProfileAspect` `dataplex.entryGroups.useDataQualityScorecardAspect` `dataplex.entryGroups.useDefinitionEntryLink` `dataplex.entryGroups.useDescriptionsAspect` `dataplex.entryGroups.useGenericAspect` `dataplex.entryGroups.useGenericEntry` `dataplex.entryGroups.useOverviewAspect` `dataplex.entryGroups.useQueriesAspect` `dataplex.entryGroups.useRefreshCadenceAspect` `dataplex.entryGroups.useRelatedEntryLink` `dataplex.entryGroups.useSchemaAspect` `dataplex.entryGroups.useSynonymEntryLink` `dataplex.entryLinks.create` `dataplex.entryLinks.delete` `dataplex.entryLinks.get` `dataplex.entryTypes.create` `dataplex.entryTypes.delete` `dataplex.entryTypes.get` `dataplex.entryTypes.getIamPolicy` `dataplex.entryTypes.list` `dataplex.entryTypes.update` `dataplex.entryTypes.use` `dataplex.glossaries.create` `dataplex.glossaries.delete` `dataplex.glossaries.get` `dataplex.glossaries.getIamPolicy` `dataplex.glossaries.list` `dataplex.glossaries.update` `dataplex.glossaryCategories.` `dataplex.glossaryCategories.create` `dataplex.glossaryCategories.delete` `dataplex.glossaryCategories.get` `dataplex.glossaryCategories.list` `dataplex.glossaryCategories.update` `dataplex.glossaryTerms.*` `dataplex.glossaryTerms.create` `dataplex.glossaryTerms.delete` `dataplex.glossaryTerms.get` `dataplex.glossaryTerms.list` `dataplex.glossaryTerms.update` `dataplex.glossaryTerms.use` `dataplex.operations.get` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Read access to catalog resources, including entries, entry groups, and glossaries. Can view IAM policies on catalog resources.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.get` `dataplex.aspectTypes.getIamPolicy` `dataplex.aspectTypes.list` `dataplex.entries.get` `dataplex.entries.list` `dataplex.entryGroups.get` `dataplex.entryGroups.getIamPolicy` `dataplex.entryGroups.list` `dataplex.entryLinks.get` `dataplex.entryTypes.get` `dataplex.entryTypes.getIamPolicy` `dataplex.entryTypes.list` `dataplex.glossaries.get` `dataplex.glossaries.getIamPolicy` `dataplex.glossaries.list` `dataplex.glossaryCategories.get` `dataplex.glossaryCategories.list` `dataplex.glossaryTerms.get` `dataplex.glossaryTerms.list` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Data Owner (`roles/dataplex.dataOwner`) Owner access to data. To be granted to Dataplex Universal Catalog resources Lake, Zone or Asset only.	`dataplex.assets.ownData` `dataplex.assets.readData` `dataplex.assets.writeData`
Dataplex Data Products Admin^Beta (`roles/dataplex.dataProductsAdmin`) Full access to Data Products.	`dataplex.dataAssets.` `dataplex.dataAssets.create` `dataplex.dataAssets.delete` `dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataAssets.update` `dataplex.dataProducts.` `dataplex.dataProducts.create` `dataplex.dataProducts.delete` `dataplex.dataProducts.get` `dataplex.dataProducts.getIamPolicy` `dataplex.dataProducts.list` `dataplex.dataProducts.setIamPolicy` `dataplex.dataProducts.update` `dataplex.operations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Data Products Consumer^Beta (`roles/dataplex.dataProductsConsumer`) Restricted read access, intended for consumers of Data Products.	`dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataProducts.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Data Products Editor^Beta (`roles/dataplex.dataProductsEditor`) Write access to Data Products.	`dataplex.dataAssets.*` `dataplex.dataAssets.create` `dataplex.dataAssets.delete` `dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataAssets.update` `dataplex.dataProducts.create` `dataplex.dataProducts.delete` `dataplex.dataProducts.get` `dataplex.dataProducts.getIamPolicy` `dataplex.dataProducts.list` `dataplex.dataProducts.update` `dataplex.operations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Data Products Viewer^Beta (`roles/dataplex.dataProductsViewer`) Read access to Data Products.	`dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataProducts.get` `dataplex.dataProducts.getIamPolicy` `dataplex.dataProducts.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Data Reader (`roles/dataplex.dataReader`) Read only access to data. To be granted to Dataplex Universal Catalog resources Lake, Zone or Asset only.	`dataplex.assets.readData`
Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Full access to DataScan resources.	`dataplex.datascans.*` `dataplex.datascans.create` `dataplex.datascans.delete` `dataplex.datascans.get` `dataplex.datascans.getData` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list` `dataplex.datascans.run` `dataplex.datascans.setIamPolicy` `dataplex.datascans.update` `dataplex.operations.get` `dataplex.operations.list`
Dataplex DataScan Creator (`roles/dataplex.dataScanCreator`) Access to create new DataScan resources.	`dataplex.datascans.create` `dataplex.datascans.get` `dataplex.datascans.list` `dataplex.operations.get`
Dataplex DataScan DataViewer (`roles/dataplex.dataScanDataViewer`) Read access to DataScan resources, including the results.	`dataplex.datascans.get` `dataplex.datascans.getData` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list`
Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Write access to DataScan resources.	`dataplex.datascans.create` `dataplex.datascans.delete` `dataplex.datascans.get` `dataplex.datascans.getData` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list` `dataplex.datascans.run` `dataplex.datascans.update` `dataplex.operations.get` `dataplex.operations.list`
Dataplex DataScan Viewer (`roles/dataplex.dataScanViewer`) Read access to DataScan resources, excluding the results.	`dataplex.datascans.get` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list`
Dataplex Data Writer (`roles/dataplex.dataWriter`) Write access to data. To be granted to Dataplex Universal Catalog resources Lake, Zone or Asset only.	`dataplex.assets.writeData`
Dataplex Developer (`roles/dataplex.developer`) Allows running data analytics workloads in a lake.	`dataplex.content.*` `dataplex.content.create` `dataplex.content.delete` `dataplex.content.get` `dataplex.content.getIamPolicy` `dataplex.content.list` `dataplex.content.setIamPolicy` `dataplex.content.update` `dataplex.environments.execute` `dataplex.environments.get` `dataplex.environments.list` `dataplex.tasks.cancel` `dataplex.tasks.create` `dataplex.tasks.delete` `dataplex.tasks.get` `dataplex.tasks.list` `dataplex.tasks.run` `dataplex.tasks.update`
Dataplex Discovery BigLake Publishing Service Agent (`roles/dataplex.discoveryBigLakePublishingServiceAgent`) Gives the Dataplex Discovery Service Agent permissions to use bigquery connection. Warning: Do not grant service agent roles to any principals except service agents.	`bigquery.connections.delegate` `bigquery.connections.use`
Dataplex Discovery Publishing Service Agent (`roles/dataplex.discoveryPublishingServiceAgent`) Gives the Dataplex Discovery Service Agent dataset create and get permissions. Warning: Do not grant service agent roles to any principals except service agents.	`bigquery.datasets.create` `bigquery.datasets.get`
Dataplex Discovery Service Agent (`roles/dataplex.discoveryServiceAgent`) Gives the Dataplex Discovery Service Agent bucket read permissions. Warning: Do not grant service agent roles to any principals except service agents.	`storage.buckets.get` `storage.objects.get` `storage.objects.list`
Dataplex Editor (`roles/dataplex.editor`) Write access to Dataplex Universal Catalog resources, except for catalog resources like entries, entry groups, and glossaries.	`cloudasset.assets.analyzeIamPolicy` `dataplex.assetActions.list` `dataplex.assets.create` `dataplex.assets.delete` `dataplex.assets.get` `dataplex.assets.getIamPolicy` `dataplex.assets.list` `dataplex.assets.update` `dataplex.content.delete` `dataplex.content.get` `dataplex.content.getIamPolicy` `dataplex.content.list` `dataplex.dataAssets.` `dataplex.dataAssets.create` `dataplex.dataAssets.delete` `dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataAssets.update` `dataplex.dataAttributeBindings.create` `dataplex.dataAttributeBindings.delete` `dataplex.dataAttributeBindings.get` `dataplex.dataAttributeBindings.getIamPolicy` `dataplex.dataAttributeBindings.list` `dataplex.dataAttributeBindings.update` `dataplex.dataAttributes.bind` `dataplex.dataAttributes.create` `dataplex.dataAttributes.delete` `dataplex.dataAttributes.get` `dataplex.dataAttributes.getIamPolicy` `dataplex.dataAttributes.list` `dataplex.dataAttributes.update` `dataplex.dataProducts.create` `dataplex.dataProducts.delete` `dataplex.dataProducts.get` `dataplex.dataProducts.getIamPolicy` `dataplex.dataProducts.list` `dataplex.dataProducts.update` `dataplex.dataTaxonomies.configureDataAccess` `dataplex.dataTaxonomies.configureResourceAccess` `dataplex.dataTaxonomies.create` `dataplex.dataTaxonomies.delete` `dataplex.dataTaxonomies.get` `dataplex.dataTaxonomies.getIamPolicy` `dataplex.dataTaxonomies.list` `dataplex.dataTaxonomies.update` `dataplex.datascans.create` `dataplex.datascans.delete` `dataplex.datascans.get` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list` `dataplex.datascans.run` `dataplex.datascans.update` `dataplex.environments.create` `dataplex.environments.delete` `dataplex.environments.get` `dataplex.environments.getIamPolicy` `dataplex.environments.list` `dataplex.environments.update` `dataplex.lakeActions.list` `dataplex.lakes.create` `dataplex.lakes.delete` `dataplex.lakes.get` `dataplex.lakes.getIamPolicy` `dataplex.lakes.list` `dataplex.lakes.update` `dataplex.operations.` `dataplex.operations.cancel` `dataplex.operations.delete` `dataplex.operations.get` `dataplex.operations.list` `dataplex.tasks.cancel` `dataplex.tasks.create` `dataplex.tasks.delete` `dataplex.tasks.get` `dataplex.tasks.getIamPolicy` `dataplex.tasks.list` `dataplex.tasks.run` `dataplex.tasks.update` `dataplex.zoneActions.list` `dataplex.zones.create` `dataplex.zones.delete` `dataplex.zones.get` `dataplex.zones.getIamPolicy` `dataplex.zones.list` `dataplex.zones.update`
Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`) Gives user permissions to manage encryption configurations.	`dataplex.encryptionConfig.*` `dataplex.encryptionConfig.create` `dataplex.encryptionConfig.delete` `dataplex.encryptionConfig.get` `dataplex.encryptionConfig.list` `dataplex.encryptionConfig.update` `dataplex.operations.get` `dataplex.operations.list`
Dataplex Entry Group Exporter (`roles/dataplex.entryGroupExporter`) Grants access to export this entry group for Metadata Job processing.	`dataplex.entryGroups.export` `dataplex.entryGroups.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Entry Group Importer (`roles/dataplex.entryGroupImporter`) Grants access to import this entry group for Metadata Job processing.	`dataplex.entryGroups.get` `dataplex.entryGroups.import` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Owns Entry Groups and Entries inside of them.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.get` `dataplex.aspectTypes.list` `dataplex.aspectTypes.use` `dataplex.entries.` `dataplex.entries.create` `dataplex.entries.delete` `dataplex.entries.get` `dataplex.entries.getData` `dataplex.entries.link` `dataplex.entries.list` `dataplex.entries.update` `dataplex.entryGroups.` `dataplex.entryGroups.create` `dataplex.entryGroups.delete` `dataplex.entryGroups.export` `dataplex.entryGroups.get` `dataplex.entryGroups.getIamPolicy` `dataplex.entryGroups.import` `dataplex.entryGroups.list` `dataplex.entryGroups.setIamPolicy` `dataplex.entryGroups.update` `dataplex.entryGroups.useContactsAspect` `dataplex.entryGroups.useDataProfileAspect` `dataplex.entryGroups.useDataQualityScorecardAspect` `dataplex.entryGroups.useDefinitionEntryLink` `dataplex.entryGroups.useDescriptionsAspect` `dataplex.entryGroups.useGenericAspect` `dataplex.entryGroups.useGenericEntry` `dataplex.entryGroups.useOverviewAspect` `dataplex.entryGroups.useQueriesAspect` `dataplex.entryGroups.useRefreshCadenceAspect` `dataplex.entryGroups.useRelatedEntryLink` `dataplex.entryGroups.useSchemaAspect` `dataplex.entryGroups.useSynonymEntryLink` `dataplex.entryLinks.*` `dataplex.entryLinks.create` `dataplex.entryLinks.delete` `dataplex.entryLinks.get` `dataplex.entryLinks.reference` `dataplex.entryTypes.get` `dataplex.entryTypes.list` `dataplex.entryTypes.use` `dataplex.operations.get` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Owns Metadata Entries and EntryLinks.	`datacatalog.migrationConfig.get` `dataplex.aspectTypes.get` `dataplex.aspectTypes.list` `dataplex.aspectTypes.use` `dataplex.entries.` `dataplex.entries.create` `dataplex.entries.delete` `dataplex.entries.get` `dataplex.entries.getData` `dataplex.entries.link` `dataplex.entries.list` `dataplex.entries.update` `dataplex.entryGroups.get` `dataplex.entryGroups.useContactsAspect` `dataplex.entryGroups.useDataProfileAspect` `dataplex.entryGroups.useDataQualityScorecardAspect` `dataplex.entryGroups.useDefinitionEntryLink` `dataplex.entryGroups.useDescriptionsAspect` `dataplex.entryGroups.useGenericAspect` `dataplex.entryGroups.useGenericEntry` `dataplex.entryGroups.useOverviewAspect` `dataplex.entryGroups.useQueriesAspect` `dataplex.entryGroups.useRefreshCadenceAspect` `dataplex.entryGroups.useRelatedEntryLink` `dataplex.entryGroups.useSchemaAspect` `dataplex.entryGroups.useSynonymEntryLink` `dataplex.entryLinks.` `dataplex.entryLinks.create` `dataplex.entryLinks.delete` `dataplex.entryLinks.get` `dataplex.entryLinks.reference` `dataplex.entryTypes.get` `dataplex.entryTypes.list` `dataplex.entryTypes.use` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Grants access to creating and managing Entry Types. Does not give the right to create/modify Entries.	`datacatalog.migrationConfig.get` `dataplex.entryTypes.*` `dataplex.entryTypes.create` `dataplex.entryTypes.delete` `dataplex.entryTypes.get` `dataplex.entryTypes.getIamPolicy` `dataplex.entryTypes.list` `dataplex.entryTypes.setIamPolicy` `dataplex.entryTypes.update` `dataplex.entryTypes.use` `dataplex.operations.get` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Entry Type User (`roles/dataplex.entryTypeUser`) Grants access to use Entry Types to create/modify Entries of those types.	`datacatalog.migrationConfig.get` `dataplex.entryTypes.get` `dataplex.entryTypes.list` `dataplex.entryTypes.use` `dataplex.projects.search` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Metadata Job Owner (`roles/dataplex.metadataJobOwner`) Grants access to creating and managing Metadata Jobs. Does not give the right to create/modify Entry Groups.	`dataplex.metadataJobs.*` `dataplex.metadataJobs.cancel` `dataplex.metadataJobs.create` `dataplex.metadataJobs.get` `dataplex.metadataJobs.list` `dataplex.operations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Metadata Job Viewer (`roles/dataplex.metadataJobViewer`) Read access to Metadata Job resources.	`dataplex.metadataJobs.get` `dataplex.metadataJobs.list` `dataplex.operations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Read only access to metadata within table and fileset entities and partitions.	`dataplex.assets.get` `dataplex.assets.list` `dataplex.entities.get` `dataplex.entities.list` `dataplex.partitions.get` `dataplex.partitions.list` `dataplex.zones.get` `dataplex.zones.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Write and read access to metadata within table and fileset entities and partitions.	`dataplex.assets.get` `dataplex.assets.list` `dataplex.entities.` `dataplex.entities.create` `dataplex.entities.delete` `dataplex.entities.get` `dataplex.entities.list` `dataplex.entities.update` `dataplex.partitions.` `dataplex.partitions.create` `dataplex.partitions.delete` `dataplex.partitions.get` `dataplex.partitions.list` `dataplex.partitions.update` `dataplex.zones.get` `dataplex.zones.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataplex Security Administrator (`roles/dataplex.securityAdmin`) Permissions configure ResourceAccess and DataAccess Specs on Data Attributes.	`dataplex.dataTaxonomies.configureDataAccess` `dataplex.dataTaxonomies.configureResourceAccess`
Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Gives the Dataplex service account access to project resources. This access will be used in data discovery, data management and data workload management. Warning: Do not grant service agent roles to any principals except service agents.	`bigquery.bireservations.` `bigquery.bireservations.get` `bigquery.bireservations.update` `bigquery.capacityCommitments.` `bigquery.capacityCommitments.create` `bigquery.capacityCommitments.delete` `bigquery.capacityCommitments.get` `bigquery.capacityCommitments.list` `bigquery.capacityCommitments.update` `bigquery.config.` `bigquery.config.get` `bigquery.config.update` `bigquery.connections.` `bigquery.connections.create` `bigquery.connections.delegate` `bigquery.connections.delete` `bigquery.connections.get` `bigquery.connections.getIamPolicy` `bigquery.connections.list` `bigquery.connections.setIamPolicy` `bigquery.connections.update` `bigquery.connections.updateTag` `bigquery.connections.use` `bigquery.dataPolicies.attach` `bigquery.dataPolicies.create` `bigquery.dataPolicies.delete` `bigquery.dataPolicies.get` `bigquery.dataPolicies.getIamPolicy` `bigquery.dataPolicies.list` `bigquery.dataPolicies.setIamPolicy` `bigquery.dataPolicies.update` `bigquery.datasets.` `bigquery.datasets.create` `bigquery.datasets.createTagBinding` `bigquery.datasets.delete` `bigquery.datasets.deleteTagBinding` `bigquery.datasets.get` `bigquery.datasets.getIamPolicy` `bigquery.datasets.link` `bigquery.datasets.listEffectiveTags` `bigquery.datasets.listSharedDatasetUsage` `bigquery.datasets.listTagBindings` `bigquery.datasets.setIamPolicy` `bigquery.datasets.update` `bigquery.datasets.updateTag` `bigquery.jobs.` `bigquery.jobs.create` `bigquery.jobs.createGlobalQuery` `bigquery.jobs.delete` `bigquery.jobs.get` `bigquery.jobs.list` `bigquery.jobs.listAll` `bigquery.jobs.listExecutionMetadata` `bigquery.jobs.update` `bigquery.models.` `bigquery.models.create` `bigquery.models.delete` `bigquery.models.export` `bigquery.models.getData` `bigquery.models.getMetadata` `bigquery.models.list` `bigquery.models.updateData` `bigquery.models.updateMetadata` `bigquery.models.updateTag` `bigquery.objectRefs.` `bigquery.objectRefs.read` `bigquery.objectRefs.write` `bigquery.readsessions.` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.readsessions.update` `bigquery.reservationAssignments.` `bigquery.reservationAssignments.create` `bigquery.reservationAssignments.delete` `bigquery.reservationAssignments.list` `bigquery.reservationAssignments.search` `bigquery.reservationGroups.` `bigquery.reservationGroups.create` `bigquery.reservationGroups.delete` `bigquery.reservationGroups.get` `bigquery.reservationGroups.list` `bigquery.reservations.` `bigquery.reservations.create` `bigquery.reservations.delete` `bigquery.reservations.get` `bigquery.reservations.list` `bigquery.reservations.listFailoverDatasets` `bigquery.reservations.update` `bigquery.reservations.use` `bigquery.routines.` `bigquery.routines.create` `bigquery.routines.delete` `bigquery.routines.get` `bigquery.routines.list` `bigquery.routines.update` `bigquery.routines.updateTag` `bigquery.rowAccessPolicies.create` `bigquery.rowAccessPolicies.delete` `bigquery.rowAccessPolicies.get` `bigquery.rowAccessPolicies.getIamPolicy` `bigquery.rowAccessPolicies.list` `bigquery.rowAccessPolicies.overrideTimeTravelRestrictions` `bigquery.rowAccessPolicies.setIamPolicy` `bigquery.rowAccessPolicies.update` `bigquery.savedqueries.` `bigquery.savedqueries.create` `bigquery.savedqueries.delete` `bigquery.savedqueries.get` `bigquery.savedqueries.list` `bigquery.savedqueries.update` `bigquery.tables.` `bigquery.tables.create` `bigquery.tables.createIndex` `bigquery.tables.createSnapshot` `bigquery.tables.createTagBinding` `bigquery.tables.delete` `bigquery.tables.deleteIndex` `bigquery.tables.deleteSnapshot` `bigquery.tables.deleteTagBinding` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.getIamPolicy` `bigquery.tables.list` `bigquery.tables.listEffectiveTags` `bigquery.tables.listTagBindings` `bigquery.tables.replicateData` `bigquery.tables.restoreSnapshot` `bigquery.tables.setCategory` `bigquery.tables.setColumnDataPolicy` `bigquery.tables.setIamPolicy` `bigquery.tables.update` `bigquery.tables.updateData` `bigquery.tables.updateIndex` `bigquery.tables.updateTag` `bigquery.transfers.` `bigquery.transfers.get` `bigquery.transfers.update` `bigquerymigration.translation.translate` `datacatalog.catalogs.searchAll` `datacatalog.categories.getIamPolicy` `datacatalog.categories.setIamPolicy` `datacatalog.entries.get` `datacatalog.taxonomies.create` `datacatalog.taxonomies.delete` `datacatalog.taxonomies.get` `datacatalog.taxonomies.list` `datacatalog.taxonomies.update` `dataform.` `dataform.commentThreads.create` `dataform.commentThreads.delete` `dataform.commentThreads.get` `dataform.commentThreads.list` `dataform.commentThreads.update` `dataform.comments.create` `dataform.comments.delete` `dataform.comments.get` `dataform.comments.list` `dataform.comments.update` `dataform.compilationResults.create` `dataform.compilationResults.get` `dataform.compilationResults.list` `dataform.compilationResults.query` `dataform.config.get` `dataform.config.update` `dataform.folders.addContents` `dataform.folders.create` `dataform.folders.delete` `dataform.folders.get` `dataform.folders.getIamPolicy` `dataform.folders.move` `dataform.folders.queryContents` `dataform.folders.setIamPolicy` `dataform.folders.update` `dataform.locations.get` `dataform.locations.list` `dataform.operations.cancel` `dataform.operations.delete` `dataform.operations.get` `dataform.operations.list` `dataform.releaseConfigs.create` `dataform.releaseConfigs.delete` `dataform.releaseConfigs.get` `dataform.releaseConfigs.list` `dataform.releaseConfigs.update` `dataform.repositories.commit` `dataform.repositories.computeAccessTokenStatus` `dataform.repositories.create` `dataform.repositories.delete` `dataform.repositories.fetchHistory` `dataform.repositories.fetchRemoteBranches` `dataform.repositories.get` `dataform.repositories.getIamPolicy` `dataform.repositories.list` `dataform.repositories.move` `dataform.repositories.queryDirectoryContents` `dataform.repositories.readFile` `dataform.repositories.scheduleRelease` `dataform.repositories.scheduleWorkflow` `dataform.repositories.setIamPolicy` `dataform.repositories.update` `dataform.teamFolders.create` `dataform.teamFolders.delete` `dataform.teamFolders.get` `dataform.teamFolders.getIamPolicy` `dataform.teamFolders.setIamPolicy` `dataform.teamFolders.update` `dataform.workflowConfigs.create` `dataform.workflowConfigs.delete` `dataform.workflowConfigs.get` `dataform.workflowConfigs.list` `dataform.workflowConfigs.update` `dataform.workflowInvocations.cancel` `dataform.workflowInvocations.create` `dataform.workflowInvocations.delete` `dataform.workflowInvocations.get` `dataform.workflowInvocations.list` `dataform.workflowInvocations.query` `dataform.workspaces.commit` `dataform.workspaces.create` `dataform.workspaces.delete` `dataform.workspaces.fetchFileDiff` `dataform.workspaces.fetchFileGitStatuses` `dataform.workspaces.fetchGitAheadBehind` `dataform.workspaces.get` `dataform.workspaces.getIamPolicy` `dataform.workspaces.installNpmPackages` `dataform.workspaces.list` `dataform.workspaces.makeDirectory` `dataform.workspaces.moveDirectory` `dataform.workspaces.moveFile` `dataform.workspaces.pull` `dataform.workspaces.push` `dataform.workspaces.queryDirectoryContents` `dataform.workspaces.readFile` `dataform.workspaces.removeDirectory` `dataform.workspaces.removeFile` `dataform.workspaces.reset` `dataform.workspaces.searchFiles` `dataform.workspaces.setIamPolicy` `dataform.workspaces.writeFile` `dataplex.assets.getIamPolicy` `dataplex.datascans.` `dataplex.datascans.create` `dataplex.datascans.delete` `dataplex.datascans.get` `dataplex.datascans.getData` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list` `dataplex.datascans.run` `dataplex.datascans.setIamPolicy` `dataplex.datascans.update` `dataplex.environments.execute` `dataplex.environments.get` `dataplex.environments.list` `dataplex.lakes.get` `dataplex.lakes.getIamPolicy` `dataplex.operations.get` `dataplex.operations.list` `dataplex.projects.search` `dataplex.zones.getIamPolicy` `dataproc.batches.cancel` `dataproc.batches.create` `dataproc.batches.get` `dataproc.operations.cancel` `dataproc.operations.get` `dataproc.operations.list` `firebase.projects.get` `iam.serviceAccounts.actAs` `logging.logEntries.create` `logging.logEntries.route` `metastore.services.get` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create` `orgpolicy.policy.get` `recommender.iamPolicyInsights.` `recommender.iamPolicyInsights.get` `recommender.iamPolicyInsights.list` `recommender.iamPolicyInsights.update` `recommender.iamPolicyRecommendations.` `recommender.iamPolicyRecommendations.get` `recommender.iamPolicyRecommendations.list` `recommender.iamPolicyRecommendations.update` `recommender.storageBucketSoftDeleteInsights.` `recommender.storageBucketSoftDeleteInsights.get` `recommender.storageBucketSoftDeleteInsights.list` `recommender.storageBucketSoftDeleteInsights.update` `recommender.storageBucketSoftDeleteRecommendations.` `recommender.storageBucketSoftDeleteRecommendations.get` `recommender.storageBucketSoftDeleteRecommendations.list` `recommender.storageBucketSoftDeleteRecommendations.update` `resourcemanager.hierarchyNodes.listEffectiveTags` `resourcemanager.projects.get` `resourcemanager.projects.list` `servicemanagement.services.report` `serviceusage.services.use` `storage.anywhereCaches.` `storage.anywhereCaches.create` `storage.anywhereCaches.disable` `storage.anywhereCaches.get` `storage.anywhereCaches.list` `storage.anywhereCaches.pause` `storage.anywhereCaches.resume` `storage.anywhereCaches.update` `storage.bucketOperations.` `storage.bucketOperations.cancel` `storage.bucketOperations.get` `storage.bucketOperations.list` `storage.buckets.` `storage.buckets.create` `storage.buckets.createTagBinding` `storage.buckets.delete` `storage.buckets.deleteTagBinding` `storage.buckets.enableObjectRetention` `storage.buckets.get` `storage.buckets.getIamPolicy` `storage.buckets.getIpFilter` `storage.buckets.getObjectInsights` `storage.buckets.list` `storage.buckets.listEffectiveTags` `storage.buckets.listTagBindings` `storage.buckets.relocate` `storage.buckets.restore` `storage.buckets.setIamPolicy` `storage.buckets.setIpFilter` `storage.buckets.update` `storage.folders.` `storage.folders.create` `storage.folders.delete` `storage.folders.get` `storage.folders.list` `storage.folders.rename` `storage.intelligenceConfigs.` `storage.intelligenceConfigs.get` `storage.intelligenceConfigs.update` `storage.managedFolders.` `storage.managedFolders.create` `storage.managedFolders.delete` `storage.managedFolders.get` `storage.managedFolders.getIamPolicy` `storage.managedFolders.list` `storage.managedFolders.setIamPolicy` `storage.multipartUploads.` `storage.multipartUploads.abort` `storage.multipartUploads.create` `storage.multipartUploads.list` `storage.multipartUploads.listParts` `storage.objects.` `storage.objects.create` `storage.objects.createContext` `storage.objects.delete` `storage.objects.deleteContext` `storage.objects.get` `storage.objects.getIamPolicy` `storage.objects.list` `storage.objects.move` `storage.objects.overrideUnlockedRetention` `storage.objects.restore` `storage.objects.setIamPolicy` `storage.objects.setRetention` `storage.objects.update` `storage.objects.updateContext` `storagebatchoperations.` `storagebatchoperations.jobs.cancel` `storagebatchoperations.jobs.create` `storagebatchoperations.jobs.delete` `storagebatchoperations.jobs.get` `storagebatchoperations.jobs.list` `storagebatchoperations.locations.get` `storagebatchoperations.locations.list` `storagebatchoperations.operations.cancel` `storagebatchoperations.operations.delete` `storagebatchoperations.operations.get` `storagebatchoperations.operations.list` `telemetry.metrics.write`
Dataplex Storage Data Owner (`roles/dataplex.storageDataOwner`) Owner access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.	`bigquery.datasets.get` `bigquery.models.create` `bigquery.models.delete` `bigquery.models.export` `bigquery.models.getData` `bigquery.models.getMetadata` `bigquery.models.list` `bigquery.models.updateData` `bigquery.models.updateMetadata` `bigquery.routines.create` `bigquery.routines.delete` `bigquery.routines.get` `bigquery.routines.list` `bigquery.routines.update` `bigquery.tables.create` `bigquery.tables.createSnapshot` `bigquery.tables.delete` `bigquery.tables.deleteSnapshot` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.list` `bigquery.tables.restoreSnapshot` `bigquery.tables.update` `bigquery.tables.updateData` `storage.buckets.get` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Dataplex Storage Data Reader (`roles/dataplex.storageDataReader`) Read only access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.	`bigquery.datasets.get` `bigquery.models.export` `bigquery.models.getData` `bigquery.models.getMetadata` `bigquery.models.list` `bigquery.routines.get` `bigquery.routines.list` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.list` `storage.buckets.get` `storage.objects.get` `storage.objects.list`
Dataplex Storage Data Writer (`roles/dataplex.storageDataWriter`) Write access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.	`bigquery.tables.updateData` `storage.objects.create` `storage.objects.delete` `storage.objects.update`
Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Full access to DataTaxonomy, DataAttribute resources.	`dataplex.dataAttributes.*` `dataplex.dataAttributes.bind` `dataplex.dataAttributes.create` `dataplex.dataAttributes.delete` `dataplex.dataAttributes.get` `dataplex.dataAttributes.getIamPolicy` `dataplex.dataAttributes.list` `dataplex.dataAttributes.setIamPolicy` `dataplex.dataAttributes.update` `dataplex.dataTaxonomies.create` `dataplex.dataTaxonomies.delete` `dataplex.dataTaxonomies.get` `dataplex.dataTaxonomies.getIamPolicy` `dataplex.dataTaxonomies.list` `dataplex.dataTaxonomies.setIamPolicy` `dataplex.dataTaxonomies.update`
Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Read access on DataTaxonomy, DataAttribute resources.	`dataplex.dataAttributes.get` `dataplex.dataAttributes.getIamPolicy` `dataplex.dataAttributes.list` `dataplex.dataTaxonomies.get` `dataplex.dataTaxonomies.getIamPolicy` `dataplex.dataTaxonomies.list`
Dataplex Viewer (`roles/dataplex.viewer`) Read access to Dataplex Universal Catalog resources, except for catalog resources like entries, entry groups, and glossaries.	`cloudasset.assets.analyzeIamPolicy` `dataplex.assetActions.list` `dataplex.assets.get` `dataplex.assets.getIamPolicy` `dataplex.assets.list` `dataplex.content.get` `dataplex.content.getIamPolicy` `dataplex.content.list` `dataplex.dataAssets.get` `dataplex.dataAssets.list` `dataplex.dataAttributeBindings.get` `dataplex.dataAttributeBindings.getIamPolicy` `dataplex.dataAttributeBindings.list` `dataplex.dataAttributes.get` `dataplex.dataAttributes.getIamPolicy` `dataplex.dataAttributes.list` `dataplex.dataProducts.get` `dataplex.dataProducts.getIamPolicy` `dataplex.dataProducts.list` `dataplex.dataTaxonomies.get` `dataplex.dataTaxonomies.getIamPolicy` `dataplex.dataTaxonomies.list` `dataplex.datascans.get` `dataplex.datascans.getIamPolicy` `dataplex.datascans.list` `dataplex.environments.get` `dataplex.environments.getIamPolicy` `dataplex.environments.list` `dataplex.lakeActions.list` `dataplex.lakes.get` `dataplex.lakes.getIamPolicy` `dataplex.lakes.list` `dataplex.operations.get` `dataplex.operations.list` `dataplex.tasks.get` `dataplex.tasks.getIamPolicy` `dataplex.tasks.list` `dataplex.zoneActions.list` `dataplex.zones.get` `dataplex.zones.getIamPolicy` `dataplex.zones.list`

Dataplex Administrator

(roles/dataplex.admin)

Full access to Dataplex Universal Catalog resources, except for catalog resources like entries and entry groups.

cloudasset.assets.analyzeIamPolicy

cloudasset.assets.searchAllIamPolicies

cloudasset.assets.searchAllResources

dataplex.assetActions.list

dataplex.assets.create

dataplex.assets.delete

dataplex.assets.get

dataplex.assets.getIamPolicy

dataplex.assets.list

dataplex.assets.setIamPolicy

dataplex.assets.update

dataplex.content.*

dataplex.content.create
dataplex.content.delete
dataplex.content.get
dataplex.content.getIamPolicy
dataplex.content.list
dataplex.content.setIamPolicy
dataplex.content.update

dataplex.dataAssets.*

dataplex.dataAssets.create
dataplex.dataAssets.delete
dataplex.dataAssets.get
dataplex.dataAssets.list
dataplex.dataAssets.update

dataplex.dataAttributeBindings.*

dataplex.dataAttributeBindings.create
dataplex.dataAttributeBindings.delete
dataplex.dataAttributeBindings.get
dataplex.dataAttributeBindings.getIamPolicy
dataplex.dataAttributeBindings.list
dataplex.dataAttributeBindings.setIamPolicy
dataplex.dataAttributeBindings.update

dataplex.dataAttributes.*

dataplex.dataAttributes.bind
dataplex.dataAttributes.create
dataplex.dataAttributes.delete
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataAttributes.setIamPolicy
dataplex.dataAttributes.update

dataplex.dataProducts.*

dataplex.dataProducts.create
dataplex.dataProducts.delete
dataplex.dataProducts.get
dataplex.dataProducts.getIamPolicy
dataplex.dataProducts.list
dataplex.dataProducts.setIamPolicy
dataplex.dataProducts.update

dataplex.dataTaxonomies.*

dataplex.dataTaxonomies.configureDataAccess
dataplex.dataTaxonomies.configureResourceAccess
dataplex.dataTaxonomies.create
dataplex.dataTaxonomies.delete
dataplex.dataTaxonomies.get
dataplex.dataTaxonomies.getIamPolicy
dataplex.dataTaxonomies.list
dataplex.dataTaxonomies.setIamPolicy
dataplex.dataTaxonomies.update

dataplex.datascans.*

dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.setIamPolicy
dataplex.datascans.update

dataplex.entities.*

dataplex.entities.create
dataplex.entities.delete
dataplex.entities.get
dataplex.entities.list
dataplex.entities.update

dataplex.entries.link

dataplex.entryGroups.export

dataplex.entryGroups.import

dataplex.entryGroups.useDefinitionEntryLink

dataplex.entryGroups.useRelatedEntryLink

dataplex.entryGroups.useSynonymEntryLink

dataplex.entryLinks.*

dataplex.entryLinks.create
dataplex.entryLinks.delete
dataplex.entryLinks.get
dataplex.entryLinks.reference

dataplex.environments.*

dataplex.environments.create
dataplex.environments.delete
dataplex.environments.execute
dataplex.environments.get
dataplex.environments.getIamPolicy
dataplex.environments.list
dataplex.environments.setIamPolicy
dataplex.environments.update

dataplex.glossaries.*

dataplex.glossaries.create
dataplex.glossaries.delete
dataplex.glossaries.get
dataplex.glossaries.getIamPolicy
dataplex.glossaries.import
dataplex.glossaries.list
dataplex.glossaries.setIamPolicy
dataplex.glossaries.update

dataplex.glossaryCategories.*

dataplex.glossaryCategories.create
dataplex.glossaryCategories.delete
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryCategories.update

dataplex.glossaryTerms.*

dataplex.glossaryTerms.create
dataplex.glossaryTerms.delete
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.glossaryTerms.update
dataplex.glossaryTerms.use

dataplex.lakeActions.list

dataplex.lakes.*

dataplex.lakes.create
dataplex.lakes.delete
dataplex.lakes.get
dataplex.lakes.getIamPolicy
dataplex.lakes.list
dataplex.lakes.setIamPolicy
dataplex.lakes.update

dataplex.locations.*

dataplex.locations.get
dataplex.locations.list

dataplex.metadataJobs.*

dataplex.metadataJobs.cancel
dataplex.metadataJobs.create
dataplex.metadataJobs.get
dataplex.metadataJobs.list

dataplex.operations.*

dataplex.operations.cancel
dataplex.operations.delete
dataplex.operations.get
dataplex.operations.list

dataplex.partitions.*

dataplex.partitions.create
dataplex.partitions.delete
dataplex.partitions.get
dataplex.partitions.list
dataplex.partitions.update

dataplex.tasks.*

dataplex.tasks.cancel
dataplex.tasks.create
dataplex.tasks.delete
dataplex.tasks.get
dataplex.tasks.getIamPolicy
dataplex.tasks.list
dataplex.tasks.run
dataplex.tasks.setIamPolicy
dataplex.tasks.update

dataplex.zoneActions.list

dataplex.zones.*

dataplex.zones.create
dataplex.zones.delete
dataplex.zones.get
dataplex.zones.getIamPolicy
dataplex.zones.list
dataplex.zones.setIamPolicy
dataplex.zones.update

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Aspect Type Owner

(roles/dataplex.aspectTypeOwner)

Grants access to creating and managing Aspect Types. Does not give the right to create/modify Entries.

datacatalog.migrationConfig.get

dataplex.aspectTypes.*

dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.setIamPolicy
dataplex.aspectTypes.update
dataplex.aspectTypes.use

dataplex.operations.get

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Aspect Type User

(roles/dataplex.aspectTypeUser)

Grants access to use Aspect Types to create/modify Entries with the corresponding aspects.

datacatalog.migrationConfig.get

dataplex.aspectTypes.get

dataplex.aspectTypes.list

dataplex.aspectTypes.use

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Binding Administrator

(roles/dataplex.bindingAdmin)

Full access on DataAttribute Binding resources.

dataplex.dataAttributeBindings.*

dataplex.dataAttributeBindings.create
dataplex.dataAttributeBindings.delete
dataplex.dataAttributeBindings.get
dataplex.dataAttributeBindings.getIamPolicy
dataplex.dataAttributeBindings.list
dataplex.dataAttributeBindings.setIamPolicy
dataplex.dataAttributeBindings.update

Dataplex Catalog Admin

(roles/dataplex.catalogAdmin)

Full access to catalog resources, including entries, entry groups, and glossaries.

datacatalog.migrationConfig.get

dataplex.aspectTypes.*

dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.setIamPolicy
dataplex.aspectTypes.update
dataplex.aspectTypes.use

dataplex.entries.*

dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.link
dataplex.entries.list
dataplex.entries.update

dataplex.entryGroups.*

dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.import
dataplex.entryGroups.list
dataplex.entryGroups.setIamPolicy
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useDataProfileAspect
dataplex.entryGroups.useDataQualityScorecardAspect
dataplex.entryGroups.useDefinitionEntryLink
dataplex.entryGroups.useDescriptionsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useQueriesAspect
dataplex.entryGroups.useRefreshCadenceAspect
dataplex.entryGroups.useRelatedEntryLink
dataplex.entryGroups.useSchemaAspect
dataplex.entryGroups.useSynonymEntryLink

dataplex.entryLinks.*

dataplex.entryLinks.create
dataplex.entryLinks.delete
dataplex.entryLinks.get
dataplex.entryLinks.reference

dataplex.entryTypes.*

dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.setIamPolicy
dataplex.entryTypes.update
dataplex.entryTypes.use

dataplex.glossaries.*

dataplex.glossaries.create
dataplex.glossaries.delete
dataplex.glossaries.get
dataplex.glossaries.getIamPolicy
dataplex.glossaries.import
dataplex.glossaries.list
dataplex.glossaries.setIamPolicy
dataplex.glossaries.update

dataplex.glossaryCategories.*

dataplex.glossaryCategories.create
dataplex.glossaryCategories.delete
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryCategories.update

dataplex.glossaryTerms.*

dataplex.glossaryTerms.create
dataplex.glossaryTerms.delete
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.glossaryTerms.update
dataplex.glossaryTerms.use

dataplex.operations.get

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Catalog Editor

(roles/dataplex.catalogEditor)

Write access to catalog resources, including entries, entry groups, and glossaries. Cannot set IAM policies on resources.

datacatalog.migrationConfig.get

dataplex.aspectTypes.create

dataplex.aspectTypes.delete

dataplex.aspectTypes.get

dataplex.aspectTypes.getIamPolicy

dataplex.aspectTypes.list

dataplex.aspectTypes.update

dataplex.aspectTypes.use

dataplex.entries.*

dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.link
dataplex.entries.list
dataplex.entries.update

dataplex.entryGroups.create

dataplex.entryGroups.delete

dataplex.entryGroups.get

dataplex.entryGroups.getIamPolicy

dataplex.entryGroups.list

dataplex.entryGroups.update

dataplex.entryGroups.useContactsAspect

dataplex.entryGroups.useDataProfileAspect

dataplex.entryGroups.useDataQualityScorecardAspect

dataplex.entryGroups.useDefinitionEntryLink

dataplex.entryGroups.useDescriptionsAspect

dataplex.entryGroups.useGenericAspect

dataplex.entryGroups.useGenericEntry

dataplex.entryGroups.useOverviewAspect

dataplex.entryGroups.useQueriesAspect

dataplex.entryGroups.useRefreshCadenceAspect

dataplex.entryGroups.useRelatedEntryLink

dataplex.entryGroups.useSchemaAspect

dataplex.entryGroups.useSynonymEntryLink

dataplex.entryLinks.create

dataplex.entryLinks.delete

dataplex.entryLinks.get

dataplex.entryTypes.create

dataplex.entryTypes.delete

dataplex.entryTypes.get

dataplex.entryTypes.getIamPolicy

dataplex.entryTypes.list

dataplex.entryTypes.update

dataplex.entryTypes.use

dataplex.glossaries.create

dataplex.glossaries.delete

dataplex.glossaries.get

dataplex.glossaries.getIamPolicy

dataplex.glossaries.list

dataplex.glossaries.update

dataplex.glossaryCategories.*

dataplex.glossaryCategories.create
dataplex.glossaryCategories.delete
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryCategories.update

dataplex.glossaryTerms.*

dataplex.glossaryTerms.create
dataplex.glossaryTerms.delete
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.glossaryTerms.update
dataplex.glossaryTerms.use

dataplex.operations.get

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Catalog Viewer

(roles/dataplex.catalogViewer)

Read access to catalog resources, including entries, entry groups, and glossaries. Can view IAM policies on catalog resources.

datacatalog.migrationConfig.get

dataplex.aspectTypes.get

dataplex.aspectTypes.getIamPolicy

dataplex.aspectTypes.list

dataplex.entries.get

dataplex.entries.list

dataplex.entryGroups.get

dataplex.entryGroups.getIamPolicy

dataplex.entryGroups.list

dataplex.entryLinks.get

dataplex.entryTypes.get

dataplex.entryTypes.getIamPolicy

dataplex.entryTypes.list

dataplex.glossaries.get

dataplex.glossaries.getIamPolicy

dataplex.glossaries.list

dataplex.glossaryCategories.get

dataplex.glossaryCategories.list

dataplex.glossaryTerms.get

dataplex.glossaryTerms.list

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Data Owner

(roles/dataplex.dataOwner)

Owner access to data. To be granted to Dataplex Universal Catalog resources Lake, Zone or Asset only.

dataplex.assets.ownData

dataplex.assets.readData

dataplex.assets.writeData

Dataplex Data Products Admin^Beta

(roles/dataplex.dataProductsAdmin)

Full access to Data Products.

dataplex.dataAssets.*

dataplex.dataAssets.create
dataplex.dataAssets.delete
dataplex.dataAssets.get
dataplex.dataAssets.list
dataplex.dataAssets.update

dataplex.dataProducts.*

dataplex.dataProducts.create
dataplex.dataProducts.delete
dataplex.dataProducts.get
dataplex.dataProducts.getIamPolicy
dataplex.dataProducts.list
dataplex.dataProducts.setIamPolicy
dataplex.dataProducts.update

dataplex.operations.get

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Data Products Consumer^Beta

(roles/dataplex.dataProductsConsumer)

Restricted read access, intended for consumers of Data Products.

dataplex.dataAssets.get

dataplex.dataAssets.list

dataplex.dataProducts.get

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Data Products Editor^Beta

(roles/dataplex.dataProductsEditor)

Write access to Data Products.

dataplex.dataAssets.*

dataplex.dataAssets.create
dataplex.dataAssets.delete
dataplex.dataAssets.get
dataplex.dataAssets.list
dataplex.dataAssets.update

dataplex.dataProducts.create

dataplex.dataProducts.delete

dataplex.dataProducts.get

dataplex.dataProducts.getIamPolicy

dataplex.dataProducts.list

dataplex.dataProducts.update

dataplex.operations.get

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Data Products Viewer^Beta

(roles/dataplex.dataProductsViewer)

Read access to Data Products.

dataplex.dataAssets.get

dataplex.dataAssets.list

dataplex.dataProducts.get

dataplex.dataProducts.getIamPolicy

dataplex.dataProducts.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Data Reader

(roles/dataplex.dataReader)

Read only access to data. To be granted to Dataplex Universal Catalog resources Lake, Zone or Asset only.

dataplex.assets.readData

Dataplex DataScan Administrator

(roles/dataplex.dataScanAdmin)

Full access to DataScan resources.

dataplex.datascans.*

dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.setIamPolicy
dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

Dataplex DataScan Creator

(roles/dataplex.dataScanCreator)

Access to create new DataScan resources.

dataplex.datascans.create

dataplex.datascans.get

dataplex.datascans.list

dataplex.operations.get

Dataplex DataScan DataViewer

(roles/dataplex.dataScanDataViewer)

Read access to DataScan resources, including the results.

dataplex.datascans.get

dataplex.datascans.getData

dataplex.datascans.getIamPolicy

dataplex.datascans.list

Dataplex DataScan Editor

(roles/dataplex.dataScanEditor)

Write access to DataScan resources.

dataplex.datascans.create

dataplex.datascans.delete

dataplex.datascans.get

dataplex.datascans.getData

dataplex.datascans.getIamPolicy

dataplex.datascans.list

dataplex.datascans.run

dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

Dataplex DataScan Viewer

(roles/dataplex.dataScanViewer)

Read access to DataScan resources, excluding the results.

dataplex.datascans.get

dataplex.datascans.getIamPolicy

dataplex.datascans.list

Dataplex Data Writer

(roles/dataplex.dataWriter)

Write access to data. To be granted to Dataplex Universal Catalog resources Lake, Zone or Asset only.

dataplex.assets.writeData

Dataplex Developer

(roles/dataplex.developer)

Allows running data analytics workloads in a lake.

dataplex.content.*

dataplex.content.create
dataplex.content.delete
dataplex.content.get
dataplex.content.getIamPolicy
dataplex.content.list
dataplex.content.setIamPolicy
dataplex.content.update

dataplex.environments.execute

dataplex.environments.get

dataplex.environments.list

dataplex.tasks.cancel

dataplex.tasks.create

dataplex.tasks.delete

dataplex.tasks.get

dataplex.tasks.list

dataplex.tasks.run

dataplex.tasks.update

Dataplex Discovery BigLake Publishing Service Agent

(roles/dataplex.discoveryBigLakePublishingServiceAgent)

Gives the Dataplex Discovery Service Agent permissions to use bigquery connection.

Warning: Do not grant service agent roles to any principals except service agents.

bigquery.connections.delegate

bigquery.connections.use

Dataplex Discovery Publishing Service Agent

(roles/dataplex.discoveryPublishingServiceAgent)

Gives the Dataplex Discovery Service Agent dataset create and get permissions.

Warning: Do not grant service agent roles to any principals except service agents.

bigquery.datasets.create

bigquery.datasets.get

Dataplex Discovery Service Agent

(roles/dataplex.discoveryServiceAgent)

Gives the Dataplex Discovery Service Agent bucket read permissions.

Warning: Do not grant service agent roles to any principals except service agents.

storage.buckets.get

storage.objects.get

storage.objects.list

Dataplex Editor

(roles/dataplex.editor)

Write access to Dataplex Universal Catalog resources, except for catalog resources like entries, entry groups, and glossaries.

cloudasset.assets.analyzeIamPolicy

dataplex.assetActions.list

dataplex.assets.create

dataplex.assets.delete

dataplex.assets.get

dataplex.assets.getIamPolicy

dataplex.assets.list

dataplex.assets.update

dataplex.content.delete

dataplex.content.get

dataplex.content.getIamPolicy

dataplex.content.list

dataplex.dataAssets.*

dataplex.dataAssets.create
dataplex.dataAssets.delete
dataplex.dataAssets.get
dataplex.dataAssets.list
dataplex.dataAssets.update

dataplex.dataAttributeBindings.create

dataplex.dataAttributeBindings.delete

dataplex.dataAttributeBindings.get

dataplex.dataAttributeBindings.getIamPolicy

dataplex.dataAttributeBindings.list

dataplex.dataAttributeBindings.update

dataplex.dataAttributes.bind

dataplex.dataAttributes.create

dataplex.dataAttributes.delete

dataplex.dataAttributes.get

dataplex.dataAttributes.getIamPolicy

dataplex.dataAttributes.list

dataplex.dataAttributes.update

dataplex.dataProducts.create

dataplex.dataProducts.delete

dataplex.dataProducts.get

dataplex.dataProducts.getIamPolicy

dataplex.dataProducts.list

dataplex.dataProducts.update

dataplex.dataTaxonomies.configureDataAccess

dataplex.dataTaxonomies.configureResourceAccess

dataplex.dataTaxonomies.create

dataplex.dataTaxonomies.delete

dataplex.dataTaxonomies.get

dataplex.dataTaxonomies.getIamPolicy

dataplex.dataTaxonomies.list

dataplex.dataTaxonomies.update

dataplex.datascans.create

dataplex.datascans.delete

dataplex.datascans.get

dataplex.datascans.getIamPolicy

dataplex.datascans.list

dataplex.datascans.run

dataplex.datascans.update

dataplex.environments.create

dataplex.environments.delete

dataplex.environments.get

dataplex.environments.getIamPolicy

dataplex.environments.list

dataplex.environments.update

dataplex.lakeActions.list

dataplex.lakes.create

dataplex.lakes.delete

dataplex.lakes.get

dataplex.lakes.getIamPolicy

dataplex.lakes.list

dataplex.lakes.update

dataplex.operations.*

dataplex.operations.cancel
dataplex.operations.delete
dataplex.operations.get
dataplex.operations.list

dataplex.tasks.cancel

dataplex.tasks.create

dataplex.tasks.delete

dataplex.tasks.get

dataplex.tasks.getIamPolicy

dataplex.tasks.list

dataplex.tasks.run

dataplex.tasks.update

dataplex.zoneActions.list

dataplex.zones.create

dataplex.zones.delete

dataplex.zones.get

dataplex.zones.getIamPolicy

dataplex.zones.list

dataplex.zones.update

Dataplex Encryption Admin

(roles/dataplex.encryptionAdmin)

Gives user permissions to manage encryption configurations.

dataplex.encryptionConfig.*

dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update

dataplex.operations.get

dataplex.operations.list

Dataplex Entry Group Exporter

(roles/dataplex.entryGroupExporter)

Grants access to export this entry group for Metadata Job processing.

dataplex.entryGroups.export

dataplex.entryGroups.get

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Entry Group Importer

(roles/dataplex.entryGroupImporter)

Grants access to import this entry group for Metadata Job processing.

dataplex.entryGroups.get

dataplex.entryGroups.import

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Entry Group Owner

(roles/dataplex.entryGroupOwner)

Owns Entry Groups and Entries inside of them.

datacatalog.migrationConfig.get

dataplex.aspectTypes.get

dataplex.aspectTypes.list

dataplex.aspectTypes.use

dataplex.entries.*

dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.link
dataplex.entries.list
dataplex.entries.update

dataplex.entryGroups.*

dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.import
dataplex.entryGroups.list
dataplex.entryGroups.setIamPolicy
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useDataProfileAspect
dataplex.entryGroups.useDataQualityScorecardAspect
dataplex.entryGroups.useDefinitionEntryLink
dataplex.entryGroups.useDescriptionsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useQueriesAspect
dataplex.entryGroups.useRefreshCadenceAspect
dataplex.entryGroups.useRelatedEntryLink
dataplex.entryGroups.useSchemaAspect
dataplex.entryGroups.useSynonymEntryLink

dataplex.entryLinks.*

dataplex.entryLinks.create
dataplex.entryLinks.delete
dataplex.entryLinks.get
dataplex.entryLinks.reference

dataplex.entryTypes.get

dataplex.entryTypes.list

dataplex.entryTypes.use

dataplex.operations.get

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Entry and EntryLink Owner

(roles/dataplex.entryOwner)

Owns Metadata Entries and EntryLinks.

datacatalog.migrationConfig.get

dataplex.aspectTypes.get

dataplex.aspectTypes.list

dataplex.aspectTypes.use

dataplex.entries.*

dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.link
dataplex.entries.list
dataplex.entries.update

dataplex.entryGroups.get

dataplex.entryGroups.useContactsAspect

dataplex.entryGroups.useDataProfileAspect

dataplex.entryGroups.useDataQualityScorecardAspect

dataplex.entryGroups.useDefinitionEntryLink

dataplex.entryGroups.useDescriptionsAspect

dataplex.entryGroups.useGenericAspect

dataplex.entryGroups.useGenericEntry

dataplex.entryGroups.useOverviewAspect

dataplex.entryGroups.useQueriesAspect

dataplex.entryGroups.useRefreshCadenceAspect

dataplex.entryGroups.useRelatedEntryLink

dataplex.entryGroups.useSchemaAspect

dataplex.entryGroups.useSynonymEntryLink

dataplex.entryLinks.*

dataplex.entryLinks.create
dataplex.entryLinks.delete
dataplex.entryLinks.get
dataplex.entryLinks.reference

dataplex.entryTypes.get

dataplex.entryTypes.list

dataplex.entryTypes.use

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Entry Type Owner

(roles/dataplex.entryTypeOwner)

Grants access to creating and managing Entry Types. Does not give the right to create/modify Entries.

datacatalog.migrationConfig.get

dataplex.entryTypes.*

dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.setIamPolicy
dataplex.entryTypes.update
dataplex.entryTypes.use

dataplex.operations.get

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Entry Type User

(roles/dataplex.entryTypeUser)

Grants access to use Entry Types to create/modify Entries of those types.

datacatalog.migrationConfig.get

dataplex.entryTypes.get

dataplex.entryTypes.list

dataplex.entryTypes.use

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Metadata Job Owner

(roles/dataplex.metadataJobOwner)

Grants access to creating and managing Metadata Jobs. Does not give the right to create/modify Entry Groups.

dataplex.metadataJobs.*

dataplex.metadataJobs.cancel
dataplex.metadataJobs.create
dataplex.metadataJobs.get
dataplex.metadataJobs.list

dataplex.operations.get

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Metadata Job Viewer

(roles/dataplex.metadataJobViewer)

Read access to Metadata Job resources.

dataplex.metadataJobs.get

dataplex.metadataJobs.list

dataplex.operations.get

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Metadata Reader

(roles/dataplex.metadataReader)

Read only access to metadata within table and fileset entities and partitions.

dataplex.assets.get

dataplex.assets.list

dataplex.entities.get

dataplex.entities.list

dataplex.partitions.get

dataplex.partitions.list

dataplex.zones.get

dataplex.zones.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Metadata Writer

(roles/dataplex.metadataWriter)

Write and read access to metadata within table and fileset entities and partitions.

dataplex.assets.get

dataplex.assets.list

dataplex.entities.*

dataplex.entities.create
dataplex.entities.delete
dataplex.entities.get
dataplex.entities.list
dataplex.entities.update

dataplex.partitions.*

dataplex.partitions.create
dataplex.partitions.delete
dataplex.partitions.get
dataplex.partitions.list
dataplex.partitions.update

dataplex.zones.get

dataplex.zones.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataplex Security Administrator

(roles/dataplex.securityAdmin)

Permissions configure ResourceAccess and DataAccess Specs on Data Attributes.

dataplex.dataTaxonomies.configureDataAccess

dataplex.dataTaxonomies.configureResourceAccess

Cloud Dataplex Service Agent

(roles/dataplex.serviceAgent)

Gives the Dataplex service account access to project resources. This access will be used in data discovery, data management and data workload management.

Warning: Do not grant service agent roles to any principals except service agents.

bigquery.bireservations.*

bigquery.bireservations.get
bigquery.bireservations.update

bigquery.capacityCommitments.*

bigquery.capacityCommitments.create
bigquery.capacityCommitments.delete
bigquery.capacityCommitments.get
bigquery.capacityCommitments.list
bigquery.capacityCommitments.update

bigquery.config.*

bigquery.config.get
bigquery.config.update

bigquery.connections.*

bigquery.connections.create
bigquery.connections.delegate
bigquery.connections.delete
bigquery.connections.get
bigquery.connections.getIamPolicy
bigquery.connections.list
bigquery.connections.setIamPolicy
bigquery.connections.update
bigquery.connections.updateTag
bigquery.connections.use

bigquery.dataPolicies.attach

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

bigquery.datasets.*

bigquery.datasets.create
bigquery.datasets.createTagBinding
bigquery.datasets.delete
bigquery.datasets.deleteTagBinding
bigquery.datasets.get
bigquery.datasets.getIamPolicy
bigquery.datasets.link
bigquery.datasets.listEffectiveTags
bigquery.datasets.listSharedDatasetUsage
bigquery.datasets.listTagBindings
bigquery.datasets.setIamPolicy
bigquery.datasets.update
bigquery.datasets.updateTag

bigquery.jobs.*

bigquery.jobs.create
bigquery.jobs.createGlobalQuery
bigquery.jobs.delete
bigquery.jobs.get
bigquery.jobs.list
bigquery.jobs.listAll
bigquery.jobs.listExecutionMetadata
bigquery.jobs.update

bigquery.models.*

bigquery.models.create
bigquery.models.delete
bigquery.models.export
bigquery.models.getData
bigquery.models.getMetadata
bigquery.models.list
bigquery.models.updateData
bigquery.models.updateMetadata
bigquery.models.updateTag

bigquery.objectRefs.*

bigquery.objectRefs.read
bigquery.objectRefs.write

bigquery.readsessions.*

bigquery.readsessions.create
bigquery.readsessions.getData
bigquery.readsessions.update

bigquery.reservationAssignments.*

bigquery.reservationAssignments.create
bigquery.reservationAssignments.delete
bigquery.reservationAssignments.list
bigquery.reservationAssignments.search

bigquery.reservationGroups.*

bigquery.reservationGroups.create
bigquery.reservationGroups.delete
bigquery.reservationGroups.get
bigquery.reservationGroups.list

bigquery.reservations.*

bigquery.reservations.create
bigquery.reservations.delete
bigquery.reservations.get
bigquery.reservations.list
bigquery.reservations.listFailoverDatasets
bigquery.reservations.update
bigquery.reservations.use

bigquery.routines.*

bigquery.routines.create
bigquery.routines.delete
bigquery.routines.get
bigquery.routines.list
bigquery.routines.update
bigquery.routines.updateTag

bigquery.rowAccessPolicies.create

bigquery.rowAccessPolicies.delete

bigquery.rowAccessPolicies.get

bigquery.rowAccessPolicies.getIamPolicy

bigquery.rowAccessPolicies.list

bigquery.rowAccessPolicies.overrideTimeTravelRestrictions

bigquery.rowAccessPolicies.setIamPolicy

bigquery.rowAccessPolicies.update

bigquery.savedqueries.*

bigquery.savedqueries.create
bigquery.savedqueries.delete
bigquery.savedqueries.get
bigquery.savedqueries.list
bigquery.savedqueries.update

bigquery.tables.*

bigquery.tables.create
bigquery.tables.createIndex
bigquery.tables.createSnapshot
bigquery.tables.createTagBinding
bigquery.tables.delete
bigquery.tables.deleteIndex
bigquery.tables.deleteSnapshot
bigquery.tables.deleteTagBinding
bigquery.tables.export
bigquery.tables.get
bigquery.tables.getData
bigquery.tables.getIamPolicy
bigquery.tables.list
bigquery.tables.listEffectiveTags
bigquery.tables.listTagBindings
bigquery.tables.replicateData
bigquery.tables.restoreSnapshot
bigquery.tables.setCategory
bigquery.tables.setColumnDataPolicy
bigquery.tables.setIamPolicy
bigquery.tables.update
bigquery.tables.updateData
bigquery.tables.updateIndex
bigquery.tables.updateTag

bigquery.transfers.*

bigquery.transfers.get
bigquery.transfers.update

bigquerymigration.translation.translate

datacatalog.catalogs.searchAll

datacatalog.categories.getIamPolicy

datacatalog.categories.setIamPolicy

datacatalog.entries.get

datacatalog.taxonomies.create

datacatalog.taxonomies.delete

datacatalog.taxonomies.get

datacatalog.taxonomies.list

datacatalog.taxonomies.update

dataform.*

dataform.commentThreads.create
dataform.commentThreads.delete
dataform.commentThreads.get
dataform.commentThreads.list
dataform.commentThreads.update
dataform.comments.create
dataform.comments.delete
dataform.comments.get
dataform.comments.list
dataform.comments.update
dataform.compilationResults.create
dataform.compilationResults.get
dataform.compilationResults.list
dataform.compilationResults.query
dataform.config.get
dataform.config.update
dataform.folders.addContents
dataform.folders.create
dataform.folders.delete
dataform.folders.get
dataform.folders.getIamPolicy
dataform.folders.move
dataform.folders.queryContents
dataform.folders.setIamPolicy
dataform.folders.update
dataform.locations.get
dataform.locations.list
dataform.operations.cancel
dataform.operations.delete
dataform.operations.get
dataform.operations.list
dataform.releaseConfigs.create
dataform.releaseConfigs.delete
dataform.releaseConfigs.get
dataform.releaseConfigs.list
dataform.releaseConfigs.update
dataform.repositories.commit
dataform.repositories.computeAccessTokenStatus
dataform.repositories.create
dataform.repositories.delete
dataform.repositories.fetchHistory
dataform.repositories.fetchRemoteBranches
dataform.repositories.get
dataform.repositories.getIamPolicy
dataform.repositories.list
dataform.repositories.move
dataform.repositories.queryDirectoryContents
dataform.repositories.readFile
dataform.repositories.scheduleRelease
dataform.repositories.scheduleWorkflow
dataform.repositories.setIamPolicy
dataform.repositories.update
dataform.teamFolders.create
dataform.teamFolders.delete
dataform.teamFolders.get
dataform.teamFolders.getIamPolicy
dataform.teamFolders.setIamPolicy
dataform.teamFolders.update
dataform.workflowConfigs.create
dataform.workflowConfigs.delete
dataform.workflowConfigs.get
dataform.workflowConfigs.list
dataform.workflowConfigs.update
dataform.workflowInvocations.cancel
dataform.workflowInvocations.create
dataform.workflowInvocations.delete
dataform.workflowInvocations.get
dataform.workflowInvocations.list
dataform.workflowInvocations.query
dataform.workspaces.commit
dataform.workspaces.create
dataform.workspaces.delete
dataform.workspaces.fetchFileDiff
dataform.workspaces.fetchFileGitStatuses
dataform.workspaces.fetchGitAheadBehind
dataform.workspaces.get
dataform.workspaces.getIamPolicy
dataform.workspaces.installNpmPackages
dataform.workspaces.list
dataform.workspaces.makeDirectory
dataform.workspaces.moveDirectory
dataform.workspaces.moveFile
dataform.workspaces.pull
dataform.workspaces.push
dataform.workspaces.queryDirectoryContents
dataform.workspaces.readFile
dataform.workspaces.removeDirectory
dataform.workspaces.removeFile
dataform.workspaces.reset
dataform.workspaces.searchFiles
dataform.workspaces.setIamPolicy
dataform.workspaces.writeFile

dataplex.assets.getIamPolicy

dataplex.datascans.*

dataplex.datascans.create
dataplex.datascans.delete
dataplex.datascans.get
dataplex.datascans.getData
dataplex.datascans.getIamPolicy
dataplex.datascans.list
dataplex.datascans.run
dataplex.datascans.setIamPolicy
dataplex.datascans.update

dataplex.environments.execute

dataplex.environments.get

dataplex.environments.list

dataplex.lakes.get

dataplex.lakes.getIamPolicy

dataplex.operations.get

dataplex.operations.list

dataplex.projects.search

dataplex.zones.getIamPolicy

dataproc.batches.cancel

dataproc.batches.create

dataproc.batches.get

dataproc.operations.cancel

dataproc.operations.get

dataproc.operations.list

firebase.projects.get

iam.serviceAccounts.actAs

logging.logEntries.create

logging.logEntries.route

metastore.services.get

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

orgpolicy.policy.get

recommender.iamPolicyInsights.*

recommender.iamPolicyInsights.get
recommender.iamPolicyInsights.list
recommender.iamPolicyInsights.update

recommender.iamPolicyRecommendations.*

recommender.iamPolicyRecommendations.get
recommender.iamPolicyRecommendations.list
recommender.iamPolicyRecommendations.update

recommender.storageBucketSoftDeleteInsights.*

recommender.storageBucketSoftDeleteInsights.get
recommender.storageBucketSoftDeleteInsights.list
recommender.storageBucketSoftDeleteInsights.update

recommender.storageBucketSoftDeleteRecommendations.*

recommender.storageBucketSoftDeleteRecommendations.get
recommender.storageBucketSoftDeleteRecommendations.list
recommender.storageBucketSoftDeleteRecommendations.update

resourcemanager.hierarchyNodes.listEffectiveTags

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.report

serviceusage.services.use

storage.anywhereCaches.*

storage.anywhereCaches.create
storage.anywhereCaches.disable
storage.anywhereCaches.get
storage.anywhereCaches.list
storage.anywhereCaches.pause
storage.anywhereCaches.resume
storage.anywhereCaches.update

storage.bucketOperations.*

storage.bucketOperations.cancel
storage.bucketOperations.get
storage.bucketOperations.list

storage.buckets.*

storage.buckets.create
storage.buckets.createTagBinding
storage.buckets.delete
storage.buckets.deleteTagBinding
storage.buckets.enableObjectRetention
storage.buckets.get
storage.buckets.getIamPolicy
storage.buckets.getIpFilter
storage.buckets.getObjectInsights
storage.buckets.list
storage.buckets.listEffectiveTags
storage.buckets.listTagBindings
storage.buckets.relocate
storage.buckets.restore
storage.buckets.setIamPolicy
storage.buckets.setIpFilter
storage.buckets.update

storage.folders.*

storage.folders.create
storage.folders.delete
storage.folders.get
storage.folders.list
storage.folders.rename

storage.intelligenceConfigs.*

storage.intelligenceConfigs.get
storage.intelligenceConfigs.update

storage.managedFolders.*

storage.managedFolders.create
storage.managedFolders.delete
storage.managedFolders.get
storage.managedFolders.getIamPolicy
storage.managedFolders.list
storage.managedFolders.setIamPolicy

storage.multipartUploads.*

storage.multipartUploads.abort
storage.multipartUploads.create
storage.multipartUploads.list
storage.multipartUploads.listParts

storage.objects.*

storage.objects.create
storage.objects.createContext
storage.objects.delete
storage.objects.deleteContext
storage.objects.get
storage.objects.getIamPolicy
storage.objects.list
storage.objects.move
storage.objects.overrideUnlockedRetention
storage.objects.restore
storage.objects.setIamPolicy
storage.objects.setRetention
storage.objects.update
storage.objects.updateContext

storagebatchoperations.*

storagebatchoperations.jobs.cancel
storagebatchoperations.jobs.create
storagebatchoperations.jobs.delete
storagebatchoperations.jobs.get
storagebatchoperations.jobs.list
storagebatchoperations.locations.get
storagebatchoperations.locations.list
storagebatchoperations.operations.cancel
storagebatchoperations.operations.delete
storagebatchoperations.operations.get
storagebatchoperations.operations.list

telemetry.metrics.write

Dataplex Storage Data Owner

(roles/dataplex.storageDataOwner)

Owner access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.

bigquery.datasets.get

bigquery.models.create

bigquery.models.delete

bigquery.models.export

bigquery.models.getData

bigquery.models.getMetadata

bigquery.models.list

bigquery.models.updateData

bigquery.models.updateMetadata

bigquery.routines.create

bigquery.routines.delete

bigquery.routines.get

bigquery.routines.list

bigquery.routines.update

bigquery.tables.create

bigquery.tables.createSnapshot

bigquery.tables.delete

bigquery.tables.deleteSnapshot

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.list

bigquery.tables.restoreSnapshot

bigquery.tables.update

bigquery.tables.updateData

storage.buckets.get

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Dataplex Storage Data Reader

(roles/dataplex.storageDataReader)

Read only access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.

bigquery.datasets.get

bigquery.models.export

bigquery.models.getData

bigquery.models.getMetadata

bigquery.models.list

bigquery.routines.get

bigquery.routines.list

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.list

storage.buckets.get

storage.objects.get

storage.objects.list

Dataplex Storage Data Writer

(roles/dataplex.storageDataWriter)

Write access to data. Should not be used directly. This role is granted by Dataplex to managed resources like Cloud Storage buckets, BigQuery datasets etc.

bigquery.tables.updateData

storage.objects.create

storage.objects.delete

storage.objects.update

Dataplex Taxonomy Administrator

(roles/dataplex.taxonomyAdmin)

Full access to DataTaxonomy, DataAttribute resources.

dataplex.dataAttributes.*

dataplex.dataAttributes.bind
dataplex.dataAttributes.create
dataplex.dataAttributes.delete
dataplex.dataAttributes.get
dataplex.dataAttributes.getIamPolicy
dataplex.dataAttributes.list
dataplex.dataAttributes.setIamPolicy
dataplex.dataAttributes.update

dataplex.dataTaxonomies.create

dataplex.dataTaxonomies.delete

dataplex.dataTaxonomies.get

dataplex.dataTaxonomies.getIamPolicy

dataplex.dataTaxonomies.list

dataplex.dataTaxonomies.setIamPolicy

dataplex.dataTaxonomies.update

Dataplex Taxonomy Viewer

(roles/dataplex.taxonomyViewer)

Read access on DataTaxonomy, DataAttribute resources.

dataplex.dataAttributes.get

dataplex.dataAttributes.getIamPolicy

dataplex.dataAttributes.list

dataplex.dataTaxonomies.get

dataplex.dataTaxonomies.getIamPolicy

dataplex.dataTaxonomies.list

Dataplex Viewer

(roles/dataplex.viewer)

Read access to Dataplex Universal Catalog resources, except for catalog resources like entries, entry groups, and glossaries.

cloudasset.assets.analyzeIamPolicy

dataplex.assetActions.list

dataplex.assets.get

dataplex.assets.getIamPolicy

dataplex.assets.list

dataplex.content.get

dataplex.content.getIamPolicy

dataplex.content.list

dataplex.dataAssets.get

dataplex.dataAssets.list

dataplex.dataAttributeBindings.get

dataplex.dataAttributeBindings.getIamPolicy

dataplex.dataAttributeBindings.list

dataplex.dataAttributes.get

dataplex.dataAttributes.getIamPolicy

dataplex.dataAttributes.list

dataplex.dataProducts.get

dataplex.dataProducts.getIamPolicy

dataplex.dataProducts.list

dataplex.dataTaxonomies.get

dataplex.dataTaxonomies.getIamPolicy

dataplex.dataTaxonomies.list

dataplex.datascans.get

dataplex.datascans.getIamPolicy

dataplex.datascans.list

dataplex.environments.get

dataplex.environments.getIamPolicy

dataplex.environments.list

dataplex.lakeActions.list

dataplex.lakes.get

dataplex.lakes.getIamPolicy

dataplex.lakes.list

dataplex.operations.get

dataplex.operations.list

dataplex.tasks.get

dataplex.tasks.getIamPolicy

dataplex.tasks.list

dataplex.zoneActions.list

dataplex.zones.get

dataplex.zones.getIamPolicy

dataplex.zones.list

Dataplex Universal Catalog permissions

Permission	Included in roles
`dataplex.aspectTypes.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog TagTemplate Creator (`roles/datacatalog.tagTemplateCreator`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog TagTemplate Creator (`roles/datacatalog.tagTemplateCreator`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Data Catalog TagTemplate User (`roles/datacatalog.tagTemplateUser`) Data Catalog TagTemplate Viewer (`roles/datacatalog.tagTemplateViewer`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Aspect Type User (`roles/dataplex.aspectTypeUser`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Data Catalog TagTemplate User (`roles/datacatalog.tagTemplateUser`) Data Catalog TagTemplate Viewer (`roles/datacatalog.tagTemplateViewer`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Aspect Type User (`roles/dataplex.aspectTypeUser`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.setIamPolicy`	Owner (`roles/owner`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Security Admin (`roles/iam.securityAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.aspectTypes.use`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Data Catalog TagTemplate User (`roles/datacatalog.tagTemplateUser`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Aspect Type User (`roles/dataplex.aspectTypeUser`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.assetActions.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.assets.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.assets.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.assets.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.assets.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.assets.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.assets.ownData`	Owner (`roles/owner`) Dataplex Data Owner (`roles/dataplex.dataOwner`)
`dataplex.assets.readData`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Data Owner (`roles/dataplex.dataOwner`) Dataplex Data Reader (`roles/dataplex.dataReader`) Support User (`roles/iam.supportUser`)
`dataplex.assets.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.assets.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.assets.writeData`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Data Owner (`roles/dataplex.dataOwner`) Dataplex Data Writer (`roles/dataplex.dataWriter`)
`dataplex.content.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`)
`dataplex.content.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.content.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.content.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.content.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.content.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.content.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`)
`dataplex.dataAssets.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataAssets.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataAssets.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Consumer (`roles/dataplex.dataProductsConsumer`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Data Products Viewer (`roles/dataplex.dataProductsViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAssets.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Consumer (`roles/dataplex.dataProductsConsumer`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Data Products Viewer (`roles/dataplex.dataProductsViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAssets.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataAttributeBindings.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataAttributeBindings.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataAttributeBindings.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAttributeBindings.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAttributeBindings.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAttributeBindings.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.dataAttributeBindings.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Binding Administrator (`roles/dataplex.bindingAdmin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataAttributes.bind`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.dataAttributes.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.dataAttributes.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.dataAttributes.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAttributes.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAttributes.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataAttributes.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.dataAttributes.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.dataProducts.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataProducts.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataProducts.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Consumer (`roles/dataplex.dataProductsConsumer`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Data Products Viewer (`roles/dataplex.dataProductsViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataProducts.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Data Products Viewer (`roles/dataplex.dataProductsViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataProducts.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Data Products Viewer (`roles/dataplex.dataProductsViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataProducts.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.dataProducts.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.dataTaxonomies.configureDataAccess`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Security Administrator (`roles/dataplex.securityAdmin`)
`dataplex.dataTaxonomies.configureResourceAccess`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Security Administrator (`roles/dataplex.securityAdmin`)
`dataplex.dataTaxonomies.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.dataTaxonomies.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.dataTaxonomies.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataTaxonomies.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataTaxonomies.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Dataplex Taxonomy Viewer (`roles/dataplex.taxonomyViewer`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.dataTaxonomies.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.dataTaxonomies.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Taxonomy Administrator (`roles/dataplex.taxonomyAdmin`)
`dataplex.datascans.create`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Creator (`roles/dataplex.dataScanCreator`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex Editor (`roles/dataplex.editor`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.delete`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex Editor (`roles/dataplex.editor`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Data Viewer (`roles/bigquery.dataViewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Creator (`roles/dataplex.dataScanCreator`) Dataplex DataScan DataViewer (`roles/dataplex.dataScanDataViewer`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex DataScan Viewer (`roles/dataplex.dataScanViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Site Reliability Engineer (`roles/iam.siteReliabilityEngineer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.getData`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Data Viewer (`roles/bigquery.dataViewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan DataViewer (`roles/dataplex.dataScanDataViewer`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Site Reliability Engineer (`roles/iam.siteReliabilityEngineer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Data Viewer (`roles/bigquery.dataViewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan DataViewer (`roles/dataplex.dataScanDataViewer`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex DataScan Viewer (`roles/dataplex.dataScanViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Site Reliability Engineer (`roles/iam.siteReliabilityEngineer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Data Viewer (`roles/bigquery.dataViewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Creator (`roles/dataplex.dataScanCreator`) Dataplex DataScan DataViewer (`roles/dataplex.dataScanDataViewer`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex DataScan Viewer (`roles/dataplex.dataScanViewer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Site Reliability Engineer (`roles/iam.siteReliabilityEngineer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.run`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex Editor (`roles/dataplex.editor`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.setIamPolicy`	Owner (`roles/owner`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Security Admin (`roles/iam.securityAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.datascans.update`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex Editor (`roles/dataplex.editor`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.encryptionConfig.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`)
`dataplex.encryptionConfig.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`)
`dataplex.encryptionConfig.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`) Support User (`roles/iam.supportUser`)
`dataplex.encryptionConfig.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.encryptionConfig.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`)
`dataplex.entities.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`)
`dataplex.entities.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`)
`dataplex.entities.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Support User (`roles/iam.supportUser`)
`dataplex.entities.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.entities.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`)
`dataplex.entries.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entries.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entries.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog Data Steward (`roles/datacatalog.dataSteward`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) DataCatalog Entry Viewer (`roles/datacatalog.entryViewer`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. DLP API Service Agent (`roles/dlp.serviceAgent`)
`dataplex.entries.getData`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Support User (`roles/iam.supportUser`)
`dataplex.entries.link`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entries.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog Data Steward (`roles/datacatalog.dataSteward`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) DataCatalog Entry Viewer (`roles/datacatalog.entryViewer`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.entries.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog Tag Editor (`roles/datacatalog.tagEditor`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`)
`dataplex.entryGroups.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Creator (`roles/datacatalog.entryGroupCreator`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`)
`dataplex.entryGroups.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`)
`dataplex.entryGroups.export`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Entry Group Exporter (`roles/dataplex.entryGroupExporter`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Support User (`roles/iam.supportUser`)
`dataplex.entryGroups.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog Data Steward (`roles/datacatalog.dataSteward`) DataCatalog EntryGroup Creator (`roles/datacatalog.entryGroupCreator`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) DataCatalog Entry Viewer (`roles/datacatalog.entryViewer`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Exporter (`roles/dataplex.entryGroupExporter`) Dataplex Entry Group Importer (`roles/dataplex.entryGroupImporter`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Support User (`roles/iam.supportUser`)
`dataplex.entryGroups.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.entryGroups.import`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Entry Group Importer (`roles/dataplex.entryGroupImporter`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`)
`dataplex.entryGroups.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.entryGroups.setIamPolicy`	Owner (`roles/owner`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.entryGroups.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`)
`dataplex.entryGroups.useContactsAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog Data Steward (`roles/datacatalog.dataSteward`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useDataProfileAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useDataQualityScorecardAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useDefinitionEntryLink`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useDescriptionsAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useGenericAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useGenericEntry`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useOverviewAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog Data Steward (`roles/datacatalog.dataSteward`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useQueriesAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useRefreshCadenceAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useRelatedEntryLink`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useSchemaAspect`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryGroups.useSynonymEntryLink`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryLinks.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryLinks.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryLinks.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Support User (`roles/iam.supportUser`)
`dataplex.entryLinks.reference`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`)
`dataplex.entryTypes.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`)
`dataplex.entryTypes.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`)
`dataplex.entryTypes.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Dataplex Entry Type User (`roles/dataplex.entryTypeUser`) Support User (`roles/iam.supportUser`)
`dataplex.entryTypes.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.entryTypes.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Dataplex Entry Type User (`roles/dataplex.entryTypeUser`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.entryTypes.setIamPolicy`	Owner (`roles/owner`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.entryTypes.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`)
`dataplex.entryTypes.use`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Dataplex Entry Type User (`roles/dataplex.entryTypeUser`)
`dataplex.environments.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.environments.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.environments.execute`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.environments.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.environments.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.environments.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.environments.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.environments.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.glossaries.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaries.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaries.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaries.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaries.import`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`)
`dataplex.glossaries.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaries.setIamPolicy`	Owner (`roles/owner`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.glossaries.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryCategories.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryCategories.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryCategories.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaryCategories.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaryCategories.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryTerms.create`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryTerms.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryTerms.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaryTerms.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Data Catalog Admin (`roles/datacatalog.admin`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.glossaryTerms.update`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.glossaryTerms.use`	Owner (`roles/owner`) Editor (`roles/editor`) Data Catalog Admin (`roles/datacatalog.admin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`)
`dataplex.lakeActions.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.lakes.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.lakes.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.lakes.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.lakes.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.lakes.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.lakes.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.lakes.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.locations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Support User (`roles/iam.supportUser`)
`dataplex.locations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.metadataJobs.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Job Owner (`roles/dataplex.metadataJobOwner`)
`dataplex.metadataJobs.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Job Owner (`roles/dataplex.metadataJobOwner`)
`dataplex.metadataJobs.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Job Owner (`roles/dataplex.metadataJobOwner`) Dataplex Metadata Job Viewer (`roles/dataplex.metadataJobViewer`) Support User (`roles/iam.supportUser`)
`dataplex.metadataJobs.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Job Owner (`roles/dataplex.metadataJobOwner`) Dataplex Metadata Job Viewer (`roles/dataplex.metadataJobViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Data Products Admin (`roles/dataplex.dataProductsAdmin`) Dataplex Data Products Editor (`roles/dataplex.dataProductsEditor`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Creator (`roles/dataplex.dataScanCreator`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Dataplex Metadata Job Owner (`roles/dataplex.metadataJobOwner`) Dataplex Metadata Job Viewer (`roles/dataplex.metadataJobViewer`) Dataplex Viewer (`roles/dataplex.viewer`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Data Editor (`roles/bigquery.dataEditor`) BigQuery Data Owner (`roles/bigquery.dataOwner`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex DataScan Administrator (`roles/dataplex.dataScanAdmin`) Dataplex DataScan Editor (`roles/dataplex.dataScanEditor`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Encryption Admin (`roles/dataplex.encryptionAdmin`) Dataplex Viewer (`roles/dataplex.viewer`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) ML Engineer (`roles/iam.mlEngineer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.partitions.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`)
`dataplex.partitions.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`)
`dataplex.partitions.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Support User (`roles/iam.supportUser`)
`dataplex.partitions.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.partitions.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`)
`dataplex.projects.search`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Admin (`roles/bigquery.admin`) BigQuery Metadata Viewer (`roles/bigquery.metadataViewer`) BigQuery Security Admin (`roles/bigquery.securityAdmin`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) BigQuery User (`roles/bigquery.user`) Data Catalog Admin (`roles/datacatalog.admin`) DataCatalog Data Steward (`roles/datacatalog.dataSteward`) DataCatalog EntryGroup Creator (`roles/datacatalog.entryGroupCreator`) DataCatalog EntryGroup Owner (`roles/datacatalog.entryGroupOwner`) DataCatalog Entry Owner (`roles/datacatalog.entryOwner`) DataCatalog Entry Viewer (`roles/datacatalog.entryViewer`) DataCatalog Glossary Owner (`roles/datacatalog.glossaryOwner`) DataCatalog Glossary User (`roles/datacatalog.glossaryUser`) DataCatalog Search Admin (`roles/datacatalog.searchAdmin`) Data Catalog TagTemplate Creator (`roles/datacatalog.tagTemplateCreator`) Data Catalog TagTemplate Owner (`roles/datacatalog.tagTemplateOwner`) Data Catalog TagTemplate User (`roles/datacatalog.tagTemplateUser`) Data Catalog TagTemplate Viewer (`roles/datacatalog.tagTemplateViewer`) Data Catalog Viewer (`roles/datacatalog.viewer`) Dataplex Aspect Type Owner (`roles/dataplex.aspectTypeOwner`) Dataplex Aspect Type User (`roles/dataplex.aspectTypeUser`) Dataplex Catalog Admin (`roles/dataplex.catalogAdmin`) Dataplex Catalog Editor (`roles/dataplex.catalogEditor`) Dataplex Catalog Viewer (`roles/dataplex.catalogViewer`) Dataplex Entry Group Owner (`roles/dataplex.entryGroupOwner`) Dataplex Entry and EntryLink Owner (`roles/dataplex.entryOwner`) Dataplex Entry Type Owner (`roles/dataplex.entryTypeOwner`) Dataplex Entry Type User (`roles/dataplex.entryTypeUser`) DLP Organization Data Profiles Driver (`roles/dlp.orgdriver`) DLP Project Data Profiles Driver (`roles/dlp.projectdriver`) Data Scientist (`roles/iam.dataScientist`) Databases Admin (`roles/iam.databasesAdmin`) Security Auditor (`roles/iam.securityAuditor`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataprep Service Agent (`roles/dataprep.serviceAgent`) DLP API Service Agent (`roles/dlp.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`)
`dataplex.tasks.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.tasks.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.tasks.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.tasks.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.tasks.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.tasks.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.tasks.run`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.tasks.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.tasks.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Developer (`roles/dataplex.developer`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.zoneActions.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.zones.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.zones.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)
`dataplex.zones.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Dataplex Viewer (`roles/dataplex.viewer`) Support User (`roles/iam.supportUser`)
`dataplex.zones.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`)
`dataplex.zones.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`) Dataplex Metadata Reader (`roles/dataplex.metadataReader`) Dataplex Metadata Writer (`roles/dataplex.metadataWriter`) Dataplex Viewer (`roles/dataplex.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`dataplex.zones.setIamPolicy`	Owner (`roles/owner`) Dataplex Administrator (`roles/dataplex.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataplex.zones.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataplex Administrator (`roles/dataplex.admin`) Dataplex Editor (`roles/dataplex.editor`)

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-15 UTC.

Movatterモバイル変換

Dataplex Universal Catalog roles and permissions Stay organized with collections Save and categorize content based on your preferences.