Stream roles and permissions

This page lists the IAM roles and permissions for Stream. Tosearch through all roles and permissions, see therole andpermission index.

Stream roles

RolePermissions

Stream Admin

(roles/stream.admin)

Full access to Stream all resources.

resourcemanager.projects.get

resourcemanager.projects.list

stream.*

  • stream.locations.get
  • stream.locations.list
  • stream.operations.cancel
  • stream.operations.delete
  • stream.operations.get
  • stream.operations.list
  • stream.streamContents.build
  • stream.streamContents.create
  • stream.streamContents.delete
  • stream.streamContents.get
  • stream.streamContents.list
  • stream.streamContents.update
  • stream.streamInstances.create
  • stream.streamInstances.delete
  • stream.streamInstances.get
  • stream.streamInstances.list
  • stream.streamInstances.rollout
  • stream.streamInstances.update

Stream Content Admin

(roles/stream.contentAdmin)

Full access to all StreamContent resources.

resourcemanager.projects.get

resourcemanager.projects.list

stream.streamContents.*

  • stream.streamContents.build
  • stream.streamContents.create
  • stream.streamContents.delete
  • stream.streamContents.get
  • stream.streamContents.list
  • stream.streamContents.update

Stream Content Builder

(roles/stream.contentBuilder)

Read and build access to StreamContent resources.

resourcemanager.projects.get

resourcemanager.projects.list

stream.streamContents.build

stream.streamContents.get

stream.streamContents.list

Stream Instance Admin

(roles/stream.instanceAdmin)

Full access to all StreamInstance resources and Read access to all StreamContent resources.

resourcemanager.projects.get

resourcemanager.projects.list

stream.streamContents.get

stream.streamContents.list

stream.streamInstances.*

  • stream.streamInstances.create
  • stream.streamInstances.delete
  • stream.streamInstances.get
  • stream.streamInstances.list
  • stream.streamInstances.rollout
  • stream.streamInstances.update

Stream Service Agent

(roles/stream.serviceAgent)

Gives Immersive Stream for XR access to the required resources.

Warning: Do not grant service agent roles to any principals exceptservice agents.

resourcemanager.projects.get

resourcemanager.projects.list

storage.buckets.create

storage.buckets.get

storage.objects.create

storage.objects.get

storage.objects.list

Stream Viewer

(roles/stream.viewer)

Read-only access to Stream all resources.

resourcemanager.projects.get

resourcemanager.projects.list

stream.locations.*

  • stream.locations.get
  • stream.locations.list

stream.operations.get

stream.operations.list

stream.streamContents.get

stream.streamContents.list

stream.streamInstances.get

stream.streamInstances.list

Stream permissions

PermissionIncluded in roles

stream.locations.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Viewer (roles/stream.viewer)

stream.locations.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Viewer (roles/stream.viewer)

stream.operations.cancel

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

stream.operations.delete

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

stream.operations.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Viewer (roles/stream.viewer)

stream.operations.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Viewer (roles/stream.viewer)

stream.streamContents.build

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Content Admin (roles/stream.contentAdmin)

Stream Content Builder (roles/stream.contentBuilder)

stream.streamContents.create

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Content Admin (roles/stream.contentAdmin)

stream.streamContents.delete

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Content Admin (roles/stream.contentAdmin)

stream.streamContents.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Content Admin (roles/stream.contentAdmin)

Stream Content Builder (roles/stream.contentBuilder)

Stream Instance Admin (roles/stream.instanceAdmin)

Stream Viewer (roles/stream.viewer)

stream.streamContents.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Content Admin (roles/stream.contentAdmin)

Stream Content Builder (roles/stream.contentBuilder)

Stream Instance Admin (roles/stream.instanceAdmin)

Stream Viewer (roles/stream.viewer)

stream.streamContents.update

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Content Admin (roles/stream.contentAdmin)

stream.streamInstances.create

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Instance Admin (roles/stream.instanceAdmin)

stream.streamInstances.delete

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Instance Admin (roles/stream.instanceAdmin)

stream.streamInstances.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Instance Admin (roles/stream.instanceAdmin)

Stream Viewer (roles/stream.viewer)

stream.streamInstances.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Stream Admin (roles/stream.admin)

Stream Instance Admin (roles/stream.instanceAdmin)

Stream Viewer (roles/stream.viewer)

stream.streamInstances.rollout

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Instance Admin (roles/stream.instanceAdmin)

stream.streamInstances.update

Owner (roles/owner)

Editor (roles/editor)

Stream Admin (roles/stream.admin)

Stream Instance Admin (roles/stream.instanceAdmin)

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-19 UTC.