Vertex AI access control with IAM

This page describes how to useIdentity and Access Management (IAM)to manage access to Vertex AI resources. To manage access toVertex AI Workbench instances, seeVertex AI Workbench instancesaccess control.

Overview

Vertex AI uses IAM to manage access toresources. When you plan access control for your resources, consider thefollowing:

You can manage access at the project level or resource level.Project-level access applies to all of the resources in that project.Access to a specific resource only applies to that resource.SeeProject-level versus resource-level access.
You grant access by assigning IAM roles to principals.Predefined roles are available to make it easier to set up access,but custom roles are recommended because you create them, so you canlimit their access to only the permissions that are required.SeeIAM roles.

IAM roles

There are different types of IAM roles that can be used inVertex AI:

Custom roles let you choose aspecific set of permissions, create your own role with those permissions,and grant the role to users in your organization.
Predefined roles let you grant a set of relatedpermissions to your Vertex AI resources at the project level.
Basic roles (Owner, Editor, and Viewer) provideaccess control to your Vertex AI resources at theproject level, and are common to all Google Cloud services.

To add, update, or remove these roles in your Vertex AI project,see the documentation ongranting, changing, andrevoking access.

Custom roles

Custom roles let you choose a specific set of permissions, create yourown role with those permissions, and grant the role to users inyour organization. For more information, seeUnderstandingIAM custom roles.

Use custom roles to grant least-privilege permissions

Predefined roles often contain more permissions than you need.You can create custom roles to grant your principals only thespecific permissions that are required.

For example, you can create a custom role with theaiplatform.endpoints.predict permission, and then assign the role toa service account on an endpoint. This grants the service account theability to call the endpoint for predictions, but not the ability ofcontrolling the endpoint.

Note: When using custom roles, granting theaiplatform.endpoints.deploy permission might allow a user to export other deployed or deployable models from the project. If you want to grant the ability to deploy specific models but not others, we recommend using separate projects.

Predefined roles for Vertex AI

Role Permissions

Role	Permissions
Vertex AI Administrator (`roles/aiplatform.admin`) Grants full access to all resources in Vertex AI	`aiplatform.*` `aiplatform.agentExamples.create` `aiplatform.agentExamples.delete` `aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agentExamples.update` `aiplatform.agents.create` `aiplatform.agents.delete` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.agents.update` `aiplatform.annotationSpecs.create` `aiplatform.annotationSpecs.delete` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotationSpecs.update` `aiplatform.annotations.create` `aiplatform.annotations.delete` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.annotations.update` `aiplatform.apps.create` `aiplatform.apps.delete` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.apps.update` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cacheConfigs.update` `aiplatform.cachedContents.create` `aiplatform.cachedContents.delete` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.cachedContents.update` `aiplatform.consents.get` `aiplatform.consents.update` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.delete` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.create` `aiplatform.dataItems.delete` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataItems.update` `aiplatform.dataLabelingJobs.cancel` `aiplatform.dataLabelingJobs.create` `aiplatform.dataLabelingJobs.delete` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.export` `aiplatform.datasets.get` `aiplatform.datasets.import` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.deploymentResourcePools.create` `aiplatform.deploymentResourcePools.delete` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.deploymentResourcePools.update` `aiplatform.edgeDeploymentJobs.create` `aiplatform.edgeDeploymentJobs.delete` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.create` `aiplatform.edgeDevices.delete` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.edgeDevices.update` `aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.getIamPolicy` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.setIamPolicy` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.getIamPolicy` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.setIamPolicy` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.exampleStores.create` `aiplatform.exampleStores.delete` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.exampleStores.update` `aiplatform.exampleStores.writeExample` `aiplatform.executions.addExecutionEvents` `aiplatform.executions.create` `aiplatform.executions.delete` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.executions.update` `aiplatform.extensions.delete` `aiplatform.extensions.execute` `aiplatform.extensions.get` `aiplatform.extensions.import` `aiplatform.extensions.list` `aiplatform.extensions.update` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.getIamPolicy` `aiplatform.featureGroups.list` `aiplatform.featureGroups.setIamPolicy` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.getIamPolicy` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.setIamPolicy` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.getIamPolicy` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.setIamPolicy` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.getIamPolicy` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.setIamPolicy` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.humanInTheLoops.cancel` `aiplatform.humanInTheLoops.create` `aiplatform.humanInTheLoops.delete` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.humanInTheLoops.queryAnnotationStats` `aiplatform.humanInTheLoops.send` `aiplatform.humanInTheLoops.update` `aiplatform.hyperparameterTuningJobs.cancel` `aiplatform.hyperparameterTuningJobs.create` `aiplatform.hyperparameterTuningJobs.delete` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.migratableResources.migrate` `aiplatform.migratableResources.search` `aiplatform.modelDeploymentMonitoringJobs.create` `aiplatform.modelDeploymentMonitoringJobs.delete` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.pause` `aiplatform.modelDeploymentMonitoringJobs.resume` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelDeploymentMonitoringJobs.update` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.import` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.exportEvaluatedDataItems` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.import` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.create` `aiplatform.modelMonitoringJobs.delete` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.create` `aiplatform.modelMonitors.delete` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.modelMonitors.update` `aiplatform.models.delete` `aiplatform.models.export` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.nasJobs.cancel` `aiplatform.nasJobs.create` `aiplatform.nasJobs.delete` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.getIamPolicy` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.setIamPolicy` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.persistentResources.create` `aiplatform.persistentResources.delete` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.cancel` `aiplatform.pipelineJobs.create` `aiplatform.pipelineJobs.delete` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.cancel` `aiplatform.provisionedThroughputs.create` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.provisionedThroughputs.update` `aiplatform.ragCorpora.create` `aiplatform.ragCorpora.delete` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragCorpora.update` `aiplatform.ragEngineConfigs.get` `aiplatform.ragEngineConfigs.update` `aiplatform.ragFiles.delete` `aiplatform.ragFiles.get` `aiplatform.ragFiles.import` `aiplatform.ragFiles.list` `aiplatform.ragFiles.upload` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.run` `aiplatform.sessions.update` `aiplatform.specialistPools.create` `aiplatform.specialistPools.delete` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.create` `aiplatform.studies.delete` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.studies.update` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.recordAccess` `aiplatform.tensorboards.update` `aiplatform.trainingPipelines.cancel` `aiplatform.trainingPipelines.create` `aiplatform.trainingPipelines.delete` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.create` `aiplatform.trials.delete` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.trials.update` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.optimizePrompt` `aiplatform.tuningJobs.vertexTune` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Batch Prediction Service Agent (`roles/aiplatform.batchPredictionServiceAgent`) Vertex AI Batch Prediction Service Agent for serving batch prediction requests. Warning: Do not grant service agent roles to any principals except service agents.	`bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.models.create` `bigquery.models.export` `bigquery.models.getData` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.createSnapshot` `bigquery.tables.deleteSnapshot` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.restoreSnapshot` `bigquery.tables.update` `bigquery.tables.updateData` `storage.buckets.create` `storage.buckets.delete` `storage.buckets.get` `storage.buckets.list` `storage.buckets.update` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Colab Enterprise Admin (`roles/aiplatform.colabEnterpriseAdmin`) Admin role of using colab enterprise.	`aiplatform.locations.get` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.getIamPolicy` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.setIamPolicy` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.pipelineJobs.create` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `compute.reservations.get` `compute.reservations.list` `dataform.*` `dataform.commentThreads.create` `dataform.commentThreads.delete` `dataform.commentThreads.get` `dataform.commentThreads.list` `dataform.commentThreads.update` `dataform.comments.create` `dataform.comments.delete` `dataform.comments.get` `dataform.comments.list` `dataform.comments.update` `dataform.compilationResults.create` `dataform.compilationResults.get` `dataform.compilationResults.list` `dataform.compilationResults.query` `dataform.config.get` `dataform.config.update` `dataform.folders.addContents` `dataform.folders.create` `dataform.folders.delete` `dataform.folders.get` `dataform.folders.getIamPolicy` `dataform.folders.move` `dataform.folders.queryContents` `dataform.folders.setIamPolicy` `dataform.folders.update` `dataform.locations.get` `dataform.locations.list` `dataform.operations.cancel` `dataform.operations.delete` `dataform.operations.get` `dataform.operations.list` `dataform.releaseConfigs.create` `dataform.releaseConfigs.delete` `dataform.releaseConfigs.get` `dataform.releaseConfigs.list` `dataform.releaseConfigs.update` `dataform.repositories.commit` `dataform.repositories.computeAccessTokenStatus` `dataform.repositories.create` `dataform.repositories.delete` `dataform.repositories.fetchHistory` `dataform.repositories.fetchRemoteBranches` `dataform.repositories.get` `dataform.repositories.getIamPolicy` `dataform.repositories.list` `dataform.repositories.move` `dataform.repositories.queryDirectoryContents` `dataform.repositories.readFile` `dataform.repositories.scheduleRelease` `dataform.repositories.scheduleWorkflow` `dataform.repositories.setIamPolicy` `dataform.repositories.update` `dataform.teamFolders.create` `dataform.teamFolders.delete` `dataform.teamFolders.get` `dataform.teamFolders.getIamPolicy` `dataform.teamFolders.setIamPolicy` `dataform.teamFolders.update` `dataform.workflowConfigs.create` `dataform.workflowConfigs.delete` `dataform.workflowConfigs.get` `dataform.workflowConfigs.list` `dataform.workflowConfigs.update` `dataform.workflowInvocations.cancel` `dataform.workflowInvocations.create` `dataform.workflowInvocations.delete` `dataform.workflowInvocations.get` `dataform.workflowInvocations.list` `dataform.workflowInvocations.query` `dataform.workspaces.commit` `dataform.workspaces.create` `dataform.workspaces.delete` `dataform.workspaces.fetchFileDiff` `dataform.workspaces.fetchFileGitStatuses` `dataform.workspaces.fetchGitAheadBehind` `dataform.workspaces.get` `dataform.workspaces.getIamPolicy` `dataform.workspaces.installNpmPackages` `dataform.workspaces.list` `dataform.workspaces.makeDirectory` `dataform.workspaces.moveDirectory` `dataform.workspaces.moveFile` `dataform.workspaces.pull` `dataform.workspaces.push` `dataform.workspaces.queryDirectoryContents` `dataform.workspaces.readFile` `dataform.workspaces.removeDirectory` `dataform.workspaces.removeFile` `dataform.workspaces.reset` `dataform.workspaces.searchFiles` `dataform.workspaces.setIamPolicy` `dataform.workspaces.writeFile` `resourcemanager.projects.get` `resourcemanager.projects.list`
Colab Enterprise User (`roles/aiplatform.colabEnterpriseUser`) User role of using colab enterprise.	`aiplatform.locations.get` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.getIamPolicy` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.operations.list` `aiplatform.pipelineJobs.create` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `dataform.commentThreads.get` `dataform.commentThreads.list` `dataform.comments.get` `dataform.comments.list` `dataform.folders.create` `dataform.locations.*` `dataform.locations.get` `dataform.locations.list` `dataform.repositories.create` `dataform.repositories.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Colab Service Agent (`roles/aiplatform.colabServiceAgent`) Gives Vertex AI Colab the proper permissions to function. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.notebookExecutionJobs.create` `compute.addresses.get` `compute.addresses.list` `compute.addresses.use` `compute.addresses.useInternal` `compute.disks.create` `compute.disks.createSnapshot` `compute.disks.createTagBinding` `compute.disks.delete` `compute.disks.get` `compute.disks.setLabels` `compute.disks.use` `compute.disks.useReadOnly` `compute.globalOperations.get` `compute.instances.attachDisk` `compute.instances.create` `compute.instances.createTagBinding` `compute.instances.delete` `compute.instances.detachDisk` `compute.instances.get` `compute.instances.getGuestAttributes` `compute.instances.reset` `compute.instances.setLabels` `compute.instances.setMetadata` `compute.instances.setServiceAccount` `compute.instances.setTags` `compute.instances.start` `compute.instances.stop` `compute.instances.useReadOnly` `compute.networks.get` `compute.networks.use` `compute.networks.useExternalIp` `compute.snapshots.create` `compute.snapshots.delete` `compute.snapshots.useReadOnly` `compute.subnetworks.get` `compute.subnetworks.list` `compute.subnetworks.use` `compute.subnetworks.useExternalIp` `compute.zoneOperations.get` `compute.zoneOperations.list` `iam.serviceAccounts.actAs` `notebooks.instances.create` `notebooks.instances.delete` `notebooks.instances.get`
Vertex AI Custom Code Service Agent (`roles/aiplatform.customCodeServiceAgent`) Gives Vertex AI Custom Code the proper permissions. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.agentExamples.` `aiplatform.agentExamples.create` `aiplatform.agentExamples.delete` `aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agentExamples.update` `aiplatform.agents.` `aiplatform.agents.create` `aiplatform.agents.delete` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.agents.update` `aiplatform.annotationSpecs.` `aiplatform.annotationSpecs.create` `aiplatform.annotationSpecs.delete` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotationSpecs.update` `aiplatform.annotations.` `aiplatform.annotations.create` `aiplatform.annotations.delete` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.annotations.update` `aiplatform.apps.` `aiplatform.apps.create` `aiplatform.apps.delete` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.apps.update` `aiplatform.artifacts.` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cachedContents.` `aiplatform.cachedContents.create` `aiplatform.cachedContents.delete` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.cachedContents.update` `aiplatform.consents.get` `aiplatform.contexts.` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.customJobs.` `aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.delete` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.` `aiplatform.dataItems.create` `aiplatform.dataItems.delete` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataItems.update` `aiplatform.dataLabelingJobs.` `aiplatform.dataLabelingJobs.cancel` `aiplatform.dataLabelingJobs.create` `aiplatform.dataLabelingJobs.delete` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.export` `aiplatform.datasets.get` `aiplatform.datasets.import` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.deploymentResourcePools.` `aiplatform.deploymentResourcePools.create` `aiplatform.deploymentResourcePools.delete` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.deploymentResourcePools.update` `aiplatform.edgeDeploymentJobs.` `aiplatform.edgeDeploymentJobs.create` `aiplatform.edgeDeploymentJobs.delete` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.` `aiplatform.edgeDevices.create` `aiplatform.edgeDevices.delete` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.edgeDevices.update` `aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.exampleStores.` `aiplatform.exampleStores.create` `aiplatform.exampleStores.delete` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.exampleStores.update` `aiplatform.exampleStores.writeExample` `aiplatform.executions.` `aiplatform.executions.addExecutionEvents` `aiplatform.executions.create` `aiplatform.executions.delete` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.executions.update` `aiplatform.extensions.` `aiplatform.extensions.delete` `aiplatform.extensions.execute` `aiplatform.extensions.get` `aiplatform.extensions.import` `aiplatform.extensions.list` `aiplatform.extensions.update` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.humanInTheLoops.` `aiplatform.humanInTheLoops.cancel` `aiplatform.humanInTheLoops.create` `aiplatform.humanInTheLoops.delete` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.humanInTheLoops.queryAnnotationStats` `aiplatform.humanInTheLoops.send` `aiplatform.humanInTheLoops.update` `aiplatform.hyperparameterTuningJobs.` `aiplatform.hyperparameterTuningJobs.cancel` `aiplatform.hyperparameterTuningJobs.create` `aiplatform.hyperparameterTuningJobs.delete` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.locations.` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.metadataSchemas.` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.modelDeploymentMonitoringJobs.` `aiplatform.modelDeploymentMonitoringJobs.create` `aiplatform.modelDeploymentMonitoringJobs.delete` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.pause` `aiplatform.modelDeploymentMonitoringJobs.resume` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelDeploymentMonitoringJobs.update` `aiplatform.modelEvaluationSlices.` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.import` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.` `aiplatform.modelEvaluations.exportEvaluatedDataItems` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.import` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.` `aiplatform.modelMonitoringJobs.create` `aiplatform.modelMonitoringJobs.delete` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.` `aiplatform.modelMonitors.create` `aiplatform.modelMonitors.delete` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.modelMonitors.update` `aiplatform.models.` `aiplatform.models.delete` `aiplatform.models.export` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.nasJobs.` `aiplatform.nasJobs.cancel` `aiplatform.nasJobs.create` `aiplatform.nasJobs.delete` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.` `aiplatform.pipelineJobs.cancel` `aiplatform.pipelineJobs.create` `aiplatform.pipelineJobs.delete` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.ragCorpora.` `aiplatform.ragCorpora.create` `aiplatform.ragCorpora.delete` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragCorpora.update` `aiplatform.ragEngineConfigs.get` `aiplatform.ragFiles.` `aiplatform.ragFiles.delete` `aiplatform.ragFiles.get` `aiplatform.ragFiles.import` `aiplatform.ragFiles.list` `aiplatform.ragFiles.upload` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.run` `aiplatform.sessions.update` `aiplatform.specialistPools.` `aiplatform.specialistPools.create` `aiplatform.specialistPools.delete` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.` `aiplatform.studies.create` `aiplatform.studies.delete` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.studies.update` `aiplatform.tensorboardExperiments.` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.update` `aiplatform.trainingPipelines.` `aiplatform.trainingPipelines.cancel` `aiplatform.trainingPipelines.create` `aiplatform.trainingPipelines.delete` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.` `aiplatform.trials.create` `aiplatform.trials.delete` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.trials.update` `aiplatform.tuningJobs.` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.optimizePrompt` `aiplatform.tuningJobs.vertexTune` `artifactregistry.repositories.downloadArtifacts` `artifactregistry.repositories.get` `artifactregistry.repositories.list` `artifactregistry.tags.get` `artifactregistry.versions.get` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.update` `bigquery.tables.updateData` `iam.serviceAccounts.get` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `iam.serviceAccounts.implicitDelegation` `iam.serviceAccounts.list` `iam.serviceAccounts.signBlob` `iam.serviceAccounts.signJwt` `logging.logEntries.create` `logging.logEntries.route` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.services.use` `storage.buckets.create` `storage.buckets.delete` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Vertex AI Feature Store EntityType owner (`roles/aiplatform.entityTypeOwner`) Provides full access to all permissions for a particular entity type resource. Lowest-level resources where you can grant this role: Entity type	`aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.getIamPolicy` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.setIamPolicy` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Platform Express Admin^Beta (`roles/aiplatform.expressAdmin`) Grants admin access to Vertex AI Express	`aiplatform.batchPredictionJobs.` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.datasetVersions.` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.get` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.endpoints.predict` `aiplatform.locations.evaluateInstances` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.operations.list` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.update`
Vertex AI Platform Express User^Beta (`roles/aiplatform.expressUser`) Grants user access to Vertex AI Express	`aiplatform.endpoints.predict` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.operations.list` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.update`
Vertex AI Extension Custom Code Service Agent (`roles/aiplatform.extensionCustomCodeServiceAgent`) Gives Vertex AI Extension that executes custom code the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`logging.logEntries.create` `logging.logEntries.route` `monitoring.timeSeries.create` `orgpolicy.policy.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `storage.folders.` `storage.folders.create` `storage.folders.delete` `storage.folders.get` `storage.folders.list` `storage.folders.rename` `storage.managedFolders.create` `storage.managedFolders.delete` `storage.managedFolders.get` `storage.managedFolders.list` `storage.multipartUploads.` `storage.multipartUploads.abort` `storage.multipartUploads.create` `storage.multipartUploads.list` `storage.multipartUploads.listParts` `storage.objects.*` `storage.objects.create` `storage.objects.createContext` `storage.objects.delete` `storage.objects.deleteContext` `storage.objects.get` `storage.objects.getIamPolicy` `storage.objects.list` `storage.objects.move` `storage.objects.overrideUnlockedRetention` `storage.objects.restore` `storage.objects.setIamPolicy` `storage.objects.setRetention` `storage.objects.update` `storage.objects.updateContext`
Vertex AI Extension Service Agent (`roles/aiplatform.extensionServiceAgent`) Gives Vertex AI Extension the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.endpoints.predict` `aiplatform.locations.get` `aiplatform.ragCorpora.query` `discoveryengine.servingConfigs.search` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `logging.logEntries.create` `logging.logEntries.route` `serviceusage.services.use` `storage.objects.get`
Vertex AI Feature Store Admin (`roles/aiplatform.featurestoreAdmin`) Grants full access to all resources in Vertex AI Feature Store Lowest-level resources where you can grant this role: Entity type	`aiplatform.entityTypes.` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.getIamPolicy` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.setIamPolicy` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.featureGroups.` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.getIamPolicy` `aiplatform.featureGroups.list` `aiplatform.featureGroups.setIamPolicy` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.getIamPolicy` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.setIamPolicy` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.getIamPolicy` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.setIamPolicy` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.*` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.getIamPolicy` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.setIamPolicy` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Feature Store Data Viewer (`roles/aiplatform.featurestoreDataViewer`) This role provides permissions to read Feature data. Lowest-level resources where you can grant this role: Entity type	`aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureViewSyncs.*` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.featurestores.batchReadFeatureValues` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Feature Store Data Writer (`roles/aiplatform.featurestoreDataWriter`) This role provides permissions to read and write Feature data. Lowest-level resources where you can grant this role: Entity type	`aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureViewSyncs.*` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.featurestores.batchReadFeatureValues` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Feature Store Instance Creator (`roles/aiplatform.featurestoreInstanceCreator`) Administrator of Featurestore resources, but not the child resources under Featurestores. Lowest-level resources where you can grant this role: Featurestore	`aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.get` `aiplatform.featurestores.list` `aiplatform.featurestores.update`
Vertex AI Feature Store Resource Viewer (`roles/aiplatform.featurestoreResourceViewer`) Viewer of all resources in Vertex AI Feature Store but cannot make changes. Lowest-level resources where you can grant this role: Entity type	`aiplatform.entityTypes.get` `aiplatform.entityTypes.list` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureViewSyncs.*` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.featurestores.get` `aiplatform.featurestores.list` `aiplatform.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Feature Store User^Beta (`roles/aiplatform.featurestoreUser`) Deprecated. Use featurestoreAdmin instead.	`aiplatform.entityTypes.` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.getIamPolicy` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.setIamPolicy` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.*` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.getIamPolicy` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.setIamPolicy` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Agent Engine Memory Editor Role^Beta (`roles/aiplatform.memoryEditor`) Grants edit access to Memory for Agent Engine.	`aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.update`
Vertex AI Agent Engine Memory User Role^Beta (`roles/aiplatform.memoryUser`) Grants full user access to Memory for Agent Engine.	`aiplatform.memories.*` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update`
Vertex AI Agent Engine Memory Viewer Role^Beta (`roles/aiplatform.memoryViewer`) Grants viewer access to Memory for Agent Engine.	`aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve`
Vertex AI Migration Service User (`roles/aiplatform.migrator`) Grants access to use migration service in Vertex AI	`aiplatform.migratableResources.*` `aiplatform.migratableResources.migrate` `aiplatform.migratableResources.search`
Vertex AI Model Monitoring Service Agent (`roles/aiplatform.modelMonitoringServiceAgent`) Gives Vertex AI Model Monitoring the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.locations.evaluateInstances` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.tables.create` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.update` `bigquery.tables.updateData` `monitoring.notificationChannels.get` `serviceusage.services.use` `storage.buckets.create` `storage.buckets.delete` `storage.buckets.get` `storage.buckets.list` `storage.buckets.update` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Notebook Executor User^Beta (`roles/aiplatform.notebookExecutorUser`) Grants users full access to schedules and notebook execution jobs.	`aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.operations.list` `aiplatform.pipelineJobs.create` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update`
Notebook Runtime Admin (`roles/aiplatform.notebookRuntimeAdmin`) Grants full access to all runtime templates and runtimes in Notebook Service.	`aiplatform.locations.get` `aiplatform.notebookRuntimeTemplates.` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.getIamPolicy` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.setIamPolicy` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `compute.reservations.get` `compute.reservations.list`
Notebook Runtime User (`roles/aiplatform.notebookRuntimeUser`) Grants users permissions to create runtime resources using a runtime template and manage the runtime resources they created.	`aiplatform.locations.get` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.getIamPolicy` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.operations.list`
Vertex AI Notebook Service Agent (`roles/aiplatform.notebookServiceAgent`) Vertex AI Service Agent used to run Notebook managed resources in user project with restricted permissions. Warning: Do not grant service agent roles to any principals except service agents.	`logging.logEntries.create` `logging.logEntries.route` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.*` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create`
Vertex AI Online Prediction Service Agent (`roles/aiplatform.onlinePredictionServiceAgent`) Gives Vertex AI Online Prediction the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`gkehub.features.get` `gkehub.features.getIamPolicy` `gkehub.features.list` `gkehub.fleet.get` `gkehub.gateway.delete` `gkehub.gateway.generateCredentials` `gkehub.gateway.get` `gkehub.gateway.patch` `gkehub.gateway.post` `gkehub.gateway.put` `gkehub.locations.*` `gkehub.locations.get` `gkehub.locations.list` `gkehub.memberships.get` `gkehub.memberships.getIamPolicy` `gkehub.memberships.list` `serviceusage.services.get`
Vertex AI Platform Provisioned Throughput Admin^Beta (`roles/aiplatform.provisionedThroughputAdmin`) Grants access to use all resources related to Vertex AI Provisioned Throughput	`aiplatform.provisionedThroughputRevisions.` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.` `aiplatform.provisionedThroughputs.cancel` `aiplatform.provisionedThroughputs.create` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.provisionedThroughputs.update`
Vertex AI RAG Data Service Agent (`roles/aiplatform.ragServiceAgent`) Vertex AI Service Agent used by Vertex RAG to access user imported data, Vertex AI, Document AI processors, and Vector Search in the project Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.endpoints.get` `aiplatform.endpoints.predict` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.models.get` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.createSnapshot` `bigquery.tables.deleteSnapshot` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.restoreSnapshot` `bigquery.tables.update` `bigquery.tables.updateData` `documentai.processorVersions.processOnline` `documentai.processors.get` `documentai.processors.processOnline` `logging.logEntries.create` `logging.logEntries.route` `storage.buckets.get` `storage.buckets.list` `storage.objects.get` `storage.objects.list` `vectorsearch.collections.` `vectorsearch.collections.create` `vectorsearch.collections.delete` `vectorsearch.collections.get` `vectorsearch.collections.list` `vectorsearch.collections.update` `vectorsearch.dataObjects.` `vectorsearch.dataObjects.create` `vectorsearch.dataObjects.delete` `vectorsearch.dataObjects.get` `vectorsearch.dataObjects.import` `vectorsearch.dataObjects.query` `vectorsearch.dataObjects.search` `vectorsearch.dataObjects.update` `vectorsearch.indexes.*` `vectorsearch.indexes.create` `vectorsearch.indexes.delete` `vectorsearch.indexes.get` `vectorsearch.indexes.list` `vectorsearch.operations.get` `vectorsearch.operations.list`
Vertex AI Rapid Eval Service Agent (`roles/aiplatform.rapidevalServiceAgent`) Vertex AI Service Agent used by GenAI Rapid Evaluation Service to access publisher model endpoints in the user project Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.endpoints.predict`
Vertex AI Reasoning Engine Service Agent (`roles/aiplatform.reasoningEngineServiceAgent`) Gives Vertex AI Reasoning Engine the proper permissions to function. The aiplatform.reasoningEngines.create IAM permission implies read access to the GCS objects of the consumer project through this service agent. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.update` `cloudapiregistry.` `cloudapiregistry.locations.get` `cloudapiregistry.locations.list` `cloudapiregistry.mcpServers.get` `cloudapiregistry.mcpServers.list` `cloudapiregistry.mcpTools.get` `cloudapiregistry.mcpTools.list` `cloudtrace.traces.patch` `developerconnect.connections.get` `developerconnect.gitRepositoryLinks.fetchReadToken` `developerconnect.gitRepositoryLinks.get` `logging.logEntries.create` `logging.logEntries.route` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create` `resourcemanager.projects.get` `serviceusage.services.use` `storage.buckets.get` `storage.buckets.list` `storage.objects.get` `storage.objects.list` `telemetry.traces.write`
Vertex AI Service Agent (`roles/aiplatform.serviceAgent`) Gives Vertex AI the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.agentExamples.` `aiplatform.agentExamples.create` `aiplatform.agentExamples.delete` `aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agentExamples.update` `aiplatform.agents.` `aiplatform.agents.create` `aiplatform.agents.delete` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.agents.update` `aiplatform.annotationSpecs.` `aiplatform.annotationSpecs.create` `aiplatform.annotationSpecs.delete` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotationSpecs.update` `aiplatform.annotations.` `aiplatform.annotations.create` `aiplatform.annotations.delete` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.annotations.update` `aiplatform.apps.` `aiplatform.apps.create` `aiplatform.apps.delete` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.apps.update` `aiplatform.artifacts.` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cachedContents.` `aiplatform.cachedContents.create` `aiplatform.cachedContents.delete` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.cachedContents.update` `aiplatform.consents.get` `aiplatform.contexts.` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.customJobs.` `aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.delete` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.` `aiplatform.dataItems.create` `aiplatform.dataItems.delete` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataItems.update` `aiplatform.dataLabelingJobs.` `aiplatform.dataLabelingJobs.cancel` `aiplatform.dataLabelingJobs.create` `aiplatform.dataLabelingJobs.delete` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.export` `aiplatform.datasets.get` `aiplatform.datasets.import` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.deploymentResourcePools.` `aiplatform.deploymentResourcePools.create` `aiplatform.deploymentResourcePools.delete` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.deploymentResourcePools.update` `aiplatform.edgeDeploymentJobs.` `aiplatform.edgeDeploymentJobs.create` `aiplatform.edgeDeploymentJobs.delete` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.` `aiplatform.edgeDevices.create` `aiplatform.edgeDevices.delete` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.edgeDevices.update` `aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.exampleStores.` `aiplatform.exampleStores.create` `aiplatform.exampleStores.delete` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.exampleStores.update` `aiplatform.exampleStores.writeExample` `aiplatform.executions.` `aiplatform.executions.addExecutionEvents` `aiplatform.executions.create` `aiplatform.executions.delete` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.executions.update` `aiplatform.extensions.` `aiplatform.extensions.delete` `aiplatform.extensions.execute` `aiplatform.extensions.get` `aiplatform.extensions.import` `aiplatform.extensions.list` `aiplatform.extensions.update` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.humanInTheLoops.` `aiplatform.humanInTheLoops.cancel` `aiplatform.humanInTheLoops.create` `aiplatform.humanInTheLoops.delete` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.humanInTheLoops.queryAnnotationStats` `aiplatform.humanInTheLoops.send` `aiplatform.humanInTheLoops.update` `aiplatform.hyperparameterTuningJobs.` `aiplatform.hyperparameterTuningJobs.cancel` `aiplatform.hyperparameterTuningJobs.create` `aiplatform.hyperparameterTuningJobs.delete` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.locations.` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.metadataSchemas.` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.modelDeploymentMonitoringJobs.` `aiplatform.modelDeploymentMonitoringJobs.create` `aiplatform.modelDeploymentMonitoringJobs.delete` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.pause` `aiplatform.modelDeploymentMonitoringJobs.resume` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelDeploymentMonitoringJobs.update` `aiplatform.modelEvaluationSlices.` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.import` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.` `aiplatform.modelEvaluations.exportEvaluatedDataItems` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.import` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.` `aiplatform.modelMonitoringJobs.create` `aiplatform.modelMonitoringJobs.delete` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.` `aiplatform.modelMonitors.create` `aiplatform.modelMonitors.delete` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.modelMonitors.update` `aiplatform.models.` `aiplatform.models.delete` `aiplatform.models.export` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.nasJobs.` `aiplatform.nasJobs.cancel` `aiplatform.nasJobs.create` `aiplatform.nasJobs.delete` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.` `aiplatform.pipelineJobs.cancel` `aiplatform.pipelineJobs.create` `aiplatform.pipelineJobs.delete` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.ragCorpora.` `aiplatform.ragCorpora.create` `aiplatform.ragCorpora.delete` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragCorpora.update` `aiplatform.ragEngineConfigs.get` `aiplatform.ragFiles.` `aiplatform.ragFiles.delete` `aiplatform.ragFiles.get` `aiplatform.ragFiles.import` `aiplatform.ragFiles.list` `aiplatform.ragFiles.upload` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.run` `aiplatform.sessions.update` `aiplatform.specialistPools.` `aiplatform.specialistPools.create` `aiplatform.specialistPools.delete` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.` `aiplatform.studies.create` `aiplatform.studies.delete` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.studies.update` `aiplatform.tensorboardExperiments.` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.update` `aiplatform.trainingPipelines.` `aiplatform.trainingPipelines.cancel` `aiplatform.trainingPipelines.create` `aiplatform.trainingPipelines.delete` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.` `aiplatform.trials.create` `aiplatform.trials.delete` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.trials.update` `aiplatform.tuningJobs.` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.optimizePrompt` `aiplatform.tuningJobs.vertexTune` `artifactregistry.repositories.create` `artifactregistry.repositories.downloadArtifacts` `artifactregistry.repositories.get` `artifactregistry.repositories.list` `artifactregistry.repositories.uploadArtifacts` `artifactregistry.tags.get` `artifactregistry.versions.get` `automl.datasets.export` `automl.datasets.get` `automl.datasets.list` `automl.modelEvaluations.list` `automl.models.get` `automl.models.list` `automl.operations.get` `automl.tableSpecs.get` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.models.create` `bigquery.models.export` `bigquery.models.getData` `bigquery.objectRefs.read` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.update` `bigquery.tables.updateData` `bigtable.tables.get` `bigtable.tables.list` `bigtable.tables.readRows` `compute.addresses.get` `compute.addresses.list` `compute.addresses.use` `compute.addresses.useInternal` `compute.disks.create` `compute.disks.createSnapshot` `compute.disks.createTagBinding` `compute.disks.delete` `compute.disks.get` `compute.disks.setLabels` `compute.disks.use` `compute.disks.useReadOnly` `compute.globalOperations.get` `compute.instances.attachDisk` `compute.instances.create` `compute.instances.createTagBinding` `compute.instances.delete` `compute.instances.detachDisk` `compute.instances.get` `compute.instances.getGuestAttributes` `compute.instances.list` `compute.instances.setLabels` `compute.instances.setMetadata` `compute.instances.setServiceAccount` `compute.instances.setTags` `compute.instances.start` `compute.instances.stop` `compute.instances.update` `compute.instances.useReadOnly` `compute.machineTypes.get` `compute.networks.get` `compute.networks.use` `compute.networks.useExternalIp` `compute.snapshots.create` `compute.snapshots.delete` `compute.snapshots.useReadOnly` `compute.subnetworks.get` `compute.subnetworks.list` `compute.subnetworks.use` `compute.subnetworks.useExternalIp` `compute.zoneOperations.get` `dataflow.jobs.` `dataflow.jobs.cancel` `dataflow.jobs.create` `dataflow.jobs.get` `dataflow.jobs.list` `dataflow.jobs.snapshot` `dataflow.jobs.updateContents` `dataflow.messages.list` `dataflow.metrics.get` `dataflow.snapshots.` `dataflow.snapshots.delete` `dataflow.snapshots.get` `dataflow.snapshots.list` `datalabeling.annotateddatasets.get` `datalabeling.datasets.export` `datalabeling.datasets.get` `datalabeling.datasets.list` `datalabeling.operations.get` `hypercomputecluster.clusters.` `hypercomputecluster.clusters.create` `hypercomputecluster.clusters.delete` `hypercomputecluster.clusters.get` `hypercomputecluster.clusters.list` `hypercomputecluster.clusters.update` `hypercomputecluster.locations.` `hypercomputecluster.locations.get` `hypercomputecluster.locations.list` `hypercomputecluster.operations.` `hypercomputecluster.operations.cancel` `hypercomputecluster.operations.delete` `hypercomputecluster.operations.get` `hypercomputecluster.operations.list` `iam.serviceAccounts.actAs` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `logging.logEntries.create` `logging.logEntries.route` `ml.models.list` `ml.operations.get` `ml.versions.get` `ml.versions.list` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.*` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.notificationChannels.get` `monitoring.timeSeries.create` `notebooks.instances.create` `notebooks.instances.delete` `notebooks.instances.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `run.executions.delete` `run.executions.get` `run.jobs.create` `run.jobs.delete` `run.jobs.get` `run.jobs.run` `run.jobs.update` `run.operations.delete` `run.operations.get` `run.routes.invoke` `run.services.create` `run.services.delete` `run.services.get` `servicemanagement.services.report` `serviceusage.services.list` `serviceusage.services.use` `storage.buckets.create` `storage.buckets.delete` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Vertex AI Agent Engine Session Editor Role^Beta (`roles/aiplatform.sessionEditor`) Grants edit access to Session for Agent Engine.	`aiplatform.sessionEvents.append` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.update`
Vertex AI Agent Engine Session User Role^Beta (`roles/aiplatform.sessionUser`) Grants full user access to Session for Agent Engine.	`aiplatform.sessionEvents.*` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.update`
Vertex AI Agent Engine Session Viewer Role^Beta (`roles/aiplatform.sessionViewer`) Grants viewer access to Session for Agent Engine.	`aiplatform.sessionEvents.list` `aiplatform.sessions.get` `aiplatform.sessions.list`
Vertex AI Telemetry Service Agent (`roles/aiplatform.telemetryServiceAgent`) Allows Vertex AI Telemetry Service Agent to access telemetry data. Warning: Do not grant service agent roles to any principals except service agents.	`logging.logEntries.create` `logging.logEntries.list` `logging.logEntries.route` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.` `monitoring.timeSeries.create` `monitoring.timeSeries.list` `servicemanagement.services.report`
Vertex AI Tensorboard Web App User^Beta (`roles/aiplatform.tensorboardWebAppUser`) Grants access to the Vertex AI TensorBoard web app.	`aiplatform.tensorboards.recordAccess`
Vertex AI Tuning Service Agent (`roles/aiplatform.tuningServiceAgent`) Vertex AI Service Agent used for tuning in user project. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.artifacts.` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.get` `aiplatform.contexts.` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.endpoints.create` `aiplatform.endpoints.deploy` `aiplatform.endpoints.get` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.metadataSchemas.` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.models.get` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.operations.list` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.tensorboardExperiments.` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.*` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.update` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.vertexTune` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.tables.create` `bigquery.tables.delete` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.list` `bigquery.tables.update` `bigquery.tables.updateData` `resourcemanager.projects.get` `serviceusage.services.use` `storage.buckets.create` `storage.buckets.get` `storage.buckets.getIamPolicy` `storage.buckets.list` `storage.buckets.update` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.getIamPolicy` `storage.objects.list` `storage.objects.update`
Vertex AI User (`roles/aiplatform.user`) Grants access to use all resource in Vertex AI	`aiplatform.agentExamples.` `aiplatform.agentExamples.create` `aiplatform.agentExamples.delete` `aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agentExamples.update` `aiplatform.agents.` `aiplatform.agents.create` `aiplatform.agents.delete` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.agents.update` `aiplatform.annotationSpecs.` `aiplatform.annotationSpecs.create` `aiplatform.annotationSpecs.delete` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotationSpecs.update` `aiplatform.annotations.` `aiplatform.annotations.create` `aiplatform.annotations.delete` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.annotations.update` `aiplatform.apps.` `aiplatform.apps.create` `aiplatform.apps.delete` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.apps.update` `aiplatform.artifacts.` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cachedContents.` `aiplatform.cachedContents.create` `aiplatform.cachedContents.delete` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.cachedContents.update` `aiplatform.consents.get` `aiplatform.contexts.` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.customJobs.` `aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.delete` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.` `aiplatform.dataItems.create` `aiplatform.dataItems.delete` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataItems.update` `aiplatform.dataLabelingJobs.` `aiplatform.dataLabelingJobs.cancel` `aiplatform.dataLabelingJobs.create` `aiplatform.dataLabelingJobs.delete` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.export` `aiplatform.datasets.get` `aiplatform.datasets.import` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.deploymentResourcePools.` `aiplatform.deploymentResourcePools.create` `aiplatform.deploymentResourcePools.delete` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.deploymentResourcePools.update` `aiplatform.edgeDeploymentJobs.` `aiplatform.edgeDeploymentJobs.create` `aiplatform.edgeDeploymentJobs.delete` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.` `aiplatform.edgeDevices.create` `aiplatform.edgeDevices.delete` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.edgeDevices.update` `aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.exampleStores.` `aiplatform.exampleStores.create` `aiplatform.exampleStores.delete` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.exampleStores.update` `aiplatform.exampleStores.writeExample` `aiplatform.executions.` `aiplatform.executions.addExecutionEvents` `aiplatform.executions.create` `aiplatform.executions.delete` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.executions.update` `aiplatform.extensions.` `aiplatform.extensions.delete` `aiplatform.extensions.execute` `aiplatform.extensions.get` `aiplatform.extensions.import` `aiplatform.extensions.list` `aiplatform.extensions.update` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.humanInTheLoops.` `aiplatform.humanInTheLoops.cancel` `aiplatform.humanInTheLoops.create` `aiplatform.humanInTheLoops.delete` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.humanInTheLoops.queryAnnotationStats` `aiplatform.humanInTheLoops.send` `aiplatform.humanInTheLoops.update` `aiplatform.hyperparameterTuningJobs.` `aiplatform.hyperparameterTuningJobs.cancel` `aiplatform.hyperparameterTuningJobs.create` `aiplatform.hyperparameterTuningJobs.delete` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.locations.` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.metadataSchemas.` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.modelDeploymentMonitoringJobs.` `aiplatform.modelDeploymentMonitoringJobs.create` `aiplatform.modelDeploymentMonitoringJobs.delete` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.pause` `aiplatform.modelDeploymentMonitoringJobs.resume` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelDeploymentMonitoringJobs.update` `aiplatform.modelEvaluationSlices.` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.import` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.` `aiplatform.modelEvaluations.exportEvaluatedDataItems` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.import` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.` `aiplatform.modelMonitoringJobs.create` `aiplatform.modelMonitoringJobs.delete` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.` `aiplatform.modelMonitors.create` `aiplatform.modelMonitors.delete` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.modelMonitors.update` `aiplatform.models.` `aiplatform.models.delete` `aiplatform.models.export` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.nasJobs.` `aiplatform.nasJobs.cancel` `aiplatform.nasJobs.create` `aiplatform.nasJobs.delete` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.` `aiplatform.pipelineJobs.cancel` `aiplatform.pipelineJobs.create` `aiplatform.pipelineJobs.delete` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.ragCorpora.` `aiplatform.ragCorpora.create` `aiplatform.ragCorpora.delete` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragCorpora.update` `aiplatform.ragEngineConfigs.get` `aiplatform.ragFiles.` `aiplatform.ragFiles.delete` `aiplatform.ragFiles.get` `aiplatform.ragFiles.import` `aiplatform.ragFiles.list` `aiplatform.ragFiles.upload` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.run` `aiplatform.sessions.update` `aiplatform.specialistPools.` `aiplatform.specialistPools.create` `aiplatform.specialistPools.delete` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.` `aiplatform.studies.create` `aiplatform.studies.delete` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.studies.update` `aiplatform.tensorboardExperiments.` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.update` `aiplatform.trainingPipelines.` `aiplatform.trainingPipelines.cancel` `aiplatform.trainingPipelines.create` `aiplatform.trainingPipelines.delete` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.` `aiplatform.trials.create` `aiplatform.trials.delete` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.trials.update` `aiplatform.tuningJobs.*` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.optimizePrompt` `aiplatform.tuningJobs.vertexTune` `resourcemanager.projects.get` `resourcemanager.projects.list`
Vertex AI Viewer (`roles/aiplatform.viewer`) Grants access to view all resource in Vertex AI	`aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.consents.get` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasets.get` `aiplatform.datasets.list` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.entityTypes.get` `aiplatform.entityTypes.list` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.extensions.get` `aiplatform.extensions.list` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.featurestores.get` `aiplatform.featurestores.list` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.operations.list` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.*` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragEngineConfigs.get` `aiplatform.ragFiles.get` `aiplatform.ragFiles.list` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.sessionEvents.list` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `resourcemanager.projects.get` `resourcemanager.projects.list`

Vertex AI Administrator

(roles/aiplatform.admin)

Grants full access to all resources in Vertex AI

aiplatform.*

aiplatform.agentExamples.create
aiplatform.agentExamples.delete
aiplatform.agentExamples.get
aiplatform.agentExamples.list
aiplatform.agentExamples.update
aiplatform.agents.create
aiplatform.agents.delete
aiplatform.agents.get
aiplatform.agents.list
aiplatform.agents.update
aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update
aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update
aiplatform.apps.create
aiplatform.apps.delete
aiplatform.apps.get
aiplatform.apps.list
aiplatform.apps.update
aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update
aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list
aiplatform.cacheConfigs.get
aiplatform.cacheConfigs.update
aiplatform.cachedContents.create
aiplatform.cachedContents.delete
aiplatform.cachedContents.get
aiplatform.cachedContents.list
aiplatform.cachedContents.update
aiplatform.consents.get
aiplatform.consents.update
aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update
aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list
aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update
aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list
aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore
aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update
aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update
aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list
aiplatform.edgeDeviceDebugInfo.get
aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update
aiplatform.endpoints.create
aiplatform.endpoints.delete
aiplatform.endpoints.deploy
aiplatform.endpoints.explain
aiplatform.endpoints.get
aiplatform.endpoints.getIamPolicy
aiplatform.endpoints.list
aiplatform.endpoints.predict
aiplatform.endpoints.setIamPolicy
aiplatform.endpoints.undeploy
aiplatform.endpoints.update
aiplatform.entityTypes.create
aiplatform.entityTypes.delete
aiplatform.entityTypes.deleteFeatureValues
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.get
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.importFeatureValues
aiplatform.entityTypes.list
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.setIamPolicy
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.entityTypes.update
aiplatform.entityTypes.writeFeatureValues
aiplatform.exampleStores.create
aiplatform.exampleStores.delete
aiplatform.exampleStores.get
aiplatform.exampleStores.list
aiplatform.exampleStores.readExample
aiplatform.exampleStores.update
aiplatform.exampleStores.writeExample
aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update
aiplatform.extensions.delete
aiplatform.extensions.execute
aiplatform.extensions.get
aiplatform.extensions.import
aiplatform.extensions.list
aiplatform.extensions.update
aiplatform.featureGroups.create
aiplatform.featureGroups.delete
aiplatform.featureGroups.get
aiplatform.featureGroups.getIamPolicy
aiplatform.featureGroups.list
aiplatform.featureGroups.setIamPolicy
aiplatform.featureGroups.update
aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list
aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update
aiplatform.featureOnlineStores.create
aiplatform.featureOnlineStores.delete
aiplatform.featureOnlineStores.get
aiplatform.featureOnlineStores.getIamPolicy
aiplatform.featureOnlineStores.list
aiplatform.featureOnlineStores.setIamPolicy
aiplatform.featureOnlineStores.update
aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list
aiplatform.featureViews.create
aiplatform.featureViews.delete
aiplatform.featureViews.directWrite
aiplatform.featureViews.fetchFeatureValues
aiplatform.featureViews.get
aiplatform.featureViews.getIamPolicy
aiplatform.featureViews.list
aiplatform.featureViews.searchNearestEntities
aiplatform.featureViews.setIamPolicy
aiplatform.featureViews.sync
aiplatform.featureViews.update
aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update
aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.create
aiplatform.featurestores.delete
aiplatform.featurestores.exportFeatures
aiplatform.featurestores.get
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.importFeatures
aiplatform.featurestores.list
aiplatform.featurestores.readFeatures
aiplatform.featurestores.setIamPolicy
aiplatform.featurestores.update
aiplatform.featurestores.writeFeatures
aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update
aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list
aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update
aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update
aiplatform.locations.evaluateInstances
aiplatform.locations.get
aiplatform.locations.list
aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update
aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list
aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list
aiplatform.migratableResources.migrate
aiplatform.migratableResources.search
aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update
aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list
aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list
aiplatform.modelMonitoringJobs.create
aiplatform.modelMonitoringJobs.delete
aiplatform.modelMonitoringJobs.get
aiplatform.modelMonitoringJobs.list
aiplatform.modelMonitors.create
aiplatform.modelMonitors.delete
aiplatform.modelMonitors.get
aiplatform.modelMonitors.list
aiplatform.modelMonitors.searchModelMonitoringAlerts
aiplatform.modelMonitors.searchModelMonitoringStats
aiplatform.modelMonitors.update
aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload
aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list
aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list
aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list
aiplatform.notebookRuntimeTemplates.apply
aiplatform.notebookRuntimeTemplates.create
aiplatform.notebookRuntimeTemplates.delete
aiplatform.notebookRuntimeTemplates.get
aiplatform.notebookRuntimeTemplates.getIamPolicy
aiplatform.notebookRuntimeTemplates.list
aiplatform.notebookRuntimeTemplates.setIamPolicy
aiplatform.notebookRuntimeTemplates.update
aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade
aiplatform.operations.list
aiplatform.persistentResources.create
aiplatform.persistentResources.delete
aiplatform.persistentResources.get
aiplatform.persistentResources.list
aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list
aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list
aiplatform.provisionedThroughputs.cancel
aiplatform.provisionedThroughputs.create
aiplatform.provisionedThroughputs.get
aiplatform.provisionedThroughputs.list
aiplatform.provisionedThroughputs.update
aiplatform.ragCorpora.create
aiplatform.ragCorpora.delete
aiplatform.ragCorpora.get
aiplatform.ragCorpora.list
aiplatform.ragCorpora.query
aiplatform.ragCorpora.update
aiplatform.ragEngineConfigs.get
aiplatform.ragEngineConfigs.update
aiplatform.ragFiles.delete
aiplatform.ragFiles.get
aiplatform.ragFiles.import
aiplatform.ragFiles.list
aiplatform.ragFiles.upload
aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update
aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list
aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update
aiplatform.sessionEvents.append
aiplatform.sessionEvents.list
aiplatform.sessions.create
aiplatform.sessions.delete
aiplatform.sessions.get
aiplatform.sessions.list
aiplatform.sessions.run
aiplatform.sessions.update
aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update
aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update
aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write
aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write
aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update
aiplatform.tensorboards.create
aiplatform.tensorboards.delete
aiplatform.tensorboards.get
aiplatform.tensorboards.list
aiplatform.tensorboards.recordAccess
aiplatform.tensorboards.update
aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list
aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update
aiplatform.tuningJobs.cancel
aiplatform.tuningJobs.create
aiplatform.tuningJobs.delete
aiplatform.tuningJobs.get
aiplatform.tuningJobs.list
aiplatform.tuningJobs.optimizePrompt
aiplatform.tuningJobs.vertexTune

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Batch Prediction Service Agent

(roles/aiplatform.batchPredictionServiceAgent)

Vertex AI Batch Prediction Service Agent for serving batch prediction requests.

Warning: Do not grant service agent roles to any principals except service agents.

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.models.create

bigquery.models.export

bigquery.models.getData

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.createSnapshot

bigquery.tables.deleteSnapshot

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.restoreSnapshot

bigquery.tables.update

bigquery.tables.updateData

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.buckets.update

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Colab Enterprise Admin

(roles/aiplatform.colabEnterpriseAdmin)

Admin role of using colab enterprise.

aiplatform.locations.get

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.*

aiplatform.notebookRuntimeTemplates.apply
aiplatform.notebookRuntimeTemplates.create
aiplatform.notebookRuntimeTemplates.delete
aiplatform.notebookRuntimeTemplates.get
aiplatform.notebookRuntimeTemplates.getIamPolicy
aiplatform.notebookRuntimeTemplates.list
aiplatform.notebookRuntimeTemplates.setIamPolicy
aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.pipelineJobs.create

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

compute.reservations.get

compute.reservations.list

dataform.*

dataform.commentThreads.create
dataform.commentThreads.delete
dataform.commentThreads.get
dataform.commentThreads.list
dataform.commentThreads.update
dataform.comments.create
dataform.comments.delete
dataform.comments.get
dataform.comments.list
dataform.comments.update
dataform.compilationResults.create
dataform.compilationResults.get
dataform.compilationResults.list
dataform.compilationResults.query
dataform.config.get
dataform.config.update
dataform.folders.addContents
dataform.folders.create
dataform.folders.delete
dataform.folders.get
dataform.folders.getIamPolicy
dataform.folders.move
dataform.folders.queryContents
dataform.folders.setIamPolicy
dataform.folders.update
dataform.locations.get
dataform.locations.list
dataform.operations.cancel
dataform.operations.delete
dataform.operations.get
dataform.operations.list
dataform.releaseConfigs.create
dataform.releaseConfigs.delete
dataform.releaseConfigs.get
dataform.releaseConfigs.list
dataform.releaseConfigs.update
dataform.repositories.commit
dataform.repositories.computeAccessTokenStatus
dataform.repositories.create
dataform.repositories.delete
dataform.repositories.fetchHistory
dataform.repositories.fetchRemoteBranches
dataform.repositories.get
dataform.repositories.getIamPolicy
dataform.repositories.list
dataform.repositories.move
dataform.repositories.queryDirectoryContents
dataform.repositories.readFile
dataform.repositories.scheduleRelease
dataform.repositories.scheduleWorkflow
dataform.repositories.setIamPolicy
dataform.repositories.update
dataform.teamFolders.create
dataform.teamFolders.delete
dataform.teamFolders.get
dataform.teamFolders.getIamPolicy
dataform.teamFolders.setIamPolicy
dataform.teamFolders.update
dataform.workflowConfigs.create
dataform.workflowConfigs.delete
dataform.workflowConfigs.get
dataform.workflowConfigs.list
dataform.workflowConfigs.update
dataform.workflowInvocations.cancel
dataform.workflowInvocations.create
dataform.workflowInvocations.delete
dataform.workflowInvocations.get
dataform.workflowInvocations.list
dataform.workflowInvocations.query
dataform.workspaces.commit
dataform.workspaces.create
dataform.workspaces.delete
dataform.workspaces.fetchFileDiff
dataform.workspaces.fetchFileGitStatuses
dataform.workspaces.fetchGitAheadBehind
dataform.workspaces.get
dataform.workspaces.getIamPolicy
dataform.workspaces.installNpmPackages
dataform.workspaces.list
dataform.workspaces.makeDirectory
dataform.workspaces.moveDirectory
dataform.workspaces.moveFile
dataform.workspaces.pull
dataform.workspaces.push
dataform.workspaces.queryDirectoryContents
dataform.workspaces.readFile
dataform.workspaces.removeDirectory
dataform.workspaces.removeFile
dataform.workspaces.reset
dataform.workspaces.searchFiles
dataform.workspaces.setIamPolicy
dataform.workspaces.writeFile

resourcemanager.projects.get

resourcemanager.projects.list

Colab Enterprise User

(roles/aiplatform.colabEnterpriseUser)

User role of using colab enterprise.

aiplatform.locations.get

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.getIamPolicy

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimes.assign

aiplatform.notebookRuntimes.get

aiplatform.notebookRuntimes.list

aiplatform.operations.list

aiplatform.pipelineJobs.create

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

dataform.commentThreads.get

dataform.commentThreads.list

dataform.comments.get

dataform.comments.list

dataform.folders.create

dataform.locations.*

dataform.locations.get
dataform.locations.list

dataform.repositories.create

dataform.repositories.list

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Colab Service Agent

(roles/aiplatform.colabServiceAgent)

Gives Vertex AI Colab the proper permissions to function.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.notebookExecutionJobs.create

compute.addresses.get

compute.addresses.list

compute.addresses.use

compute.addresses.useInternal

compute.disks.create

compute.disks.createSnapshot

compute.disks.createTagBinding

compute.disks.delete

compute.disks.get

compute.disks.setLabels

compute.disks.use

compute.disks.useReadOnly

compute.globalOperations.get

compute.instances.attachDisk

compute.instances.create

compute.instances.createTagBinding

compute.instances.delete

compute.instances.detachDisk

compute.instances.get

compute.instances.getGuestAttributes

compute.instances.reset

compute.instances.setLabels

compute.instances.setMetadata

compute.instances.setServiceAccount

compute.instances.setTags

compute.instances.start

compute.instances.stop

compute.instances.useReadOnly

compute.networks.get

compute.networks.use

compute.networks.useExternalIp

compute.snapshots.create

compute.snapshots.delete

compute.snapshots.useReadOnly

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

compute.subnetworks.useExternalIp

compute.zoneOperations.get

compute.zoneOperations.list

iam.serviceAccounts.actAs

notebooks.instances.create

notebooks.instances.delete

notebooks.instances.get

Vertex AI Custom Code Service Agent

(roles/aiplatform.customCodeServiceAgent)

Gives Vertex AI Custom Code the proper permissions.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.agentExamples.*

aiplatform.agentExamples.create
aiplatform.agentExamples.delete
aiplatform.agentExamples.get
aiplatform.agentExamples.list
aiplatform.agentExamples.update

aiplatform.agents.*

aiplatform.agents.create
aiplatform.agents.delete
aiplatform.agents.get
aiplatform.agents.list
aiplatform.agents.update

aiplatform.annotationSpecs.*

aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update

aiplatform.annotations.*

aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update

aiplatform.apps.*

aiplatform.apps.create
aiplatform.apps.delete
aiplatform.apps.get
aiplatform.apps.list
aiplatform.apps.update

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.cacheConfigs.get

aiplatform.cachedContents.*

aiplatform.cachedContents.create
aiplatform.cachedContents.delete
aiplatform.cachedContents.get
aiplatform.cachedContents.list
aiplatform.cachedContents.update

aiplatform.consents.get

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.customJobs.*

aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list

aiplatform.dataItems.*

aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update

aiplatform.dataLabelingJobs.*

aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list

aiplatform.datasetVersions.*

aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore

aiplatform.datasets.*

aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update

aiplatform.deploymentResourcePools.*

aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update

aiplatform.edgeDeploymentJobs.*

aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.*

aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update

aiplatform.endpoints.create

aiplatform.endpoints.delete

aiplatform.endpoints.deploy

aiplatform.endpoints.explain

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.endpoints.predict

aiplatform.endpoints.undeploy

aiplatform.endpoints.update

aiplatform.entityTypes.create

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.list

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.exampleStores.*

aiplatform.exampleStores.create
aiplatform.exampleStores.delete
aiplatform.exampleStores.get
aiplatform.exampleStores.list
aiplatform.exampleStores.readExample
aiplatform.exampleStores.update
aiplatform.exampleStores.writeExample

aiplatform.executions.*

aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update

aiplatform.extensions.*

aiplatform.extensions.delete
aiplatform.extensions.execute
aiplatform.extensions.get
aiplatform.extensions.import
aiplatform.extensions.list
aiplatform.extensions.update

aiplatform.featureGroups.create

aiplatform.featureGroups.delete

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureGroups.update

aiplatform.featureMonitorJobs.*

aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.*

aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update

aiplatform.featureOnlineStores.create

aiplatform.featureOnlineStores.delete

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.create

aiplatform.featureViews.delete

aiplatform.featureViews.directWrite

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

aiplatform.featurestores.create

aiplatform.featurestores.delete

aiplatform.featurestores.exportFeatures

aiplatform.featurestores.get

aiplatform.featurestores.importFeatures

aiplatform.featurestores.list

aiplatform.featurestores.readFeatures

aiplatform.featurestores.update

aiplatform.featurestores.writeFeatures

aiplatform.humanInTheLoops.*

aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update

aiplatform.hyperparameterTuningJobs.*

aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.locations.*

aiplatform.locations.evaluateInstances
aiplatform.locations.get
aiplatform.locations.list

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.modelDeploymentMonitoringJobs.*

aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update

aiplatform.modelEvaluationSlices.*

aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.*

aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list

aiplatform.modelMonitoringJobs.*

aiplatform.modelMonitoringJobs.create
aiplatform.modelMonitoringJobs.delete
aiplatform.modelMonitoringJobs.get
aiplatform.modelMonitoringJobs.list

aiplatform.modelMonitors.*

aiplatform.modelMonitors.create
aiplatform.modelMonitors.delete
aiplatform.modelMonitors.get
aiplatform.modelMonitors.list
aiplatform.modelMonitors.searchModelMonitoringAlerts
aiplatform.modelMonitors.searchModelMonitoringStats
aiplatform.modelMonitors.update

aiplatform.models.*

aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload

aiplatform.nasJobs.*

aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.create

aiplatform.notebookRuntimeTemplates.delete

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.persistentResources.get

aiplatform.persistentResources.list

aiplatform.pipelineJobs.*

aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.get

aiplatform.provisionedThroughputs.list

aiplatform.ragCorpora.*

aiplatform.ragCorpora.create
aiplatform.ragCorpora.delete
aiplatform.ragCorpora.get
aiplatform.ragCorpora.list
aiplatform.ragCorpora.query
aiplatform.ragCorpora.update

aiplatform.ragEngineConfigs.get

aiplatform.ragFiles.*

aiplatform.ragFiles.delete
aiplatform.ragFiles.get
aiplatform.ragFiles.import
aiplatform.ragFiles.list
aiplatform.ragFiles.upload

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.*

aiplatform.sessions.create
aiplatform.sessions.delete
aiplatform.sessions.get
aiplatform.sessions.list
aiplatform.sessions.run
aiplatform.sessions.update

aiplatform.specialistPools.*

aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update

aiplatform.studies.*

aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.create

aiplatform.tensorboards.delete

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.tensorboards.update

aiplatform.trainingPipelines.*

aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list

aiplatform.trials.*

aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update

aiplatform.tuningJobs.*

aiplatform.tuningJobs.cancel
aiplatform.tuningJobs.create
aiplatform.tuningJobs.delete
aiplatform.tuningJobs.get
aiplatform.tuningJobs.list
aiplatform.tuningJobs.optimizePrompt
aiplatform.tuningJobs.vertexTune

artifactregistry.repositories.downloadArtifacts

artifactregistry.repositories.get

artifactregistry.repositories.list

artifactregistry.tags.get

artifactregistry.versions.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.update

bigquery.tables.updateData

iam.serviceAccounts.get

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

iam.serviceAccounts.implicitDelegation

iam.serviceAccounts.list

iam.serviceAccounts.signBlob

iam.serviceAccounts.signJwt

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Vertex AI Feature Store EntityType owner

(roles/aiplatform.entityTypeOwner)

Provides full access to all permissions for a particular entity type resource.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.getIamPolicy

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.setIamPolicy

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureMonitorJobs.get

aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.get

aiplatform.featureMonitors.list

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Platform Express Admin^Beta

(roles/aiplatform.expressAdmin)

Grants admin access to Vertex AI Express

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.datasetVersions.*

aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore

aiplatform.datasets.create

aiplatform.datasets.delete

aiplatform.datasets.get

aiplatform.datasets.list

aiplatform.datasets.update

aiplatform.endpoints.predict

aiplatform.locations.evaluateInstances

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.operations.list

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.create

aiplatform.sessions.delete

aiplatform.sessions.get

aiplatform.sessions.list

aiplatform.sessions.update

Vertex AI Platform Express User^Beta

(roles/aiplatform.expressUser)

Grants user access to Vertex AI Express

aiplatform.endpoints.predict

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.operations.list

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.create

aiplatform.sessions.delete

aiplatform.sessions.get

aiplatform.sessions.list

aiplatform.sessions.update

Vertex AI Extension Custom Code Service Agent

(roles/aiplatform.extensionCustomCodeServiceAgent)

Gives Vertex AI Extension that executes custom code the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

logging.logEntries.create

logging.logEntries.route

monitoring.timeSeries.create

orgpolicy.policy.get

resourcemanager.projects.get

resourcemanager.projects.list

storage.folders.*

storage.folders.create
storage.folders.delete
storage.folders.get
storage.folders.list
storage.folders.rename

storage.managedFolders.create

storage.managedFolders.delete

storage.managedFolders.get

storage.managedFolders.list

storage.multipartUploads.*

storage.multipartUploads.abort
storage.multipartUploads.create
storage.multipartUploads.list
storage.multipartUploads.listParts

storage.objects.*

storage.objects.create
storage.objects.createContext
storage.objects.delete
storage.objects.deleteContext
storage.objects.get
storage.objects.getIamPolicy
storage.objects.list
storage.objects.move
storage.objects.overrideUnlockedRetention
storage.objects.restore
storage.objects.setIamPolicy
storage.objects.setRetention
storage.objects.update
storage.objects.updateContext

Vertex AI Extension Service Agent

(roles/aiplatform.extensionServiceAgent)

Gives Vertex AI Extension the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.endpoints.predict

aiplatform.locations.get

aiplatform.ragCorpora.query

discoveryengine.servingConfigs.search

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

logging.logEntries.create

logging.logEntries.route

serviceusage.services.use

storage.objects.get

Vertex AI Feature Store Admin

(roles/aiplatform.featurestoreAdmin)

Grants full access to all resources in Vertex AI Feature Store

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.*

aiplatform.entityTypes.create
aiplatform.entityTypes.delete
aiplatform.entityTypes.deleteFeatureValues
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.get
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.importFeatureValues
aiplatform.entityTypes.list
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.setIamPolicy
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.entityTypes.update
aiplatform.entityTypes.writeFeatureValues

aiplatform.featureGroups.*

aiplatform.featureGroups.create
aiplatform.featureGroups.delete
aiplatform.featureGroups.get
aiplatform.featureGroups.getIamPolicy
aiplatform.featureGroups.list
aiplatform.featureGroups.setIamPolicy
aiplatform.featureGroups.update

aiplatform.featureMonitorJobs.*

aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.*

aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update

aiplatform.featureOnlineStores.*

aiplatform.featureOnlineStores.create
aiplatform.featureOnlineStores.delete
aiplatform.featureOnlineStores.get
aiplatform.featureOnlineStores.getIamPolicy
aiplatform.featureOnlineStores.list
aiplatform.featureOnlineStores.setIamPolicy
aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.*

aiplatform.featureViews.create
aiplatform.featureViews.delete
aiplatform.featureViews.directWrite
aiplatform.featureViews.fetchFeatureValues
aiplatform.featureViews.get
aiplatform.featureViews.getIamPolicy
aiplatform.featureViews.list
aiplatform.featureViews.searchNearestEntities
aiplatform.featureViews.setIamPolicy
aiplatform.featureViews.sync
aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.*

aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.create
aiplatform.featurestores.delete
aiplatform.featurestores.exportFeatures
aiplatform.featurestores.get
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.importFeatures
aiplatform.featurestores.list
aiplatform.featurestores.readFeatures
aiplatform.featurestores.setIamPolicy
aiplatform.featurestores.update
aiplatform.featurestores.writeFeatures

aiplatform.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store Data Viewer

(roles/aiplatform.featurestoreDataViewer)

This role provides permissions to read Feature data.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureMonitorJobs.get

aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.get

aiplatform.featureMonitors.list

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.features.get

aiplatform.features.list

aiplatform.featurestores.batchReadFeatureValues

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store Data Writer

(roles/aiplatform.featurestoreDataWriter)

This role provides permissions to read and write Feature data.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.writeFeatureValues

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureMonitorJobs.get

aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.get

aiplatform.featureMonitors.list

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.features.get

aiplatform.features.list

aiplatform.featurestores.batchReadFeatureValues

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store Instance Creator

(roles/aiplatform.featurestoreInstanceCreator)

Administrator of Featurestore resources, but not the child resources under Featurestores.

Lowest-level resources where you can grant this role:

Featurestore

aiplatform.featurestores.create

aiplatform.featurestores.delete

aiplatform.featurestores.get

aiplatform.featurestores.list

aiplatform.featurestores.update

Vertex AI Feature Store Resource Viewer

(roles/aiplatform.featurestoreResourceViewer)

Viewer of all resources in Vertex AI Feature Store but cannot make changes.

Lowest-level resources where you can grant this role:

Entity type

aiplatform.entityTypes.get

aiplatform.entityTypes.list

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureMonitorJobs.get

aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.get

aiplatform.featureMonitors.list

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.features.get

aiplatform.features.list

aiplatform.featurestores.get

aiplatform.featurestores.list

aiplatform.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Feature Store User^Beta

(roles/aiplatform.featurestoreUser)

Deprecated. Use featurestoreAdmin instead.

aiplatform.entityTypes.*

aiplatform.entityTypes.create
aiplatform.entityTypes.delete
aiplatform.entityTypes.deleteFeatureValues
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.get
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.importFeatureValues
aiplatform.entityTypes.list
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.setIamPolicy
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.entityTypes.update
aiplatform.entityTypes.writeFeatureValues

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.*

aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.create
aiplatform.featurestores.delete
aiplatform.featurestores.exportFeatures
aiplatform.featurestores.get
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.importFeatures
aiplatform.featurestores.list
aiplatform.featurestores.readFeatures
aiplatform.featurestores.setIamPolicy
aiplatform.featurestores.update
aiplatform.featurestores.writeFeatures

aiplatform.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Agent Engine Memory Editor Role^Beta

(roles/aiplatform.memoryEditor)

Grants edit access to Memory for Agent Engine.

aiplatform.memories.create

aiplatform.memories.delete

aiplatform.memories.generate

aiplatform.memories.update

Vertex AI Agent Engine Memory User Role^Beta

(roles/aiplatform.memoryUser)

Grants full user access to Memory for Agent Engine.

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

Vertex AI Agent Engine Memory Viewer Role^Beta

(roles/aiplatform.memoryViewer)

Grants viewer access to Memory for Agent Engine.

aiplatform.memories.get

aiplatform.memories.list

aiplatform.memories.retrieve

Vertex AI Migration Service User

(roles/aiplatform.migrator)

Grants access to use migration service in Vertex AI

aiplatform.migratableResources.*

aiplatform.migratableResources.migrate
aiplatform.migratableResources.search

Vertex AI Model Monitoring Service Agent

(roles/aiplatform.modelMonitoringServiceAgent)

Gives Vertex AI Model Monitoring the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.batchPredictionJobs.create

aiplatform.batchPredictionJobs.get

aiplatform.batchPredictionJobs.list

aiplatform.locations.evaluateInstances

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.tables.create

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.update

bigquery.tables.updateData

monitoring.notificationChannels.get

serviceusage.services.use

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.buckets.update

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Notebook Executor User^Beta

(roles/aiplatform.notebookExecutorUser)

Grants users full access to schedules and notebook execution jobs.

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.operations.list

aiplatform.pipelineJobs.create

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

Notebook Runtime Admin

(roles/aiplatform.notebookRuntimeAdmin)

Grants full access to all runtime templates and runtimes in Notebook Service.

aiplatform.locations.get

aiplatform.notebookRuntimeTemplates.*

aiplatform.notebookRuntimeTemplates.apply
aiplatform.notebookRuntimeTemplates.create
aiplatform.notebookRuntimeTemplates.delete
aiplatform.notebookRuntimeTemplates.get
aiplatform.notebookRuntimeTemplates.getIamPolicy
aiplatform.notebookRuntimeTemplates.list
aiplatform.notebookRuntimeTemplates.setIamPolicy
aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

compute.reservations.get

compute.reservations.list

Notebook Runtime User

(roles/aiplatform.notebookRuntimeUser)

Grants users permissions to create runtime resources using a runtime template and manage the runtime resources they created.

aiplatform.locations.get

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.getIamPolicy

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimes.assign

aiplatform.notebookRuntimes.get

aiplatform.notebookRuntimes.list

aiplatform.operations.list

Vertex AI Notebook Service Agent

(roles/aiplatform.notebookServiceAgent)

Vertex AI Service Agent used to run Notebook managed resources in user project with restricted permissions.

Warning: Do not grant service agent roles to any principals except service agents.

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

Vertex AI Online Prediction Service Agent

(roles/aiplatform.onlinePredictionServiceAgent)

Gives Vertex AI Online Prediction the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

gkehub.features.get

gkehub.features.getIamPolicy

gkehub.features.list

gkehub.fleet.get

gkehub.gateway.delete

gkehub.gateway.generateCredentials

gkehub.gateway.get

gkehub.gateway.patch

gkehub.gateway.post

gkehub.gateway.put

gkehub.locations.*

gkehub.locations.get
gkehub.locations.list

gkehub.memberships.get

gkehub.memberships.getIamPolicy

gkehub.memberships.list

serviceusage.services.get

Vertex AI Platform Provisioned Throughput Admin^Beta

(roles/aiplatform.provisionedThroughputAdmin)

Grants access to use all resources related to Vertex AI Provisioned Throughput

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.*

aiplatform.provisionedThroughputs.cancel
aiplatform.provisionedThroughputs.create
aiplatform.provisionedThroughputs.get
aiplatform.provisionedThroughputs.list
aiplatform.provisionedThroughputs.update

Vertex AI RAG Data Service Agent

(roles/aiplatform.ragServiceAgent)

Vertex AI Service Agent used by Vertex RAG to access user imported data, Vertex AI, Document AI processors, and Vector Search in the project

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.endpoints.get

aiplatform.endpoints.predict

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.models.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.createSnapshot

bigquery.tables.deleteSnapshot

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.restoreSnapshot

bigquery.tables.update

bigquery.tables.updateData

documentai.processorVersions.processOnline

documentai.processors.get

documentai.processors.processOnline

logging.logEntries.create

logging.logEntries.route

storage.buckets.get

storage.buckets.list

storage.objects.get

storage.objects.list

vectorsearch.collections.*

vectorsearch.collections.create
vectorsearch.collections.delete
vectorsearch.collections.get
vectorsearch.collections.list
vectorsearch.collections.update

vectorsearch.dataObjects.*

vectorsearch.dataObjects.create
vectorsearch.dataObjects.delete
vectorsearch.dataObjects.get
vectorsearch.dataObjects.import
vectorsearch.dataObjects.query
vectorsearch.dataObjects.search
vectorsearch.dataObjects.update

vectorsearch.indexes.*

vectorsearch.indexes.create
vectorsearch.indexes.delete
vectorsearch.indexes.get
vectorsearch.indexes.list

vectorsearch.operations.get

vectorsearch.operations.list

Vertex AI Rapid Eval Service Agent

(roles/aiplatform.rapidevalServiceAgent)

Vertex AI Service Agent used by GenAI Rapid Evaluation Service to access publisher model endpoints in the user project

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.endpoints.predict

Vertex AI Reasoning Engine Service Agent

(roles/aiplatform.reasoningEngineServiceAgent)

Gives Vertex AI Reasoning Engine the proper permissions to function. The aiplatform.reasoningEngines.create IAM permission implies read access to the GCS objects of the consumer project through this service agent.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.endpoints.create

aiplatform.endpoints.delete

aiplatform.endpoints.deploy

aiplatform.endpoints.explain

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.endpoints.predict

aiplatform.endpoints.undeploy

aiplatform.endpoints.update

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.create

aiplatform.sessions.delete

aiplatform.sessions.get

aiplatform.sessions.list

aiplatform.sessions.update

cloudapiregistry.*

cloudapiregistry.locations.get
cloudapiregistry.locations.list
cloudapiregistry.mcpServers.get
cloudapiregistry.mcpServers.list
cloudapiregistry.mcpTools.get
cloudapiregistry.mcpTools.list

cloudtrace.traces.patch

developerconnect.connections.get

developerconnect.gitRepositoryLinks.fetchReadToken

developerconnect.gitRepositoryLinks.get

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

resourcemanager.projects.get

serviceusage.services.use

storage.buckets.get

storage.buckets.list

storage.objects.get

storage.objects.list

telemetry.traces.write

Vertex AI Service Agent

(roles/aiplatform.serviceAgent)

Gives Vertex AI the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.agentExamples.*

aiplatform.agentExamples.create
aiplatform.agentExamples.delete
aiplatform.agentExamples.get
aiplatform.agentExamples.list
aiplatform.agentExamples.update

aiplatform.agents.*

aiplatform.agents.create
aiplatform.agents.delete
aiplatform.agents.get
aiplatform.agents.list
aiplatform.agents.update

aiplatform.annotationSpecs.*

aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update

aiplatform.annotations.*

aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update

aiplatform.apps.*

aiplatform.apps.create
aiplatform.apps.delete
aiplatform.apps.get
aiplatform.apps.list
aiplatform.apps.update

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.cacheConfigs.get

aiplatform.cachedContents.*

aiplatform.cachedContents.create
aiplatform.cachedContents.delete
aiplatform.cachedContents.get
aiplatform.cachedContents.list
aiplatform.cachedContents.update

aiplatform.consents.get

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.customJobs.*

aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list

aiplatform.dataItems.*

aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update

aiplatform.dataLabelingJobs.*

aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list

aiplatform.datasetVersions.*

aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore

aiplatform.datasets.*

aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update

aiplatform.deploymentResourcePools.*

aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update

aiplatform.edgeDeploymentJobs.*

aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.*

aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update

aiplatform.endpoints.create

aiplatform.endpoints.delete

aiplatform.endpoints.deploy

aiplatform.endpoints.explain

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.endpoints.predict

aiplatform.endpoints.undeploy

aiplatform.endpoints.update

aiplatform.entityTypes.create

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.list

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.exampleStores.*

aiplatform.exampleStores.create
aiplatform.exampleStores.delete
aiplatform.exampleStores.get
aiplatform.exampleStores.list
aiplatform.exampleStores.readExample
aiplatform.exampleStores.update
aiplatform.exampleStores.writeExample

aiplatform.executions.*

aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update

aiplatform.extensions.*

aiplatform.extensions.delete
aiplatform.extensions.execute
aiplatform.extensions.get
aiplatform.extensions.import
aiplatform.extensions.list
aiplatform.extensions.update

aiplatform.featureGroups.create

aiplatform.featureGroups.delete

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureGroups.update

aiplatform.featureMonitorJobs.*

aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.*

aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update

aiplatform.featureOnlineStores.create

aiplatform.featureOnlineStores.delete

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.create

aiplatform.featureViews.delete

aiplatform.featureViews.directWrite

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

aiplatform.featurestores.create

aiplatform.featurestores.delete

aiplatform.featurestores.exportFeatures

aiplatform.featurestores.get

aiplatform.featurestores.importFeatures

aiplatform.featurestores.list

aiplatform.featurestores.readFeatures

aiplatform.featurestores.update

aiplatform.featurestores.writeFeatures

aiplatform.humanInTheLoops.*

aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update

aiplatform.hyperparameterTuningJobs.*

aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.locations.*

aiplatform.locations.evaluateInstances
aiplatform.locations.get
aiplatform.locations.list

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.modelDeploymentMonitoringJobs.*

aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update

aiplatform.modelEvaluationSlices.*

aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.*

aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list

aiplatform.modelMonitoringJobs.*

aiplatform.modelMonitoringJobs.create
aiplatform.modelMonitoringJobs.delete
aiplatform.modelMonitoringJobs.get
aiplatform.modelMonitoringJobs.list

aiplatform.modelMonitors.*

aiplatform.modelMonitors.create
aiplatform.modelMonitors.delete
aiplatform.modelMonitors.get
aiplatform.modelMonitors.list
aiplatform.modelMonitors.searchModelMonitoringAlerts
aiplatform.modelMonitors.searchModelMonitoringStats
aiplatform.modelMonitors.update

aiplatform.models.*

aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload

aiplatform.nasJobs.*

aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.create

aiplatform.notebookRuntimeTemplates.delete

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.persistentResources.get

aiplatform.persistentResources.list

aiplatform.pipelineJobs.*

aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.get

aiplatform.provisionedThroughputs.list

aiplatform.ragCorpora.*

aiplatform.ragCorpora.create
aiplatform.ragCorpora.delete
aiplatform.ragCorpora.get
aiplatform.ragCorpora.list
aiplatform.ragCorpora.query
aiplatform.ragCorpora.update

aiplatform.ragEngineConfigs.get

aiplatform.ragFiles.*

aiplatform.ragFiles.delete
aiplatform.ragFiles.get
aiplatform.ragFiles.import
aiplatform.ragFiles.list
aiplatform.ragFiles.upload

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.*

aiplatform.sessions.create
aiplatform.sessions.delete
aiplatform.sessions.get
aiplatform.sessions.list
aiplatform.sessions.run
aiplatform.sessions.update

aiplatform.specialistPools.*

aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update

aiplatform.studies.*

aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.create

aiplatform.tensorboards.delete

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.tensorboards.update

aiplatform.trainingPipelines.*

aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list

aiplatform.trials.*

aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update

aiplatform.tuningJobs.*

aiplatform.tuningJobs.cancel
aiplatform.tuningJobs.create
aiplatform.tuningJobs.delete
aiplatform.tuningJobs.get
aiplatform.tuningJobs.list
aiplatform.tuningJobs.optimizePrompt
aiplatform.tuningJobs.vertexTune

artifactregistry.repositories.create

artifactregistry.repositories.downloadArtifacts

artifactregistry.repositories.get

artifactregistry.repositories.list

artifactregistry.repositories.uploadArtifacts

artifactregistry.tags.get

artifactregistry.versions.get

automl.datasets.export

automl.datasets.get

automl.datasets.list

automl.modelEvaluations.list

automl.models.get

automl.models.list

automl.operations.get

automl.tableSpecs.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.models.create

bigquery.models.export

bigquery.models.getData

bigquery.objectRefs.read

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.update

bigquery.tables.updateData

bigtable.tables.get

bigtable.tables.list

bigtable.tables.readRows

compute.addresses.get

compute.addresses.list

compute.addresses.use

compute.addresses.useInternal

compute.disks.create

compute.disks.createSnapshot

compute.disks.createTagBinding

compute.disks.delete

compute.disks.get

compute.disks.setLabels

compute.disks.use

compute.disks.useReadOnly

compute.globalOperations.get

compute.instances.attachDisk

compute.instances.create

compute.instances.createTagBinding

compute.instances.delete

compute.instances.detachDisk

compute.instances.get

compute.instances.getGuestAttributes

compute.instances.list

compute.instances.setLabels

compute.instances.setMetadata

compute.instances.setServiceAccount

compute.instances.setTags

compute.instances.start

compute.instances.stop

compute.instances.update

compute.instances.useReadOnly

compute.machineTypes.get

compute.networks.get

compute.networks.use

compute.networks.useExternalIp

compute.snapshots.create

compute.snapshots.delete

compute.snapshots.useReadOnly

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

compute.subnetworks.useExternalIp

compute.zoneOperations.get

dataflow.jobs.*

dataflow.jobs.cancel
dataflow.jobs.create
dataflow.jobs.get
dataflow.jobs.list
dataflow.jobs.snapshot
dataflow.jobs.updateContents

dataflow.messages.list

dataflow.metrics.get

dataflow.snapshots.*

dataflow.snapshots.delete
dataflow.snapshots.get
dataflow.snapshots.list

datalabeling.annotateddatasets.get

datalabeling.datasets.export

datalabeling.datasets.get

datalabeling.datasets.list

datalabeling.operations.get

hypercomputecluster.clusters.*

hypercomputecluster.clusters.create
hypercomputecluster.clusters.delete
hypercomputecluster.clusters.get
hypercomputecluster.clusters.list
hypercomputecluster.clusters.update

hypercomputecluster.locations.*

hypercomputecluster.locations.get
hypercomputecluster.locations.list

hypercomputecluster.operations.*

hypercomputecluster.operations.cancel
hypercomputecluster.operations.delete
hypercomputecluster.operations.get
hypercomputecluster.operations.list

iam.serviceAccounts.actAs

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

logging.logEntries.create

logging.logEntries.route

ml.models.list

ml.operations.get

ml.versions.get

ml.versions.list

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.notificationChannels.get

monitoring.timeSeries.create

notebooks.instances.create

notebooks.instances.delete

notebooks.instances.get

resourcemanager.projects.get

resourcemanager.projects.list

run.executions.delete

run.executions.get

run.jobs.create

run.jobs.delete

run.jobs.get

run.jobs.run

run.jobs.update

run.operations.delete

run.operations.get

run.routes.invoke

run.services.create

run.services.delete

run.services.get

servicemanagement.services.report

serviceusage.services.list

serviceusage.services.use

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Vertex AI Agent Engine Session Editor Role^Beta

(roles/aiplatform.sessionEditor)

Grants edit access to Session for Agent Engine.

aiplatform.sessionEvents.append

aiplatform.sessions.create

aiplatform.sessions.delete

aiplatform.sessions.update

Vertex AI Agent Engine Session User Role^Beta

(roles/aiplatform.sessionUser)

Grants full user access to Session for Agent Engine.

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.create

aiplatform.sessions.delete

aiplatform.sessions.get

aiplatform.sessions.list

aiplatform.sessions.update

Vertex AI Agent Engine Session Viewer Role^Beta

(roles/aiplatform.sessionViewer)

Grants viewer access to Session for Agent Engine.

aiplatform.sessionEvents.list

aiplatform.sessions.get

aiplatform.sessions.list

Vertex AI Telemetry Service Agent

(roles/aiplatform.telemetryServiceAgent)

Allows Vertex AI Telemetry Service Agent to access telemetry data.

Warning: Do not grant service agent roles to any principals except service agents.

logging.logEntries.create

logging.logEntries.list

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.*

monitoring.timeSeries.create
monitoring.timeSeries.list

servicemanagement.services.report

Vertex AI Tensorboard Web App User^Beta

(roles/aiplatform.tensorboardWebAppUser)

Grants access to the Vertex AI TensorBoard web app.

aiplatform.tensorboards.recordAccess

Vertex AI Tuning Service Agent

(roles/aiplatform.tuningServiceAgent)

Vertex AI Service Agent used for tuning in user project.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.cancel

aiplatform.batchPredictionJobs.create

aiplatform.batchPredictionJobs.get

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.endpoints.create

aiplatform.endpoints.deploy

aiplatform.endpoints.get

aiplatform.locations.evaluateInstances

aiplatform.locations.get

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.models.get

aiplatform.models.update

aiplatform.models.upload

aiplatform.operations.list

aiplatform.pipelineJobs.get

aiplatform.pipelineJobs.list

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.create

aiplatform.tensorboards.delete

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.tensorboards.update

aiplatform.tuningJobs.cancel

aiplatform.tuningJobs.create

aiplatform.tuningJobs.delete

aiplatform.tuningJobs.get

aiplatform.tuningJobs.list

aiplatform.tuningJobs.vertexTune

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.tables.create

bigquery.tables.delete

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.list

bigquery.tables.update

bigquery.tables.updateData

resourcemanager.projects.get

serviceusage.services.use

storage.buckets.create

storage.buckets.get

storage.buckets.getIamPolicy

storage.buckets.list

storage.buckets.update

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.getIamPolicy

storage.objects.list

storage.objects.update

Vertex AI User

(roles/aiplatform.user)

Grants access to use all resource in Vertex AI

aiplatform.agentExamples.*

aiplatform.agentExamples.create
aiplatform.agentExamples.delete
aiplatform.agentExamples.get
aiplatform.agentExamples.list
aiplatform.agentExamples.update

aiplatform.agents.*

aiplatform.agents.create
aiplatform.agents.delete
aiplatform.agents.get
aiplatform.agents.list
aiplatform.agents.update

aiplatform.annotationSpecs.*

aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update

aiplatform.annotations.*

aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update

aiplatform.apps.*

aiplatform.apps.create
aiplatform.apps.delete
aiplatform.apps.get
aiplatform.apps.list
aiplatform.apps.update

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.cacheConfigs.get

aiplatform.cachedContents.*

aiplatform.cachedContents.create
aiplatform.cachedContents.delete
aiplatform.cachedContents.get
aiplatform.cachedContents.list
aiplatform.cachedContents.update

aiplatform.consents.get

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.customJobs.*

aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list

aiplatform.dataItems.*

aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update

aiplatform.dataLabelingJobs.*

aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list

aiplatform.datasetVersions.*

aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore

aiplatform.datasets.*

aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update

aiplatform.deploymentResourcePools.*

aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update

aiplatform.edgeDeploymentJobs.*

aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.*

aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update

aiplatform.endpoints.create

aiplatform.endpoints.delete

aiplatform.endpoints.deploy

aiplatform.endpoints.explain

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.endpoints.predict

aiplatform.endpoints.undeploy

aiplatform.endpoints.update

aiplatform.entityTypes.create

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.list

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.exampleStores.*

aiplatform.exampleStores.create
aiplatform.exampleStores.delete
aiplatform.exampleStores.get
aiplatform.exampleStores.list
aiplatform.exampleStores.readExample
aiplatform.exampleStores.update
aiplatform.exampleStores.writeExample

aiplatform.executions.*

aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update

aiplatform.extensions.*

aiplatform.extensions.delete
aiplatform.extensions.execute
aiplatform.extensions.get
aiplatform.extensions.import
aiplatform.extensions.list
aiplatform.extensions.update

aiplatform.featureGroups.create

aiplatform.featureGroups.delete

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureGroups.update

aiplatform.featureMonitorJobs.*

aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.*

aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update

aiplatform.featureOnlineStores.create

aiplatform.featureOnlineStores.delete

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.create

aiplatform.featureViews.delete

aiplatform.featureViews.directWrite

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

aiplatform.featurestores.create

aiplatform.featurestores.delete

aiplatform.featurestores.exportFeatures

aiplatform.featurestores.get

aiplatform.featurestores.importFeatures

aiplatform.featurestores.list

aiplatform.featurestores.readFeatures

aiplatform.featurestores.update

aiplatform.featurestores.writeFeatures

aiplatform.humanInTheLoops.*

aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update

aiplatform.hyperparameterTuningJobs.*

aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.locations.*

aiplatform.locations.evaluateInstances
aiplatform.locations.get
aiplatform.locations.list

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.modelDeploymentMonitoringJobs.*

aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update

aiplatform.modelEvaluationSlices.*

aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.*

aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list

aiplatform.modelMonitoringJobs.*

aiplatform.modelMonitoringJobs.create
aiplatform.modelMonitoringJobs.delete
aiplatform.modelMonitoringJobs.get
aiplatform.modelMonitoringJobs.list

aiplatform.modelMonitors.*

aiplatform.modelMonitors.create
aiplatform.modelMonitors.delete
aiplatform.modelMonitors.get
aiplatform.modelMonitors.list
aiplatform.modelMonitors.searchModelMonitoringAlerts
aiplatform.modelMonitors.searchModelMonitoringStats
aiplatform.modelMonitors.update

aiplatform.models.*

aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload

aiplatform.nasJobs.*

aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.create

aiplatform.notebookRuntimeTemplates.delete

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.persistentResources.get

aiplatform.persistentResources.list

aiplatform.pipelineJobs.*

aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.get

aiplatform.provisionedThroughputs.list

aiplatform.ragCorpora.*

aiplatform.ragCorpora.create
aiplatform.ragCorpora.delete
aiplatform.ragCorpora.get
aiplatform.ragCorpora.list
aiplatform.ragCorpora.query
aiplatform.ragCorpora.update

aiplatform.ragEngineConfigs.get

aiplatform.ragFiles.*

aiplatform.ragFiles.delete
aiplatform.ragFiles.get
aiplatform.ragFiles.import
aiplatform.ragFiles.list
aiplatform.ragFiles.upload

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.*

aiplatform.sessions.create
aiplatform.sessions.delete
aiplatform.sessions.get
aiplatform.sessions.list
aiplatform.sessions.run
aiplatform.sessions.update

aiplatform.specialistPools.*

aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update

aiplatform.studies.*

aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.create

aiplatform.tensorboards.delete

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.tensorboards.update

aiplatform.trainingPipelines.*

aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list

aiplatform.trials.*

aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update

aiplatform.tuningJobs.*

aiplatform.tuningJobs.cancel
aiplatform.tuningJobs.create
aiplatform.tuningJobs.delete
aiplatform.tuningJobs.get
aiplatform.tuningJobs.list
aiplatform.tuningJobs.optimizePrompt
aiplatform.tuningJobs.vertexTune

resourcemanager.projects.get

resourcemanager.projects.list

Vertex AI Viewer

(roles/aiplatform.viewer)

Grants access to view all resource in Vertex AI

aiplatform.agentExamples.get

aiplatform.agentExamples.list

aiplatform.agents.get

aiplatform.agents.list

aiplatform.annotationSpecs.get

aiplatform.annotationSpecs.list

aiplatform.annotations.get

aiplatform.annotations.list

aiplatform.apps.get

aiplatform.apps.list

aiplatform.artifacts.get

aiplatform.artifacts.list

aiplatform.batchPredictionJobs.get

aiplatform.batchPredictionJobs.list

aiplatform.cacheConfigs.get

aiplatform.cachedContents.get

aiplatform.cachedContents.list

aiplatform.consents.get

aiplatform.contexts.get

aiplatform.contexts.list

aiplatform.contexts.queryContextLineageSubgraph

aiplatform.customJobs.get

aiplatform.customJobs.list

aiplatform.dataItems.get

aiplatform.dataItems.list

aiplatform.dataLabelingJobs.get

aiplatform.dataLabelingJobs.list

aiplatform.datasetVersions.get

aiplatform.datasetVersions.list

aiplatform.datasets.get

aiplatform.datasets.list

aiplatform.deploymentResourcePools.get

aiplatform.deploymentResourcePools.list

aiplatform.deploymentResourcePools.queryDeployedModels

aiplatform.edgeDeploymentJobs.get

aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.get

aiplatform.edgeDevices.list

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.entityTypes.get

aiplatform.entityTypes.list

aiplatform.exampleStores.get

aiplatform.exampleStores.list

aiplatform.exampleStores.readExample

aiplatform.executions.get

aiplatform.executions.list

aiplatform.executions.queryExecutionInputsAndOutputs

aiplatform.extensions.get

aiplatform.extensions.list

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureMonitorJobs.get

aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.get

aiplatform.featureMonitors.list

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.features.get

aiplatform.features.list

aiplatform.featurestores.get

aiplatform.featurestores.list

aiplatform.humanInTheLoops.get

aiplatform.humanInTheLoops.list

aiplatform.hyperparameterTuningJobs.get

aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.get

aiplatform.indexEndpoints.list

aiplatform.indexEndpoints.queryVectors

aiplatform.indexes.get

aiplatform.indexes.list

aiplatform.locations.get

aiplatform.locations.list

aiplatform.memories.get

aiplatform.memories.list

aiplatform.metadataSchemas.get

aiplatform.metadataSchemas.list

aiplatform.metadataStores.get

aiplatform.metadataStores.list

aiplatform.modelDeploymentMonitoringJobs.get

aiplatform.modelDeploymentMonitoringJobs.list

aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies

aiplatform.modelEvaluationSlices.get

aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.get

aiplatform.modelEvaluations.list

aiplatform.modelMonitoringJobs.get

aiplatform.modelMonitoringJobs.list

aiplatform.modelMonitors.get

aiplatform.modelMonitors.list

aiplatform.modelMonitors.searchModelMonitoringAlerts

aiplatform.modelMonitors.searchModelMonitoringStats

aiplatform.models.get

aiplatform.models.list

aiplatform.nasJobs.get

aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookExecutionJobs.get

aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimes.get

aiplatform.notebookRuntimes.list

aiplatform.operations.list

aiplatform.persistentResources.get

aiplatform.persistentResources.list

aiplatform.pipelineJobs.get

aiplatform.pipelineJobs.list

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.get

aiplatform.provisionedThroughputs.list

aiplatform.ragCorpora.get

aiplatform.ragCorpora.list

aiplatform.ragCorpora.query

aiplatform.ragEngineConfigs.get

aiplatform.ragFiles.get

aiplatform.ragFiles.list

aiplatform.reasoningEngines.get

aiplatform.reasoningEngines.list

aiplatform.reasoningEngines.query

aiplatform.sandboxEnvironments.get

aiplatform.sandboxEnvironments.list

aiplatform.schedules.get

aiplatform.schedules.list

aiplatform.sessionEvents.list

aiplatform.sessions.get

aiplatform.sessions.list

aiplatform.specialistPools.get

aiplatform.specialistPools.list

aiplatform.specialistPools.update

aiplatform.studies.get

aiplatform.studies.list

aiplatform.tensorboardExperiments.get

aiplatform.tensorboardExperiments.list

aiplatform.tensorboardRuns.get

aiplatform.tensorboardRuns.list

aiplatform.tensorboardTimeSeries.batchRead

aiplatform.tensorboardTimeSeries.get

aiplatform.tensorboardTimeSeries.list

aiplatform.tensorboardTimeSeries.read

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.trainingPipelines.get

aiplatform.trainingPipelines.list

aiplatform.trials.get

aiplatform.trials.list

aiplatform.tuningJobs.get

aiplatform.tuningJobs.list

resourcemanager.projects.get

resourcemanager.projects.list

Basic roles

The older Google Cloudbasic rolesare common to all Google Cloud services. These roles are Owner, Editor,and Viewer.

Basic roles include thousands of permissions across all Google Cloud services. In production environments, don't grant basic roles unless there is no alternative. Instead, grant the most limited predefined roles orcustom roles that meet your needs.

Project-level versus resource-level access

You can manage access at the project level or resource level. Youmight also have the ability to manage access at a folder or organization level.

For most Vertex AI resources, access can only be controlled bythe project, folder, and organization. Access to individual resources can begranted only for specific resource types, for example, an endpoint ora featurestore.

Users share control of all resources they can access. For example, if auser registers a model, all other authorized users in the project canaccess, change, and delete the model.

To grant access to resources at the project level, assign one or moreroles to a principal (user, group, orserviceaccount).

For Vertex AI resources that let you grant access atthe resource level, you set an IAM policy onthat resource. The policy defines which roles are assigned to which principals.

Setting apolicy at the resource level doesn'taffect project-level policies. A resource inherits all policies from itsancestry. You can use these two levels of granularity to customize permissions.For example, you can grant users read permissions at the project level so thatthey can read all resources in the project, and then you can grant users writepermissions per resource (at the resource level).

Not all Vertex AI predefined roles and resources supportresource-level policies. To identify which roles can be used on which resources,see thePredefined roles table.

Supported resources

Vertex AI supports Vertex AI Feature Store featurestoreand entity type resources. For more information, seeControl access toVertex AI Feature Store resources.

After granting or revoking access to a resource, those changes take time topropagate. For more information, seeAccess changepropagation.

Resources, service accounts, and service agents

Vertex AI services often manage long-running resourcesthat perform actions, such as running a training job that reads training data,or serving a machine learning (ML) model that reads model weight.Such standalone resources have their own resource identity whenperforming actions. This identity is distinct from the identity ofthe principal that created the resource. Permissions granted to theresource identity define which data and other resources that theresource identity can access, not the permissions of the principalthat created the resource.

By default, Vertex AI resources use service accounts managedby Vertex AI as a resource identity. These service accountsare called Vertex AI service agents, and they are attachedto the project where the resource is created. Users withspecific Vertex AI permissions can create resources that useVertex AI service agents. For some services, you can specifya service account to attach to the resource. The resource uses thisservice account to access other resources and services. To learn more aboutservice accounts, seeservice accounts.

Vertex AI uses different service agents depending on theAPIs being called. Each service agent has specificIAM permissions on the project to which they are tied.These permissions are used by the resource identity to perform actions,and the permissions can include read-only access to all Cloud Storageresources and BigQuery data in the project.

Service accounts

Aservice accountis a special account used by an application or a virtual machine (VM)instance, not a person. You can create and assign permissions to serviceaccounts to provide specific permissions to a resource or application.

For information about using a service account to customize the permissionsavailable to a custom training container or a container that serves onlinepredictions for a custom-trained model, readUse a custom serviceaccount.

Service accounts are identified by an email address.

Service agents

Service agents are automaticallyprovided; they enable a service to access resources on your behalf.

Note: Don't remove default roles and permissions of service agents unless you are sure that they are unnecessary.

When a service agent is created, the service agent is granted a predefinedrole for your project. The following table lists Vertex AIservice agents, their email addresses, and their respective roles:

Name	Used for	Email address	Role
Vertex AI Service Agent	Vertex AI capabilities	`service-PROJECT_NUMBER@gcp-sa-aiplatform.iam.gserviceaccount.com`	`roles/aiplatform.serviceAgent`
Vertex AI RAG Data Service Agent	Vertex AI RAG accesses user-imported data, Vertex AI, Document AI processors in the project	`service-PROJECT_NUMBER@gcp-sa-vertex-rag.iam.gserviceaccount.com`	`roles/aiplatform.ragServiceAgent`
Vertex AI Custom Code Service Agent	Custom training code Ray on Vertex AI application code	`service-PROJECT_NUMBER@gcp-sa-aiplatform-cc.iam.gserviceaccount.com`	`roles/aiplatform.customCodeServiceAgent`
Vertex AI Extension Service Agent	Vertex Extensions	`service-PROJECT_NUMBER@gcp-sa-vertex-ex.iam.gserviceaccount.com`	`roles/aiplatform.extensionServiceAgent`
Cloud AI Platform Notebooks Service Account	Vertex AI Workbench capabilities	`service-PROJECT_NUMBER@gcp-sa-notebooks.iam.gserviceaccount.com`	`roles/notebooks.serviceAgent`

The Vertex AI Custom Code Service Agent is created only if you run custom training codeto train a custom-trained model.

For Vertex AI to perform tasks like training a model using data from a Cloud Storage bucket, it needs permission to read that data. To handle this securely, Vertex AI uses a Google-managed service account called a Service Agent to access your resources.When you use the Vertex AI API, this Service Agent is automatically granted IAM roles (likeStorage Object Viewer) on your project. This is expected and necessary for the service to function. This mechanism allows Vertex AI to access the data it needs for tasks you initiate, while your data remains under your project's access control policies.

Service agent roles and permissions

See the following roles and permissions that are granted toVertex AI service agents.

Role Permissions

Role	Permissions
Vertex AI Service Agent (`roles/aiplatform.serviceAgent`) Gives Vertex AI the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.agentExamples.` `aiplatform.agentExamples.create` `aiplatform.agentExamples.delete` `aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agentExamples.update` `aiplatform.agents.` `aiplatform.agents.create` `aiplatform.agents.delete` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.agents.update` `aiplatform.annotationSpecs.` `aiplatform.annotationSpecs.create` `aiplatform.annotationSpecs.delete` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotationSpecs.update` `aiplatform.annotations.` `aiplatform.annotations.create` `aiplatform.annotations.delete` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.annotations.update` `aiplatform.apps.` `aiplatform.apps.create` `aiplatform.apps.delete` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.apps.update` `aiplatform.artifacts.` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cachedContents.` `aiplatform.cachedContents.create` `aiplatform.cachedContents.delete` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.cachedContents.update` `aiplatform.consents.get` `aiplatform.contexts.` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.customJobs.` `aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.delete` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.` `aiplatform.dataItems.create` `aiplatform.dataItems.delete` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataItems.update` `aiplatform.dataLabelingJobs.` `aiplatform.dataLabelingJobs.cancel` `aiplatform.dataLabelingJobs.create` `aiplatform.dataLabelingJobs.delete` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.export` `aiplatform.datasets.get` `aiplatform.datasets.import` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.deploymentResourcePools.` `aiplatform.deploymentResourcePools.create` `aiplatform.deploymentResourcePools.delete` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.deploymentResourcePools.update` `aiplatform.edgeDeploymentJobs.` `aiplatform.edgeDeploymentJobs.create` `aiplatform.edgeDeploymentJobs.delete` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.` `aiplatform.edgeDevices.create` `aiplatform.edgeDevices.delete` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.edgeDevices.update` `aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.exampleStores.` `aiplatform.exampleStores.create` `aiplatform.exampleStores.delete` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.exampleStores.update` `aiplatform.exampleStores.writeExample` `aiplatform.executions.` `aiplatform.executions.addExecutionEvents` `aiplatform.executions.create` `aiplatform.executions.delete` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.executions.update` `aiplatform.extensions.` `aiplatform.extensions.delete` `aiplatform.extensions.execute` `aiplatform.extensions.get` `aiplatform.extensions.import` `aiplatform.extensions.list` `aiplatform.extensions.update` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.humanInTheLoops.` `aiplatform.humanInTheLoops.cancel` `aiplatform.humanInTheLoops.create` `aiplatform.humanInTheLoops.delete` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.humanInTheLoops.queryAnnotationStats` `aiplatform.humanInTheLoops.send` `aiplatform.humanInTheLoops.update` `aiplatform.hyperparameterTuningJobs.` `aiplatform.hyperparameterTuningJobs.cancel` `aiplatform.hyperparameterTuningJobs.create` `aiplatform.hyperparameterTuningJobs.delete` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.locations.` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.metadataSchemas.` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.modelDeploymentMonitoringJobs.` `aiplatform.modelDeploymentMonitoringJobs.create` `aiplatform.modelDeploymentMonitoringJobs.delete` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.pause` `aiplatform.modelDeploymentMonitoringJobs.resume` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelDeploymentMonitoringJobs.update` `aiplatform.modelEvaluationSlices.` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.import` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.` `aiplatform.modelEvaluations.exportEvaluatedDataItems` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.import` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.` `aiplatform.modelMonitoringJobs.create` `aiplatform.modelMonitoringJobs.delete` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.` `aiplatform.modelMonitors.create` `aiplatform.modelMonitors.delete` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.modelMonitors.update` `aiplatform.models.` `aiplatform.models.delete` `aiplatform.models.export` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.nasJobs.` `aiplatform.nasJobs.cancel` `aiplatform.nasJobs.create` `aiplatform.nasJobs.delete` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.` `aiplatform.pipelineJobs.cancel` `aiplatform.pipelineJobs.create` `aiplatform.pipelineJobs.delete` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.ragCorpora.` `aiplatform.ragCorpora.create` `aiplatform.ragCorpora.delete` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragCorpora.update` `aiplatform.ragEngineConfigs.get` `aiplatform.ragFiles.` `aiplatform.ragFiles.delete` `aiplatform.ragFiles.get` `aiplatform.ragFiles.import` `aiplatform.ragFiles.list` `aiplatform.ragFiles.upload` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.run` `aiplatform.sessions.update` `aiplatform.specialistPools.` `aiplatform.specialistPools.create` `aiplatform.specialistPools.delete` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.` `aiplatform.studies.create` `aiplatform.studies.delete` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.studies.update` `aiplatform.tensorboardExperiments.` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.update` `aiplatform.trainingPipelines.` `aiplatform.trainingPipelines.cancel` `aiplatform.trainingPipelines.create` `aiplatform.trainingPipelines.delete` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.` `aiplatform.trials.create` `aiplatform.trials.delete` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.trials.update` `aiplatform.tuningJobs.` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.optimizePrompt` `aiplatform.tuningJobs.vertexTune` `artifactregistry.repositories.create` `artifactregistry.repositories.downloadArtifacts` `artifactregistry.repositories.get` `artifactregistry.repositories.list` `artifactregistry.repositories.uploadArtifacts` `artifactregistry.tags.get` `artifactregistry.versions.get` `automl.datasets.export` `automl.datasets.get` `automl.datasets.list` `automl.modelEvaluations.list` `automl.models.get` `automl.models.list` `automl.operations.get` `automl.tableSpecs.get` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.models.create` `bigquery.models.export` `bigquery.models.getData` `bigquery.objectRefs.read` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.update` `bigquery.tables.updateData` `bigtable.tables.get` `bigtable.tables.list` `bigtable.tables.readRows` `compute.addresses.get` `compute.addresses.list` `compute.addresses.use` `compute.addresses.useInternal` `compute.disks.create` `compute.disks.createSnapshot` `compute.disks.createTagBinding` `compute.disks.delete` `compute.disks.get` `compute.disks.setLabels` `compute.disks.use` `compute.disks.useReadOnly` `compute.globalOperations.get` `compute.instances.attachDisk` `compute.instances.create` `compute.instances.createTagBinding` `compute.instances.delete` `compute.instances.detachDisk` `compute.instances.get` `compute.instances.getGuestAttributes` `compute.instances.list` `compute.instances.setLabels` `compute.instances.setMetadata` `compute.instances.setServiceAccount` `compute.instances.setTags` `compute.instances.start` `compute.instances.stop` `compute.instances.update` `compute.instances.useReadOnly` `compute.machineTypes.get` `compute.networks.get` `compute.networks.use` `compute.networks.useExternalIp` `compute.snapshots.create` `compute.snapshots.delete` `compute.snapshots.useReadOnly` `compute.subnetworks.get` `compute.subnetworks.list` `compute.subnetworks.use` `compute.subnetworks.useExternalIp` `compute.zoneOperations.get` `dataflow.jobs.` `dataflow.jobs.cancel` `dataflow.jobs.create` `dataflow.jobs.get` `dataflow.jobs.list` `dataflow.jobs.snapshot` `dataflow.jobs.updateContents` `dataflow.messages.list` `dataflow.metrics.get` `dataflow.snapshots.` `dataflow.snapshots.delete` `dataflow.snapshots.get` `dataflow.snapshots.list` `datalabeling.annotateddatasets.get` `datalabeling.datasets.export` `datalabeling.datasets.get` `datalabeling.datasets.list` `datalabeling.operations.get` `hypercomputecluster.clusters.` `hypercomputecluster.clusters.create` `hypercomputecluster.clusters.delete` `hypercomputecluster.clusters.get` `hypercomputecluster.clusters.list` `hypercomputecluster.clusters.update` `hypercomputecluster.locations.` `hypercomputecluster.locations.get` `hypercomputecluster.locations.list` `hypercomputecluster.operations.` `hypercomputecluster.operations.cancel` `hypercomputecluster.operations.delete` `hypercomputecluster.operations.get` `hypercomputecluster.operations.list` `iam.serviceAccounts.actAs` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `logging.logEntries.create` `logging.logEntries.route` `ml.models.list` `ml.operations.get` `ml.versions.get` `ml.versions.list` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.*` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.notificationChannels.get` `monitoring.timeSeries.create` `notebooks.instances.create` `notebooks.instances.delete` `notebooks.instances.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `run.executions.delete` `run.executions.get` `run.jobs.create` `run.jobs.delete` `run.jobs.get` `run.jobs.run` `run.jobs.update` `run.operations.delete` `run.operations.get` `run.routes.invoke` `run.services.create` `run.services.delete` `run.services.get` `servicemanagement.services.report` `serviceusage.services.list` `serviceusage.services.use` `storage.buckets.create` `storage.buckets.delete` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Vertex AI RAG Data Service Agent (`roles/aiplatform.ragServiceAgent`) Vertex AI Service Agent used by Vertex RAG to access user imported data, Vertex AI, Document AI processors, and Vector Search in the project Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.endpoints.get` `aiplatform.endpoints.predict` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.models.get` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.createSnapshot` `bigquery.tables.deleteSnapshot` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.restoreSnapshot` `bigquery.tables.update` `bigquery.tables.updateData` `documentai.processorVersions.processOnline` `documentai.processors.get` `documentai.processors.processOnline` `logging.logEntries.create` `logging.logEntries.route` `storage.buckets.get` `storage.buckets.list` `storage.objects.get` `storage.objects.list` `vectorsearch.collections.` `vectorsearch.collections.create` `vectorsearch.collections.delete` `vectorsearch.collections.get` `vectorsearch.collections.list` `vectorsearch.collections.update` `vectorsearch.dataObjects.` `vectorsearch.dataObjects.create` `vectorsearch.dataObjects.delete` `vectorsearch.dataObjects.get` `vectorsearch.dataObjects.import` `vectorsearch.dataObjects.query` `vectorsearch.dataObjects.search` `vectorsearch.dataObjects.update` `vectorsearch.indexes.*` `vectorsearch.indexes.create` `vectorsearch.indexes.delete` `vectorsearch.indexes.get` `vectorsearch.indexes.list` `vectorsearch.operations.get` `vectorsearch.operations.list`
Vertex AI Custom Code Service Agent (`roles/aiplatform.customCodeServiceAgent`) Gives Vertex AI Custom Code the proper permissions. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.agentExamples.` `aiplatform.agentExamples.create` `aiplatform.agentExamples.delete` `aiplatform.agentExamples.get` `aiplatform.agentExamples.list` `aiplatform.agentExamples.update` `aiplatform.agents.` `aiplatform.agents.create` `aiplatform.agents.delete` `aiplatform.agents.get` `aiplatform.agents.list` `aiplatform.agents.update` `aiplatform.annotationSpecs.` `aiplatform.annotationSpecs.create` `aiplatform.annotationSpecs.delete` `aiplatform.annotationSpecs.get` `aiplatform.annotationSpecs.list` `aiplatform.annotationSpecs.update` `aiplatform.annotations.` `aiplatform.annotations.create` `aiplatform.annotations.delete` `aiplatform.annotations.get` `aiplatform.annotations.list` `aiplatform.annotations.update` `aiplatform.apps.` `aiplatform.apps.create` `aiplatform.apps.delete` `aiplatform.apps.get` `aiplatform.apps.list` `aiplatform.apps.update` `aiplatform.artifacts.` `aiplatform.artifacts.create` `aiplatform.artifacts.delete` `aiplatform.artifacts.get` `aiplatform.artifacts.list` `aiplatform.artifacts.update` `aiplatform.batchPredictionJobs.` `aiplatform.batchPredictionJobs.cancel` `aiplatform.batchPredictionJobs.create` `aiplatform.batchPredictionJobs.delete` `aiplatform.batchPredictionJobs.get` `aiplatform.batchPredictionJobs.list` `aiplatform.cacheConfigs.get` `aiplatform.cachedContents.` `aiplatform.cachedContents.create` `aiplatform.cachedContents.delete` `aiplatform.cachedContents.get` `aiplatform.cachedContents.list` `aiplatform.cachedContents.update` `aiplatform.consents.get` `aiplatform.contexts.` `aiplatform.contexts.addContextArtifactsAndExecutions` `aiplatform.contexts.addContextChildren` `aiplatform.contexts.create` `aiplatform.contexts.delete` `aiplatform.contexts.get` `aiplatform.contexts.list` `aiplatform.contexts.queryContextLineageSubgraph` `aiplatform.contexts.update` `aiplatform.customJobs.` `aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.delete` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.dataItems.` `aiplatform.dataItems.create` `aiplatform.dataItems.delete` `aiplatform.dataItems.get` `aiplatform.dataItems.list` `aiplatform.dataItems.update` `aiplatform.dataLabelingJobs.` `aiplatform.dataLabelingJobs.cancel` `aiplatform.dataLabelingJobs.create` `aiplatform.dataLabelingJobs.delete` `aiplatform.dataLabelingJobs.get` `aiplatform.dataLabelingJobs.list` `aiplatform.datasetVersions.` `aiplatform.datasetVersions.create` `aiplatform.datasetVersions.delete` `aiplatform.datasetVersions.get` `aiplatform.datasetVersions.list` `aiplatform.datasetVersions.restore` `aiplatform.datasets.` `aiplatform.datasets.create` `aiplatform.datasets.delete` `aiplatform.datasets.export` `aiplatform.datasets.get` `aiplatform.datasets.import` `aiplatform.datasets.list` `aiplatform.datasets.update` `aiplatform.deploymentResourcePools.` `aiplatform.deploymentResourcePools.create` `aiplatform.deploymentResourcePools.delete` `aiplatform.deploymentResourcePools.get` `aiplatform.deploymentResourcePools.list` `aiplatform.deploymentResourcePools.queryDeployedModels` `aiplatform.deploymentResourcePools.update` `aiplatform.edgeDeploymentJobs.` `aiplatform.edgeDeploymentJobs.create` `aiplatform.edgeDeploymentJobs.delete` `aiplatform.edgeDeploymentJobs.get` `aiplatform.edgeDeploymentJobs.list` `aiplatform.edgeDeviceDebugInfo.get` `aiplatform.edgeDevices.` `aiplatform.edgeDevices.create` `aiplatform.edgeDevices.delete` `aiplatform.edgeDevices.get` `aiplatform.edgeDevices.list` `aiplatform.edgeDevices.update` `aiplatform.endpoints.create` `aiplatform.endpoints.delete` `aiplatform.endpoints.deploy` `aiplatform.endpoints.explain` `aiplatform.endpoints.get` `aiplatform.endpoints.list` `aiplatform.endpoints.predict` `aiplatform.endpoints.undeploy` `aiplatform.endpoints.update` `aiplatform.entityTypes.create` `aiplatform.entityTypes.delete` `aiplatform.entityTypes.deleteFeatureValues` `aiplatform.entityTypes.exportFeatureValues` `aiplatform.entityTypes.get` `aiplatform.entityTypes.importFeatureValues` `aiplatform.entityTypes.list` `aiplatform.entityTypes.readFeatureValues` `aiplatform.entityTypes.streamingReadFeatureValues` `aiplatform.entityTypes.update` `aiplatform.entityTypes.writeFeatureValues` `aiplatform.exampleStores.` `aiplatform.exampleStores.create` `aiplatform.exampleStores.delete` `aiplatform.exampleStores.get` `aiplatform.exampleStores.list` `aiplatform.exampleStores.readExample` `aiplatform.exampleStores.update` `aiplatform.exampleStores.writeExample` `aiplatform.executions.` `aiplatform.executions.addExecutionEvents` `aiplatform.executions.create` `aiplatform.executions.delete` `aiplatform.executions.get` `aiplatform.executions.list` `aiplatform.executions.queryExecutionInputsAndOutputs` `aiplatform.executions.update` `aiplatform.extensions.` `aiplatform.extensions.delete` `aiplatform.extensions.execute` `aiplatform.extensions.get` `aiplatform.extensions.import` `aiplatform.extensions.list` `aiplatform.extensions.update` `aiplatform.featureGroups.create` `aiplatform.featureGroups.delete` `aiplatform.featureGroups.get` `aiplatform.featureGroups.list` `aiplatform.featureGroups.update` `aiplatform.featureMonitorJobs.` `aiplatform.featureMonitorJobs.create` `aiplatform.featureMonitorJobs.get` `aiplatform.featureMonitorJobs.list` `aiplatform.featureMonitors.` `aiplatform.featureMonitors.create` `aiplatform.featureMonitors.delete` `aiplatform.featureMonitors.get` `aiplatform.featureMonitors.list` `aiplatform.featureMonitors.update` `aiplatform.featureOnlineStores.create` `aiplatform.featureOnlineStores.delete` `aiplatform.featureOnlineStores.get` `aiplatform.featureOnlineStores.list` `aiplatform.featureOnlineStores.update` `aiplatform.featureViewSyncs.` `aiplatform.featureViewSyncs.get` `aiplatform.featureViewSyncs.list` `aiplatform.featureViews.create` `aiplatform.featureViews.delete` `aiplatform.featureViews.directWrite` `aiplatform.featureViews.fetchFeatureValues` `aiplatform.featureViews.get` `aiplatform.featureViews.list` `aiplatform.featureViews.searchNearestEntities` `aiplatform.featureViews.sync` `aiplatform.featureViews.update` `aiplatform.features.` `aiplatform.features.create` `aiplatform.features.delete` `aiplatform.features.get` `aiplatform.features.list` `aiplatform.features.update` `aiplatform.featurestores.batchReadFeatureValues` `aiplatform.featurestores.create` `aiplatform.featurestores.delete` `aiplatform.featurestores.exportFeatures` `aiplatform.featurestores.get` `aiplatform.featurestores.importFeatures` `aiplatform.featurestores.list` `aiplatform.featurestores.readFeatures` `aiplatform.featurestores.update` `aiplatform.featurestores.writeFeatures` `aiplatform.humanInTheLoops.` `aiplatform.humanInTheLoops.cancel` `aiplatform.humanInTheLoops.create` `aiplatform.humanInTheLoops.delete` `aiplatform.humanInTheLoops.get` `aiplatform.humanInTheLoops.list` `aiplatform.humanInTheLoops.queryAnnotationStats` `aiplatform.humanInTheLoops.send` `aiplatform.humanInTheLoops.update` `aiplatform.hyperparameterTuningJobs.` `aiplatform.hyperparameterTuningJobs.cancel` `aiplatform.hyperparameterTuningJobs.create` `aiplatform.hyperparameterTuningJobs.delete` `aiplatform.hyperparameterTuningJobs.get` `aiplatform.hyperparameterTuningJobs.list` `aiplatform.indexEndpoints.` `aiplatform.indexEndpoints.create` `aiplatform.indexEndpoints.delete` `aiplatform.indexEndpoints.deploy` `aiplatform.indexEndpoints.get` `aiplatform.indexEndpoints.list` `aiplatform.indexEndpoints.queryVectors` `aiplatform.indexEndpoints.undeploy` `aiplatform.indexEndpoints.update` `aiplatform.indexes.` `aiplatform.indexes.create` `aiplatform.indexes.delete` `aiplatform.indexes.get` `aiplatform.indexes.list` `aiplatform.indexes.update` `aiplatform.locations.` `aiplatform.locations.evaluateInstances` `aiplatform.locations.get` `aiplatform.locations.list` `aiplatform.memories.` `aiplatform.memories.create` `aiplatform.memories.delete` `aiplatform.memories.generate` `aiplatform.memories.get` `aiplatform.memories.list` `aiplatform.memories.retrieve` `aiplatform.memories.update` `aiplatform.metadataSchemas.` `aiplatform.metadataSchemas.create` `aiplatform.metadataSchemas.delete` `aiplatform.metadataSchemas.get` `aiplatform.metadataSchemas.list` `aiplatform.metadataStores.` `aiplatform.metadataStores.create` `aiplatform.metadataStores.delete` `aiplatform.metadataStores.get` `aiplatform.metadataStores.list` `aiplatform.modelDeploymentMonitoringJobs.` `aiplatform.modelDeploymentMonitoringJobs.create` `aiplatform.modelDeploymentMonitoringJobs.delete` `aiplatform.modelDeploymentMonitoringJobs.get` `aiplatform.modelDeploymentMonitoringJobs.list` `aiplatform.modelDeploymentMonitoringJobs.pause` `aiplatform.modelDeploymentMonitoringJobs.resume` `aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies` `aiplatform.modelDeploymentMonitoringJobs.update` `aiplatform.modelEvaluationSlices.` `aiplatform.modelEvaluationSlices.get` `aiplatform.modelEvaluationSlices.import` `aiplatform.modelEvaluationSlices.list` `aiplatform.modelEvaluations.` `aiplatform.modelEvaluations.exportEvaluatedDataItems` `aiplatform.modelEvaluations.get` `aiplatform.modelEvaluations.import` `aiplatform.modelEvaluations.list` `aiplatform.modelMonitoringJobs.` `aiplatform.modelMonitoringJobs.create` `aiplatform.modelMonitoringJobs.delete` `aiplatform.modelMonitoringJobs.get` `aiplatform.modelMonitoringJobs.list` `aiplatform.modelMonitors.` `aiplatform.modelMonitors.create` `aiplatform.modelMonitors.delete` `aiplatform.modelMonitors.get` `aiplatform.modelMonitors.list` `aiplatform.modelMonitors.searchModelMonitoringAlerts` `aiplatform.modelMonitors.searchModelMonitoringStats` `aiplatform.modelMonitors.update` `aiplatform.models.` `aiplatform.models.delete` `aiplatform.models.export` `aiplatform.models.get` `aiplatform.models.list` `aiplatform.models.update` `aiplatform.models.upload` `aiplatform.nasJobs.` `aiplatform.nasJobs.cancel` `aiplatform.nasJobs.create` `aiplatform.nasJobs.delete` `aiplatform.nasJobs.get` `aiplatform.nasJobs.list` `aiplatform.nasTrialDetails.` `aiplatform.nasTrialDetails.get` `aiplatform.nasTrialDetails.list` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.notebookRuntimeTemplates.apply` `aiplatform.notebookRuntimeTemplates.create` `aiplatform.notebookRuntimeTemplates.delete` `aiplatform.notebookRuntimeTemplates.get` `aiplatform.notebookRuntimeTemplates.list` `aiplatform.notebookRuntimeTemplates.update` `aiplatform.notebookRuntimes.` `aiplatform.notebookRuntimes.assign` `aiplatform.notebookRuntimes.delete` `aiplatform.notebookRuntimes.get` `aiplatform.notebookRuntimes.list` `aiplatform.notebookRuntimes.start` `aiplatform.notebookRuntimes.update` `aiplatform.notebookRuntimes.upgrade` `aiplatform.operations.list` `aiplatform.persistentResources.get` `aiplatform.persistentResources.list` `aiplatform.pipelineJobs.` `aiplatform.pipelineJobs.cancel` `aiplatform.pipelineJobs.create` `aiplatform.pipelineJobs.delete` `aiplatform.pipelineJobs.get` `aiplatform.pipelineJobs.list` `aiplatform.provisionedThroughputRevisions.` `aiplatform.provisionedThroughputRevisions.get` `aiplatform.provisionedThroughputRevisions.list` `aiplatform.provisionedThroughputs.get` `aiplatform.provisionedThroughputs.list` `aiplatform.ragCorpora.` `aiplatform.ragCorpora.create` `aiplatform.ragCorpora.delete` `aiplatform.ragCorpora.get` `aiplatform.ragCorpora.list` `aiplatform.ragCorpora.query` `aiplatform.ragCorpora.update` `aiplatform.ragEngineConfigs.get` `aiplatform.ragFiles.` `aiplatform.ragFiles.delete` `aiplatform.ragFiles.get` `aiplatform.ragFiles.import` `aiplatform.ragFiles.list` `aiplatform.ragFiles.upload` `aiplatform.reasoningEngines.` `aiplatform.reasoningEngines.create` `aiplatform.reasoningEngines.delete` `aiplatform.reasoningEngines.get` `aiplatform.reasoningEngines.list` `aiplatform.reasoningEngines.query` `aiplatform.reasoningEngines.update` `aiplatform.sandboxEnvironments.` `aiplatform.sandboxEnvironments.create` `aiplatform.sandboxEnvironments.delete` `aiplatform.sandboxEnvironments.execute` `aiplatform.sandboxEnvironments.get` `aiplatform.sandboxEnvironments.list` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `aiplatform.sessionEvents.` `aiplatform.sessionEvents.append` `aiplatform.sessionEvents.list` `aiplatform.sessions.` `aiplatform.sessions.create` `aiplatform.sessions.delete` `aiplatform.sessions.get` `aiplatform.sessions.list` `aiplatform.sessions.run` `aiplatform.sessions.update` `aiplatform.specialistPools.` `aiplatform.specialistPools.create` `aiplatform.specialistPools.delete` `aiplatform.specialistPools.get` `aiplatform.specialistPools.list` `aiplatform.specialistPools.update` `aiplatform.studies.` `aiplatform.studies.create` `aiplatform.studies.delete` `aiplatform.studies.get` `aiplatform.studies.list` `aiplatform.studies.update` `aiplatform.tensorboardExperiments.` `aiplatform.tensorboardExperiments.create` `aiplatform.tensorboardExperiments.delete` `aiplatform.tensorboardExperiments.get` `aiplatform.tensorboardExperiments.list` `aiplatform.tensorboardExperiments.update` `aiplatform.tensorboardExperiments.write` `aiplatform.tensorboardRuns.` `aiplatform.tensorboardRuns.batchCreate` `aiplatform.tensorboardRuns.create` `aiplatform.tensorboardRuns.delete` `aiplatform.tensorboardRuns.get` `aiplatform.tensorboardRuns.list` `aiplatform.tensorboardRuns.update` `aiplatform.tensorboardRuns.write` `aiplatform.tensorboardTimeSeries.` `aiplatform.tensorboardTimeSeries.batchCreate` `aiplatform.tensorboardTimeSeries.batchRead` `aiplatform.tensorboardTimeSeries.create` `aiplatform.tensorboardTimeSeries.delete` `aiplatform.tensorboardTimeSeries.get` `aiplatform.tensorboardTimeSeries.list` `aiplatform.tensorboardTimeSeries.read` `aiplatform.tensorboardTimeSeries.update` `aiplatform.tensorboards.create` `aiplatform.tensorboards.delete` `aiplatform.tensorboards.get` `aiplatform.tensorboards.list` `aiplatform.tensorboards.update` `aiplatform.trainingPipelines.` `aiplatform.trainingPipelines.cancel` `aiplatform.trainingPipelines.create` `aiplatform.trainingPipelines.delete` `aiplatform.trainingPipelines.get` `aiplatform.trainingPipelines.list` `aiplatform.trials.` `aiplatform.trials.create` `aiplatform.trials.delete` `aiplatform.trials.get` `aiplatform.trials.list` `aiplatform.trials.update` `aiplatform.tuningJobs.` `aiplatform.tuningJobs.cancel` `aiplatform.tuningJobs.create` `aiplatform.tuningJobs.delete` `aiplatform.tuningJobs.get` `aiplatform.tuningJobs.list` `aiplatform.tuningJobs.optimizePrompt` `aiplatform.tuningJobs.vertexTune` `artifactregistry.repositories.downloadArtifacts` `artifactregistry.repositories.get` `artifactregistry.repositories.list` `artifactregistry.tags.get` `artifactregistry.versions.get` `bigquery.datasets.create` `bigquery.datasets.get` `bigquery.jobs.create` `bigquery.jobs.get` `bigquery.readsessions.create` `bigquery.readsessions.getData` `bigquery.tables.create` `bigquery.tables.export` `bigquery.tables.get` `bigquery.tables.getData` `bigquery.tables.update` `bigquery.tables.updateData` `iam.serviceAccounts.get` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `iam.serviceAccounts.implicitDelegation` `iam.serviceAccounts.list` `iam.serviceAccounts.signBlob` `iam.serviceAccounts.signJwt` `logging.logEntries.create` `logging.logEntries.route` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.services.use` `storage.buckets.create` `storage.buckets.delete` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Vertex AI Extension Service Agent (`roles/aiplatform.extensionServiceAgent`) Gives Vertex AI Extension the permissions it needs to function. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.endpoints.predict` `aiplatform.locations.get` `aiplatform.ragCorpora.query` `discoveryengine.servingConfigs.search` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `logging.logEntries.create` `logging.logEntries.route` `serviceusage.services.use` `storage.objects.get`
AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Provide access for notebooks service agent to manage notebook instances in user projects Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.customJobs.cancel` `aiplatform.customJobs.create` `aiplatform.customJobs.get` `aiplatform.customJobs.list` `aiplatform.notebookExecutionJobs.` `aiplatform.notebookExecutionJobs.create` `aiplatform.notebookExecutionJobs.delete` `aiplatform.notebookExecutionJobs.get` `aiplatform.notebookExecutionJobs.list` `aiplatform.operations.list` `aiplatform.pipelineJobs.create` `aiplatform.schedules.` `aiplatform.schedules.create` `aiplatform.schedules.delete` `aiplatform.schedules.get` `aiplatform.schedules.list` `aiplatform.schedules.update` `backupdr.backupPlanAssociations.createForComputeDisk` `backupdr.backupPlanAssociations.createForComputeInstance` `backupdr.backupPlanAssociations.deleteForComputeDisk` `backupdr.backupPlanAssociations.deleteForComputeInstance` `backupdr.backupPlanAssociations.fetchForComputeDisk` `backupdr.backupPlanAssociations.getForComputeDisk` `backupdr.backupPlanAssociations.list` `backupdr.backupPlanAssociations.triggerBackupForComputeDisk` `backupdr.backupPlanAssociations.triggerBackupForComputeInstance` `backupdr.backupPlanAssociations.updateForComputeDisk` `backupdr.backupPlanAssociations.updateForComputeInstance` `backupdr.backupPlans.get` `backupdr.backupPlans.list` `backupdr.backupPlans.useForComputeDisk` `backupdr.backupPlans.useForComputeInstance` `backupdr.backupVaults.get` `backupdr.backupVaults.list` `backupdr.locations.list` `backupdr.operations.get` `backupdr.operations.list` `backupdr.serviceConfig.initialize` `compute.acceleratorTypes.` `compute.acceleratorTypes.get` `compute.acceleratorTypes.list` `compute.addresses.createInternal` `compute.addresses.deleteInternal` `compute.addresses.get` `compute.addresses.list` `compute.addresses.listEffectiveTags` `compute.addresses.listTagBindings` `compute.addresses.use` `compute.addresses.useInternal` `compute.autoscalers.` `compute.autoscalers.create` `compute.autoscalers.delete` `compute.autoscalers.get` `compute.autoscalers.list` `compute.autoscalers.update` `compute.backendBuckets.get` `compute.backendBuckets.getIamPolicy` `compute.backendBuckets.list` `compute.backendBuckets.listEffectiveTags` `compute.backendBuckets.listTagBindings` `compute.backendServices.get` `compute.backendServices.getIamPolicy` `compute.backendServices.list` `compute.backendServices.listEffectiveTags` `compute.backendServices.listTagBindings` `compute.commitments.get` `compute.commitments.list` `compute.crossSiteNetworks.get` `compute.crossSiteNetworks.list` `compute.diskSettings.get` `compute.diskTypes.` `compute.diskTypes.get` `compute.diskTypes.list` `compute.disks.` `compute.disks.addResourcePolicies` `compute.disks.create` `compute.disks.createSnapshot` `compute.disks.createTagBinding` `compute.disks.delete` `compute.disks.deleteTagBinding` `compute.disks.get` `compute.disks.getIamPolicy` `compute.disks.list` `compute.disks.listEffectiveTags` `compute.disks.listTagBindings` `compute.disks.removeResourcePolicies` `compute.disks.resize` `compute.disks.setIamPolicy` `compute.disks.setLabels` `compute.disks.startAsyncReplication` `compute.disks.stopAsyncReplication` `compute.disks.stopGroupAsyncReplication` `compute.disks.update` `compute.disks.updateKmsKey` `compute.disks.use` `compute.disks.useReadOnly` `compute.externalVpnGateways.get` `compute.externalVpnGateways.list` `compute.externalVpnGateways.listEffectiveTags` `compute.externalVpnGateways.listTagBindings` `compute.firewallPolicies.get` `compute.firewallPolicies.getIamPolicy` `compute.firewallPolicies.list` `compute.firewallPolicies.listEffectiveTags` `compute.firewallPolicies.listTagBindings` `compute.firewalls.get` `compute.firewalls.list` `compute.firewalls.listEffectiveTags` `compute.firewalls.listTagBindings` `compute.forwardingRules.get` `compute.forwardingRules.list` `compute.forwardingRules.listEffectiveTags` `compute.forwardingRules.listTagBindings` `compute.futureReservations.get` `compute.futureReservations.getIamPolicy` `compute.futureReservations.list` `compute.globalAddresses.get` `compute.globalAddresses.list` `compute.globalAddresses.listEffectiveTags` `compute.globalAddresses.listTagBindings` `compute.globalAddresses.use` `compute.globalForwardingRules.get` `compute.globalForwardingRules.list` `compute.globalForwardingRules.listEffectiveTags` `compute.globalForwardingRules.listTagBindings` `compute.globalNetworkEndpointGroups.` `compute.globalNetworkEndpointGroups.attachNetworkEndpoints` `compute.globalNetworkEndpointGroups.create` `compute.globalNetworkEndpointGroups.createTagBinding` `compute.globalNetworkEndpointGroups.delete` `compute.globalNetworkEndpointGroups.deleteTagBinding` `compute.globalNetworkEndpointGroups.detachNetworkEndpoints` `compute.globalNetworkEndpointGroups.get` `compute.globalNetworkEndpointGroups.list` `compute.globalNetworkEndpointGroups.listEffectiveTags` `compute.globalNetworkEndpointGroups.listTagBindings` `compute.globalNetworkEndpointGroups.use` `compute.globalOperations.get` `compute.globalOperations.getIamPolicy` `compute.globalOperations.list` `compute.globalPublicDelegatedPrefixes.get` `compute.globalPublicDelegatedPrefixes.list` `compute.healthChecks.get` `compute.healthChecks.list` `compute.healthChecks.listEffectiveTags` `compute.healthChecks.listTagBindings` `compute.httpHealthChecks.get` `compute.httpHealthChecks.list` `compute.httpHealthChecks.listEffectiveTags` `compute.httpHealthChecks.listTagBindings` `compute.httpsHealthChecks.get` `compute.httpsHealthChecks.list` `compute.httpsHealthChecks.listEffectiveTags` `compute.httpsHealthChecks.listTagBindings` `compute.images.` `compute.images.create` `compute.images.createTagBinding` `compute.images.delete` `compute.images.deleteTagBinding` `compute.images.deprecate` `compute.images.get` `compute.images.getFromFamily` `compute.images.getIamPolicy` `compute.images.list` `compute.images.listEffectiveTags` `compute.images.listTagBindings` `compute.images.setIamPolicy` `compute.images.setLabels` `compute.images.update` `compute.images.useReadOnly` `compute.instanceGroupManagers.` `compute.instanceGroupManagers.create` `compute.instanceGroupManagers.createTagBinding` `compute.instanceGroupManagers.delete` `compute.instanceGroupManagers.deleteTagBinding` `compute.instanceGroupManagers.get` `compute.instanceGroupManagers.list` `compute.instanceGroupManagers.listEffectiveTags` `compute.instanceGroupManagers.listTagBindings` `compute.instanceGroupManagers.update` `compute.instanceGroupManagers.use` `compute.instanceGroups.` `compute.instanceGroups.create` `compute.instanceGroups.createTagBinding` `compute.instanceGroups.delete` `compute.instanceGroups.deleteTagBinding` `compute.instanceGroups.get` `compute.instanceGroups.list` `compute.instanceGroups.listEffectiveTags` `compute.instanceGroups.listTagBindings` `compute.instanceGroups.update` `compute.instanceGroups.use` `compute.instanceSettings.` `compute.instanceSettings.get` `compute.instanceSettings.update` `compute.instanceTemplates.` `compute.instanceTemplates.create` `compute.instanceTemplates.delete` `compute.instanceTemplates.get` `compute.instanceTemplates.getIamPolicy` `compute.instanceTemplates.list` `compute.instanceTemplates.setIamPolicy` `compute.instanceTemplates.useReadOnly` `compute.instances.` `compute.instances.addAccessConfig` `compute.instances.addNetworkInterface` `compute.instances.addResourcePolicies` `compute.instances.attachDisk` `compute.instances.create` `compute.instances.createTagBinding` `compute.instances.delete` `compute.instances.deleteAccessConfig` `compute.instances.deleteNetworkInterface` `compute.instances.deleteTagBinding` `compute.instances.detachDisk` `compute.instances.get` `compute.instances.getEffectiveFirewalls` `compute.instances.getGuestAttributes` `compute.instances.getIamPolicy` `compute.instances.getScreenshot` `compute.instances.getSerialPortOutput` `compute.instances.getShieldedInstanceIdentity` `compute.instances.getShieldedVmIdentity` `compute.instances.list` `compute.instances.listEffectiveTags` `compute.instances.listReferrers` `compute.instances.listTagBindings` `compute.instances.osAdminLogin` `compute.instances.osLogin` `compute.instances.pscInterfaceCreate` `compute.instances.removeResourcePolicies` `compute.instances.reset` `compute.instances.resume` `compute.instances.sendDiagnosticInterrupt` `compute.instances.setDeletionProtection` `compute.instances.setDiskAutoDelete` `compute.instances.setIamPolicy` `compute.instances.setLabels` `compute.instances.setMachineResources` `compute.instances.setMachineType` `compute.instances.setMetadata` `compute.instances.setMinCpuPlatform` `compute.instances.setName` `compute.instances.setScheduling` `compute.instances.setSecurityPolicy` `compute.instances.setServiceAccount` `compute.instances.setShieldedInstanceIntegrityPolicy` `compute.instances.setShieldedVmIntegrityPolicy` `compute.instances.setTags` `compute.instances.simulateMaintenanceEvent` `compute.instances.start` `compute.instances.startWithEncryptionKey` `compute.instances.stop` `compute.instances.suspend` `compute.instances.update` `compute.instances.updateAccessConfig` `compute.instances.updateDisplayDevice` `compute.instances.updateNetworkInterface` `compute.instances.updateSecurity` `compute.instances.updateShieldedInstanceConfig` `compute.instances.updateShieldedVmConfig` `compute.instances.use` `compute.instances.useReadOnly` `compute.instantSnapshots.create` `compute.instantSnapshots.delete` `compute.instantSnapshots.export` `compute.instantSnapshots.get` `compute.instantSnapshots.getIamPolicy` `compute.instantSnapshots.list` `compute.instantSnapshots.listEffectiveTags` `compute.instantSnapshots.listTagBindings` `compute.instantSnapshots.setIamPolicy` `compute.instantSnapshots.setLabels` `compute.instantSnapshots.useReadOnly` `compute.interconnectAttachmentGroups.get` `compute.interconnectAttachmentGroups.list` `compute.interconnectAttachments.get` `compute.interconnectAttachments.list` `compute.interconnectAttachments.listEffectiveTags` `compute.interconnectAttachments.listTagBindings` `compute.interconnectGroups.get` `compute.interconnectGroups.list` `compute.interconnectLocations.` `compute.interconnectLocations.get` `compute.interconnectLocations.list` `compute.interconnectRemoteLocations.` `compute.interconnectRemoteLocations.get` `compute.interconnectRemoteLocations.list` `compute.interconnects.get` `compute.interconnects.list` `compute.interconnects.listEffectiveTags` `compute.interconnects.listTagBindings` `compute.licenseCodes.` `compute.licenseCodes.get` `compute.licenseCodes.getIamPolicy` `compute.licenseCodes.list` `compute.licenseCodes.setIamPolicy` `compute.licenses.create` `compute.licenses.delete` `compute.licenses.get` `compute.licenses.getIamPolicy` `compute.licenses.list` `compute.licenses.listEffectiveTags` `compute.licenses.listTagBindings` `compute.licenses.setIamPolicy` `compute.licenses.update` `compute.machineImages.create` `compute.machineImages.delete` `compute.machineImages.get` `compute.machineImages.getIamPolicy` `compute.machineImages.list` `compute.machineImages.listEffectiveTags` `compute.machineImages.listTagBindings` `compute.machineImages.setIamPolicy` `compute.machineImages.setLabels` `compute.machineImages.useReadOnly` `compute.machineTypes.` `compute.machineTypes.get` `compute.machineTypes.list` `compute.multiMig.` `compute.multiMig.create` `compute.multiMig.delete` `compute.multiMig.get` `compute.multiMig.list` `compute.multiMigMembers.` `compute.multiMigMembers.get` `compute.multiMigMembers.list` `compute.networkAttachments.get` `compute.networkAttachments.getIamPolicy` `compute.networkAttachments.list` `compute.networkAttachments.listEffectiveTags` `compute.networkAttachments.listTagBindings` `compute.networkEdgeSecurityServices.get` `compute.networkEdgeSecurityServices.list` `compute.networkEdgeSecurityServices.listEffectiveTags` `compute.networkEdgeSecurityServices.listTagBindings` `compute.networkEndpointGroups.` `compute.networkEndpointGroups.attachNetworkEndpoints` `compute.networkEndpointGroups.create` `compute.networkEndpointGroups.createTagBinding` `compute.networkEndpointGroups.delete` `compute.networkEndpointGroups.deleteTagBinding` `compute.networkEndpointGroups.detachNetworkEndpoints` `compute.networkEndpointGroups.get` `compute.networkEndpointGroups.list` `compute.networkEndpointGroups.listEffectiveTags` `compute.networkEndpointGroups.listTagBindings` `compute.networkEndpointGroups.use` `compute.networkProfiles.` `compute.networkProfiles.get` `compute.networkProfiles.list` `compute.networks.get` `compute.networks.getEffectiveFirewalls` `compute.networks.getRegionEffectiveFirewalls` `compute.networks.list` `compute.networks.listEffectiveTags` `compute.networks.listPeeringRoutes` `compute.networks.listTagBindings` `compute.networks.use` `compute.networks.useExternalIp` `compute.nodeGroups.get` `compute.nodeGroups.getIamPolicy` `compute.nodeGroups.list` `compute.nodeTemplates.get` `compute.nodeTemplates.getIamPolicy` `compute.nodeTemplates.list` `compute.nodeTypes.` `compute.nodeTypes.get` `compute.nodeTypes.list` `compute.organizations.listAssociations` `compute.packetMirrorings.get` `compute.packetMirrorings.list` `compute.packetMirrorings.listEffectiveTags` `compute.packetMirrorings.listTagBindings` `compute.previewFeatures.get` `compute.previewFeatures.list` `compute.projects.get` `compute.projects.setCommonInstanceMetadata` `compute.publicAdvertisedPrefixes.get` `compute.publicAdvertisedPrefixes.list` `compute.publicDelegatedPrefixes.get` `compute.publicDelegatedPrefixes.list` `compute.publicDelegatedPrefixes.listEffectiveTags` `compute.publicDelegatedPrefixes.listTagBindings` `compute.regionBackendBuckets.get` `compute.regionBackendBuckets.getIamPolicy` `compute.regionBackendBuckets.list` `compute.regionBackendBuckets.listEffectiveTags` `compute.regionBackendBuckets.listTagBindings` `compute.regionBackendServices.get` `compute.regionBackendServices.getIamPolicy` `compute.regionBackendServices.list` `compute.regionBackendServices.listEffectiveTags` `compute.regionBackendServices.listTagBindings` `compute.regionCompositeHealthChecks.get` `compute.regionCompositeHealthChecks.list` `compute.regionFirewallPolicies.get` `compute.regionFirewallPolicies.getIamPolicy` `compute.regionFirewallPolicies.list` `compute.regionFirewallPolicies.listEffectiveTags` `compute.regionFirewallPolicies.listTagBindings` `compute.regionHealthAggregationPolicies.get` `compute.regionHealthAggregationPolicies.list` `compute.regionHealthCheckServices.get` `compute.regionHealthCheckServices.list` `compute.regionHealthChecks.get` `compute.regionHealthChecks.list` `compute.regionHealthChecks.listEffectiveTags` `compute.regionHealthChecks.listTagBindings` `compute.regionHealthSources.get` `compute.regionHealthSources.list` `compute.regionNetworkEndpointGroups.` `compute.regionNetworkEndpointGroups.attachNetworkEndpoints` `compute.regionNetworkEndpointGroups.create` `compute.regionNetworkEndpointGroups.createTagBinding` `compute.regionNetworkEndpointGroups.delete` `compute.regionNetworkEndpointGroups.deleteTagBinding` `compute.regionNetworkEndpointGroups.detachNetworkEndpoints` `compute.regionNetworkEndpointGroups.get` `compute.regionNetworkEndpointGroups.list` `compute.regionNetworkEndpointGroups.listEffectiveTags` `compute.regionNetworkEndpointGroups.listTagBindings` `compute.regionNetworkEndpointGroups.use` `compute.regionNetworkPolicies.get` `compute.regionNetworkPolicies.list` `compute.regionNotificationEndpoints.get` `compute.regionNotificationEndpoints.list` `compute.regionOperations.get` `compute.regionOperations.getIamPolicy` `compute.regionOperations.list` `compute.regionSecurityPolicies.get` `compute.regionSecurityPolicies.list` `compute.regionSecurityPolicies.listEffectiveTags` `compute.regionSecurityPolicies.listTagBindings` `compute.regionSslCertificates.get` `compute.regionSslCertificates.list` `compute.regionSslCertificates.listEffectiveTags` `compute.regionSslCertificates.listTagBindings` `compute.regionSslPolicies.get` `compute.regionSslPolicies.list` `compute.regionSslPolicies.listAvailableFeatures` `compute.regionSslPolicies.listEffectiveTags` `compute.regionSslPolicies.listTagBindings` `compute.regionTargetHttpProxies.get` `compute.regionTargetHttpProxies.list` `compute.regionTargetHttpProxies.listEffectiveTags` `compute.regionTargetHttpProxies.listTagBindings` `compute.regionTargetHttpsProxies.get` `compute.regionTargetHttpsProxies.list` `compute.regionTargetHttpsProxies.listEffectiveTags` `compute.regionTargetHttpsProxies.listTagBindings` `compute.regionTargetTcpProxies.get` `compute.regionTargetTcpProxies.list` `compute.regionTargetTcpProxies.listEffectiveTags` `compute.regionTargetTcpProxies.listTagBindings` `compute.regionUrlMaps.get` `compute.regionUrlMaps.list` `compute.regionUrlMaps.listEffectiveTags` `compute.regionUrlMaps.listTagBindings` `compute.regionUrlMaps.validate` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.reservationBlocks.get` `compute.reservationBlocks.list` `compute.reservationSubBlocks.get` `compute.reservationSubBlocks.list` `compute.reservations.get` `compute.reservations.list` `compute.resourcePolicies.` `compute.resourcePolicies.create` `compute.resourcePolicies.delete` `compute.resourcePolicies.get` `compute.resourcePolicies.getIamPolicy` `compute.resourcePolicies.list` `compute.resourcePolicies.setIamPolicy` `compute.resourcePolicies.update` `compute.resourcePolicies.use` `compute.resourcePolicies.useReadOnly` `compute.rolloutPlans.get` `compute.rolloutPlans.list` `compute.rollouts.get` `compute.rollouts.list` `compute.routers.get` `compute.routers.getRoutePolicy` `compute.routers.list` `compute.routers.listBgpRoutes` `compute.routers.listEffectiveTags` `compute.routers.listRoutePolicies` `compute.routers.listTagBindings` `compute.routes.get` `compute.routes.list` `compute.routes.listEffectiveTags` `compute.routes.listTagBindings` `compute.securityPolicies.get` `compute.securityPolicies.list` `compute.securityPolicies.listEffectiveTags` `compute.securityPolicies.listTagBindings` `compute.serviceAttachments.get` `compute.serviceAttachments.getIamPolicy` `compute.serviceAttachments.list` `compute.serviceAttachments.listEffectiveTags` `compute.serviceAttachments.listTagBindings` `compute.snapshotSettings.get` `compute.snapshots.` `compute.snapshots.create` `compute.snapshots.createTagBinding` `compute.snapshots.delete` `compute.snapshots.deleteTagBinding` `compute.snapshots.get` `compute.snapshots.getIamPolicy` `compute.snapshots.list` `compute.snapshots.listEffectiveTags` `compute.snapshots.listTagBindings` `compute.snapshots.setIamPolicy` `compute.snapshots.setLabels` `compute.snapshots.updateKmsKey` `compute.snapshots.useReadOnly` `compute.spotAssistants.get` `compute.sslCertificates.get` `compute.sslCertificates.list` `compute.sslCertificates.listEffectiveTags` `compute.sslCertificates.listTagBindings` `compute.sslPolicies.get` `compute.sslPolicies.list` `compute.sslPolicies.listAvailableFeatures` `compute.sslPolicies.listEffectiveTags` `compute.sslPolicies.listTagBindings` `compute.storagePools.get` `compute.storagePools.getIamPolicy` `compute.storagePools.list` `compute.storagePools.listEffectiveTags` `compute.storagePools.listTagBindings` `compute.storagePools.use` `compute.subnetworks.get` `compute.subnetworks.getIamPolicy` `compute.subnetworks.list` `compute.subnetworks.listEffectiveTags` `compute.subnetworks.listTagBindings` `compute.subnetworks.use` `compute.subnetworks.useExternalIp` `compute.targetGrpcProxies.get` `compute.targetGrpcProxies.list` `compute.targetGrpcProxies.listEffectiveTags` `compute.targetGrpcProxies.listTagBindings` `compute.targetHttpProxies.get` `compute.targetHttpProxies.list` `compute.targetHttpProxies.listEffectiveTags` `compute.targetHttpProxies.listTagBindings` `compute.targetHttpsProxies.get` `compute.targetHttpsProxies.list` `compute.targetHttpsProxies.listEffectiveTags` `compute.targetHttpsProxies.listTagBindings` `compute.targetInstances.get` `compute.targetInstances.list` `compute.targetInstances.listEffectiveTags` `compute.targetInstances.listTagBindings` `compute.targetPools.get` `compute.targetPools.list` `compute.targetPools.listEffectiveTags` `compute.targetPools.listTagBindings` `compute.targetSslProxies.get` `compute.targetSslProxies.list` `compute.targetSslProxies.listEffectiveTags` `compute.targetSslProxies.listTagBindings` `compute.targetTcpProxies.get` `compute.targetTcpProxies.list` `compute.targetTcpProxies.listEffectiveTags` `compute.targetTcpProxies.listTagBindings` `compute.targetVpnGateways.get` `compute.targetVpnGateways.list` `compute.targetVpnGateways.listEffectiveTags` `compute.targetVpnGateways.listTagBindings` `compute.urlMaps.get` `compute.urlMaps.list` `compute.urlMaps.listEffectiveTags` `compute.urlMaps.listTagBindings` `compute.urlMaps.validate` `compute.vmExtensionPolicies.get` `compute.vmExtensionPolicies.list` `compute.vpnGateways.get` `compute.vpnGateways.list` `compute.vpnGateways.listEffectiveTags` `compute.vpnGateways.listTagBindings` `compute.vpnTunnels.get` `compute.vpnTunnels.list` `compute.vpnTunnels.listEffectiveTags` `compute.vpnTunnels.listTagBindings` `compute.wireGroups.get` `compute.wireGroups.list` `compute.zoneOperations.get` `compute.zoneOperations.getIamPolicy` `compute.zoneOperations.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `dataproc.clusters.get` `dataproc.clusters.use` `dataproc.jobs.cancel` `dataproc.jobs.create` `dataproc.jobs.delete` `dataproc.jobs.get` `dataproc.jobs.list` `dataproc.jobs.update` `iam.serviceAccounts.actAs` `iam.serviceAccounts.get` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.list` `ml.jobs.create` `ml.jobs.get` `ml.jobs.list` `notebooks.` `notebooks.environments.create` `notebooks.environments.delete` `notebooks.environments.get` `notebooks.environments.getIamPolicy` `notebooks.environments.list` `notebooks.environments.setIamPolicy` `notebooks.executions.create` `notebooks.executions.delete` `notebooks.executions.get` `notebooks.executions.getIamPolicy` `notebooks.executions.list` `notebooks.executions.setIamPolicy` `notebooks.instances.checkUpgradability` `notebooks.instances.create` `notebooks.instances.delete` `notebooks.instances.diagnose` `notebooks.instances.get` `notebooks.instances.getHealth` `notebooks.instances.getIamPolicy` `notebooks.instances.list` `notebooks.instances.reset` `notebooks.instances.setAccelerator` `notebooks.instances.setIamPolicy` `notebooks.instances.setLabels` `notebooks.instances.setMachineType` `notebooks.instances.start` `notebooks.instances.stop` `notebooks.instances.update` `notebooks.instances.updateConfig` `notebooks.instances.updateShieldInstanceConfig` `notebooks.instances.upgrade` `notebooks.instances.use` `notebooks.locations.get` `notebooks.locations.list` `notebooks.operations.cancel` `notebooks.operations.delete` `notebooks.operations.get` `notebooks.operations.list` `notebooks.runtimes.create` `notebooks.runtimes.delete` `notebooks.runtimes.diagnose` `notebooks.runtimes.get` `notebooks.runtimes.getIamPolicy` `notebooks.runtimes.list` `notebooks.runtimes.reset` `notebooks.runtimes.setIamPolicy` `notebooks.runtimes.start` `notebooks.runtimes.stop` `notebooks.runtimes.switch` `notebooks.runtimes.update` `notebooks.runtimes.upgrade` `notebooks.schedules.create` `notebooks.schedules.delete` `notebooks.schedules.get` `notebooks.schedules.getIamPolicy` `notebooks.schedules.list` `notebooks.schedules.setIamPolicy` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.consumerpolicy.analyze` `serviceusage.consumerpolicy.get` `serviceusage.effectivepolicy.get` `serviceusage.groups.*` `serviceusage.groups.list` `serviceusage.groups.listExpandedMembers` `serviceusage.groups.listMembers` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list` `serviceusage.values.test`

Vertex AI Service Agent

(roles/aiplatform.serviceAgent)

Gives Vertex AI the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.agentExamples.*

aiplatform.agentExamples.create
aiplatform.agentExamples.delete
aiplatform.agentExamples.get
aiplatform.agentExamples.list
aiplatform.agentExamples.update

aiplatform.agents.*

aiplatform.agents.create
aiplatform.agents.delete
aiplatform.agents.get
aiplatform.agents.list
aiplatform.agents.update

aiplatform.annotationSpecs.*

aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update

aiplatform.annotations.*

aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update

aiplatform.apps.*

aiplatform.apps.create
aiplatform.apps.delete
aiplatform.apps.get
aiplatform.apps.list
aiplatform.apps.update

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.cacheConfigs.get

aiplatform.cachedContents.*

aiplatform.cachedContents.create
aiplatform.cachedContents.delete
aiplatform.cachedContents.get
aiplatform.cachedContents.list
aiplatform.cachedContents.update

aiplatform.consents.get

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.customJobs.*

aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list

aiplatform.dataItems.*

aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update

aiplatform.dataLabelingJobs.*

aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list

aiplatform.datasetVersions.*

aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore

aiplatform.datasets.*

aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update

aiplatform.deploymentResourcePools.*

aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update

aiplatform.edgeDeploymentJobs.*

aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.*

aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update

aiplatform.endpoints.create

aiplatform.endpoints.delete

aiplatform.endpoints.deploy

aiplatform.endpoints.explain

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.endpoints.predict

aiplatform.endpoints.undeploy

aiplatform.endpoints.update

aiplatform.entityTypes.create

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.list

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.exampleStores.*

aiplatform.exampleStores.create
aiplatform.exampleStores.delete
aiplatform.exampleStores.get
aiplatform.exampleStores.list
aiplatform.exampleStores.readExample
aiplatform.exampleStores.update
aiplatform.exampleStores.writeExample

aiplatform.executions.*

aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update

aiplatform.extensions.*

aiplatform.extensions.delete
aiplatform.extensions.execute
aiplatform.extensions.get
aiplatform.extensions.import
aiplatform.extensions.list
aiplatform.extensions.update

aiplatform.featureGroups.create

aiplatform.featureGroups.delete

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureGroups.update

aiplatform.featureMonitorJobs.*

aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.*

aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update

aiplatform.featureOnlineStores.create

aiplatform.featureOnlineStores.delete

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.create

aiplatform.featureViews.delete

aiplatform.featureViews.directWrite

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

aiplatform.featurestores.create

aiplatform.featurestores.delete

aiplatform.featurestores.exportFeatures

aiplatform.featurestores.get

aiplatform.featurestores.importFeatures

aiplatform.featurestores.list

aiplatform.featurestores.readFeatures

aiplatform.featurestores.update

aiplatform.featurestores.writeFeatures

aiplatform.humanInTheLoops.*

aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update

aiplatform.hyperparameterTuningJobs.*

aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.locations.*

aiplatform.locations.evaluateInstances
aiplatform.locations.get
aiplatform.locations.list

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.modelDeploymentMonitoringJobs.*

aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update

aiplatform.modelEvaluationSlices.*

aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.*

aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list

aiplatform.modelMonitoringJobs.*

aiplatform.modelMonitoringJobs.create
aiplatform.modelMonitoringJobs.delete
aiplatform.modelMonitoringJobs.get
aiplatform.modelMonitoringJobs.list

aiplatform.modelMonitors.*

aiplatform.modelMonitors.create
aiplatform.modelMonitors.delete
aiplatform.modelMonitors.get
aiplatform.modelMonitors.list
aiplatform.modelMonitors.searchModelMonitoringAlerts
aiplatform.modelMonitors.searchModelMonitoringStats
aiplatform.modelMonitors.update

aiplatform.models.*

aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload

aiplatform.nasJobs.*

aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.create

aiplatform.notebookRuntimeTemplates.delete

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.persistentResources.get

aiplatform.persistentResources.list

aiplatform.pipelineJobs.*

aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.get

aiplatform.provisionedThroughputs.list

aiplatform.ragCorpora.*

aiplatform.ragCorpora.create
aiplatform.ragCorpora.delete
aiplatform.ragCorpora.get
aiplatform.ragCorpora.list
aiplatform.ragCorpora.query
aiplatform.ragCorpora.update

aiplatform.ragEngineConfigs.get

aiplatform.ragFiles.*

aiplatform.ragFiles.delete
aiplatform.ragFiles.get
aiplatform.ragFiles.import
aiplatform.ragFiles.list
aiplatform.ragFiles.upload

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.*

aiplatform.sessions.create
aiplatform.sessions.delete
aiplatform.sessions.get
aiplatform.sessions.list
aiplatform.sessions.run
aiplatform.sessions.update

aiplatform.specialistPools.*

aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update

aiplatform.studies.*

aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.create

aiplatform.tensorboards.delete

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.tensorboards.update

aiplatform.trainingPipelines.*

aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list

aiplatform.trials.*

aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update

aiplatform.tuningJobs.*

aiplatform.tuningJobs.cancel
aiplatform.tuningJobs.create
aiplatform.tuningJobs.delete
aiplatform.tuningJobs.get
aiplatform.tuningJobs.list
aiplatform.tuningJobs.optimizePrompt
aiplatform.tuningJobs.vertexTune

artifactregistry.repositories.create

artifactregistry.repositories.downloadArtifacts

artifactregistry.repositories.get

artifactregistry.repositories.list

artifactregistry.repositories.uploadArtifacts

artifactregistry.tags.get

artifactregistry.versions.get

automl.datasets.export

automl.datasets.get

automl.datasets.list

automl.modelEvaluations.list

automl.models.get

automl.models.list

automl.operations.get

automl.tableSpecs.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.models.create

bigquery.models.export

bigquery.models.getData

bigquery.objectRefs.read

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.update

bigquery.tables.updateData

bigtable.tables.get

bigtable.tables.list

bigtable.tables.readRows

compute.addresses.get

compute.addresses.list

compute.addresses.use

compute.addresses.useInternal

compute.disks.create

compute.disks.createSnapshot

compute.disks.createTagBinding

compute.disks.delete

compute.disks.get

compute.disks.setLabels

compute.disks.use

compute.disks.useReadOnly

compute.globalOperations.get

compute.instances.attachDisk

compute.instances.create

compute.instances.createTagBinding

compute.instances.delete

compute.instances.detachDisk

compute.instances.get

compute.instances.getGuestAttributes

compute.instances.list

compute.instances.setLabels

compute.instances.setMetadata

compute.instances.setServiceAccount

compute.instances.setTags

compute.instances.start

compute.instances.stop

compute.instances.update

compute.instances.useReadOnly

compute.machineTypes.get

compute.networks.get

compute.networks.use

compute.networks.useExternalIp

compute.snapshots.create

compute.snapshots.delete

compute.snapshots.useReadOnly

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

compute.subnetworks.useExternalIp

compute.zoneOperations.get

dataflow.jobs.*

dataflow.jobs.cancel
dataflow.jobs.create
dataflow.jobs.get
dataflow.jobs.list
dataflow.jobs.snapshot
dataflow.jobs.updateContents

dataflow.messages.list

dataflow.metrics.get

dataflow.snapshots.*

dataflow.snapshots.delete
dataflow.snapshots.get
dataflow.snapshots.list

datalabeling.annotateddatasets.get

datalabeling.datasets.export

datalabeling.datasets.get

datalabeling.datasets.list

datalabeling.operations.get

hypercomputecluster.clusters.*

hypercomputecluster.clusters.create
hypercomputecluster.clusters.delete
hypercomputecluster.clusters.get
hypercomputecluster.clusters.list
hypercomputecluster.clusters.update

hypercomputecluster.locations.*

hypercomputecluster.locations.get
hypercomputecluster.locations.list

hypercomputecluster.operations.*

hypercomputecluster.operations.cancel
hypercomputecluster.operations.delete
hypercomputecluster.operations.get
hypercomputecluster.operations.list

iam.serviceAccounts.actAs

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

logging.logEntries.create

logging.logEntries.route

ml.models.list

ml.operations.get

ml.versions.get

ml.versions.list

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.notificationChannels.get

monitoring.timeSeries.create

notebooks.instances.create

notebooks.instances.delete

notebooks.instances.get

resourcemanager.projects.get

resourcemanager.projects.list

run.executions.delete

run.executions.get

run.jobs.create

run.jobs.delete

run.jobs.get

run.jobs.run

run.jobs.update

run.operations.delete

run.operations.get

run.routes.invoke

run.services.create

run.services.delete

run.services.get

servicemanagement.services.report

serviceusage.services.list

serviceusage.services.use

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Vertex AI RAG Data Service Agent

(roles/aiplatform.ragServiceAgent)

Vertex AI Service Agent used by Vertex RAG to access user imported data, Vertex AI, Document AI processors, and Vector Search in the project

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.endpoints.get

aiplatform.endpoints.predict

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.models.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.createSnapshot

bigquery.tables.deleteSnapshot

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.restoreSnapshot

bigquery.tables.update

bigquery.tables.updateData

documentai.processorVersions.processOnline

documentai.processors.get

documentai.processors.processOnline

logging.logEntries.create

logging.logEntries.route

storage.buckets.get

storage.buckets.list

storage.objects.get

storage.objects.list

vectorsearch.collections.*

vectorsearch.collections.create
vectorsearch.collections.delete
vectorsearch.collections.get
vectorsearch.collections.list
vectorsearch.collections.update

vectorsearch.dataObjects.*

vectorsearch.dataObjects.create
vectorsearch.dataObjects.delete
vectorsearch.dataObjects.get
vectorsearch.dataObjects.import
vectorsearch.dataObjects.query
vectorsearch.dataObjects.search
vectorsearch.dataObjects.update

vectorsearch.indexes.*

vectorsearch.indexes.create
vectorsearch.indexes.delete
vectorsearch.indexes.get
vectorsearch.indexes.list

vectorsearch.operations.get

vectorsearch.operations.list

Vertex AI Custom Code Service Agent

(roles/aiplatform.customCodeServiceAgent)

Gives Vertex AI Custom Code the proper permissions.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.agentExamples.*

aiplatform.agentExamples.create
aiplatform.agentExamples.delete
aiplatform.agentExamples.get
aiplatform.agentExamples.list
aiplatform.agentExamples.update

aiplatform.agents.*

aiplatform.agents.create
aiplatform.agents.delete
aiplatform.agents.get
aiplatform.agents.list
aiplatform.agents.update

aiplatform.annotationSpecs.*

aiplatform.annotationSpecs.create
aiplatform.annotationSpecs.delete
aiplatform.annotationSpecs.get
aiplatform.annotationSpecs.list
aiplatform.annotationSpecs.update

aiplatform.annotations.*

aiplatform.annotations.create
aiplatform.annotations.delete
aiplatform.annotations.get
aiplatform.annotations.list
aiplatform.annotations.update

aiplatform.apps.*

aiplatform.apps.create
aiplatform.apps.delete
aiplatform.apps.get
aiplatform.apps.list
aiplatform.apps.update

aiplatform.artifacts.*

aiplatform.artifacts.create
aiplatform.artifacts.delete
aiplatform.artifacts.get
aiplatform.artifacts.list
aiplatform.artifacts.update

aiplatform.batchPredictionJobs.*

aiplatform.batchPredictionJobs.cancel
aiplatform.batchPredictionJobs.create
aiplatform.batchPredictionJobs.delete
aiplatform.batchPredictionJobs.get
aiplatform.batchPredictionJobs.list

aiplatform.cacheConfigs.get

aiplatform.cachedContents.*

aiplatform.cachedContents.create
aiplatform.cachedContents.delete
aiplatform.cachedContents.get
aiplatform.cachedContents.list
aiplatform.cachedContents.update

aiplatform.consents.get

aiplatform.contexts.*

aiplatform.contexts.addContextArtifactsAndExecutions
aiplatform.contexts.addContextChildren
aiplatform.contexts.create
aiplatform.contexts.delete
aiplatform.contexts.get
aiplatform.contexts.list
aiplatform.contexts.queryContextLineageSubgraph
aiplatform.contexts.update

aiplatform.customJobs.*

aiplatform.customJobs.cancel
aiplatform.customJobs.create
aiplatform.customJobs.delete
aiplatform.customJobs.get
aiplatform.customJobs.list

aiplatform.dataItems.*

aiplatform.dataItems.create
aiplatform.dataItems.delete
aiplatform.dataItems.get
aiplatform.dataItems.list
aiplatform.dataItems.update

aiplatform.dataLabelingJobs.*

aiplatform.dataLabelingJobs.cancel
aiplatform.dataLabelingJobs.create
aiplatform.dataLabelingJobs.delete
aiplatform.dataLabelingJobs.get
aiplatform.dataLabelingJobs.list

aiplatform.datasetVersions.*

aiplatform.datasetVersions.create
aiplatform.datasetVersions.delete
aiplatform.datasetVersions.get
aiplatform.datasetVersions.list
aiplatform.datasetVersions.restore

aiplatform.datasets.*

aiplatform.datasets.create
aiplatform.datasets.delete
aiplatform.datasets.export
aiplatform.datasets.get
aiplatform.datasets.import
aiplatform.datasets.list
aiplatform.datasets.update

aiplatform.deploymentResourcePools.*

aiplatform.deploymentResourcePools.create
aiplatform.deploymentResourcePools.delete
aiplatform.deploymentResourcePools.get
aiplatform.deploymentResourcePools.list
aiplatform.deploymentResourcePools.queryDeployedModels
aiplatform.deploymentResourcePools.update

aiplatform.edgeDeploymentJobs.*

aiplatform.edgeDeploymentJobs.create
aiplatform.edgeDeploymentJobs.delete
aiplatform.edgeDeploymentJobs.get
aiplatform.edgeDeploymentJobs.list

aiplatform.edgeDeviceDebugInfo.get

aiplatform.edgeDevices.*

aiplatform.edgeDevices.create
aiplatform.edgeDevices.delete
aiplatform.edgeDevices.get
aiplatform.edgeDevices.list
aiplatform.edgeDevices.update

aiplatform.endpoints.create

aiplatform.endpoints.delete

aiplatform.endpoints.deploy

aiplatform.endpoints.explain

aiplatform.endpoints.get

aiplatform.endpoints.list

aiplatform.endpoints.predict

aiplatform.endpoints.undeploy

aiplatform.endpoints.update

aiplatform.entityTypes.create

aiplatform.entityTypes.delete

aiplatform.entityTypes.deleteFeatureValues

aiplatform.entityTypes.exportFeatureValues

aiplatform.entityTypes.get

aiplatform.entityTypes.importFeatureValues

aiplatform.entityTypes.list

aiplatform.entityTypes.readFeatureValues

aiplatform.entityTypes.streamingReadFeatureValues

aiplatform.entityTypes.update

aiplatform.entityTypes.writeFeatureValues

aiplatform.exampleStores.*

aiplatform.exampleStores.create
aiplatform.exampleStores.delete
aiplatform.exampleStores.get
aiplatform.exampleStores.list
aiplatform.exampleStores.readExample
aiplatform.exampleStores.update
aiplatform.exampleStores.writeExample

aiplatform.executions.*

aiplatform.executions.addExecutionEvents
aiplatform.executions.create
aiplatform.executions.delete
aiplatform.executions.get
aiplatform.executions.list
aiplatform.executions.queryExecutionInputsAndOutputs
aiplatform.executions.update

aiplatform.extensions.*

aiplatform.extensions.delete
aiplatform.extensions.execute
aiplatform.extensions.get
aiplatform.extensions.import
aiplatform.extensions.list
aiplatform.extensions.update

aiplatform.featureGroups.create

aiplatform.featureGroups.delete

aiplatform.featureGroups.get

aiplatform.featureGroups.list

aiplatform.featureGroups.update

aiplatform.featureMonitorJobs.*

aiplatform.featureMonitorJobs.create
aiplatform.featureMonitorJobs.get
aiplatform.featureMonitorJobs.list

aiplatform.featureMonitors.*

aiplatform.featureMonitors.create
aiplatform.featureMonitors.delete
aiplatform.featureMonitors.get
aiplatform.featureMonitors.list
aiplatform.featureMonitors.update

aiplatform.featureOnlineStores.create

aiplatform.featureOnlineStores.delete

aiplatform.featureOnlineStores.get

aiplatform.featureOnlineStores.list

aiplatform.featureOnlineStores.update

aiplatform.featureViewSyncs.*

aiplatform.featureViewSyncs.get
aiplatform.featureViewSyncs.list

aiplatform.featureViews.create

aiplatform.featureViews.delete

aiplatform.featureViews.directWrite

aiplatform.featureViews.fetchFeatureValues

aiplatform.featureViews.get

aiplatform.featureViews.list

aiplatform.featureViews.searchNearestEntities

aiplatform.featureViews.sync

aiplatform.featureViews.update

aiplatform.features.*

aiplatform.features.create
aiplatform.features.delete
aiplatform.features.get
aiplatform.features.list
aiplatform.features.update

aiplatform.featurestores.batchReadFeatureValues

aiplatform.featurestores.create

aiplatform.featurestores.delete

aiplatform.featurestores.exportFeatures

aiplatform.featurestores.get

aiplatform.featurestores.importFeatures

aiplatform.featurestores.list

aiplatform.featurestores.readFeatures

aiplatform.featurestores.update

aiplatform.featurestores.writeFeatures

aiplatform.humanInTheLoops.*

aiplatform.humanInTheLoops.cancel
aiplatform.humanInTheLoops.create
aiplatform.humanInTheLoops.delete
aiplatform.humanInTheLoops.get
aiplatform.humanInTheLoops.list
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.humanInTheLoops.send
aiplatform.humanInTheLoops.update

aiplatform.hyperparameterTuningJobs.*

aiplatform.hyperparameterTuningJobs.cancel
aiplatform.hyperparameterTuningJobs.create
aiplatform.hyperparameterTuningJobs.delete
aiplatform.hyperparameterTuningJobs.get
aiplatform.hyperparameterTuningJobs.list

aiplatform.indexEndpoints.*

aiplatform.indexEndpoints.create
aiplatform.indexEndpoints.delete
aiplatform.indexEndpoints.deploy
aiplatform.indexEndpoints.get
aiplatform.indexEndpoints.list
aiplatform.indexEndpoints.queryVectors
aiplatform.indexEndpoints.undeploy
aiplatform.indexEndpoints.update

aiplatform.indexes.*

aiplatform.indexes.create
aiplatform.indexes.delete
aiplatform.indexes.get
aiplatform.indexes.list
aiplatform.indexes.update

aiplatform.locations.*

aiplatform.locations.evaluateInstances
aiplatform.locations.get
aiplatform.locations.list

aiplatform.memories.*

aiplatform.memories.create
aiplatform.memories.delete
aiplatform.memories.generate
aiplatform.memories.get
aiplatform.memories.list
aiplatform.memories.retrieve
aiplatform.memories.update

aiplatform.metadataSchemas.*

aiplatform.metadataSchemas.create
aiplatform.metadataSchemas.delete
aiplatform.metadataSchemas.get
aiplatform.metadataSchemas.list

aiplatform.metadataStores.*

aiplatform.metadataStores.create
aiplatform.metadataStores.delete
aiplatform.metadataStores.get
aiplatform.metadataStores.list

aiplatform.modelDeploymentMonitoringJobs.*

aiplatform.modelDeploymentMonitoringJobs.create
aiplatform.modelDeploymentMonitoringJobs.delete
aiplatform.modelDeploymentMonitoringJobs.get
aiplatform.modelDeploymentMonitoringJobs.list
aiplatform.modelDeploymentMonitoringJobs.pause
aiplatform.modelDeploymentMonitoringJobs.resume
aiplatform.modelDeploymentMonitoringJobs.searchStatsAnomalies
aiplatform.modelDeploymentMonitoringJobs.update

aiplatform.modelEvaluationSlices.*

aiplatform.modelEvaluationSlices.get
aiplatform.modelEvaluationSlices.import
aiplatform.modelEvaluationSlices.list

aiplatform.modelEvaluations.*

aiplatform.modelEvaluations.exportEvaluatedDataItems
aiplatform.modelEvaluations.get
aiplatform.modelEvaluations.import
aiplatform.modelEvaluations.list

aiplatform.modelMonitoringJobs.*

aiplatform.modelMonitoringJobs.create
aiplatform.modelMonitoringJobs.delete
aiplatform.modelMonitoringJobs.get
aiplatform.modelMonitoringJobs.list

aiplatform.modelMonitors.*

aiplatform.modelMonitors.create
aiplatform.modelMonitors.delete
aiplatform.modelMonitors.get
aiplatform.modelMonitors.list
aiplatform.modelMonitors.searchModelMonitoringAlerts
aiplatform.modelMonitors.searchModelMonitoringStats
aiplatform.modelMonitors.update

aiplatform.models.*

aiplatform.models.delete
aiplatform.models.export
aiplatform.models.get
aiplatform.models.list
aiplatform.models.update
aiplatform.models.upload

aiplatform.nasJobs.*

aiplatform.nasJobs.cancel
aiplatform.nasJobs.create
aiplatform.nasJobs.delete
aiplatform.nasJobs.get
aiplatform.nasJobs.list

aiplatform.nasTrialDetails.*

aiplatform.nasTrialDetails.get
aiplatform.nasTrialDetails.list

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.create

aiplatform.notebookRuntimeTemplates.delete

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

aiplatform.notebookRuntimes.assign
aiplatform.notebookRuntimes.delete
aiplatform.notebookRuntimes.get
aiplatform.notebookRuntimes.list
aiplatform.notebookRuntimes.start
aiplatform.notebookRuntimes.update
aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

aiplatform.persistentResources.get

aiplatform.persistentResources.list

aiplatform.pipelineJobs.*

aiplatform.pipelineJobs.cancel
aiplatform.pipelineJobs.create
aiplatform.pipelineJobs.delete
aiplatform.pipelineJobs.get
aiplatform.pipelineJobs.list

aiplatform.provisionedThroughputRevisions.*

aiplatform.provisionedThroughputRevisions.get
aiplatform.provisionedThroughputRevisions.list

aiplatform.provisionedThroughputs.get

aiplatform.provisionedThroughputs.list

aiplatform.ragCorpora.*

aiplatform.ragCorpora.create
aiplatform.ragCorpora.delete
aiplatform.ragCorpora.get
aiplatform.ragCorpora.list
aiplatform.ragCorpora.query
aiplatform.ragCorpora.update

aiplatform.ragEngineConfigs.get

aiplatform.ragFiles.*

aiplatform.ragFiles.delete
aiplatform.ragFiles.get
aiplatform.ragFiles.import
aiplatform.ragFiles.list
aiplatform.ragFiles.upload

aiplatform.reasoningEngines.*

aiplatform.reasoningEngines.create
aiplatform.reasoningEngines.delete
aiplatform.reasoningEngines.get
aiplatform.reasoningEngines.list
aiplatform.reasoningEngines.query
aiplatform.reasoningEngines.update

aiplatform.sandboxEnvironments.*

aiplatform.sandboxEnvironments.create
aiplatform.sandboxEnvironments.delete
aiplatform.sandboxEnvironments.execute
aiplatform.sandboxEnvironments.get
aiplatform.sandboxEnvironments.list

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

aiplatform.sessionEvents.*

aiplatform.sessionEvents.append
aiplatform.sessionEvents.list

aiplatform.sessions.*

aiplatform.sessions.create
aiplatform.sessions.delete
aiplatform.sessions.get
aiplatform.sessions.list
aiplatform.sessions.run
aiplatform.sessions.update

aiplatform.specialistPools.*

aiplatform.specialistPools.create
aiplatform.specialistPools.delete
aiplatform.specialistPools.get
aiplatform.specialistPools.list
aiplatform.specialistPools.update

aiplatform.studies.*

aiplatform.studies.create
aiplatform.studies.delete
aiplatform.studies.get
aiplatform.studies.list
aiplatform.studies.update

aiplatform.tensorboardExperiments.*

aiplatform.tensorboardExperiments.create
aiplatform.tensorboardExperiments.delete
aiplatform.tensorboardExperiments.get
aiplatform.tensorboardExperiments.list
aiplatform.tensorboardExperiments.update
aiplatform.tensorboardExperiments.write

aiplatform.tensorboardRuns.*

aiplatform.tensorboardRuns.batchCreate
aiplatform.tensorboardRuns.create
aiplatform.tensorboardRuns.delete
aiplatform.tensorboardRuns.get
aiplatform.tensorboardRuns.list
aiplatform.tensorboardRuns.update
aiplatform.tensorboardRuns.write

aiplatform.tensorboardTimeSeries.*

aiplatform.tensorboardTimeSeries.batchCreate
aiplatform.tensorboardTimeSeries.batchRead
aiplatform.tensorboardTimeSeries.create
aiplatform.tensorboardTimeSeries.delete
aiplatform.tensorboardTimeSeries.get
aiplatform.tensorboardTimeSeries.list
aiplatform.tensorboardTimeSeries.read
aiplatform.tensorboardTimeSeries.update

aiplatform.tensorboards.create

aiplatform.tensorboards.delete

aiplatform.tensorboards.get

aiplatform.tensorboards.list

aiplatform.tensorboards.update

aiplatform.trainingPipelines.*

aiplatform.trainingPipelines.cancel
aiplatform.trainingPipelines.create
aiplatform.trainingPipelines.delete
aiplatform.trainingPipelines.get
aiplatform.trainingPipelines.list

aiplatform.trials.*

aiplatform.trials.create
aiplatform.trials.delete
aiplatform.trials.get
aiplatform.trials.list
aiplatform.trials.update

aiplatform.tuningJobs.*

aiplatform.tuningJobs.cancel
aiplatform.tuningJobs.create
aiplatform.tuningJobs.delete
aiplatform.tuningJobs.get
aiplatform.tuningJobs.list
aiplatform.tuningJobs.optimizePrompt
aiplatform.tuningJobs.vertexTune

artifactregistry.repositories.downloadArtifacts

artifactregistry.repositories.get

artifactregistry.repositories.list

artifactregistry.tags.get

artifactregistry.versions.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.get

bigquery.readsessions.create

bigquery.readsessions.getData

bigquery.tables.create

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.update

bigquery.tables.updateData

iam.serviceAccounts.get

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

iam.serviceAccounts.implicitDelegation

iam.serviceAccounts.list

iam.serviceAccounts.signBlob

iam.serviceAccounts.signJwt

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Vertex AI Extension Service Agent

(roles/aiplatform.extensionServiceAgent)

Gives Vertex AI Extension the permissions it needs to function.

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.endpoints.predict

aiplatform.locations.get

aiplatform.ragCorpora.query

discoveryengine.servingConfigs.search

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

logging.logEntries.create

logging.logEntries.route

serviceusage.services.use

storage.objects.get

AI Platform Notebooks Service Agent

(roles/notebooks.serviceAgent)

Provide access for notebooks service agent to manage notebook instances in user projects

Warning: Do not grant service agent roles to any principals except service agents.

aiplatform.customJobs.cancel

aiplatform.customJobs.create

aiplatform.customJobs.get

aiplatform.customJobs.list

aiplatform.notebookExecutionJobs.*

aiplatform.notebookExecutionJobs.create
aiplatform.notebookExecutionJobs.delete
aiplatform.notebookExecutionJobs.get
aiplatform.notebookExecutionJobs.list

aiplatform.operations.list

aiplatform.pipelineJobs.create

aiplatform.schedules.*

aiplatform.schedules.create
aiplatform.schedules.delete
aiplatform.schedules.get
aiplatform.schedules.list
aiplatform.schedules.update

backupdr.backupPlanAssociations.createForComputeDisk

backupdr.backupPlanAssociations.createForComputeInstance

backupdr.backupPlanAssociations.deleteForComputeDisk

backupdr.backupPlanAssociations.deleteForComputeInstance

backupdr.backupPlanAssociations.fetchForComputeDisk

backupdr.backupPlanAssociations.getForComputeDisk

backupdr.backupPlanAssociations.list

backupdr.backupPlanAssociations.triggerBackupForComputeDisk

backupdr.backupPlanAssociations.triggerBackupForComputeInstance

backupdr.backupPlanAssociations.updateForComputeDisk

backupdr.backupPlanAssociations.updateForComputeInstance

backupdr.backupPlans.get

backupdr.backupPlans.list

backupdr.backupPlans.useForComputeDisk

backupdr.backupPlans.useForComputeInstance

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr.locations.list

backupdr.operations.get

backupdr.operations.list

backupdr.serviceConfig.initialize

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.createInternal

compute.addresses.deleteInternal

compute.addresses.get

compute.addresses.list

compute.addresses.listEffectiveTags

compute.addresses.listTagBindings

compute.addresses.use

compute.addresses.useInternal

compute.autoscalers.*

compute.autoscalers.create
compute.autoscalers.delete
compute.autoscalers.get
compute.autoscalers.list
compute.autoscalers.update

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendBuckets.listEffectiveTags

compute.backendBuckets.listTagBindings

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.backendServices.listEffectiveTags

compute.backendServices.listTagBindings

compute.commitments.get

compute.commitments.list

compute.crossSiteNetworks.get

compute.crossSiteNetworks.list

compute.diskSettings.get

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.*

compute.disks.addResourcePolicies
compute.disks.create
compute.disks.createSnapshot
compute.disks.createTagBinding
compute.disks.delete
compute.disks.deleteTagBinding
compute.disks.get
compute.disks.getIamPolicy
compute.disks.list
compute.disks.listEffectiveTags
compute.disks.listTagBindings
compute.disks.removeResourcePolicies
compute.disks.resize
compute.disks.setIamPolicy
compute.disks.setLabels
compute.disks.startAsyncReplication
compute.disks.stopAsyncReplication
compute.disks.stopGroupAsyncReplication
compute.disks.update
compute.disks.updateKmsKey
compute.disks.use
compute.disks.useReadOnly

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.externalVpnGateways.listEffectiveTags

compute.externalVpnGateways.listTagBindings

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewallPolicies.listEffectiveTags

compute.firewallPolicies.listTagBindings

compute.firewalls.get

compute.firewalls.list

compute.firewalls.listEffectiveTags

compute.firewalls.listTagBindings

compute.forwardingRules.get

compute.forwardingRules.list

compute.forwardingRules.listEffectiveTags

compute.forwardingRules.listTagBindings

compute.futureReservations.get

compute.futureReservations.getIamPolicy

compute.futureReservations.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalAddresses.listEffectiveTags

compute.globalAddresses.listTagBindings

compute.globalAddresses.use

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.listEffectiveTags

compute.globalForwardingRules.listTagBindings

compute.globalNetworkEndpointGroups.*

compute.globalNetworkEndpointGroups.attachNetworkEndpoints
compute.globalNetworkEndpointGroups.create
compute.globalNetworkEndpointGroups.createTagBinding
compute.globalNetworkEndpointGroups.delete
compute.globalNetworkEndpointGroups.deleteTagBinding
compute.globalNetworkEndpointGroups.detachNetworkEndpoints
compute.globalNetworkEndpointGroups.get
compute.globalNetworkEndpointGroups.list
compute.globalNetworkEndpointGroups.listEffectiveTags
compute.globalNetworkEndpointGroups.listTagBindings
compute.globalNetworkEndpointGroups.use

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.healthChecks.listEffectiveTags

compute.healthChecks.listTagBindings

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpHealthChecks.listEffectiveTags

compute.httpHealthChecks.listTagBindings

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.httpsHealthChecks.listEffectiveTags

compute.httpsHealthChecks.listTagBindings

compute.images.*

compute.images.create
compute.images.createTagBinding
compute.images.delete
compute.images.deleteTagBinding
compute.images.deprecate
compute.images.get
compute.images.getFromFamily
compute.images.getIamPolicy
compute.images.list
compute.images.listEffectiveTags
compute.images.listTagBindings
compute.images.setIamPolicy
compute.images.setLabels
compute.images.update
compute.images.useReadOnly

compute.instanceGroupManagers.*

compute.instanceGroupManagers.create
compute.instanceGroupManagers.createTagBinding
compute.instanceGroupManagers.delete
compute.instanceGroupManagers.deleteTagBinding
compute.instanceGroupManagers.get
compute.instanceGroupManagers.list
compute.instanceGroupManagers.listEffectiveTags
compute.instanceGroupManagers.listTagBindings
compute.instanceGroupManagers.update
compute.instanceGroupManagers.use

compute.instanceGroups.*

compute.instanceGroups.create
compute.instanceGroups.createTagBinding
compute.instanceGroups.delete
compute.instanceGroups.deleteTagBinding
compute.instanceGroups.get
compute.instanceGroups.list
compute.instanceGroups.listEffectiveTags
compute.instanceGroups.listTagBindings
compute.instanceGroups.update
compute.instanceGroups.use

compute.instanceSettings.*

compute.instanceSettings.get
compute.instanceSettings.update

compute.instanceTemplates.*

compute.instanceTemplates.create
compute.instanceTemplates.delete
compute.instanceTemplates.get
compute.instanceTemplates.getIamPolicy
compute.instanceTemplates.list
compute.instanceTemplates.setIamPolicy
compute.instanceTemplates.useReadOnly

compute.instances.*

compute.instances.addAccessConfig
compute.instances.addNetworkInterface
compute.instances.addResourcePolicies
compute.instances.attachDisk
compute.instances.create
compute.instances.createTagBinding
compute.instances.delete
compute.instances.deleteAccessConfig
compute.instances.deleteNetworkInterface
compute.instances.deleteTagBinding
compute.instances.detachDisk
compute.instances.get
compute.instances.getEffectiveFirewalls
compute.instances.getGuestAttributes
compute.instances.getIamPolicy
compute.instances.getScreenshot
compute.instances.getSerialPortOutput
compute.instances.getShieldedInstanceIdentity
compute.instances.getShieldedVmIdentity
compute.instances.list
compute.instances.listEffectiveTags
compute.instances.listReferrers
compute.instances.listTagBindings
compute.instances.osAdminLogin
compute.instances.osLogin
compute.instances.pscInterfaceCreate
compute.instances.removeResourcePolicies
compute.instances.reset
compute.instances.resume
compute.instances.sendDiagnosticInterrupt
compute.instances.setDeletionProtection
compute.instances.setDiskAutoDelete
compute.instances.setIamPolicy
compute.instances.setLabels
compute.instances.setMachineResources
compute.instances.setMachineType
compute.instances.setMetadata
compute.instances.setMinCpuPlatform
compute.instances.setName
compute.instances.setScheduling
compute.instances.setSecurityPolicy
compute.instances.setServiceAccount
compute.instances.setShieldedInstanceIntegrityPolicy
compute.instances.setShieldedVmIntegrityPolicy
compute.instances.setTags
compute.instances.simulateMaintenanceEvent
compute.instances.start
compute.instances.startWithEncryptionKey
compute.instances.stop
compute.instances.suspend
compute.instances.update
compute.instances.updateAccessConfig
compute.instances.updateDisplayDevice
compute.instances.updateNetworkInterface
compute.instances.updateSecurity
compute.instances.updateShieldedInstanceConfig
compute.instances.updateShieldedVmConfig
compute.instances.use
compute.instances.useReadOnly

compute.instantSnapshots.create

compute.instantSnapshots.delete

compute.instantSnapshots.export

compute.instantSnapshots.get

compute.instantSnapshots.getIamPolicy

compute.instantSnapshots.list

compute.instantSnapshots.listEffectiveTags

compute.instantSnapshots.listTagBindings

compute.instantSnapshots.setIamPolicy

compute.instantSnapshots.setLabels

compute.instantSnapshots.useReadOnly

compute.interconnectAttachmentGroups.get

compute.interconnectAttachmentGroups.list

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectAttachments.listEffectiveTags

compute.interconnectAttachments.listTagBindings

compute.interconnectGroups.get

compute.interconnectGroups.list

compute.interconnectLocations.*

compute.interconnectLocations.get
compute.interconnectLocations.list

compute.interconnectRemoteLocations.*

compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list

compute.interconnects.get

compute.interconnects.list

compute.interconnects.listEffectiveTags

compute.interconnects.listTagBindings

compute.licenseCodes.*

compute.licenseCodes.get
compute.licenseCodes.getIamPolicy
compute.licenseCodes.list
compute.licenseCodes.setIamPolicy

compute.licenses.create

compute.licenses.delete

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.licenses.listEffectiveTags

compute.licenses.listTagBindings

compute.licenses.setIamPolicy

compute.licenses.update

compute.machineImages.create

compute.machineImages.delete

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineImages.listEffectiveTags

compute.machineImages.listTagBindings

compute.machineImages.setIamPolicy

compute.machineImages.setLabels

compute.machineImages.useReadOnly

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.multiMig.*

compute.multiMig.create
compute.multiMig.delete
compute.multiMig.get
compute.multiMig.list

compute.multiMigMembers.*

compute.multiMigMembers.get
compute.multiMigMembers.list

compute.networkAttachments.get

compute.networkAttachments.getIamPolicy

compute.networkAttachments.list

compute.networkAttachments.listEffectiveTags

compute.networkAttachments.listTagBindings

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEdgeSecurityServices.listEffectiveTags

compute.networkEdgeSecurityServices.listTagBindings

compute.networkEndpointGroups.*

compute.networkEndpointGroups.attachNetworkEndpoints
compute.networkEndpointGroups.create
compute.networkEndpointGroups.createTagBinding
compute.networkEndpointGroups.delete
compute.networkEndpointGroups.deleteTagBinding
compute.networkEndpointGroups.detachNetworkEndpoints
compute.networkEndpointGroups.get
compute.networkEndpointGroups.list
compute.networkEndpointGroups.listEffectiveTags
compute.networkEndpointGroups.listTagBindings
compute.networkEndpointGroups.use

compute.networkProfiles.*

compute.networkProfiles.get
compute.networkProfiles.list

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listPeeringRoutes

compute.networks.listTagBindings

compute.networks.use

compute.networks.useExternalIp

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

compute.nodeTypes.get
compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.packetMirrorings.listEffectiveTags

compute.packetMirrorings.listTagBindings

compute.previewFeatures.get

compute.previewFeatures.list

compute.projects.get

compute.projects.setCommonInstanceMetadata

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.publicDelegatedPrefixes.listEffectiveTags

compute.publicDelegatedPrefixes.listTagBindings

compute.regionBackendBuckets.get

compute.regionBackendBuckets.getIamPolicy

compute.regionBackendBuckets.list

compute.regionBackendBuckets.listEffectiveTags

compute.regionBackendBuckets.listTagBindings

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionBackendServices.listEffectiveTags

compute.regionBackendServices.listTagBindings

compute.regionCompositeHealthChecks.get

compute.regionCompositeHealthChecks.list

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionFirewallPolicies.listEffectiveTags

compute.regionFirewallPolicies.listTagBindings

compute.regionHealthAggregationPolicies.get

compute.regionHealthAggregationPolicies.list

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionHealthChecks.listEffectiveTags

compute.regionHealthChecks.listTagBindings

compute.regionHealthSources.get

compute.regionHealthSources.list

compute.regionNetworkEndpointGroups.*

compute.regionNetworkEndpointGroups.attachNetworkEndpoints
compute.regionNetworkEndpointGroups.create
compute.regionNetworkEndpointGroups.createTagBinding
compute.regionNetworkEndpointGroups.delete
compute.regionNetworkEndpointGroups.deleteTagBinding
compute.regionNetworkEndpointGroups.detachNetworkEndpoints
compute.regionNetworkEndpointGroups.get
compute.regionNetworkEndpointGroups.list
compute.regionNetworkEndpointGroups.listEffectiveTags
compute.regionNetworkEndpointGroups.listTagBindings
compute.regionNetworkEndpointGroups.use

compute.regionNetworkPolicies.get

compute.regionNetworkPolicies.list

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSecurityPolicies.listEffectiveTags

compute.regionSecurityPolicies.listTagBindings

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslCertificates.listEffectiveTags

compute.regionSslCertificates.listTagBindings

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionSslPolicies.listEffectiveTags

compute.regionSslPolicies.listTagBindings

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpProxies.listEffectiveTags

compute.regionTargetHttpProxies.listTagBindings

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetHttpsProxies.listEffectiveTags

compute.regionTargetHttpsProxies.listTagBindings

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionTargetTcpProxies.listEffectiveTags

compute.regionTargetTcpProxies.listTagBindings

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.listEffectiveTags

compute.regionUrlMaps.listTagBindings

compute.regionUrlMaps.validate

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservationBlocks.get

compute.reservationBlocks.list

compute.reservationSubBlocks.get

compute.reservationSubBlocks.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.*

compute.resourcePolicies.create
compute.resourcePolicies.delete
compute.resourcePolicies.get
compute.resourcePolicies.getIamPolicy
compute.resourcePolicies.list
compute.resourcePolicies.setIamPolicy
compute.resourcePolicies.update
compute.resourcePolicies.use
compute.resourcePolicies.useReadOnly

compute.rolloutPlans.get

compute.rolloutPlans.list

compute.rollouts.get

compute.rollouts.list

compute.routers.get

compute.routers.getRoutePolicy

compute.routers.list

compute.routers.listBgpRoutes

compute.routers.listEffectiveTags

compute.routers.listRoutePolicies

compute.routers.listTagBindings

compute.routes.get

compute.routes.list

compute.routes.listEffectiveTags

compute.routes.listTagBindings

compute.securityPolicies.get

compute.securityPolicies.list

compute.securityPolicies.listEffectiveTags

compute.securityPolicies.listTagBindings

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.serviceAttachments.listEffectiveTags

compute.serviceAttachments.listTagBindings

compute.snapshotSettings.get

compute.snapshots.*

compute.snapshots.create
compute.snapshots.createTagBinding
compute.snapshots.delete
compute.snapshots.deleteTagBinding
compute.snapshots.get
compute.snapshots.getIamPolicy
compute.snapshots.list
compute.snapshots.listEffectiveTags
compute.snapshots.listTagBindings
compute.snapshots.setIamPolicy
compute.snapshots.setLabels
compute.snapshots.updateKmsKey
compute.snapshots.useReadOnly

compute.spotAssistants.get

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslCertificates.listEffectiveTags

compute.sslCertificates.listTagBindings

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.sslPolicies.listEffectiveTags

compute.sslPolicies.listTagBindings

compute.storagePools.get

compute.storagePools.getIamPolicy

compute.storagePools.list

compute.storagePools.listEffectiveTags

compute.storagePools.listTagBindings

compute.storagePools.use

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.subnetworks.use

compute.subnetworks.useExternalIp

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetGrpcProxies.listEffectiveTags

compute.targetGrpcProxies.listTagBindings

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpProxies.listEffectiveTags

compute.targetHttpProxies.listTagBindings

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetHttpsProxies.listEffectiveTags

compute.targetHttpsProxies.listTagBindings

compute.targetInstances.get

compute.targetInstances.list

compute.targetInstances.listEffectiveTags

compute.targetInstances.listTagBindings

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetSslProxies.listEffectiveTags

compute.targetSslProxies.listTagBindings

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetTcpProxies.listEffectiveTags

compute.targetTcpProxies.listTagBindings

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.targetVpnGateways.listEffectiveTags

compute.targetVpnGateways.listTagBindings

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.listEffectiveTags

compute.urlMaps.listTagBindings

compute.urlMaps.validate

compute.vmExtensionPolicies.get

compute.vmExtensionPolicies.list

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnGateways.listEffectiveTags

compute.vpnGateways.listTagBindings

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.vpnTunnels.listEffectiveTags

compute.vpnTunnels.listTagBindings

compute.wireGroups.get

compute.wireGroups.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

dataproc.clusters.get

dataproc.clusters.use

dataproc.jobs.cancel

dataproc.jobs.create

dataproc.jobs.delete

dataproc.jobs.get

dataproc.jobs.list

dataproc.jobs.update

iam.serviceAccounts.actAs

iam.serviceAccounts.get

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.list

ml.jobs.create

ml.jobs.get

ml.jobs.list

notebooks.*

notebooks.environments.create
notebooks.environments.delete
notebooks.environments.get
notebooks.environments.getIamPolicy
notebooks.environments.list
notebooks.environments.setIamPolicy
notebooks.executions.create
notebooks.executions.delete
notebooks.executions.get
notebooks.executions.getIamPolicy
notebooks.executions.list
notebooks.executions.setIamPolicy
notebooks.instances.checkUpgradability
notebooks.instances.create
notebooks.instances.delete
notebooks.instances.diagnose
notebooks.instances.get
notebooks.instances.getHealth
notebooks.instances.getIamPolicy
notebooks.instances.list
notebooks.instances.reset
notebooks.instances.setAccelerator
notebooks.instances.setIamPolicy
notebooks.instances.setLabels
notebooks.instances.setMachineType
notebooks.instances.start
notebooks.instances.stop
notebooks.instances.update
notebooks.instances.updateConfig
notebooks.instances.updateShieldInstanceConfig
notebooks.instances.upgrade
notebooks.instances.use
notebooks.locations.get
notebooks.locations.list
notebooks.operations.cancel
notebooks.operations.delete
notebooks.operations.get
notebooks.operations.list
notebooks.runtimes.create
notebooks.runtimes.delete
notebooks.runtimes.diagnose
notebooks.runtimes.get
notebooks.runtimes.getIamPolicy
notebooks.runtimes.list
notebooks.runtimes.reset
notebooks.runtimes.setIamPolicy
notebooks.runtimes.start
notebooks.runtimes.stop
notebooks.runtimes.switch
notebooks.runtimes.update
notebooks.runtimes.upgrade
notebooks.schedules.create
notebooks.schedules.delete
notebooks.schedules.get
notebooks.schedules.getIamPolicy
notebooks.schedules.list
notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.consumerpolicy.analyze

serviceusage.consumerpolicy.get

serviceusage.effectivepolicy.get

serviceusage.groups.*

serviceusage.groups.list
serviceusage.groups.listExpandedMembers
serviceusage.groups.listMembers

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

serviceusage.values.test

Grant Vertex AI service agents access to other resources

Sometimes you need to grant additional roles to a Vertex AI serviceagent. For example, if you need Vertex AI to access aCloud Storage bucket in a different project, you'll need togrant one or more additional roles to the service agent.

Note: If you want your custom training code to obtain an OAuth 2.0 access tokenwith thehttps://www.googleapis.com/auth/cloud-platform scope, then you mustuse a custom service account for training.You can't give this level of access to the Vertex AI Custom Code Service Agent.

Role addition requirements for BigQuery

The following table describes the required additional roles needed to beadded to the Vertex AI Service Agent for BigQuerytables or view in a different project or backed by an external data source.

The termhome project refers to the project where theVertex AI dataset or model is located. The termdifferentproject refers to any other project.

Table type	Table project	Data source project	Role addition required
Native BigQuery table	Home project	N/A	None.
Native BigQuery table	Different project	N/A	`BigQuery Data Viewer` for different project.Learn more.
BigQuery view	Home project	N/A	None.
BigQuery view	Different project	N/A	`BigQuery Data Viewer` for different project.Learn more.
External BigQuery data source backed by Bigtable	Home project	Home project	`Bigtable Reader` for home project.Learn more.
External BigQuery data source backed by Bigtable	Home project	Different project	`Bigtable Reader` for different project.Learn more.
External BigQuery data source backed by Bigtable	Different project	Different project	`BigQuery Reader` and`Bigtable Reader` for different project.Learn more.
External BigQuery data source backed by Cloud Storage	Home project	Home project	None.
External BigQuery data source backed by Cloud Storage	Home project	Different project	`Storage Object Viewer` for different project.Learn more.
External BigQuery data source backed by Cloud Storage	Different project	Different project	`Storage Object Viewer` and`BigQuery Data Viewer` for different project.Learn more.
External BigQuery data source backed by Google Sheets	Home project	N/A	Share your Sheets file with the Vertex AI service account.Learn more.
External BigQuery data source backed by Google Sheets	Different project	N/A	`BigQuery Reader` for different project andshare your Sheets file with the Vertex AI service account.

Role addition requirements for Cloud Storage

If you are accessing data in a Cloud Storage bucket in a differentproject, you must give theStorage > Storage Object Viewer role toVertex AI in that project.Learn more.

If you are using a Cloud Storage bucket to receive data from your localcomputer for an import operation, and the bucket is in a different project thanGoogle Cloud project, you must give theStorage > Storage Object Creatorrole to Vertex AI in that project.Learn more.

Grant access to Vertex AI to resources in your home project

To grant additional roles to a service agent forVertex AI in your home project:

Go to theIAM page of the Google Cloud console for your home project.
Go to the IAM page
Select theInclude Google-provided role grants checkbox.
Determine theservice agent you want to grant thepermissions to and click the pencil icon.
You can filter forPrincipal:@gcp-sa-aiplatform-cc.iam.gserviceaccount.com to find the Vertex AI service agents.
Grant the required roles to the service agent and save your changes.

Grant access to Vertex AI to resources in a different project

When you use data sources or destinations in a different project, you must givethe Vertex AI service agent permissions in that project. TheVertex AI service agent is created after you start the firstasynchronous job (for example, creating an endpoint). You can also explicitlycreate the Vertex AI service agent. For more information, seegcloud beta services identitycreate.This Google Cloud CLI command creates the primary service agent and the customcode service agent. However, only the primary service agent is returned in theresponse.

To add permissions to Vertex AI in a different project:

Go to theIAM page of the Google Cloud console for your home project(the project where you are using Vertex AI).
Go to the IAM page
Select theInclude Google-provided role grants checkbox.
Determine theservice agent you want to grant thepermissions to and copy its email address (listed underPrincipal).
You can filter forPrincipal:@gcp-sa-aiplatform-cc.iam.gserviceaccount.com to find the Vertex AI service agents.
Change projects to the project where you need to grant the permissions.
ClickAdd, and enter the email address inNew principals.
Add all required roles and clickSave.

Provide access to Google Sheets

If you use an external BigQuery data source backed by GoogleSheets, you must share your sheet with the Vertex AI serviceaccount. The Vertex AI service account is created after you startthe first asynchronous job (for example, creating an endpoint). You canalso explicitlycreate the Vertex AI service account by using gcloud CLIby followingthisinstruction.

To authorize Vertex AI to access your Sheets file:

Go to theIAM page of the Google Cloud console.
Go to the IAM page
Look for the service account with the nameVertex AI Service Agent andcopy its email address (listed underPrincipal).
Open your Sheets file and share it with that address.

What's next

Learn more about IAM.
Learn about specific IAM permissions andthe operations they support.
To learn about recommended ways to set up a project for a team, seeSet up a project for a team.
Get an overview of Vertex AI.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-16 UTC.

Movatterモバイル変換

Vertex AI access control with IAM Stay organized with collections Save and categorize content based on your preferences.

Overview

IAM roles

Custom roles

Use custom roles to grant least-privilege permissions

Predefined roles for Vertex AI

Vertex AI Administrator

Vertex AI Batch Prediction Service Agent

Colab Enterprise Admin

Colab Enterprise User

Vertex AI Colab Service Agent

Vertex AI Custom Code Service Agent

Vertex AI Feature Store EntityType owner

Vertex AI Platform Express AdminBeta

Vertex AI Platform Express UserBeta

Vertex AI Extension Custom Code Service Agent

Vertex AI Extension Service Agent

Vertex AI Feature Store Admin

Vertex AI Feature Store Data Viewer

Vertex AI Feature Store Data Writer

Vertex AI Feature Store Instance Creator

Vertex AI Feature Store Resource Viewer

Vertex AI Feature Store UserBeta

Vertex AI Agent Engine Memory Editor RoleBeta

Vertex AI Agent Engine Memory User RoleBeta

Vertex AI Agent Engine Memory Viewer RoleBeta

Vertex AI Migration Service User

Vertex AI Model Monitoring Service Agent

Notebook Executor UserBeta

Notebook Runtime Admin

Notebook Runtime User

Vertex AI Notebook Service Agent

Vertex AI Online Prediction Service Agent

Vertex AI Platform Provisioned Throughput AdminBeta

Vertex AI RAG Data Service Agent

Vertex AI Rapid Eval Service Agent

Vertex AI Reasoning Engine Service Agent

Vertex AI Service Agent

Vertex AI Agent Engine Session Editor RoleBeta

Vertex AI Agent Engine Session User RoleBeta

Vertex AI Agent Engine Session Viewer RoleBeta

Vertex AI Telemetry Service Agent

Vertex AI Tensorboard Web App UserBeta

Vertex AI Tuning Service Agent

Vertex AI User

Vertex AI Viewer

Basic roles

Project-level versus resource-level access

Supported resources

Resources, service accounts, and service agents

Service accounts

Service agents

Service agent roles and permissions

Vertex AI Service Agent

Vertex AI RAG Data Service Agent

Vertex AI Custom Code Service Agent

Vertex AI Extension Service Agent

AI Platform Notebooks Service Agent

Grant Vertex AI service agents access to other resources

Role addition requirements for BigQuery

Role addition requirements for Cloud Storage

Grant access to Vertex AI to resources in your home project

Grant access to Vertex AI to resources in a different project

Provide access to Google Sheets

What's next

Vertex AI access control with IAM

Vertex AI Platform Express Admin^Beta

Vertex AI Platform Express User^Beta

Vertex AI Feature Store User^Beta

Vertex AI Agent Engine Memory Editor Role^Beta

Vertex AI Agent Engine Memory User Role^Beta

Vertex AI Agent Engine Memory Viewer Role^Beta

Notebook Executor User^Beta

Vertex AI Platform Provisioned Throughput Admin^Beta

Vertex AI Agent Engine Session Editor Role^Beta

Vertex AI Agent Engine Session User Role^Beta

Vertex AI Agent Engine Session Viewer Role^Beta

Vertex AI Tensorboard Web App User^Beta