Managed Service for Microsoft Active Directory roles and permissions

This page lists the IAM roles and permissions for Managed Service for Microsoft Active Directory. Tosearch through all roles and permissions, see therole andpermission index.

Managed Service for Microsoft Active Directory roles

RolePermissions

Google Cloud Managed Identities Admin

(roles/managedidentities.admin)

Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level.

managedidentities.*

  • managedidentities.backups.create
  • managedidentities.backups.delete
  • managedidentities.backups.get
  • managedidentities.backups.getIamPolicy
  • managedidentities.backups.list
  • managedidentities.backups.setIamPolicy
  • managedidentities.backups.update
  • managedidentities.domains.attachTrust
  • managedidentities.domains.checkMigrationPermission
  • managedidentities.domains.create
  • managedidentities.domains.createTagBinding
  • managedidentities.domains.delete
  • managedidentities.domains.deleteTagBinding
  • managedidentities.domains.detachTrust
  • managedidentities.domains.disableMigration
  • managedidentities.domains.domainJoinMachine
  • managedidentities.domains.enableMigration
  • managedidentities.domains.extendSchema
  • managedidentities.domains.get
  • managedidentities.domains.getIamPolicy
  • managedidentities.domains.list
  • managedidentities.domains.listEffectiveTags
  • managedidentities.domains.listTagBindings
  • managedidentities.domains.reconfigureTrust
  • managedidentities.domains.resetpassword
  • managedidentities.domains.restore
  • managedidentities.domains.setIamPolicy
  • managedidentities.domains.update
  • managedidentities.domains.updateLDAPSSettings
  • managedidentities.domains.validateTrust
  • managedidentities.locations.get
  • managedidentities.locations.list
  • managedidentities.operations.cancel
  • managedidentities.operations.delete
  • managedidentities.operations.get
  • managedidentities.operations.list
  • managedidentities.peerings.create
  • managedidentities.peerings.delete
  • managedidentities.peerings.get
  • managedidentities.peerings.getIamPolicy
  • managedidentities.peerings.list
  • managedidentities.peerings.setIamPolicy
  • managedidentities.peerings.update
  • managedidentities.sqlintegrations.get
  • managedidentities.sqlintegrations.list

resourcemanager.projects.get

resourcemanager.projects.list

Google Cloud Managed Identities Backup Admin

(roles/managedidentities.backupAdmin)

Full access to Google Cloud Managed Identities Backup and related resources. Intended to be granted on a project-level

managedidentities.backups.*

  • managedidentities.backups.create
  • managedidentities.backups.delete
  • managedidentities.backups.get
  • managedidentities.backups.getIamPolicy
  • managedidentities.backups.list
  • managedidentities.backups.setIamPolicy
  • managedidentities.backups.update

managedidentities.domains.get

managedidentities.locations.*

  • managedidentities.locations.get
  • managedidentities.locations.list

managedidentities.operations.*

  • managedidentities.operations.cancel
  • managedidentities.operations.delete
  • managedidentities.operations.get
  • managedidentities.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Google Cloud Managed Identities Backup Viewer

(roles/managedidentities.backupViewer)

Read-only access to Google Cloud Managed Identities Backup and related resources.

managedidentities.backups.get

managedidentities.backups.getIamPolicy

managedidentities.backups.list

managedidentities.domains.get

managedidentities.locations.*

  • managedidentities.locations.get
  • managedidentities.locations.list

managedidentities.operations.get

managedidentities.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Google Cloud Managed Identities Domain Admin

(roles/managedidentities.domainAdmin)

Read-Update-Delete to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a resource (domain) level.

managedidentities.backups.*

  • managedidentities.backups.create
  • managedidentities.backups.delete
  • managedidentities.backups.get
  • managedidentities.backups.getIamPolicy
  • managedidentities.backups.list
  • managedidentities.backups.setIamPolicy
  • managedidentities.backups.update

managedidentities.domains.attachTrust

managedidentities.domains.checkMigrationPermission

managedidentities.domains.createTagBinding

managedidentities.domains.delete

managedidentities.domains.deleteTagBinding

managedidentities.domains.detachTrust

managedidentities.domains.disableMigration

managedidentities.domains.domainJoinMachine

managedidentities.domains.enableMigration

managedidentities.domains.extendSchema

managedidentities.domains.get

managedidentities.domains.getIamPolicy

managedidentities.domains.listEffectiveTags

managedidentities.domains.listTagBindings

managedidentities.domains.reconfigureTrust

managedidentities.domains.resetpassword

managedidentities.domains.restore

managedidentities.domains.update

managedidentities.domains.updateLDAPSSettings

managedidentities.domains.validateTrust

managedidentities.locations.*

  • managedidentities.locations.get
  • managedidentities.locations.list

managedidentities.operations.get

managedidentities.operations.list

managedidentities.sqlintegrations.*

  • managedidentities.sqlintegrations.get
  • managedidentities.sqlintegrations.list

resourcemanager.projects.get

resourcemanager.projects.list

Google Cloud Managed Identities Domain JoinBeta

(roles/managedidentities.domainJoin)

Access to domain join VMs with Cloud AD

managedidentities.domains.domainJoinMachine

managedidentities.domains.get

Google Cloud Managed Identities Peering Admin

(roles/managedidentities.peeringAdmin)

Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level

managedidentities.locations.*

  • managedidentities.locations.get
  • managedidentities.locations.list

managedidentities.operations.*

  • managedidentities.operations.cancel
  • managedidentities.operations.delete
  • managedidentities.operations.get
  • managedidentities.operations.list

managedidentities.peerings.*

  • managedidentities.peerings.create
  • managedidentities.peerings.delete
  • managedidentities.peerings.get
  • managedidentities.peerings.getIamPolicy
  • managedidentities.peerings.list
  • managedidentities.peerings.setIamPolicy
  • managedidentities.peerings.update

resourcemanager.projects.get

resourcemanager.projects.list

Google Cloud Managed Identities Peering Viewer

(roles/managedidentities.peeringViewer)

Read-only access to Google Cloud Managed Identities Peering and related resources.

managedidentities.locations.*

  • managedidentities.locations.get
  • managedidentities.locations.list

managedidentities.operations.get

managedidentities.operations.list

managedidentities.peerings.get

managedidentities.peerings.getIamPolicy

managedidentities.peerings.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Managed Identities Service Agent

(roles/managedidentities.serviceAgent)

Gives Managed Identities service account access to managed resources.

Warning: Do not grant service agent roles to any principals exceptservice agents.

compute.globalOperations.get

compute.networks.addPeering

compute.networks.get

compute.networks.removePeering

compute.networks.update

compute.routes.list

dns.changes.*

  • dns.changes.create
  • dns.changes.get
  • dns.changes.list

dns.dnsKeys.*

  • dns.dnsKeys.get
  • dns.dnsKeys.list

dns.managedZoneOperations.*

  • dns.managedZoneOperations.get
  • dns.managedZoneOperations.list

dns.managedZones.create

dns.managedZones.delete

dns.managedZones.get

dns.managedZones.list

dns.managedZones.update

dns.networks.bindPrivateDNSPolicy

dns.networks.bindPrivateDNSZone

dns.policies.create

dns.policies.delete

dns.policies.get

dns.policies.list

dns.policies.update

dns.projects.get

dns.resourceRecordSets.*

  • dns.resourceRecordSets.create
  • dns.resourceRecordSets.delete
  • dns.resourceRecordSets.get
  • dns.resourceRecordSets.list
  • dns.resourceRecordSets.update

dns.responsePolicies.*

  • dns.responsePolicies.create
  • dns.responsePolicies.delete
  • dns.responsePolicies.get
  • dns.responsePolicies.list
  • dns.responsePolicies.update

dns.responsePolicyRules.*

  • dns.responsePolicyRules.create
  • dns.responsePolicyRules.delete
  • dns.responsePolicyRules.get
  • dns.responsePolicyRules.list
  • dns.responsePolicyRules.update

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

resourcemanager.projects.get

resourcemanager.projects.list

telemetry.metrics.write

Google Cloud Managed Identities Viewer

(roles/managedidentities.viewer)

Read-only access to Google Cloud Managed Identities Domains and related resources.

managedidentities.backups.get

managedidentities.backups.getIamPolicy

managedidentities.backups.list

managedidentities.domains.get

managedidentities.domains.getIamPolicy

managedidentities.domains.list

managedidentities.domains.listEffectiveTags

managedidentities.domains.listTagBindings

managedidentities.locations.*

  • managedidentities.locations.get
  • managedidentities.locations.list

managedidentities.operations.get

managedidentities.operations.list

managedidentities.peerings.get

managedidentities.peerings.getIamPolicy

managedidentities.peerings.list

managedidentities.sqlintegrations.*

  • managedidentities.sqlintegrations.get
  • managedidentities.sqlintegrations.list

resourcemanager.projects.get

resourcemanager.projects.list

Managed Service for Microsoft Active Directory permissions

PermissionIncluded in roles

managedidentities.backups.create

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.backups.delete

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.backups.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.backups.getIamPolicy

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.backups.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.backups.setIamPolicy

Owner (roles/owner)

Security Admin (roles/iam.securityAdmin)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.backups.update

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.attachTrust

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.checkMigrationPermission

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.create

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

managedidentities.domains.createTagBinding

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Tag User (roles/resourcemanager.tagUser)

managedidentities.domains.delete

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.deleteTagBinding

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Tag User (roles/resourcemanager.tagUser)

managedidentities.domains.detachTrust

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.disableMigration

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.domainJoinMachine

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Domain Join (roles/managedidentities.domainJoin)

managedidentities.domains.enableMigration

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.extendSchema

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Domain Join (roles/managedidentities.domainJoin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.domains.getIamPolicy

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.domains.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.domains.listEffectiveTags

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

managedidentities.domains.listTagBindings

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

managedidentities.domains.reconfigureTrust

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.resetpassword

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.restore

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.setIamPolicy

Owner (roles/owner)

Security Admin (roles/iam.securityAdmin)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

managedidentities.domains.update

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.updateLDAPSSettings

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.domains.validateTrust

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

managedidentities.locations.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.locations.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.operations.cancel

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

managedidentities.operations.delete

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

managedidentities.operations.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.operations.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Backup Admin (roles/managedidentities.backupAdmin)

Google Cloud Managed Identities Backup Viewer (roles/managedidentities.backupViewer)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.peerings.create

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

managedidentities.peerings.delete

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

managedidentities.peerings.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.peerings.getIamPolicy

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.peerings.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

Google Cloud Managed Identities Peering Viewer (roles/managedidentities.peeringViewer)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.peerings.setIamPolicy

Owner (roles/owner)

Security Admin (roles/iam.securityAdmin)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

managedidentities.peerings.update

Owner (roles/owner)

Editor (roles/editor)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Peering Admin (roles/managedidentities.peeringAdmin)

managedidentities.sqlintegrations.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

managedidentities.sqlintegrations.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Google Cloud Managed Identities Admin (roles/managedidentities.admin)

Google Cloud Managed Identities Domain Admin (roles/managedidentities.domainAdmin)

Google Cloud Managed Identities Viewer (roles/managedidentities.viewer)

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-18 UTC.