Distributed Cloud Edge Container roles and permissions

This page lists the IAM roles and permissions for Distributed Cloud Edge Container. Tosearch through all roles and permissions, see therole andpermission index.

Distributed Cloud Edge Container roles

Role Permissions

Role	Permissions
Edge Container Admin (`roles/edgecontainer.admin`) Full access to Edge Container all resources.	`edgecontainer.*` `edgecontainer.clusters.create` `edgecontainer.clusters.delete` `edgecontainer.clusters.generateAccessToken` `edgecontainer.clusters.generateOfflineCredential` `edgecontainer.clusters.get` `edgecontainer.clusters.getIamPolicy` `edgecontainer.clusters.list` `edgecontainer.clusters.setIamPolicy` `edgecontainer.clusters.update` `edgecontainer.clusters.upgrade` `edgecontainer.identityproviders.create` `edgecontainer.identityproviders.delete` `edgecontainer.identityproviders.get` `edgecontainer.identityproviders.list` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.machines.create` `edgecontainer.machines.delete` `edgecontainer.machines.get` `edgecontainer.machines.getIamPolicy` `edgecontainer.machines.list` `edgecontainer.machines.setIamPolicy` `edgecontainer.machines.update` `edgecontainer.machines.use` `edgecontainer.nodePools.create` `edgecontainer.nodePools.delete` `edgecontainer.nodePools.get` `edgecontainer.nodePools.getIamPolicy` `edgecontainer.nodePools.list` `edgecontainer.nodePools.setIamPolicy` `edgecontainer.nodePools.update` `edgecontainer.operations.cancel` `edgecontainer.operations.delete` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.serverconfig.get` `edgecontainer.serviceaccounts.create` `edgecontainer.serviceaccounts.delete` `edgecontainer.serviceaccounts.generatekey` `edgecontainer.serviceaccounts.get` `edgecontainer.serviceaccounts.list` `edgecontainer.vpnConnections.create` `edgecontainer.vpnConnections.delete` `edgecontainer.vpnConnections.get` `edgecontainer.vpnConnections.getIamPolicy` `edgecontainer.vpnConnections.list` `edgecontainer.vpnConnections.setIamPolicy` `edgecontainer.vpnConnections.update` `edgecontainer.zonalProjects.disable` `edgecontainer.zonalProjects.enable` `edgecontainer.zonalProjects.get` `edgecontainer.zonalProjects.list` `edgecontainer.zonalservices.disable` `edgecontainer.zonalservices.enable` `edgecontainer.zonalservices.get` `edgecontainer.zonalservices.list` `edgecontainer.zones.get` `edgecontainer.zones.getZoneIamPolicy` `edgecontainer.zones.list` `edgecontainer.zones.setZoneIamPolicy` `resourcemanager.projects.get` `resourcemanager.projects.list`
Edge Container Cluster Service Agent (`roles/edgecontainer.clusterServiceAgent`) Grants the Edge Container Cluster Service Account access to manage resources. Warning: Do not grant service agent roles to any principals except service agents.	`cloudnotifications.activities.list` `gkehub.endpoints.connect` `gkehub.features.create` `gkehub.features.get` `gkehub.features.list` `gkehub.features.update` `gkehub.fleet.create` `gkehub.fleet.delete` `gkehub.fleet.get` `gkehub.locations.` `gkehub.locations.get` `gkehub.locations.list` `gkehub.memberships.create` `gkehub.memberships.delete` `gkehub.memberships.generateConnectManifest` `gkehub.memberships.get` `gkehub.memberships.list` `gkehub.memberships.update` `gkehub.operations.` `gkehub.operations.cancel` `gkehub.operations.delete` `gkehub.operations.get` `gkehub.operations.list` `kubernetesmetadata.` `kubernetesmetadata.metadata.config` `kubernetesmetadata.metadata.publish` `kubernetesmetadata.metadata.snapshot` `logging.logEntries.create` `monitoring.alertPolicies.get` `monitoring.alertPolicies.list` `monitoring.alertPolicies.listEffectiveTags` `monitoring.alertPolicies.listTagBindings` `monitoring.alerts.` `monitoring.alerts.get` `monitoring.alerts.list` `monitoring.dashboards.create` `monitoring.dashboards.delete` `monitoring.dashboards.get` `monitoring.dashboards.list` `monitoring.dashboards.listEffectiveTags` `monitoring.dashboards.listTagBindings` `monitoring.dashboards.update` `monitoring.groups.get` `monitoring.groups.list` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.notificationChannelDescriptors.` `monitoring.notificationChannelDescriptors.get` `monitoring.notificationChannelDescriptors.list` `monitoring.notificationChannels.get` `monitoring.notificationChannels.list` `monitoring.services.get` `monitoring.services.list` `monitoring.slos.get` `monitoring.slos.list` `monitoring.snoozes.get` `monitoring.snoozes.list` `monitoring.timeSeries.` `monitoring.timeSeries.create` `monitoring.timeSeries.list` `monitoring.uptimeCheckConfigs.get` `monitoring.uptimeCheckConfigs.list` `opsconfigmonitoring.` `opsconfigmonitoring.resourceMetadata.list` `opsconfigmonitoring.resourceMetadata.write` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.consumerpolicy.analyze` `serviceusage.consumerpolicy.get` `serviceusage.contentsecuritypolicy.get` `serviceusage.effectivemcppolicy.get` `serviceusage.effectivepolicy.get` `serviceusage.groups.` `serviceusage.groups.list` `serviceusage.groups.listExpandedMembers` `serviceusage.groups.listMembers` `serviceusage.mcppolicy.get` `serviceusage.operations.get` `serviceusage.quotas.get` `serviceusage.services.enable` `serviceusage.services.get` `serviceusage.services.list` `serviceusage.values.test` `stackdriver.projects.get` `stackdriver.resourceMetadata.` `stackdriver.resourceMetadata.list` `stackdriver.resourceMetadata.write` `storage.buckets.create` `storage.buckets.get` `storage.buckets.list` `storage.buckets.update` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`) Access to manage Identity Providers.	`edgecontainer.identityproviders.` `edgecontainer.identityproviders.create` `edgecontainer.identityproviders.delete` `edgecontainer.identityproviders.get` `edgecontainer.identityproviders.list` `edgecontainer.locations.` `edgecontainer.locations.get` `edgecontainer.locations.list`
Edge Container Identity Provider Viewer (`roles/edgecontainer.identityProviderViewer`) Read-only access to Identity Providers.	`edgecontainer.identityproviders.get` `edgecontainer.identityproviders.list` `edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list`
Edge Container Machine User (`roles/edgecontainer.machineUser`) Access to use Edge Container Machine resources.	`edgecontainer.machines.get` `edgecontainer.machines.getIamPolicy` `edgecontainer.machines.list` `edgecontainer.machines.use` `resourcemanager.projects.get` `resourcemanager.projects.list`
Edge Container Cluster offline Credential User (`roles/edgecontainer.offlineCredentialUser`) Access to get Edge Container cluster offline credentials	`edgecontainer.clusters.generateOfflineCredential` `resourcemanager.projects.get` `resourcemanager.projects.list`
Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`) Access to manage Service Accounts.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.serviceaccounts.create` `edgecontainer.serviceaccounts.delete` `edgecontainer.serviceaccounts.get` `edgecontainer.serviceaccounts.list`
Edge Container Service Account Key Admin (`roles/edgecontainer.serviceAccountKeyAdmin`) Access to manage Service Account Keys.	`edgecontainer.serviceaccounts.generatekey` `edgecontainer.serviceaccounts.get` `edgecontainer.serviceaccounts.list`
Edge Container Service Account Viewer (`roles/edgecontainer.serviceAccountViewer`) Read-only access to Service Accounts.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.serviceaccounts.get` `edgecontainer.serviceaccounts.list`
Edge Container Service Agent (`roles/edgecontainer.serviceAgent`) Grants the Edge Container Service Account access to manage resources. Warning: Do not grant service agent roles to any principals except service agents.	`compute.externalVpnGateways.create` `compute.externalVpnGateways.delete` `compute.externalVpnGateways.get` `compute.externalVpnGateways.use` `compute.globalOperations.get` `compute.networks.get` `compute.networks.updatePolicy` `compute.regionOperations.get` `compute.routers.create` `compute.routers.delete` `compute.routers.get` `compute.routers.list` `compute.routers.update` `compute.routers.use` `compute.vpnGateways.create` `compute.vpnGateways.delete` `compute.vpnGateways.get` `compute.vpnGateways.use` `compute.vpnTunnels.create` `compute.vpnTunnels.delete` `compute.vpnTunnels.get` `gkehub.memberships.create` `gkehub.memberships.delete` `gkehub.memberships.generateConnectManifest` `gkehub.memberships.get` `gkehub.memberships.list` `gkehub.memberships.update` `gkehub.operations.cancel` `gkehub.operations.get` `serviceusage.services.get` `serviceusage.services.list`
Edge Container Viewer (`roles/edgecontainer.viewer`) Read-only access to Edge Container all resources.	`edgecontainer.clusters.generateAccessToken` `edgecontainer.clusters.get` `edgecontainer.clusters.getIamPolicy` `edgecontainer.clusters.list` `edgecontainer.identityproviders.get` `edgecontainer.identityproviders.list` `edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.machines.get` `edgecontainer.machines.getIamPolicy` `edgecontainer.machines.list` `edgecontainer.nodePools.get` `edgecontainer.nodePools.getIamPolicy` `edgecontainer.nodePools.list` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.serverconfig.get` `edgecontainer.serviceaccounts.generatekey` `edgecontainer.serviceaccounts.get` `edgecontainer.serviceaccounts.list` `edgecontainer.vpnConnections.get` `edgecontainer.vpnConnections.getIamPolicy` `edgecontainer.vpnConnections.list` `edgecontainer.zonalProjects.get` `edgecontainer.zonalProjects.list` `edgecontainer.zonalservices.get` `edgecontainer.zonalservices.list` `edgecontainer.zones.get` `edgecontainer.zones.getZoneIamPolicy` `edgecontainer.zones.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Access to manage zonal projects.	`edgecontainer.locations.` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.operations.` `edgecontainer.operations.cancel` `edgecontainer.operations.delete` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.zonalProjects.enable` `edgecontainer.zonalProjects.get` `edgecontainer.zonalProjects.list` `edgecontainer.zones.get` `edgecontainer.zones.list`
Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Read-only access to zonal projects.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.zonalProjects.get` `edgecontainer.zonalProjects.list` `edgecontainer.zones.get` `edgecontainer.zones.list`
Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Access to mutate zonal service.	`edgecontainer.locations.` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.operations.` `edgecontainer.operations.cancel` `edgecontainer.operations.delete` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.zonalservices.enable` `edgecontainer.zonalservices.get` `edgecontainer.zonalservices.list`
Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Read-only access to zonal services.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.zonalservices.get` `edgecontainer.zonalservices.list`
Edge Container Zone Iam Policy Admin (`roles/edgecontainer.zoneIamAdmin`) Access to manage Iam Policy in the zone.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.zones.getZoneIamPolicy` `edgecontainer.zones.setZoneIamPolicy`
Edge Container Zone Iam Policy Viewer (`roles/edgecontainer.zoneIamViewer`) Read-only access to Iam Policy in the zone.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.zones.getZoneIamPolicy`
Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Read-only access to zones.	`edgecontainer.locations.*` `edgecontainer.locations.get` `edgecontainer.locations.list` `edgecontainer.operations.get` `edgecontainer.operations.list` `edgecontainer.zones.get` `edgecontainer.zones.list`

Edge Container Admin

(roles/edgecontainer.admin)

Full access to Edge Container all resources.

edgecontainer.*

edgecontainer.clusters.create
edgecontainer.clusters.delete
edgecontainer.clusters.generateAccessToken
edgecontainer.clusters.generateOfflineCredential
edgecontainer.clusters.get
edgecontainer.clusters.getIamPolicy
edgecontainer.clusters.list
edgecontainer.clusters.setIamPolicy
edgecontainer.clusters.update
edgecontainer.clusters.upgrade
edgecontainer.identityproviders.create
edgecontainer.identityproviders.delete
edgecontainer.identityproviders.get
edgecontainer.identityproviders.list
edgecontainer.locations.get
edgecontainer.locations.list
edgecontainer.machines.create
edgecontainer.machines.delete
edgecontainer.machines.get
edgecontainer.machines.getIamPolicy
edgecontainer.machines.list
edgecontainer.machines.setIamPolicy
edgecontainer.machines.update
edgecontainer.machines.use
edgecontainer.nodePools.create
edgecontainer.nodePools.delete
edgecontainer.nodePools.get
edgecontainer.nodePools.getIamPolicy
edgecontainer.nodePools.list
edgecontainer.nodePools.setIamPolicy
edgecontainer.nodePools.update
edgecontainer.operations.cancel
edgecontainer.operations.delete
edgecontainer.operations.get
edgecontainer.operations.list
edgecontainer.serverconfig.get
edgecontainer.serviceaccounts.create
edgecontainer.serviceaccounts.delete
edgecontainer.serviceaccounts.generatekey
edgecontainer.serviceaccounts.get
edgecontainer.serviceaccounts.list
edgecontainer.vpnConnections.create
edgecontainer.vpnConnections.delete
edgecontainer.vpnConnections.get
edgecontainer.vpnConnections.getIamPolicy
edgecontainer.vpnConnections.list
edgecontainer.vpnConnections.setIamPolicy
edgecontainer.vpnConnections.update
edgecontainer.zonalProjects.disable
edgecontainer.zonalProjects.enable
edgecontainer.zonalProjects.get
edgecontainer.zonalProjects.list
edgecontainer.zonalservices.disable
edgecontainer.zonalservices.enable
edgecontainer.zonalservices.get
edgecontainer.zonalservices.list
edgecontainer.zones.get
edgecontainer.zones.getZoneIamPolicy
edgecontainer.zones.list
edgecontainer.zones.setZoneIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

Edge Container Cluster Service Agent

(roles/edgecontainer.clusterServiceAgent)

Grants the Edge Container Cluster Service Account access to manage resources.

Warning: Do not grant service agent roles to any principals except service agents.

cloudnotifications.activities.list

gkehub.endpoints.connect

gkehub.features.create

gkehub.features.get

gkehub.features.list

gkehub.features.update

gkehub.fleet.create

gkehub.fleet.delete

gkehub.fleet.get

gkehub.locations.*

gkehub.locations.get
gkehub.locations.list

gkehub.memberships.create

gkehub.memberships.delete

gkehub.memberships.generateConnectManifest

gkehub.memberships.get

gkehub.memberships.list

gkehub.memberships.update

gkehub.operations.*

gkehub.operations.cancel
gkehub.operations.delete
gkehub.operations.get
gkehub.operations.list

kubernetesmetadata.*

kubernetesmetadata.metadata.config
kubernetesmetadata.metadata.publish
kubernetesmetadata.metadata.snapshot

logging.logEntries.create

monitoring.alertPolicies.get

monitoring.alertPolicies.list

monitoring.alertPolicies.listEffectiveTags

monitoring.alertPolicies.listTagBindings

monitoring.alerts.*

monitoring.alerts.get
monitoring.alerts.list

monitoring.dashboards.create

monitoring.dashboards.delete

monitoring.dashboards.get

monitoring.dashboards.list

monitoring.dashboards.listEffectiveTags

monitoring.dashboards.listTagBindings

monitoring.dashboards.update

monitoring.groups.get

monitoring.groups.list

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.notificationChannelDescriptors.*

monitoring.notificationChannelDescriptors.get
monitoring.notificationChannelDescriptors.list

monitoring.notificationChannels.get

monitoring.notificationChannels.list

monitoring.services.get

monitoring.services.list

monitoring.slos.get

monitoring.slos.list

monitoring.snoozes.get

monitoring.snoozes.list

monitoring.timeSeries.*

monitoring.timeSeries.create
monitoring.timeSeries.list

monitoring.uptimeCheckConfigs.get

monitoring.uptimeCheckConfigs.list

opsconfigmonitoring.*

opsconfigmonitoring.resourceMetadata.list
opsconfigmonitoring.resourceMetadata.write

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.consumerpolicy.analyze

serviceusage.consumerpolicy.get

serviceusage.contentsecuritypolicy.get

serviceusage.effectivemcppolicy.get

serviceusage.effectivepolicy.get

serviceusage.groups.*

serviceusage.groups.list
serviceusage.groups.listExpandedMembers
serviceusage.groups.listMembers

serviceusage.mcppolicy.get

serviceusage.operations.get

serviceusage.quotas.get

serviceusage.services.enable

serviceusage.services.get

serviceusage.services.list

serviceusage.values.test

stackdriver.projects.get

stackdriver.resourceMetadata.*

stackdriver.resourceMetadata.list
stackdriver.resourceMetadata.write

storage.buckets.create

storage.buckets.get

storage.buckets.list

storage.buckets.update

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Edge Container Identity Provider Admin

(roles/edgecontainer.identityProviderAdmin)

Access to manage Identity Providers.

edgecontainer.identityproviders.*

edgecontainer.identityproviders.create
edgecontainer.identityproviders.delete
edgecontainer.identityproviders.get
edgecontainer.identityproviders.list

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

Edge Container Identity Provider Viewer

(roles/edgecontainer.identityProviderViewer)

Read-only access to Identity Providers.

edgecontainer.identityproviders.get

edgecontainer.identityproviders.list

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

Edge Container Machine User

(roles/edgecontainer.machineUser)

Access to use Edge Container Machine resources.

edgecontainer.machines.get

edgecontainer.machines.getIamPolicy

edgecontainer.machines.list

edgecontainer.machines.use

resourcemanager.projects.get

resourcemanager.projects.list

Edge Container Cluster offline Credential User

(roles/edgecontainer.offlineCredentialUser)

Access to get Edge Container cluster offline credentials

edgecontainer.clusters.generateOfflineCredential

resourcemanager.projects.get

resourcemanager.projects.list

Edge Container Service Account Admin

(roles/edgecontainer.serviceAccountAdmin)

Access to manage Service Accounts.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.serviceaccounts.create

edgecontainer.serviceaccounts.delete

edgecontainer.serviceaccounts.get

edgecontainer.serviceaccounts.list

Edge Container Service Account Key Admin

(roles/edgecontainer.serviceAccountKeyAdmin)

Access to manage Service Account Keys.

edgecontainer.serviceaccounts.generatekey

edgecontainer.serviceaccounts.get

edgecontainer.serviceaccounts.list

Edge Container Service Account Viewer

(roles/edgecontainer.serviceAccountViewer)

Read-only access to Service Accounts.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.serviceaccounts.get

edgecontainer.serviceaccounts.list

Edge Container Service Agent

(roles/edgecontainer.serviceAgent)

Grants the Edge Container Service Account access to manage resources.

Warning: Do not grant service agent roles to any principals except service agents.

compute.externalVpnGateways.create

compute.externalVpnGateways.delete

compute.externalVpnGateways.get

compute.externalVpnGateways.use

compute.globalOperations.get

compute.networks.get

compute.networks.updatePolicy

compute.regionOperations.get

compute.routers.create

compute.routers.delete

compute.routers.get

compute.routers.list

compute.routers.update

compute.routers.use

compute.vpnGateways.create

compute.vpnGateways.delete

compute.vpnGateways.get

compute.vpnGateways.use

compute.vpnTunnels.create

compute.vpnTunnels.delete

compute.vpnTunnels.get

gkehub.memberships.create

gkehub.memberships.delete

gkehub.memberships.generateConnectManifest

gkehub.memberships.get

gkehub.memberships.list

gkehub.memberships.update

gkehub.operations.cancel

gkehub.operations.get

serviceusage.services.get

serviceusage.services.list

Edge Container Viewer

(roles/edgecontainer.viewer)

Read-only access to Edge Container all resources.

edgecontainer.clusters.generateAccessToken

edgecontainer.clusters.get

edgecontainer.clusters.getIamPolicy

edgecontainer.clusters.list

edgecontainer.identityproviders.get

edgecontainer.identityproviders.list

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.machines.get

edgecontainer.machines.getIamPolicy

edgecontainer.machines.list

edgecontainer.nodePools.get

edgecontainer.nodePools.getIamPolicy

edgecontainer.nodePools.list

edgecontainer.operations.get

edgecontainer.operations.list

edgecontainer.serverconfig.get

edgecontainer.serviceaccounts.generatekey

edgecontainer.serviceaccounts.get

edgecontainer.serviceaccounts.list

edgecontainer.vpnConnections.get

edgecontainer.vpnConnections.getIamPolicy

edgecontainer.vpnConnections.list

edgecontainer.zonalProjects.get

edgecontainer.zonalProjects.list

edgecontainer.zonalservices.get

edgecontainer.zonalservices.list

edgecontainer.zones.get

edgecontainer.zones.getZoneIamPolicy

edgecontainer.zones.list

resourcemanager.projects.get

resourcemanager.projects.list

Edge Container Zonal Project Admin

(roles/edgecontainer.zonalProjectAdmin)

Access to manage zonal projects.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.operations.*

edgecontainer.operations.cancel
edgecontainer.operations.delete
edgecontainer.operations.get
edgecontainer.operations.list

edgecontainer.zonalProjects.enable

edgecontainer.zonalProjects.get

edgecontainer.zonalProjects.list

edgecontainer.zones.get

edgecontainer.zones.list

Edge Container Zonal Project Viewer

(roles/edgecontainer.zonalProjectViewer)

Read-only access to zonal projects.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.operations.get

edgecontainer.operations.list

edgecontainer.zonalProjects.get

edgecontainer.zonalProjects.list

edgecontainer.zones.get

edgecontainer.zones.list

Edge Container Zonal Service Admin

(roles/edgecontainer.zonalServiceAdmin)

Access to mutate zonal service.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.operations.*

edgecontainer.operations.cancel
edgecontainer.operations.delete
edgecontainer.operations.get
edgecontainer.operations.list

edgecontainer.zonalservices.enable

edgecontainer.zonalservices.get

edgecontainer.zonalservices.list

Edge Container Zonal Service Viewer

(roles/edgecontainer.zonalServiceViewer)

Read-only access to zonal services.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.operations.get

edgecontainer.operations.list

edgecontainer.zonalservices.get

edgecontainer.zonalservices.list

Edge Container Zone Iam Policy Admin

(roles/edgecontainer.zoneIamAdmin)

Access to manage Iam Policy in the zone.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.zones.getZoneIamPolicy

edgecontainer.zones.setZoneIamPolicy

Edge Container Zone Iam Policy Viewer

(roles/edgecontainer.zoneIamViewer)

Read-only access to Iam Policy in the zone.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.zones.getZoneIamPolicy

Edge Container Zone Viewer

(roles/edgecontainer.zoneViewer)

Read-only access to zones.

edgecontainer.locations.*

edgecontainer.locations.get
edgecontainer.locations.list

edgecontainer.operations.get

edgecontainer.operations.list

edgecontainer.zones.get

edgecontainer.zones.list

Distributed Cloud Edge Container permissions

Permission	Included in roles
`edgecontainer.clusters.create`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.clusters.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.clusters.generateAccessToken`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.clusters.generateOfflineCredential`	Owner (`roles/owner`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Cluster offline Credential User (`roles/edgecontainer.offlineCredentialUser`)
`edgecontainer.clusters.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.clusters.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.clusters.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.clusters.setIamPolicy`	Owner (`roles/owner`) Edge Container Admin (`roles/edgecontainer.admin`) Security Admin (`roles/iam.securityAdmin`)
`edgecontainer.clusters.update`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.clusters.upgrade`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.identityproviders.create`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`)
`edgecontainer.identityproviders.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`)
`edgecontainer.identityproviders.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`) Edge Container Identity Provider Viewer (`roles/edgecontainer.identityProviderViewer`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.identityproviders.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`) Edge Container Identity Provider Viewer (`roles/edgecontainer.identityProviderViewer`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.locations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`) Edge Container Identity Provider Viewer (`roles/edgecontainer.identityProviderViewer`) Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`) Edge Container Service Account Viewer (`roles/edgecontainer.serviceAccountViewer`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Edge Container Zone Iam Policy Admin (`roles/edgecontainer.zoneIamAdmin`) Edge Container Zone Iam Policy Viewer (`roles/edgecontainer.zoneIamViewer`) Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.locations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Identity Provider Admin (`roles/edgecontainer.identityProviderAdmin`) Edge Container Identity Provider Viewer (`roles/edgecontainer.identityProviderViewer`) Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`) Edge Container Service Account Viewer (`roles/edgecontainer.serviceAccountViewer`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Edge Container Zone Iam Policy Admin (`roles/edgecontainer.zoneIamAdmin`) Edge Container Zone Iam Policy Viewer (`roles/edgecontainer.zoneIamViewer`) Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.machines.create`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.machines.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.machines.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Machine User (`roles/edgecontainer.machineUser`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.machines.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Machine User (`roles/edgecontainer.machineUser`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.machines.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Machine User (`roles/edgecontainer.machineUser`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.machines.setIamPolicy`	Owner (`roles/owner`) Edge Container Admin (`roles/edgecontainer.admin`) Security Admin (`roles/iam.securityAdmin`)
`edgecontainer.machines.update`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.machines.use`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Machine User (`roles/edgecontainer.machineUser`)
`edgecontainer.nodePools.create`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.nodePools.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.nodePools.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.nodePools.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.nodePools.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.nodePools.setIamPolicy`	Owner (`roles/owner`) Edge Container Admin (`roles/edgecontainer.admin`) Security Admin (`roles/iam.securityAdmin`)
`edgecontainer.nodePools.update`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`)
`edgecontainer.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`)
`edgecontainer.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.serverconfig.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.serviceaccounts.create`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`)
`edgecontainer.serviceaccounts.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`)
`edgecontainer.serviceaccounts.generatekey`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Service Account Key Admin (`roles/edgecontainer.serviceAccountKeyAdmin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.serviceaccounts.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`) Edge Container Service Account Key Admin (`roles/edgecontainer.serviceAccountKeyAdmin`) Edge Container Service Account Viewer (`roles/edgecontainer.serviceAccountViewer`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.serviceaccounts.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Service Account Admin (`roles/edgecontainer.serviceAccountAdmin`) Edge Container Service Account Key Admin (`roles/edgecontainer.serviceAccountKeyAdmin`) Edge Container Service Account Viewer (`roles/edgecontainer.serviceAccountViewer`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.vpnConnections.create`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.vpnConnections.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.vpnConnections.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.vpnConnections.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.vpnConnections.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.vpnConnections.setIamPolicy`	Owner (`roles/owner`) Edge Container Admin (`roles/edgecontainer.admin`) Security Admin (`roles/iam.securityAdmin`)
`edgecontainer.vpnConnections.update`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.zonalProjects.disable`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.zonalProjects.enable`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`)
`edgecontainer.zonalProjects.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zonalProjects.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zonalservices.disable`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`)
`edgecontainer.zonalservices.enable`	Owner (`roles/owner`) Editor (`roles/editor`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`)
`edgecontainer.zonalservices.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zonalservices.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Service Admin (`roles/edgecontainer.zonalServiceAdmin`) Edge Container Zonal Service Viewer (`roles/edgecontainer.zonalServiceViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zones.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zones.getZoneIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zone Iam Policy Admin (`roles/edgecontainer.zoneIamAdmin`) Edge Container Zone Iam Policy Viewer (`roles/edgecontainer.zoneIamViewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zones.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Viewer (`roles/edgecontainer.viewer`) Edge Container Zonal Project Admin (`roles/edgecontainer.zonalProjectAdmin`) Edge Container Zonal Project Viewer (`roles/edgecontainer.zonalProjectViewer`) Edge Container Zone Viewer (`roles/edgecontainer.zoneViewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`)
`edgecontainer.zones.setZoneIamPolicy`	Owner (`roles/owner`) Edge Container Admin (`roles/edgecontainer.admin`) Edge Container Zone Iam Policy Admin (`roles/edgecontainer.zoneIamAdmin`)

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-15 UTC.

Movatterモバイル変換

Distributed Cloud Edge Container roles and permissions Stay organized with collections Save and categorize content based on your preferences.