(roles/container.admin)
Provides access to full management of clusters and their Kubernetes API objects.
To set a service account on nodes, you must also have the Service Account User role (roles/iam.serviceAccountUser) on the user-managed service account that your nodes will use.
Lowest-level resources where you can grant this role:
container.*
container.apiServices.createcontainer.apiServices.deletecontainer.apiServices.getcontainer.apiServices.getStatuscontainer.apiServices.listcontainer.apiServices.updatecontainer.apiServices.updateStatuscontainer.auditSinks.createcontainer.auditSinks.deletecontainer.auditSinks.getcontainer.auditSinks.listcontainer.auditSinks.updatecontainer.backendConfigs.createcontainer.backendConfigs.deletecontainer.backendConfigs.getcontainer.backendConfigs.listcontainer.backendConfigs.updatecontainer.bindings.createcontainer.bindings.deletecontainer.bindings.getcontainer.bindings.listcontainer.bindings.updatecontainer.certificateSigningRequests.approvecontainer.certificateSigningRequests.createcontainer.certificateSigningRequests.deletecontainer.certificateSigningRequests.getcontainer.certificateSigningRequests.getStatuscontainer.certificateSigningRequests.listcontainer.certificateSigningRequests.updatecontainer.certificateSigningRequests.updateStatuscontainer.clusterRoleBindings.createcontainer.clusterRoleBindings.deletecontainer.clusterRoleBindings.getcontainer.clusterRoleBindings.listcontainer.clusterRoleBindings.updatecontainer.clusterRoles.bindcontainer.clusterRoles.createcontainer.clusterRoles.deletecontainer.clusterRoles.escalatecontainer.clusterRoles.getcontainer.clusterRoles.listcontainer.clusterRoles.updatecontainer.clusters.connectcontainer.clusters.createcontainer.clusters.createTagBindingcontainer.clusters.deletecontainer.clusters.deleteTagBindingcontainer.clusters.getcontainer.clusters.getCredentialscontainer.clusters.impersonatecontainer.clusters.listcontainer.clusters.listEffectiveTagscontainer.clusters.listTagBindingscontainer.clusters.updatecontainer.componentStatuses.getcontainer.componentStatuses.listcontainer.configMaps.createcontainer.configMaps.deletecontainer.configMaps.getcontainer.configMaps.listcontainer.configMaps.updatecontainer.controllerRevisions.createcontainer.controllerRevisions.deletecontainer.controllerRevisions.getcontainer.controllerRevisions.listcontainer.controllerRevisions.updatecontainer.cronJobs.createcontainer.cronJobs.deletecontainer.cronJobs.getcontainer.cronJobs.getStatuscontainer.cronJobs.listcontainer.cronJobs.updatecontainer.cronJobs.updateStatuscontainer.csiDrivers.createcontainer.csiDrivers.deletecontainer.csiDrivers.getcontainer.csiDrivers.listcontainer.csiDrivers.updatecontainer.csiNodeInfos.createcontainer.csiNodeInfos.deletecontainer.csiNodeInfos.getcontainer.csiNodeInfos.listcontainer.csiNodeInfos.updatecontainer.csiNodes.createcontainer.csiNodes.deletecontainer.csiNodes.getcontainer.csiNodes.listcontainer.csiNodes.updatecontainer.customResourceDefinitions.createcontainer.customResourceDefinitions.deletecontainer.customResourceDefinitions.getcontainer.customResourceDefinitions.getStatuscontainer.customResourceDefinitions.listcontainer.customResourceDefinitions.updatecontainer.customResourceDefinitions.updateStatuscontainer.daemonSets.createcontainer.daemonSets.deletecontainer.daemonSets.getcontainer.daemonSets.getStatuscontainer.daemonSets.listcontainer.daemonSets.updatecontainer.daemonSets.updateStatuscontainer.deployments.createcontainer.deployments.deletecontainer.deployments.getcontainer.deployments.getScalecontainer.deployments.getStatuscontainer.deployments.listcontainer.deployments.rollbackcontainer.deployments.updatecontainer.deployments.updateScalecontainer.deployments.updateStatuscontainer.endpointSlices.createcontainer.endpointSlices.deletecontainer.endpointSlices.getcontainer.endpointSlices.listcontainer.endpointSlices.updatecontainer.endpoints.createcontainer.endpoints.deletecontainer.endpoints.getcontainer.endpoints.listcontainer.endpoints.updatecontainer.events.createcontainer.events.deletecontainer.events.getcontainer.events.listcontainer.events.updatecontainer.frontendConfigs.createcontainer.frontendConfigs.deletecontainer.frontendConfigs.getcontainer.frontendConfigs.listcontainer.frontendConfigs.updatecontainer.horizontalPodAutoscalers.createcontainer.horizontalPodAutoscalers.deletecontainer.horizontalPodAutoscalers.getcontainer.horizontalPodAutoscalers.getStatuscontainer.horizontalPodAutoscalers.listcontainer.horizontalPodAutoscalers.updatecontainer.horizontalPodAutoscalers.updateStatuscontainer.hostServiceAgent.usecontainer.ingresses.createcontainer.ingresses.deletecontainer.ingresses.getcontainer.ingresses.getStatuscontainer.ingresses.listcontainer.ingresses.updatecontainer.ingresses.updateStatuscontainer.initializerConfigurations.createcontainer.initializerConfigurations.deletecontainer.initializerConfigurations.getcontainer.initializerConfigurations.listcontainer.initializerConfigurations.updatecontainer.jobs.createcontainer.jobs.deletecontainer.jobs.getcontainer.jobs.getStatuscontainer.jobs.listcontainer.jobs.updatecontainer.jobs.updateStatuscontainer.leases.createcontainer.leases.deletecontainer.leases.getcontainer.leases.listcontainer.leases.updatecontainer.limitRanges.createcontainer.limitRanges.deletecontainer.limitRanges.getcontainer.limitRanges.listcontainer.limitRanges.updatecontainer.localSubjectAccessReviews.createcontainer.localSubjectAccessReviews.listcontainer.managedCertificates.createcontainer.managedCertificates.deletecontainer.managedCertificates.getcontainer.managedCertificates.listcontainer.managedCertificates.updatecontainer.mutatingWebhookConfigurations.createcontainer.mutatingWebhookConfigurations.deletecontainer.mutatingWebhookConfigurations.getcontainer.mutatingWebhookConfigurations.listcontainer.mutatingWebhookConfigurations.updatecontainer.namespaces.createcontainer.namespaces.deletecontainer.namespaces.finalizecontainer.namespaces.getcontainer.namespaces.getStatuscontainer.namespaces.listcontainer.namespaces.updatecontainer.namespaces.updateStatuscontainer.networkPolicies.createcontainer.networkPolicies.deletecontainer.networkPolicies.getcontainer.networkPolicies.listcontainer.networkPolicies.updatecontainer.nodes.createcontainer.nodes.deletecontainer.nodes.getcontainer.nodes.getStatuscontainer.nodes.listcontainer.nodes.proxycontainer.nodes.updatecontainer.nodes.updateStatuscontainer.operations.getcontainer.operations.listcontainer.persistentVolumeClaims.createcontainer.persistentVolumeClaims.deletecontainer.persistentVolumeClaims.getcontainer.persistentVolumeClaims.getStatuscontainer.persistentVolumeClaims.listcontainer.persistentVolumeClaims.updatecontainer.persistentVolumeClaims.updateStatuscontainer.persistentVolumes.createcontainer.persistentVolumes.deletecontainer.persistentVolumes.getcontainer.persistentVolumes.getStatuscontainer.persistentVolumes.listcontainer.persistentVolumes.updatecontainer.persistentVolumes.updateStatuscontainer.petSets.createcontainer.petSets.deletecontainer.petSets.getcontainer.petSets.listcontainer.petSets.updatecontainer.petSets.updateStatuscontainer.podDisruptionBudgets.createcontainer.podDisruptionBudgets.deletecontainer.podDisruptionBudgets.getcontainer.podDisruptionBudgets.getStatuscontainer.podDisruptionBudgets.listcontainer.podDisruptionBudgets.updatecontainer.podDisruptionBudgets.updateStatuscontainer.podPresets.createcontainer.podPresets.deletecontainer.podPresets.getcontainer.podPresets.listcontainer.podPresets.updatecontainer.podSecurityPolicies.createcontainer.podSecurityPolicies.deletecontainer.podSecurityPolicies.getcontainer.podSecurityPolicies.listcontainer.podSecurityPolicies.updatecontainer.podSecurityPolicies.usecontainer.podTemplates.createcontainer.podTemplates.deletecontainer.podTemplates.getcontainer.podTemplates.listcontainer.podTemplates.updatecontainer.pods.attachcontainer.pods.createcontainer.pods.deletecontainer.pods.evictcontainer.pods.execcontainer.pods.getcontainer.pods.getLogscontainer.pods.getStatuscontainer.pods.initializecontainer.pods.listcontainer.pods.portForwardcontainer.pods.proxycontainer.pods.updatecontainer.pods.updateStatuscontainer.priorityClasses.createcontainer.priorityClasses.deletecontainer.priorityClasses.getcontainer.priorityClasses.listcontainer.priorityClasses.updatecontainer.replicaSets.createcontainer.replicaSets.deletecontainer.replicaSets.getcontainer.replicaSets.getScalecontainer.replicaSets.getStatuscontainer.replicaSets.listcontainer.replicaSets.updatecontainer.replicaSets.updateScalecontainer.replicaSets.updateStatuscontainer.replicationControllers.createcontainer.replicationControllers.deletecontainer.replicationControllers.getcontainer.replicationControllers.getScalecontainer.replicationControllers.getStatuscontainer.replicationControllers.listcontainer.replicationControllers.updatecontainer.replicationControllers.updateScalecontainer.replicationControllers.updateStatuscontainer.resourceQuotas.createcontainer.resourceQuotas.deletecontainer.resourceQuotas.getcontainer.resourceQuotas.getStatuscontainer.resourceQuotas.listcontainer.resourceQuotas.updatecontainer.resourceQuotas.updateStatuscontainer.roleBindings.createcontainer.roleBindings.deletecontainer.roleBindings.getcontainer.roleBindings.listcontainer.roleBindings.updatecontainer.roles.bindcontainer.roles.createcontainer.roles.deletecontainer.roles.escalatecontainer.roles.getcontainer.roles.listcontainer.roles.updatecontainer.runtimeClasses.createcontainer.runtimeClasses.deletecontainer.runtimeClasses.getcontainer.runtimeClasses.listcontainer.runtimeClasses.updatecontainer.scheduledJobs.createcontainer.scheduledJobs.deletecontainer.scheduledJobs.getcontainer.scheduledJobs.listcontainer.scheduledJobs.updatecontainer.scheduledJobs.updateStatuscontainer.secrets.createcontainer.secrets.deletecontainer.secrets.getcontainer.secrets.listcontainer.secrets.updatecontainer.selfSubjectAccessReviews.createcontainer.selfSubjectAccessReviews.listcontainer.selfSubjectRulesReviews.createcontainer.serviceAccounts.createcontainer.serviceAccounts.createTokencontainer.serviceAccounts.deletecontainer.serviceAccounts.getcontainer.serviceAccounts.listcontainer.serviceAccounts.updatecontainer.services.createcontainer.services.deletecontainer.services.getcontainer.services.getStatuscontainer.services.listcontainer.services.proxycontainer.services.updatecontainer.services.updateStatuscontainer.statefulSets.createcontainer.statefulSets.deletecontainer.statefulSets.getcontainer.statefulSets.getScalecontainer.statefulSets.getStatuscontainer.statefulSets.listcontainer.statefulSets.updatecontainer.statefulSets.updateScalecontainer.statefulSets.updateStatuscontainer.storageClasses.createcontainer.storageClasses.deletecontainer.storageClasses.getcontainer.storageClasses.listcontainer.storageClasses.updatecontainer.storageStates.createcontainer.storageStates.deletecontainer.storageStates.getcontainer.storageStates.getStatuscontainer.storageStates.listcontainer.storageStates.updatecontainer.storageStates.updateStatuscontainer.storageVersionMigrations.createcontainer.storageVersionMigrations.deletecontainer.storageVersionMigrations.getcontainer.storageVersionMigrations.getStatuscontainer.storageVersionMigrations.listcontainer.storageVersionMigrations.updatecontainer.storageVersionMigrations.updateStatuscontainer.subjectAccessReviews.createcontainer.subjectAccessReviews.listcontainer.thirdPartyObjects.createcontainer.thirdPartyObjects.deletecontainer.thirdPartyObjects.getcontainer.thirdPartyObjects.listcontainer.thirdPartyObjects.updatecontainer.thirdPartyResources.createcontainer.thirdPartyResources.deletecontainer.thirdPartyResources.getcontainer.thirdPartyResources.listcontainer.thirdPartyResources.updatecontainer.tokenReviews.createcontainer.updateInfos.createcontainer.updateInfos.deletecontainer.updateInfos.getcontainer.updateInfos.listcontainer.updateInfos.updatecontainer.validatingWebhookConfigurations.createcontainer.validatingWebhookConfigurations.deletecontainer.validatingWebhookConfigurations.getcontainer.validatingWebhookConfigurations.listcontainer.validatingWebhookConfigurations.updatecontainer.volumeAttachments.createcontainer.volumeAttachments.deletecontainer.volumeAttachments.getcontainer.volumeAttachments.getStatuscontainer.volumeAttachments.listcontainer.volumeAttachments.updatecontainer.volumeAttachments.updateStatuscontainer.volumeSnapshotClasses.createcontainer.volumeSnapshotClasses.deletecontainer.volumeSnapshotClasses.getcontainer.volumeSnapshotClasses.listcontainer.volumeSnapshotClasses.updatecontainer.volumeSnapshotContents.createcontainer.volumeSnapshotContents.deletecontainer.volumeSnapshotContents.getcontainer.volumeSnapshotContents.getStatuscontainer.volumeSnapshotContents.listcontainer.volumeSnapshotContents.updatecontainer.volumeSnapshotContents.updateStatuscontainer.volumeSnapshots.createcontainer.volumeSnapshots.deletecontainer.volumeSnapshots.getcontainer.volumeSnapshots.getStatuscontainer.volumeSnapshots.listcontainer.volumeSnapshots.updatecontainer.volumeSnapshots.updateStatusrecommender.containerDiagnosisInsights.*
recommender.containerDiagnosisInsights.getrecommender.containerDiagnosisInsights.listrecommender.containerDiagnosisInsights.updaterecommender.containerDiagnosisRecommendations.*
recommender.containerDiagnosisRecommendations.getrecommender.containerDiagnosisRecommendations.listrecommender.containerDiagnosisRecommendations.updaterecommender.locations.*
recommender.locations.getrecommender.locations.listrecommender.networkAnalyzerGkeConnectivityInsights.*
recommender.networkAnalyzerGkeConnectivityInsights.getrecommender.networkAnalyzerGkeConnectivityInsights.listrecommender.networkAnalyzerGkeConnectivityInsights.updaterecommender.networkAnalyzerGkeIpAddressInsights.*
recommender.networkAnalyzerGkeIpAddressInsights.getrecommender.networkAnalyzerGkeIpAddressInsights.listrecommender.networkAnalyzerGkeIpAddressInsights.updateresourcemanager.projects.get
resourcemanager.projects.list
(roles/container.cloudKmsKeyUser)
Allow the Kubernetes Engine service agent in the cluster project to call KMS with user provided crypto keys to sign payloads.
cloudkms.cryptoKeyVersions.get
cloudkms.cryptoKeyVersions.useToSign
cloudkms.cryptoKeyVersions.useToVerify
cloudkms.cryptoKeyVersions.viewPublicKey
cloudkms.cryptoKeys.get
cloudkms.locations.get
cloudkms.locations.list
resourcemanager.projects.get
(roles/container.clusterAdmin)
Provides access to management of clusters.
To set a service account on nodes, you must also have the Service Account User role (roles/iam.serviceAccountUser) on the user-managed service account that your nodes will use.
Lowest-level resources where you can grant this role:
container.clusters.connect
container.clusters.create
container.clusters.delete
container.clusters.get
container.clusters.list
container.clusters.update
container.operations.*
container.operations.getcontainer.operations.listresourcemanager.projects.get
resourcemanager.projects.list
(roles/container.clusterViewer)
Provides access to get and list GKE clusters.
container.clusters.connect
container.clusters.get
container.clusters.list
resourcemanager.projects.get
resourcemanager.projects.list
(roles/container.defaultNodeServiceAccount)
Least privilege role to use as the default service account for GKE Nodes.
autoscaling.sites.writeMetrics
logging.logEntries.create
monitoring.metricDescriptors.create
monitoring.metricDescriptors.list
monitoring.timeSeries.*
monitoring.timeSeries.createmonitoring.timeSeries.list(roles/container.defaultNodeServiceAgent)
Minimal set of permissions required by a GKE node to support standard capabilities such as logging and monitoring. Replaces the container.nodeServiceAgent role with a reduced permission set.
Warning: Do not grant service agent roles to any principals except service agents.autoscaling.sites.writeMetrics
logging.logEntries.create
monitoring.metricDescriptors.create
monitoring.metricDescriptors.list
monitoring.timeSeries.*
monitoring.timeSeries.createmonitoring.timeSeries.listserviceusage.services.use
(roles/container.developer)
Provides access to Kubernetes API objects inside clusters.
Lowest-level resources where you can grant this role:
container.apiServices.*
container.apiServices.createcontainer.apiServices.deletecontainer.apiServices.getcontainer.apiServices.getStatuscontainer.apiServices.listcontainer.apiServices.updatecontainer.apiServices.updateStatuscontainer.auditSinks.*
container.auditSinks.createcontainer.auditSinks.deletecontainer.auditSinks.getcontainer.auditSinks.listcontainer.auditSinks.updatecontainer.backendConfigs.*
container.backendConfigs.createcontainer.backendConfigs.deletecontainer.backendConfigs.getcontainer.backendConfigs.listcontainer.backendConfigs.updatecontainer.bindings.*
container.bindings.createcontainer.bindings.deletecontainer.bindings.getcontainer.bindings.listcontainer.bindings.updatecontainer.certificateSigningRequests.create
container.certificateSigningRequests.delete
container.certificateSigningRequests.get
container.certificateSigningRequests.list
container.certificateSigningRequests.update
container.certificateSigningRequests.updateStatus
container.clusterRoleBindings.get
container.clusterRoleBindings.list
container.clusterRoles.get
container.clusterRoles.list
container.clusters.connect
container.clusters.get
container.clusters.list
container.componentStatuses.*
container.componentStatuses.getcontainer.componentStatuses.listcontainer.configMaps.*
container.configMaps.createcontainer.configMaps.deletecontainer.configMaps.getcontainer.configMaps.listcontainer.configMaps.updatecontainer.controllerRevisions.get
container.controllerRevisions.list
container.cronJobs.*
container.cronJobs.createcontainer.cronJobs.deletecontainer.cronJobs.getcontainer.cronJobs.getStatuscontainer.cronJobs.listcontainer.cronJobs.updatecontainer.cronJobs.updateStatuscontainer.csiDrivers.*
container.csiDrivers.createcontainer.csiDrivers.deletecontainer.csiDrivers.getcontainer.csiDrivers.listcontainer.csiDrivers.updatecontainer.csiNodeInfos.*
container.csiNodeInfos.createcontainer.csiNodeInfos.deletecontainer.csiNodeInfos.getcontainer.csiNodeInfos.listcontainer.csiNodeInfos.updatecontainer.csiNodes.*
container.csiNodes.createcontainer.csiNodes.deletecontainer.csiNodes.getcontainer.csiNodes.listcontainer.csiNodes.updatecontainer.customResourceDefinitions.*
container.customResourceDefinitions.createcontainer.customResourceDefinitions.deletecontainer.customResourceDefinitions.getcontainer.customResourceDefinitions.getStatuscontainer.customResourceDefinitions.listcontainer.customResourceDefinitions.updatecontainer.customResourceDefinitions.updateStatuscontainer.daemonSets.*
container.daemonSets.createcontainer.daemonSets.deletecontainer.daemonSets.getcontainer.daemonSets.getStatuscontainer.daemonSets.listcontainer.daemonSets.updatecontainer.daemonSets.updateStatuscontainer.deployments.*
container.deployments.createcontainer.deployments.deletecontainer.deployments.getcontainer.deployments.getScalecontainer.deployments.getStatuscontainer.deployments.listcontainer.deployments.rollbackcontainer.deployments.updatecontainer.deployments.updateScalecontainer.deployments.updateStatuscontainer.endpointSlices.*
container.endpointSlices.createcontainer.endpointSlices.deletecontainer.endpointSlices.getcontainer.endpointSlices.listcontainer.endpointSlices.updatecontainer.endpoints.*
container.endpoints.createcontainer.endpoints.deletecontainer.endpoints.getcontainer.endpoints.listcontainer.endpoints.updatecontainer.events.*
container.events.createcontainer.events.deletecontainer.events.getcontainer.events.listcontainer.events.updatecontainer.frontendConfigs.*
container.frontendConfigs.createcontainer.frontendConfigs.deletecontainer.frontendConfigs.getcontainer.frontendConfigs.listcontainer.frontendConfigs.updatecontainer.horizontalPodAutoscalers.*
container.horizontalPodAutoscalers.createcontainer.horizontalPodAutoscalers.deletecontainer.horizontalPodAutoscalers.getcontainer.horizontalPodAutoscalers.getStatuscontainer.horizontalPodAutoscalers.listcontainer.horizontalPodAutoscalers.updatecontainer.horizontalPodAutoscalers.updateStatuscontainer.ingresses.*
container.ingresses.createcontainer.ingresses.deletecontainer.ingresses.getcontainer.ingresses.getStatuscontainer.ingresses.listcontainer.ingresses.updatecontainer.ingresses.updateStatuscontainer.initializerConfigurations.*
container.initializerConfigurations.createcontainer.initializerConfigurations.deletecontainer.initializerConfigurations.getcontainer.initializerConfigurations.listcontainer.initializerConfigurations.updatecontainer.jobs.*
container.jobs.createcontainer.jobs.deletecontainer.jobs.getcontainer.jobs.getStatuscontainer.jobs.listcontainer.jobs.updatecontainer.jobs.updateStatuscontainer.leases.*
container.leases.createcontainer.leases.deletecontainer.leases.getcontainer.leases.listcontainer.leases.updatecontainer.limitRanges.*
container.limitRanges.createcontainer.limitRanges.deletecontainer.limitRanges.getcontainer.limitRanges.listcontainer.limitRanges.updatecontainer.localSubjectAccessReviews.*
container.localSubjectAccessReviews.createcontainer.localSubjectAccessReviews.listcontainer.managedCertificates.*
container.managedCertificates.createcontainer.managedCertificates.deletecontainer.managedCertificates.getcontainer.managedCertificates.listcontainer.managedCertificates.updatecontainer.mutatingWebhookConfigurations.get
container.mutatingWebhookConfigurations.list
container.namespaces.*
container.namespaces.createcontainer.namespaces.deletecontainer.namespaces.finalizecontainer.namespaces.getcontainer.namespaces.getStatuscontainer.namespaces.listcontainer.namespaces.updatecontainer.namespaces.updateStatuscontainer.networkPolicies.*
container.networkPolicies.createcontainer.networkPolicies.deletecontainer.networkPolicies.getcontainer.networkPolicies.listcontainer.networkPolicies.updatecontainer.nodes.*
container.nodes.createcontainer.nodes.deletecontainer.nodes.getcontainer.nodes.getStatuscontainer.nodes.listcontainer.nodes.proxycontainer.nodes.updatecontainer.nodes.updateStatuscontainer.persistentVolumeClaims.*
container.persistentVolumeClaims.createcontainer.persistentVolumeClaims.deletecontainer.persistentVolumeClaims.getcontainer.persistentVolumeClaims.getStatuscontainer.persistentVolumeClaims.listcontainer.persistentVolumeClaims.updatecontainer.persistentVolumeClaims.updateStatuscontainer.persistentVolumes.*
container.persistentVolumes.createcontainer.persistentVolumes.deletecontainer.persistentVolumes.getcontainer.persistentVolumes.getStatuscontainer.persistentVolumes.listcontainer.persistentVolumes.updatecontainer.persistentVolumes.updateStatuscontainer.petSets.*
container.petSets.createcontainer.petSets.deletecontainer.petSets.getcontainer.petSets.listcontainer.petSets.updatecontainer.petSets.updateStatuscontainer.podDisruptionBudgets.*
container.podDisruptionBudgets.createcontainer.podDisruptionBudgets.deletecontainer.podDisruptionBudgets.getcontainer.podDisruptionBudgets.getStatuscontainer.podDisruptionBudgets.listcontainer.podDisruptionBudgets.updatecontainer.podDisruptionBudgets.updateStatuscontainer.podPresets.*
container.podPresets.createcontainer.podPresets.deletecontainer.podPresets.getcontainer.podPresets.listcontainer.podPresets.updatecontainer.podSecurityPolicies.get
container.podSecurityPolicies.list
container.podTemplates.*
container.podTemplates.createcontainer.podTemplates.deletecontainer.podTemplates.getcontainer.podTemplates.listcontainer.podTemplates.updatecontainer.pods.*
container.pods.attachcontainer.pods.createcontainer.pods.deletecontainer.pods.evictcontainer.pods.execcontainer.pods.getcontainer.pods.getLogscontainer.pods.getStatuscontainer.pods.initializecontainer.pods.listcontainer.pods.portForwardcontainer.pods.proxycontainer.pods.updatecontainer.pods.updateStatuscontainer.priorityClasses.*
container.priorityClasses.createcontainer.priorityClasses.deletecontainer.priorityClasses.getcontainer.priorityClasses.listcontainer.priorityClasses.updatecontainer.replicaSets.*
container.replicaSets.createcontainer.replicaSets.deletecontainer.replicaSets.getcontainer.replicaSets.getScalecontainer.replicaSets.getStatuscontainer.replicaSets.listcontainer.replicaSets.updatecontainer.replicaSets.updateScalecontainer.replicaSets.updateStatuscontainer.replicationControllers.*
container.replicationControllers.createcontainer.replicationControllers.deletecontainer.replicationControllers.getcontainer.replicationControllers.getScalecontainer.replicationControllers.getStatuscontainer.replicationControllers.listcontainer.replicationControllers.updatecontainer.replicationControllers.updateScalecontainer.replicationControllers.updateStatuscontainer.resourceQuotas.*
container.resourceQuotas.createcontainer.resourceQuotas.deletecontainer.resourceQuotas.getcontainer.resourceQuotas.getStatuscontainer.resourceQuotas.listcontainer.resourceQuotas.updatecontainer.resourceQuotas.updateStatuscontainer.roleBindings.get
container.roleBindings.list
container.roles.get
container.roles.list
container.runtimeClasses.*
container.runtimeClasses.createcontainer.runtimeClasses.deletecontainer.runtimeClasses.getcontainer.runtimeClasses.listcontainer.runtimeClasses.updatecontainer.scheduledJobs.*
container.scheduledJobs.createcontainer.scheduledJobs.deletecontainer.scheduledJobs.getcontainer.scheduledJobs.listcontainer.scheduledJobs.updatecontainer.scheduledJobs.updateStatuscontainer.secrets.*
container.secrets.createcontainer.secrets.deletecontainer.secrets.getcontainer.secrets.listcontainer.secrets.updatecontainer.selfSubjectAccessReviews.*
container.selfSubjectAccessReviews.createcontainer.selfSubjectAccessReviews.listcontainer.selfSubjectRulesReviews.create
container.serviceAccounts.*
container.serviceAccounts.createcontainer.serviceAccounts.createTokencontainer.serviceAccounts.deletecontainer.serviceAccounts.getcontainer.serviceAccounts.listcontainer.serviceAccounts.updatecontainer.services.*
container.services.createcontainer.services.deletecontainer.services.getcontainer.services.getStatuscontainer.services.listcontainer.services.proxycontainer.services.updatecontainer.services.updateStatuscontainer.statefulSets.*
container.statefulSets.createcontainer.statefulSets.deletecontainer.statefulSets.getcontainer.statefulSets.getScalecontainer.statefulSets.getStatuscontainer.statefulSets.listcontainer.statefulSets.updatecontainer.statefulSets.updateScalecontainer.statefulSets.updateStatuscontainer.storageClasses.*
container.storageClasses.createcontainer.storageClasses.deletecontainer.storageClasses.getcontainer.storageClasses.listcontainer.storageClasses.updatecontainer.storageStates.*
container.storageStates.createcontainer.storageStates.deletecontainer.storageStates.getcontainer.storageStates.getStatuscontainer.storageStates.listcontainer.storageStates.updatecontainer.storageStates.updateStatuscontainer.storageVersionMigrations.*
container.storageVersionMigrations.createcontainer.storageVersionMigrations.deletecontainer.storageVersionMigrations.getcontainer.storageVersionMigrations.getStatuscontainer.storageVersionMigrations.listcontainer.storageVersionMigrations.updatecontainer.storageVersionMigrations.updateStatuscontainer.subjectAccessReviews.*
container.subjectAccessReviews.createcontainer.subjectAccessReviews.listcontainer.thirdPartyObjects.*
container.thirdPartyObjects.createcontainer.thirdPartyObjects.deletecontainer.thirdPartyObjects.getcontainer.thirdPartyObjects.listcontainer.thirdPartyObjects.updatecontainer.thirdPartyResources.*
container.thirdPartyResources.createcontainer.thirdPartyResources.deletecontainer.thirdPartyResources.getcontainer.thirdPartyResources.listcontainer.thirdPartyResources.updatecontainer.tokenReviews.create
container.updateInfos.*
container.updateInfos.createcontainer.updateInfos.deletecontainer.updateInfos.getcontainer.updateInfos.listcontainer.updateInfos.updatecontainer.validatingWebhookConfigurations.get
container.validatingWebhookConfigurations.list
container.volumeAttachments.*
container.volumeAttachments.createcontainer.volumeAttachments.deletecontainer.volumeAttachments.getcontainer.volumeAttachments.getStatuscontainer.volumeAttachments.listcontainer.volumeAttachments.updatecontainer.volumeAttachments.updateStatuscontainer.volumeSnapshotClasses.*
container.volumeSnapshotClasses.createcontainer.volumeSnapshotClasses.deletecontainer.volumeSnapshotClasses.getcontainer.volumeSnapshotClasses.listcontainer.volumeSnapshotClasses.updatecontainer.volumeSnapshotContents.*
container.volumeSnapshotContents.createcontainer.volumeSnapshotContents.deletecontainer.volumeSnapshotContents.getcontainer.volumeSnapshotContents.getStatuscontainer.volumeSnapshotContents.listcontainer.volumeSnapshotContents.updatecontainer.volumeSnapshotContents.updateStatuscontainer.volumeSnapshots.*
container.volumeSnapshots.createcontainer.volumeSnapshots.deletecontainer.volumeSnapshots.getcontainer.volumeSnapshots.getStatuscontainer.volumeSnapshots.listcontainer.volumeSnapshots.updatecontainer.volumeSnapshots.updateStatusrecommender.containerDiagnosisInsights.*
recommender.containerDiagnosisInsights.getrecommender.containerDiagnosisInsights.listrecommender.containerDiagnosisInsights.updaterecommender.containerDiagnosisRecommendations.*
recommender.containerDiagnosisRecommendations.getrecommender.containerDiagnosisRecommendations.listrecommender.containerDiagnosisRecommendations.updaterecommender.locations.*
recommender.locations.getrecommender.locations.listrecommender.networkAnalyzerGkeConnectivityInsights.*
recommender.networkAnalyzerGkeConnectivityInsights.getrecommender.networkAnalyzerGkeConnectivityInsights.listrecommender.networkAnalyzerGkeConnectivityInsights.updaterecommender.networkAnalyzerGkeIpAddressInsights.*
recommender.networkAnalyzerGkeIpAddressInsights.getrecommender.networkAnalyzerGkeIpAddressInsights.listrecommender.networkAnalyzerGkeIpAddressInsights.updateresourcemanager.projects.get
resourcemanager.projects.list
(roles/container.hostServiceAgentUser)
Allows the Kubernetes Engine service account in the host project to configure shared network resources for cluster management. Also gives access to inspect the firewall rules in the host project.
compute.firewalls.get
compute.networks.get
container.hostServiceAgent.use
dns.networks.bindDNSResponsePolicy
dns.networks.bindPrivateDNSPolicy
dns.networks.bindPrivateDNSZone
dns.responsePolicies.*
dns.responsePolicies.createdns.responsePolicies.deletedns.responsePolicies.getdns.responsePolicies.listdns.responsePolicies.updatedns.responsePolicyRules.*
dns.responsePolicyRules.createdns.responsePolicyRules.deletedns.responsePolicyRules.getdns.responsePolicyRules.listdns.responsePolicyRules.update(roles/container.nodeServiceAgent)
Minimal set of permission required by a GKE node to support standard capabilities such as logging and monitoring export, and image pulls.
Warning: Do not grant service agent roles to any principals except service agents.autoscaling.sites.writeMetrics
logging.logEntries.create
monitoring.metricDescriptors.create
monitoring.metricDescriptors.list
monitoring.timeSeries.*
monitoring.timeSeries.createmonitoring.timeSeries.listresourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.use
storage.objects.get
storage.objects.list
(roles/container.serviceAgent)
Gives Kubernetes Engine account access to manage cluster resources. Includes access to service accounts.
Warning: Do not grant service agent roles to any principals except service agents.autoscaling.sites.readRecommendations
autoscaling.sites.writeMetrics
autoscaling.sites.writeState
backupdr.backupPlanAssociations.createForComputeDisk
backupdr.backupPlanAssociations.createForComputeInstance
backupdr.backupPlanAssociations.deleteForComputeDisk
backupdr.backupPlanAssociations.deleteForComputeInstance
backupdr.backupPlanAssociations.getForComputeDisk
backupdr.backupPlanAssociations.list
backupdr.backupPlanAssociations.triggerBackupForComputeDisk
backupdr.backupPlanAssociations.triggerBackupForComputeInstance
backupdr.backupPlanAssociations.updateForComputeDisk
backupdr.backupPlanAssociations.updateForComputeInstance
backupdr.backupPlans.get
backupdr.backupPlans.list
backupdr.backupPlans.useForComputeDisk
backupdr.backupPlans.useForComputeInstance
backupdr.backupVaults.get
backupdr.backupVaults.list
backupdr.locations.list
backupdr.operations.get
backupdr.operations.list
backupdr.serviceConfig.initialize
bigquery.datasets.create
bigquery.datasets.get
bigquery.tables.create
bigquery.tables.get
bigquery.tables.update
bigquery.tables.updateData
binaryauthorization.policy.evaluatePolicy
certificatemanager.certissuanceconfigs.create
certificatemanager.certissuanceconfigs.delete
certificatemanager.certissuanceconfigs.get
certificatemanager.certissuanceconfigs.list
certificatemanager.certissuanceconfigs.listEffectiveTags
certificatemanager.certissuanceconfigs.listTagBindings
certificatemanager.certissuanceconfigs.update
certificatemanager.certissuanceconfigs.use
certificatemanager.certmapentries.create
certificatemanager.certmapentries.delete
certificatemanager.certmapentries.get
certificatemanager.certmapentries.list
certificatemanager.certmapentries.listEffectiveTags
certificatemanager.certmapentries.listTagBindings
certificatemanager.certmapentries.update
certificatemanager.certmaps.create
certificatemanager.certmaps.delete
certificatemanager.certmaps.get
certificatemanager.certmaps.list
certificatemanager.certmaps.listEffectiveTags
certificatemanager.certmaps.listTagBindings
certificatemanager.certmaps.update
certificatemanager.certmaps.use
certificatemanager.certs.create
certificatemanager.certs.delete
certificatemanager.certs.get
certificatemanager.certs.list
certificatemanager.certs.listEffectiveTags
certificatemanager.certs.listTagBindings
certificatemanager.certs.update
certificatemanager.certs.use
certificatemanager.dnsauthorizations.create
certificatemanager.dnsauthorizations.delete
certificatemanager.dnsauthorizations.get
certificatemanager.dnsauthorizations.list
certificatemanager.dnsauthorizations.listEffectiveTags
certificatemanager.dnsauthorizations.listTagBindings
certificatemanager.dnsauthorizations.update
certificatemanager.dnsauthorizations.use
compute.acceleratorTypes.*
compute.acceleratorTypes.getcompute.acceleratorTypes.listcompute.addresses.*
compute.addresses.createcompute.addresses.createInternalcompute.addresses.createTagBindingcompute.addresses.deletecompute.addresses.deleteInternalcompute.addresses.deleteTagBindingcompute.addresses.getcompute.addresses.listcompute.addresses.listEffectiveTagscompute.addresses.listTagBindingscompute.addresses.setLabelscompute.addresses.usecompute.addresses.useInternalcompute.autoscalers.*
compute.autoscalers.createcompute.autoscalers.deletecompute.autoscalers.getcompute.autoscalers.listcompute.autoscalers.updatecompute.backendBuckets.*
compute.backendBuckets.addSignedUrlKeycompute.backendBuckets.createcompute.backendBuckets.createTagBindingcompute.backendBuckets.deletecompute.backendBuckets.deleteSignedUrlKeycompute.backendBuckets.deleteTagBindingcompute.backendBuckets.getcompute.backendBuckets.getIamPolicycompute.backendBuckets.listcompute.backendBuckets.listEffectiveTagscompute.backendBuckets.listTagBindingscompute.backendBuckets.setIamPolicycompute.backendBuckets.setSecurityPolicycompute.backendBuckets.updatecompute.backendBuckets.usecompute.backendServices.*
compute.backendServices.addSignedUrlKeycompute.backendServices.createcompute.backendServices.createTagBindingcompute.backendServices.deletecompute.backendServices.deleteSignedUrlKeycompute.backendServices.deleteTagBindingcompute.backendServices.getcompute.backendServices.getIamPolicycompute.backendServices.listcompute.backendServices.listEffectiveTagscompute.backendServices.listTagBindingscompute.backendServices.setIamPolicycompute.backendServices.setSecurityPolicycompute.backendServices.updatecompute.backendServices.usecompute.crossSiteNetworks.*
compute.crossSiteNetworks.createcompute.crossSiteNetworks.deletecompute.crossSiteNetworks.getcompute.crossSiteNetworks.listcompute.crossSiteNetworks.updatecompute.diskSettings.*
compute.diskSettings.getcompute.diskSettings.updatecompute.diskTypes.*
compute.diskTypes.getcompute.diskTypes.listcompute.disks.*
compute.disks.addResourcePoliciescompute.disks.createcompute.disks.createSnapshotcompute.disks.createTagBindingcompute.disks.deletecompute.disks.deleteTagBindingcompute.disks.getcompute.disks.getIamPolicycompute.disks.listcompute.disks.listEffectiveTagscompute.disks.listTagBindingscompute.disks.removeResourcePoliciescompute.disks.resizecompute.disks.setIamPolicycompute.disks.setLabelscompute.disks.startAsyncReplicationcompute.disks.stopAsyncReplicationcompute.disks.stopGroupAsyncReplicationcompute.disks.updatecompute.disks.usecompute.disks.useReadOnlycompute.externalVpnGateways.*
compute.externalVpnGateways.createcompute.externalVpnGateways.createTagBindingcompute.externalVpnGateways.deletecompute.externalVpnGateways.deleteTagBindingcompute.externalVpnGateways.getcompute.externalVpnGateways.listcompute.externalVpnGateways.listEffectiveTagscompute.externalVpnGateways.listTagBindingscompute.externalVpnGateways.setLabelscompute.externalVpnGateways.usecompute.firewallPolicies.*
compute.firewallPolicies.cloneRulescompute.firewallPolicies.copyRulescompute.firewallPolicies.createcompute.firewallPolicies.createTagBindingcompute.firewallPolicies.deletecompute.firewallPolicies.deleteTagBindingcompute.firewallPolicies.getcompute.firewallPolicies.getIamPolicycompute.firewallPolicies.listcompute.firewallPolicies.listEffectiveTagscompute.firewallPolicies.listTagBindingscompute.firewallPolicies.movecompute.firewallPolicies.setIamPolicycompute.firewallPolicies.updatecompute.firewallPolicies.usecompute.firewalls.*
compute.firewalls.createcompute.firewalls.createTagBindingcompute.firewalls.deletecompute.firewalls.deleteTagBindingcompute.firewalls.getcompute.firewalls.listcompute.firewalls.listEffectiveTagscompute.firewalls.listTagBindingscompute.firewalls.updatecompute.forwardingRules.*
compute.forwardingRules.createcompute.forwardingRules.createTagBindingcompute.forwardingRules.deletecompute.forwardingRules.deleteTagBindingcompute.forwardingRules.getcompute.forwardingRules.listcompute.forwardingRules.listEffectiveTagscompute.forwardingRules.listTagBindingscompute.forwardingRules.pscCreatecompute.forwardingRules.pscDeletecompute.forwardingRules.pscSetLabelscompute.forwardingRules.pscUpdatecompute.forwardingRules.setLabelscompute.forwardingRules.setTargetcompute.forwardingRules.updatecompute.forwardingRules.usecompute.futureReservations.list
compute.globalAddresses.*
compute.globalAddresses.createcompute.globalAddresses.createInternalcompute.globalAddresses.createTagBindingcompute.globalAddresses.deletecompute.globalAddresses.deleteInternalcompute.globalAddresses.deleteTagBindingcompute.globalAddresses.getcompute.globalAddresses.listcompute.globalAddresses.listEffectiveTagscompute.globalAddresses.listTagBindingscompute.globalAddresses.setLabelscompute.globalAddresses.usecompute.globalForwardingRules.*
compute.globalForwardingRules.createcompute.globalForwardingRules.createTagBindingcompute.globalForwardingRules.deletecompute.globalForwardingRules.deleteTagBindingcompute.globalForwardingRules.getcompute.globalForwardingRules.listcompute.globalForwardingRules.listEffectiveTagscompute.globalForwardingRules.listTagBindingscompute.globalForwardingRules.pscCreatecompute.globalForwardingRules.pscDeletecompute.globalForwardingRules.pscSetLabelscompute.globalForwardingRules.pscUpdatecompute.globalForwardingRules.setLabelscompute.globalForwardingRules.setTargetcompute.globalForwardingRules.updatecompute.globalNetworkEndpointGroups.*
compute.globalNetworkEndpointGroups.attachNetworkEndpointscompute.globalNetworkEndpointGroups.createcompute.globalNetworkEndpointGroups.createTagBindingcompute.globalNetworkEndpointGroups.deletecompute.globalNetworkEndpointGroups.deleteTagBindingcompute.globalNetworkEndpointGroups.detachNetworkEndpointscompute.globalNetworkEndpointGroups.getcompute.globalNetworkEndpointGroups.listcompute.globalNetworkEndpointGroups.listEffectiveTagscompute.globalNetworkEndpointGroups.listTagBindingscompute.globalNetworkEndpointGroups.usecompute.globalOperations.get
compute.globalOperations.list
compute.globalPublicDelegatedPrefixes.delete
compute.globalPublicDelegatedPrefixes.get
compute.globalPublicDelegatedPrefixes.list
compute.globalPublicDelegatedPrefixes.updatePolicy
compute.healthChecks.*
compute.healthChecks.createcompute.healthChecks.createTagBindingcompute.healthChecks.deletecompute.healthChecks.deleteTagBindingcompute.healthChecks.getcompute.healthChecks.listcompute.healthChecks.listEffectiveTagscompute.healthChecks.listTagBindingscompute.healthChecks.updatecompute.healthChecks.usecompute.healthChecks.useReadOnlycompute.httpHealthChecks.*
compute.httpHealthChecks.createcompute.httpHealthChecks.createTagBindingcompute.httpHealthChecks.deletecompute.httpHealthChecks.deleteTagBindingcompute.httpHealthChecks.getcompute.httpHealthChecks.listcompute.httpHealthChecks.listEffectiveTagscompute.httpHealthChecks.listTagBindingscompute.httpHealthChecks.updatecompute.httpHealthChecks.usecompute.httpHealthChecks.useReadOnlycompute.httpsHealthChecks.*
compute.httpsHealthChecks.createcompute.httpsHealthChecks.createTagBindingcompute.httpsHealthChecks.deletecompute.httpsHealthChecks.deleteTagBindingcompute.httpsHealthChecks.getcompute.httpsHealthChecks.listcompute.httpsHealthChecks.listEffectiveTagscompute.httpsHealthChecks.listTagBindingscompute.httpsHealthChecks.updatecompute.httpsHealthChecks.usecompute.httpsHealthChecks.useReadOnlycompute.images.*
compute.images.createcompute.images.createTagBindingcompute.images.deletecompute.images.deleteTagBindingcompute.images.deprecatecompute.images.getcompute.images.getFromFamilycompute.images.getIamPolicycompute.images.listcompute.images.listEffectiveTagscompute.images.listTagBindingscompute.images.setIamPolicycompute.images.setLabelscompute.images.updatecompute.images.useReadOnlycompute.instanceGroupManagers.*
compute.instanceGroupManagers.createcompute.instanceGroupManagers.createTagBindingcompute.instanceGroupManagers.deletecompute.instanceGroupManagers.deleteTagBindingcompute.instanceGroupManagers.getcompute.instanceGroupManagers.listcompute.instanceGroupManagers.listEffectiveTagscompute.instanceGroupManagers.listTagBindingscompute.instanceGroupManagers.updatecompute.instanceGroupManagers.usecompute.instanceGroups.*
compute.instanceGroups.createcompute.instanceGroups.createTagBindingcompute.instanceGroups.deletecompute.instanceGroups.deleteTagBindingcompute.instanceGroups.getcompute.instanceGroups.listcompute.instanceGroups.listEffectiveTagscompute.instanceGroups.listTagBindingscompute.instanceGroups.updatecompute.instanceGroups.usecompute.instanceSettings.*
compute.instanceSettings.getcompute.instanceSettings.updatecompute.instanceTemplates.*
compute.instanceTemplates.createcompute.instanceTemplates.deletecompute.instanceTemplates.getcompute.instanceTemplates.getIamPolicycompute.instanceTemplates.listcompute.instanceTemplates.setIamPolicycompute.instanceTemplates.useReadOnlycompute.instances.*
compute.instances.addAccessConfigcompute.instances.addNetworkInterfacecompute.instances.addResourcePoliciescompute.instances.attachDiskcompute.instances.createcompute.instances.createTagBindingcompute.instances.deletecompute.instances.deleteAccessConfigcompute.instances.deleteNetworkInterfacecompute.instances.deleteTagBindingcompute.instances.detachDiskcompute.instances.getcompute.instances.getEffectiveFirewallscompute.instances.getGuestAttributescompute.instances.getIamPolicycompute.instances.getScreenshotcompute.instances.getSerialPortOutputcompute.instances.getShieldedInstanceIdentitycompute.instances.getShieldedVmIdentitycompute.instances.listcompute.instances.listEffectiveTagscompute.instances.listReferrerscompute.instances.listTagBindingscompute.instances.osAdminLogincompute.instances.osLogincompute.instances.pscInterfaceCreatecompute.instances.removeResourcePoliciescompute.instances.resetcompute.instances.resumecompute.instances.sendDiagnosticInterruptcompute.instances.setDeletionProtectioncompute.instances.setDiskAutoDeletecompute.instances.setIamPolicycompute.instances.setLabelscompute.instances.setMachineResourcescompute.instances.setMachineTypecompute.instances.setMetadatacompute.instances.setMinCpuPlatformcompute.instances.setNamecompute.instances.setSchedulingcompute.instances.setSecurityPolicycompute.instances.setServiceAccountcompute.instances.setShieldedInstanceIntegrityPolicycompute.instances.setShieldedVmIntegrityPolicycompute.instances.setTagscompute.instances.simulateMaintenanceEventcompute.instances.startcompute.instances.startWithEncryptionKeycompute.instances.stopcompute.instances.suspendcompute.instances.updatecompute.instances.updateAccessConfigcompute.instances.updateDisplayDevicecompute.instances.updateNetworkInterfacecompute.instances.updateSecuritycompute.instances.updateShieldedInstanceConfigcompute.instances.updateShieldedVmConfigcompute.instances.usecompute.instances.useReadOnlycompute.instantSnapshots.*
compute.instantSnapshots.createcompute.instantSnapshots.deletecompute.instantSnapshots.exportcompute.instantSnapshots.getcompute.instantSnapshots.getIamPolicycompute.instantSnapshots.listcompute.instantSnapshots.setIamPolicycompute.instantSnapshots.setLabelscompute.instantSnapshots.useReadOnlycompute.interconnectAttachmentGroups.*
compute.interconnectAttachmentGroups.createcompute.interconnectAttachmentGroups.deletecompute.interconnectAttachmentGroups.getcompute.interconnectAttachmentGroups.listcompute.interconnectAttachmentGroups.patchcompute.interconnectAttachments.*
compute.interconnectAttachments.createcompute.interconnectAttachments.createTagBindingcompute.interconnectAttachments.deletecompute.interconnectAttachments.deleteTagBindingcompute.interconnectAttachments.getcompute.interconnectAttachments.listcompute.interconnectAttachments.listEffectiveTagscompute.interconnectAttachments.listTagBindingscompute.interconnectAttachments.setLabelscompute.interconnectAttachments.updatecompute.interconnectAttachments.usecompute.interconnectGroups.*
compute.interconnectGroups.createcompute.interconnectGroups.deletecompute.interconnectGroups.getcompute.interconnectGroups.listcompute.interconnectGroups.patchcompute.interconnectLocations.*
compute.interconnectLocations.getcompute.interconnectLocations.listcompute.interconnectRemoteLocations.*
compute.interconnectRemoteLocations.getcompute.interconnectRemoteLocations.listcompute.interconnects.*
compute.interconnects.createcompute.interconnects.createTagBindingcompute.interconnects.deletecompute.interconnects.deleteTagBindingcompute.interconnects.getcompute.interconnects.getMacsecConfigcompute.interconnects.listcompute.interconnects.listEffectiveTagscompute.interconnects.listTagBindingscompute.interconnects.setLabelscompute.interconnects.updatecompute.interconnects.usecompute.licenseCodes.*
compute.licenseCodes.getcompute.licenseCodes.getIamPolicycompute.licenseCodes.listcompute.licenseCodes.setIamPolicycompute.licenseCodes.updatecompute.licenses.*
compute.licenses.createcompute.licenses.deletecompute.licenses.getcompute.licenses.getIamPolicycompute.licenses.listcompute.licenses.setIamPolicycompute.licenses.updatecompute.machineImages.*
compute.machineImages.createcompute.machineImages.deletecompute.machineImages.getcompute.machineImages.getIamPolicycompute.machineImages.listcompute.machineImages.setIamPolicycompute.machineImages.setLabelscompute.machineImages.useReadOnlycompute.machineTypes.*
compute.machineTypes.getcompute.machineTypes.listcompute.multiMig.*
compute.multiMig.createcompute.multiMig.deletecompute.multiMig.getcompute.multiMig.listcompute.networkAttachments.*
compute.networkAttachments.createcompute.networkAttachments.createTagBindingcompute.networkAttachments.deletecompute.networkAttachments.deleteTagBindingcompute.networkAttachments.getcompute.networkAttachments.getIamPolicycompute.networkAttachments.listcompute.networkAttachments.listEffectiveTagscompute.networkAttachments.listTagBindingscompute.networkAttachments.setIamPolicycompute.networkAttachments.updatecompute.networkAttachments.usecompute.networkEndpointGroups.*
compute.networkEndpointGroups.attachNetworkEndpointscompute.networkEndpointGroups.createcompute.networkEndpointGroups.createTagBindingcompute.networkEndpointGroups.deletecompute.networkEndpointGroups.deleteTagBindingcompute.networkEndpointGroups.detachNetworkEndpointscompute.networkEndpointGroups.getcompute.networkEndpointGroups.listcompute.networkEndpointGroups.listEffectiveTagscompute.networkEndpointGroups.listTagBindingscompute.networkEndpointGroups.usecompute.networkProfiles.*
compute.networkProfiles.getcompute.networkProfiles.listcompute.networks.*
compute.networks.accesscompute.networks.addPeeringcompute.networks.createcompute.networks.createTagBindingcompute.networks.deletecompute.networks.deleteTagBindingcompute.networks.getcompute.networks.getEffectiveFirewallscompute.networks.getRegionEffectiveFirewallscompute.networks.listcompute.networks.listEffectiveTagscompute.networks.listPeeringRoutescompute.networks.listTagBindingscompute.networks.mirrorcompute.networks.removePeeringcompute.networks.setFirewallPolicycompute.networks.switchToCustomModecompute.networks.updatecompute.networks.updatePeeringcompute.networks.updatePolicycompute.networks.usecompute.networks.useExternalIpcompute.nodeGroups.get
compute.packetMirrorings.*
compute.packetMirrorings.createcompute.packetMirrorings.createTagBindingcompute.packetMirrorings.deletecompute.packetMirrorings.deleteTagBindingcompute.packetMirrorings.getcompute.packetMirrorings.listcompute.packetMirrorings.listEffectiveTagscompute.packetMirrorings.listTagBindingscompute.packetMirrorings.updatecompute.projects.get
compute.projects.setCommonInstanceMetadata
compute.publicDelegatedPrefixes.delete
compute.publicDelegatedPrefixes.get
compute.publicDelegatedPrefixes.list
compute.publicDelegatedPrefixes.listEffectiveTags
compute.publicDelegatedPrefixes.listTagBindings
compute.publicDelegatedPrefixes.update
compute.publicDelegatedPrefixes.updatePolicy
compute.regionBackendServices.*
compute.regionBackendServices.createcompute.regionBackendServices.createTagBindingcompute.regionBackendServices.deletecompute.regionBackendServices.deleteTagBindingcompute.regionBackendServices.getcompute.regionBackendServices.getIamPolicycompute.regionBackendServices.listcompute.regionBackendServices.listEffectiveTagscompute.regionBackendServices.listTagBindingscompute.regionBackendServices.setIamPolicycompute.regionBackendServices.setSecurityPolicycompute.regionBackendServices.updatecompute.regionBackendServices.usecompute.regionFirewallPolicies.*
compute.regionFirewallPolicies.cloneRulescompute.regionFirewallPolicies.createcompute.regionFirewallPolicies.createTagBindingcompute.regionFirewallPolicies.deletecompute.regionFirewallPolicies.deleteTagBindingcompute.regionFirewallPolicies.getcompute.regionFirewallPolicies.getIamPolicycompute.regionFirewallPolicies.listcompute.regionFirewallPolicies.listEffectiveTagscompute.regionFirewallPolicies.listTagBindingscompute.regionFirewallPolicies.setIamPolicycompute.regionFirewallPolicies.updatecompute.regionFirewallPolicies.usecompute.regionHealthCheckServices.*
compute.regionHealthCheckServices.createcompute.regionHealthCheckServices.deletecompute.regionHealthCheckServices.getcompute.regionHealthCheckServices.listcompute.regionHealthCheckServices.updatecompute.regionHealthCheckServices.usecompute.regionHealthChecks.*
compute.regionHealthChecks.createcompute.regionHealthChecks.createTagBindingcompute.regionHealthChecks.deletecompute.regionHealthChecks.deleteTagBindingcompute.regionHealthChecks.getcompute.regionHealthChecks.listcompute.regionHealthChecks.listEffectiveTagscompute.regionHealthChecks.listTagBindingscompute.regionHealthChecks.updatecompute.regionHealthChecks.usecompute.regionHealthChecks.useReadOnlycompute.regionNetworkEndpointGroups.*
compute.regionNetworkEndpointGroups.attachNetworkEndpointscompute.regionNetworkEndpointGroups.createcompute.regionNetworkEndpointGroups.createTagBindingcompute.regionNetworkEndpointGroups.deletecompute.regionNetworkEndpointGroups.deleteTagBindingcompute.regionNetworkEndpointGroups.detachNetworkEndpointscompute.regionNetworkEndpointGroups.getcompute.regionNetworkEndpointGroups.listcompute.regionNetworkEndpointGroups.listEffectiveTagscompute.regionNetworkEndpointGroups.listTagBindingscompute.regionNetworkEndpointGroups.usecompute.regionNotificationEndpoints.*
compute.regionNotificationEndpoints.createcompute.regionNotificationEndpoints.deletecompute.regionNotificationEndpoints.getcompute.regionNotificationEndpoints.listcompute.regionNotificationEndpoints.updatecompute.regionNotificationEndpoints.usecompute.regionOperations.get
compute.regionOperations.list
compute.regionSecurityPolicies.*
compute.regionSecurityPolicies.createcompute.regionSecurityPolicies.createTagBindingcompute.regionSecurityPolicies.deletecompute.regionSecurityPolicies.deleteTagBindingcompute.regionSecurityPolicies.getcompute.regionSecurityPolicies.listcompute.regionSecurityPolicies.listEffectiveTagscompute.regionSecurityPolicies.listTagBindingscompute.regionSecurityPolicies.updatecompute.regionSecurityPolicies.usecompute.regionSslCertificates.*
compute.regionSslCertificates.createcompute.regionSslCertificates.createTagBindingcompute.regionSslCertificates.deletecompute.regionSslCertificates.deleteTagBindingcompute.regionSslCertificates.getcompute.regionSslCertificates.listcompute.regionSslCertificates.listEffectiveTagscompute.regionSslCertificates.listTagBindingscompute.regionSslPolicies.*
compute.regionSslPolicies.createcompute.regionSslPolicies.createTagBindingcompute.regionSslPolicies.deletecompute.regionSslPolicies.deleteTagBindingcompute.regionSslPolicies.getcompute.regionSslPolicies.listcompute.regionSslPolicies.listAvailableFeaturescompute.regionSslPolicies.listEffectiveTagscompute.regionSslPolicies.listTagBindingscompute.regionSslPolicies.updatecompute.regionSslPolicies.usecompute.regionTargetHttpProxies.*
compute.regionTargetHttpProxies.createcompute.regionTargetHttpProxies.createTagBindingcompute.regionTargetHttpProxies.deletecompute.regionTargetHttpProxies.deleteTagBindingcompute.regionTargetHttpProxies.getcompute.regionTargetHttpProxies.listcompute.regionTargetHttpProxies.listEffectiveTagscompute.regionTargetHttpProxies.listTagBindingscompute.regionTargetHttpProxies.setUrlMapcompute.regionTargetHttpProxies.usecompute.regionTargetHttpsProxies.*
compute.regionTargetHttpsProxies.createcompute.regionTargetHttpsProxies.createTagBindingcompute.regionTargetHttpsProxies.deletecompute.regionTargetHttpsProxies.deleteTagBindingcompute.regionTargetHttpsProxies.getcompute.regionTargetHttpsProxies.listcompute.regionTargetHttpsProxies.listEffectiveTagscompute.regionTargetHttpsProxies.listTagBindingscompute.regionTargetHttpsProxies.setSslCertificatescompute.regionTargetHttpsProxies.setUrlMapcompute.regionTargetHttpsProxies.updatecompute.regionTargetHttpsProxies.usecompute.regionTargetTcpProxies.*
compute.regionTargetTcpProxies.createcompute.regionTargetTcpProxies.createTagBindingcompute.regionTargetTcpProxies.deletecompute.regionTargetTcpProxies.deleteTagBindingcompute.regionTargetTcpProxies.getcompute.regionTargetTcpProxies.listcompute.regionTargetTcpProxies.listEffectiveTagscompute.regionTargetTcpProxies.listTagBindingscompute.regionTargetTcpProxies.usecompute.regionUrlMaps.*
compute.regionUrlMaps.createcompute.regionUrlMaps.createTagBindingcompute.regionUrlMaps.deletecompute.regionUrlMaps.deleteTagBindingcompute.regionUrlMaps.getcompute.regionUrlMaps.invalidateCachecompute.regionUrlMaps.listcompute.regionUrlMaps.listEffectiveTagscompute.regionUrlMaps.listTagBindingscompute.regionUrlMaps.updatecompute.regionUrlMaps.usecompute.regionUrlMaps.validatecompute.regions.*
compute.regions.getcompute.regions.listcompute.reservationBlocks.get
compute.reservationBlocks.list
compute.reservationSubBlocks.*
compute.reservationSubBlocks.getcompute.reservationSubBlocks.listcompute.reservationSubBlocks.performMaintenancecompute.reservations.get
compute.reservations.list
compute.resourcePolicies.*
compute.resourcePolicies.createcompute.resourcePolicies.deletecompute.resourcePolicies.getcompute.resourcePolicies.getIamPolicycompute.resourcePolicies.listcompute.resourcePolicies.setIamPolicycompute.resourcePolicies.updatecompute.resourcePolicies.usecompute.resourcePolicies.useReadOnlycompute.routers.*
compute.routers.createcompute.routers.createTagBindingcompute.routers.deletecompute.routers.deleteRoutePolicycompute.routers.deleteTagBindingcompute.routers.getcompute.routers.getRoutePolicycompute.routers.listcompute.routers.listBgpRoutescompute.routers.listEffectiveTagscompute.routers.listRoutePoliciescompute.routers.listTagBindingscompute.routers.updatecompute.routers.updateRoutePolicycompute.routers.usecompute.routes.*
compute.routes.createcompute.routes.createTagBindingcompute.routes.deletecompute.routes.deleteTagBindingcompute.routes.getcompute.routes.listcompute.routes.listEffectiveTagscompute.routes.listTagBindingscompute.securityPolicies.*
compute.securityPolicies.addAssociationcompute.securityPolicies.copyRulescompute.securityPolicies.createcompute.securityPolicies.createTagBindingcompute.securityPolicies.deletecompute.securityPolicies.deleteTagBindingcompute.securityPolicies.getcompute.securityPolicies.listcompute.securityPolicies.listEffectiveTagscompute.securityPolicies.listTagBindingscompute.securityPolicies.movecompute.securityPolicies.removeAssociationcompute.securityPolicies.setLabelscompute.securityPolicies.updatecompute.securityPolicies.usecompute.serviceAttachments.*
compute.serviceAttachments.createcompute.serviceAttachments.createTagBindingcompute.serviceAttachments.deletecompute.serviceAttachments.deleteTagBindingcompute.serviceAttachments.getcompute.serviceAttachments.getIamPolicycompute.serviceAttachments.listcompute.serviceAttachments.listEffectiveTagscompute.serviceAttachments.listTagBindingscompute.serviceAttachments.setIamPolicycompute.serviceAttachments.updatecompute.serviceAttachments.usecompute.snapshots.*
compute.snapshots.createcompute.snapshots.createTagBindingcompute.snapshots.deletecompute.snapshots.deleteTagBindingcompute.snapshots.getcompute.snapshots.getIamPolicycompute.snapshots.listcompute.snapshots.listEffectiveTagscompute.snapshots.listTagBindingscompute.snapshots.setIamPolicycompute.snapshots.setLabelscompute.snapshots.useReadOnlycompute.spotAssistants.get
compute.sslCertificates.*
compute.sslCertificates.createcompute.sslCertificates.createTagBindingcompute.sslCertificates.deletecompute.sslCertificates.deleteTagBindingcompute.sslCertificates.getcompute.sslCertificates.listcompute.sslCertificates.listEffectiveTagscompute.sslCertificates.listTagBindingscompute.sslPolicies.*
compute.sslPolicies.createcompute.sslPolicies.createTagBindingcompute.sslPolicies.deletecompute.sslPolicies.deleteTagBindingcompute.sslPolicies.getcompute.sslPolicies.listcompute.sslPolicies.listAvailableFeaturescompute.sslPolicies.listEffectiveTagscompute.sslPolicies.listTagBindingscompute.sslPolicies.updatecompute.sslPolicies.usecompute.storagePools.*
compute.storagePools.createcompute.storagePools.deletecompute.storagePools.getcompute.storagePools.getIamPolicycompute.storagePools.listcompute.storagePools.setIamPolicycompute.storagePools.updatecompute.storagePools.usecompute.subnetworks.*
compute.subnetworks.createcompute.subnetworks.createTagBindingcompute.subnetworks.deletecompute.subnetworks.deleteTagBindingcompute.subnetworks.expandIpCidrRangecompute.subnetworks.getcompute.subnetworks.getIamPolicycompute.subnetworks.listcompute.subnetworks.listEffectiveTagscompute.subnetworks.listTagBindingscompute.subnetworks.mirrorcompute.subnetworks.setIamPolicycompute.subnetworks.setPrivateIpGoogleAccesscompute.subnetworks.updatecompute.subnetworks.usecompute.subnetworks.useExternalIpcompute.subnetworks.usePeerMigrationcompute.targetGrpcProxies.*
compute.targetGrpcProxies.createcompute.targetGrpcProxies.createTagBindingcompute.targetGrpcProxies.deletecompute.targetGrpcProxies.deleteTagBindingcompute.targetGrpcProxies.getcompute.targetGrpcProxies.listcompute.targetGrpcProxies.listEffectiveTagscompute.targetGrpcProxies.listTagBindingscompute.targetGrpcProxies.updatecompute.targetGrpcProxies.usecompute.targetHttpProxies.*
compute.targetHttpProxies.createcompute.targetHttpProxies.createTagBindingcompute.targetHttpProxies.deletecompute.targetHttpProxies.deleteTagBindingcompute.targetHttpProxies.getcompute.targetHttpProxies.listcompute.targetHttpProxies.listEffectiveTagscompute.targetHttpProxies.listTagBindingscompute.targetHttpProxies.setUrlMapcompute.targetHttpProxies.updatecompute.targetHttpProxies.usecompute.targetHttpsProxies.*
compute.targetHttpsProxies.createcompute.targetHttpsProxies.createTagBindingcompute.targetHttpsProxies.deletecompute.targetHttpsProxies.deleteTagBindingcompute.targetHttpsProxies.getcompute.targetHttpsProxies.listcompute.targetHttpsProxies.listEffectiveTagscompute.targetHttpsProxies.listTagBindingscompute.targetHttpsProxies.setCertificateMapcompute.targetHttpsProxies.setQuicOverridecompute.targetHttpsProxies.setSslCertificatescompute.targetHttpsProxies.setSslPolicycompute.targetHttpsProxies.setUrlMapcompute.targetHttpsProxies.updatecompute.targetHttpsProxies.usecompute.targetInstances.*
compute.targetInstances.createcompute.targetInstances.createTagBindingcompute.targetInstances.deletecompute.targetInstances.deleteTagBindingcompute.targetInstances.getcompute.targetInstances.listcompute.targetInstances.listEffectiveTagscompute.targetInstances.listTagBindingscompute.targetInstances.setSecurityPolicycompute.targetInstances.usecompute.targetPools.*
compute.targetPools.addHealthCheckcompute.targetPools.addInstancecompute.targetPools.createcompute.targetPools.createTagBindingcompute.targetPools.deletecompute.targetPools.deleteTagBindingcompute.targetPools.getcompute.targetPools.listcompute.targetPools.listEffectiveTagscompute.targetPools.listTagBindingscompute.targetPools.removeHealthCheckcompute.targetPools.removeInstancecompute.targetPools.setSecurityPolicycompute.targetPools.updatecompute.targetPools.usecompute.targetSslProxies.*
compute.targetSslProxies.createcompute.targetSslProxies.createTagBindingcompute.targetSslProxies.deletecompute.targetSslProxies.deleteTagBindingcompute.targetSslProxies.getcompute.targetSslProxies.listcompute.targetSslProxies.listEffectiveTagscompute.targetSslProxies.listTagBindingscompute.targetSslProxies.setBackendServicecompute.targetSslProxies.setCertificateMapcompute.targetSslProxies.setProxyHeadercompute.targetSslProxies.setSslCertificatescompute.targetSslProxies.setSslPolicycompute.targetSslProxies.updatecompute.targetSslProxies.usecompute.targetTcpProxies.*
compute.targetTcpProxies.createcompute.targetTcpProxies.createTagBindingcompute.targetTcpProxies.deletecompute.targetTcpProxies.deleteTagBindingcompute.targetTcpProxies.getcompute.targetTcpProxies.listcompute.targetTcpProxies.listEffectiveTagscompute.targetTcpProxies.listTagBindingscompute.targetTcpProxies.updatecompute.targetTcpProxies.usecompute.targetVpnGateways.*
compute.targetVpnGateways.createcompute.targetVpnGateways.createTagBindingcompute.targetVpnGateways.deletecompute.targetVpnGateways.deleteTagBindingcompute.targetVpnGateways.getcompute.targetVpnGateways.listcompute.targetVpnGateways.listEffectiveTagscompute.targetVpnGateways.listTagBindingscompute.targetVpnGateways.setLabelscompute.targetVpnGateways.usecompute.urlMaps.*
compute.urlMaps.createcompute.urlMaps.createTagBindingcompute.urlMaps.deletecompute.urlMaps.deleteTagBindingcompute.urlMaps.getcompute.urlMaps.invalidateCachecompute.urlMaps.listcompute.urlMaps.listEffectiveTagscompute.urlMaps.listTagBindingscompute.urlMaps.updatecompute.urlMaps.usecompute.urlMaps.validatecompute.vpnGateways.*
compute.vpnGateways.createcompute.vpnGateways.createTagBindingcompute.vpnGateways.deletecompute.vpnGateways.deleteTagBindingcompute.vpnGateways.getcompute.vpnGateways.listcompute.vpnGateways.listEffectiveTagscompute.vpnGateways.listTagBindingscompute.vpnGateways.setLabelscompute.vpnGateways.usecompute.vpnTunnels.*
compute.vpnTunnels.createcompute.vpnTunnels.createTagBindingcompute.vpnTunnels.deletecompute.vpnTunnels.deleteTagBindingcompute.vpnTunnels.getcompute.vpnTunnels.listcompute.vpnTunnels.listEffectiveTagscompute.vpnTunnels.listTagBindingscompute.vpnTunnels.setLabelscompute.wireGroups.*
compute.wireGroups.createcompute.wireGroups.deletecompute.wireGroups.getcompute.wireGroups.listcompute.wireGroups.updatecompute.zoneOperations.get
compute.zoneOperations.list
compute.zones.*
compute.zones.getcompute.zones.listcontainer.*
container.apiServices.createcontainer.apiServices.deletecontainer.apiServices.getcontainer.apiServices.getStatuscontainer.apiServices.listcontainer.apiServices.updatecontainer.apiServices.updateStatuscontainer.auditSinks.createcontainer.auditSinks.deletecontainer.auditSinks.getcontainer.auditSinks.listcontainer.auditSinks.updatecontainer.backendConfigs.createcontainer.backendConfigs.deletecontainer.backendConfigs.getcontainer.backendConfigs.listcontainer.backendConfigs.updatecontainer.bindings.createcontainer.bindings.deletecontainer.bindings.getcontainer.bindings.listcontainer.bindings.updatecontainer.certificateSigningRequests.approvecontainer.certificateSigningRequests.createcontainer.certificateSigningRequests.deletecontainer.certificateSigningRequests.getcontainer.certificateSigningRequests.getStatuscontainer.certificateSigningRequests.listcontainer.certificateSigningRequests.updatecontainer.certificateSigningRequests.updateStatuscontainer.clusterRoleBindings.createcontainer.clusterRoleBindings.deletecontainer.clusterRoleBindings.getcontainer.clusterRoleBindings.listcontainer.clusterRoleBindings.updatecontainer.clusterRoles.bindcontainer.clusterRoles.createcontainer.clusterRoles.deletecontainer.clusterRoles.escalatecontainer.clusterRoles.getcontainer.clusterRoles.listcontainer.clusterRoles.updatecontainer.clusters.connectcontainer.clusters.createcontainer.clusters.createTagBindingcontainer.clusters.deletecontainer.clusters.deleteTagBindingcontainer.clusters.getcontainer.clusters.getCredentialscontainer.clusters.impersonatecontainer.clusters.listcontainer.clusters.listEffectiveTagscontainer.clusters.listTagBindingscontainer.clusters.updatecontainer.componentStatuses.getcontainer.componentStatuses.listcontainer.configMaps.createcontainer.configMaps.deletecontainer.configMaps.getcontainer.configMaps.listcontainer.configMaps.updatecontainer.controllerRevisions.createcontainer.controllerRevisions.deletecontainer.controllerRevisions.getcontainer.controllerRevisions.listcontainer.controllerRevisions.updatecontainer.cronJobs.createcontainer.cronJobs.deletecontainer.cronJobs.getcontainer.cronJobs.getStatuscontainer.cronJobs.listcontainer.cronJobs.updatecontainer.cronJobs.updateStatuscontainer.csiDrivers.createcontainer.csiDrivers.deletecontainer.csiDrivers.getcontainer.csiDrivers.listcontainer.csiDrivers.updatecontainer.csiNodeInfos.createcontainer.csiNodeInfos.deletecontainer.csiNodeInfos.getcontainer.csiNodeInfos.listcontainer.csiNodeInfos.updatecontainer.csiNodes.createcontainer.csiNodes.deletecontainer.csiNodes.getcontainer.csiNodes.listcontainer.csiNodes.updatecontainer.customResourceDefinitions.createcontainer.customResourceDefinitions.deletecontainer.customResourceDefinitions.getcontainer.customResourceDefinitions.getStatuscontainer.customResourceDefinitions.listcontainer.customResourceDefinitions.updatecontainer.customResourceDefinitions.updateStatuscontainer.daemonSets.createcontainer.daemonSets.deletecontainer.daemonSets.getcontainer.daemonSets.getStatuscontainer.daemonSets.listcontainer.daemonSets.updatecontainer.daemonSets.updateStatuscontainer.deployments.createcontainer.deployments.deletecontainer.deployments.getcontainer.deployments.getScalecontainer.deployments.getStatuscontainer.deployments.listcontainer.deployments.rollbackcontainer.deployments.updatecontainer.deployments.updateScalecontainer.deployments.updateStatuscontainer.endpointSlices.createcontainer.endpointSlices.deletecontainer.endpointSlices.getcontainer.endpointSlices.listcontainer.endpointSlices.updatecontainer.endpoints.createcontainer.endpoints.deletecontainer.endpoints.getcontainer.endpoints.listcontainer.endpoints.updatecontainer.events.createcontainer.events.deletecontainer.events.getcontainer.events.listcontainer.events.updatecontainer.frontendConfigs.createcontainer.frontendConfigs.deletecontainer.frontendConfigs.getcontainer.frontendConfigs.listcontainer.frontendConfigs.updatecontainer.horizontalPodAutoscalers.createcontainer.horizontalPodAutoscalers.deletecontainer.horizontalPodAutoscalers.getcontainer.horizontalPodAutoscalers.getStatuscontainer.horizontalPodAutoscalers.listcontainer.horizontalPodAutoscalers.updatecontainer.horizontalPodAutoscalers.updateStatuscontainer.hostServiceAgent.usecontainer.ingresses.createcontainer.ingresses.deletecontainer.ingresses.getcontainer.ingresses.getStatuscontainer.ingresses.listcontainer.ingresses.updatecontainer.ingresses.updateStatuscontainer.initializerConfigurations.createcontainer.initializerConfigurations.deletecontainer.initializerConfigurations.getcontainer.initializerConfigurations.listcontainer.initializerConfigurations.updatecontainer.jobs.createcontainer.jobs.deletecontainer.jobs.getcontainer.jobs.getStatuscontainer.jobs.listcontainer.jobs.updatecontainer.jobs.updateStatuscontainer.leases.createcontainer.leases.deletecontainer.leases.getcontainer.leases.listcontainer.leases.updatecontainer.limitRanges.createcontainer.limitRanges.deletecontainer.limitRanges.getcontainer.limitRanges.listcontainer.limitRanges.updatecontainer.localSubjectAccessReviews.createcontainer.localSubjectAccessReviews.listcontainer.managedCertificates.createcontainer.managedCertificates.deletecontainer.managedCertificates.getcontainer.managedCertificates.listcontainer.managedCertificates.updatecontainer.mutatingWebhookConfigurations.createcontainer.mutatingWebhookConfigurations.deletecontainer.mutatingWebhookConfigurations.getcontainer.mutatingWebhookConfigurations.listcontainer.mutatingWebhookConfigurations.updatecontainer.namespaces.createcontainer.namespaces.deletecontainer.namespaces.finalizecontainer.namespaces.getcontainer.namespaces.getStatuscontainer.namespaces.listcontainer.namespaces.updatecontainer.namespaces.updateStatuscontainer.networkPolicies.createcontainer.networkPolicies.deletecontainer.networkPolicies.getcontainer.networkPolicies.listcontainer.networkPolicies.updatecontainer.nodes.createcontainer.nodes.deletecontainer.nodes.getcontainer.nodes.getStatuscontainer.nodes.listcontainer.nodes.proxycontainer.nodes.updatecontainer.nodes.updateStatuscontainer.operations.getcontainer.operations.listcontainer.persistentVolumeClaims.createcontainer.persistentVolumeClaims.deletecontainer.persistentVolumeClaims.getcontainer.persistentVolumeClaims.getStatuscontainer.persistentVolumeClaims.listcontainer.persistentVolumeClaims.updatecontainer.persistentVolumeClaims.updateStatuscontainer.persistentVolumes.createcontainer.persistentVolumes.deletecontainer.persistentVolumes.getcontainer.persistentVolumes.getStatuscontainer.persistentVolumes.listcontainer.persistentVolumes.updatecontainer.persistentVolumes.updateStatuscontainer.petSets.createcontainer.petSets.deletecontainer.petSets.getcontainer.petSets.listcontainer.petSets.updatecontainer.petSets.updateStatuscontainer.podDisruptionBudgets.createcontainer.podDisruptionBudgets.deletecontainer.podDisruptionBudgets.getcontainer.podDisruptionBudgets.getStatuscontainer.podDisruptionBudgets.listcontainer.podDisruptionBudgets.updatecontainer.podDisruptionBudgets.updateStatuscontainer.podPresets.createcontainer.podPresets.deletecontainer.podPresets.getcontainer.podPresets.listcontainer.podPresets.updatecontainer.podSecurityPolicies.createcontainer.podSecurityPolicies.deletecontainer.podSecurityPolicies.getcontainer.podSecurityPolicies.listcontainer.podSecurityPolicies.updatecontainer.podSecurityPolicies.usecontainer.podTemplates.createcontainer.podTemplates.deletecontainer.podTemplates.getcontainer.podTemplates.listcontainer.podTemplates.updatecontainer.pods.attachcontainer.pods.createcontainer.pods.deletecontainer.pods.evictcontainer.pods.execcontainer.pods.getcontainer.pods.getLogscontainer.pods.getStatuscontainer.pods.initializecontainer.pods.listcontainer.pods.portForwardcontainer.pods.proxycontainer.pods.updatecontainer.pods.updateStatuscontainer.priorityClasses.createcontainer.priorityClasses.deletecontainer.priorityClasses.getcontainer.priorityClasses.listcontainer.priorityClasses.updatecontainer.replicaSets.createcontainer.replicaSets.deletecontainer.replicaSets.getcontainer.replicaSets.getScalecontainer.replicaSets.getStatuscontainer.replicaSets.listcontainer.replicaSets.updatecontainer.replicaSets.updateScalecontainer.replicaSets.updateStatuscontainer.replicationControllers.createcontainer.replicationControllers.deletecontainer.replicationControllers.getcontainer.replicationControllers.getScalecontainer.replicationControllers.getStatuscontainer.replicationControllers.listcontainer.replicationControllers.updatecontainer.replicationControllers.updateScalecontainer.replicationControllers.updateStatuscontainer.resourceQuotas.createcontainer.resourceQuotas.deletecontainer.resourceQuotas.getcontainer.resourceQuotas.getStatuscontainer.resourceQuotas.listcontainer.resourceQuotas.updatecontainer.resourceQuotas.updateStatuscontainer.roleBindings.createcontainer.roleBindings.deletecontainer.roleBindings.getcontainer.roleBindings.listcontainer.roleBindings.updatecontainer.roles.bindcontainer.roles.createcontainer.roles.deletecontainer.roles.escalatecontainer.roles.getcontainer.roles.listcontainer.roles.updatecontainer.runtimeClasses.createcontainer.runtimeClasses.deletecontainer.runtimeClasses.getcontainer.runtimeClasses.listcontainer.runtimeClasses.updatecontainer.scheduledJobs.createcontainer.scheduledJobs.deletecontainer.scheduledJobs.getcontainer.scheduledJobs.listcontainer.scheduledJobs.updatecontainer.scheduledJobs.updateStatuscontainer.secrets.createcontainer.secrets.deletecontainer.secrets.getcontainer.secrets.listcontainer.secrets.updatecontainer.selfSubjectAccessReviews.createcontainer.selfSubjectAccessReviews.listcontainer.selfSubjectRulesReviews.createcontainer.serviceAccounts.createcontainer.serviceAccounts.createTokencontainer.serviceAccounts.deletecontainer.serviceAccounts.getcontainer.serviceAccounts.listcontainer.serviceAccounts.updatecontainer.services.createcontainer.services.deletecontainer.services.getcontainer.services.getStatuscontainer.services.listcontainer.services.proxycontainer.services.updatecontainer.services.updateStatuscontainer.statefulSets.createcontainer.statefulSets.deletecontainer.statefulSets.getcontainer.statefulSets.getScalecontainer.statefulSets.getStatuscontainer.statefulSets.listcontainer.statefulSets.updatecontainer.statefulSets.updateScalecontainer.statefulSets.updateStatuscontainer.storageClasses.createcontainer.storageClasses.deletecontainer.storageClasses.getcontainer.storageClasses.listcontainer.storageClasses.updatecontainer.storageStates.createcontainer.storageStates.deletecontainer.storageStates.getcontainer.storageStates.getStatuscontainer.storageStates.listcontainer.storageStates.updatecontainer.storageStates.updateStatuscontainer.storageVersionMigrations.createcontainer.storageVersionMigrations.deletecontainer.storageVersionMigrations.getcontainer.storageVersionMigrations.getStatuscontainer.storageVersionMigrations.listcontainer.storageVersionMigrations.updatecontainer.storageVersionMigrations.updateStatuscontainer.subjectAccessReviews.createcontainer.subjectAccessReviews.listcontainer.thirdPartyObjects.createcontainer.thirdPartyObjects.deletecontainer.thirdPartyObjects.getcontainer.thirdPartyObjects.listcontainer.thirdPartyObjects.updatecontainer.thirdPartyResources.createcontainer.thirdPartyResources.deletecontainer.thirdPartyResources.getcontainer.thirdPartyResources.listcontainer.thirdPartyResources.updatecontainer.tokenReviews.createcontainer.updateInfos.createcontainer.updateInfos.deletecontainer.updateInfos.getcontainer.updateInfos.listcontainer.updateInfos.updatecontainer.validatingWebhookConfigurations.createcontainer.validatingWebhookConfigurations.deletecontainer.validatingWebhookConfigurations.getcontainer.validatingWebhookConfigurations.listcontainer.validatingWebhookConfigurations.updatecontainer.volumeAttachments.createcontainer.volumeAttachments.deletecontainer.volumeAttachments.getcontainer.volumeAttachments.getStatuscontainer.volumeAttachments.listcontainer.volumeAttachments.updatecontainer.volumeAttachments.updateStatuscontainer.volumeSnapshotClasses.createcontainer.volumeSnapshotClasses.deletecontainer.volumeSnapshotClasses.getcontainer.volumeSnapshotClasses.listcontainer.volumeSnapshotClasses.updatecontainer.volumeSnapshotContents.createcontainer.volumeSnapshotContents.deletecontainer.volumeSnapshotContents.getcontainer.volumeSnapshotContents.getStatuscontainer.volumeSnapshotContents.listcontainer.volumeSnapshotContents.updatecontainer.volumeSnapshotContents.updateStatuscontainer.volumeSnapshots.createcontainer.volumeSnapshots.deletecontainer.volumeSnapshots.getcontainer.volumeSnapshots.getStatuscontainer.volumeSnapshots.listcontainer.volumeSnapshots.updatecontainer.volumeSnapshots.updateStatusdns.changes.*
dns.changes.createdns.changes.getdns.changes.listdns.dnsKeys.*
dns.dnsKeys.getdns.dnsKeys.listdns.gkeClusters.*
dns.gkeClusters.bindDNSResponsePolicydns.gkeClusters.bindPrivateDNSZonedns.managedZoneOperations.*
dns.managedZoneOperations.getdns.managedZoneOperations.listdns.managedZones.create
dns.managedZones.delete
dns.managedZones.get
dns.managedZones.getIamPolicy
dns.managedZones.list
dns.managedZones.update
dns.networks.*
dns.networks.bindDNSResponsePolicydns.networks.bindPrivateDNSPolicydns.networks.bindPrivateDNSZonedns.networks.targetWithPeeringZonedns.networks.useHealthSignalsdns.policies.*
dns.policies.createdns.policies.deletedns.policies.getdns.policies.listdns.policies.updatedns.projects.get
dns.resourceRecordSets.*
dns.resourceRecordSets.createdns.resourceRecordSets.deletedns.resourceRecordSets.getdns.resourceRecordSets.listdns.resourceRecordSets.updatedns.responsePolicies.*
dns.responsePolicies.createdns.responsePolicies.deletedns.responsePolicies.getdns.responsePolicies.listdns.responsePolicies.updatedns.responsePolicyRules.*
dns.responsePolicyRules.createdns.responsePolicyRules.deletedns.responsePolicyRules.getdns.responsePolicyRules.listdns.responsePolicyRules.updatefile.*
file.backups.createfile.backups.createTagBindingfile.backups.deletefile.backups.deleteTagBindingfile.backups.getfile.backups.listfile.backups.listEffectiveTagsfile.backups.listTagBindingsfile.backups.updatefile.instances.createfile.instances.createTagBindingfile.instances.deletefile.instances.deleteTagBindingfile.instances.getfile.instances.listfile.instances.listEffectiveTagsfile.instances.listTagBindingsfile.instances.restorefile.instances.revertfile.instances.updatefile.locations.getfile.locations.listfile.operations.cancelfile.operations.deletefile.operations.getfile.operations.listfile.snapshots.createTagBindingfile.snapshots.deleteTagBindingfile.snapshots.listEffectiveTagsfile.snapshots.listTagBindingsiam.serviceAccounts.actAs
iam.serviceAccounts.get
logging.logEntries.create
lustre.instances.create
lustre.instances.delete
lustre.instances.get
lustre.instances.importData
lustre.instances.list
lustre.instances.update
lustre.locations.*
lustre.locations.getlustre.locations.listlustre.operations.*
lustre.operations.cancellustre.operations.deletelustre.operations.getlustre.operations.listmonitoring.metricDescriptors.create
monitoring.metricDescriptors.get
monitoring.metricDescriptors.list
monitoring.timeSeries.*
monitoring.timeSeries.createmonitoring.timeSeries.listnetworkconnectivity.internalRanges.*
networkconnectivity.internalRanges.createnetworkconnectivity.internalRanges.deletenetworkconnectivity.internalRanges.getnetworkconnectivity.internalRanges.getIamPolicynetworkconnectivity.internalRanges.listnetworkconnectivity.internalRanges.setIamPolicynetworkconnectivity.internalRanges.updatenetworkconnectivity.locations.*
networkconnectivity.locations.getnetworkconnectivity.locations.listnetworkconnectivity.operations.*
networkconnectivity.operations.cancelnetworkconnectivity.operations.deletenetworkconnectivity.operations.getnetworkconnectivity.operations.listnetworkconnectivity.policyBasedRoutes.*
networkconnectivity.policyBasedRoutes.createnetworkconnectivity.policyBasedRoutes.deletenetworkconnectivity.policyBasedRoutes.getnetworkconnectivity.policyBasedRoutes.getIamPolicynetworkconnectivity.policyBasedRoutes.listnetworkconnectivity.policyBasedRoutes.setIamPolicynetworkconnectivity.regionalEndpoints.*
networkconnectivity.regionalEndpoints.createnetworkconnectivity.regionalEndpoints.deletenetworkconnectivity.regionalEndpoints.getnetworkconnectivity.regionalEndpoints.listnetworkconnectivity.serviceClasses.*
networkconnectivity.serviceClasses.createnetworkconnectivity.serviceClasses.deletenetworkconnectivity.serviceClasses.getnetworkconnectivity.serviceClasses.listnetworkconnectivity.serviceClasses.updatenetworkconnectivity.serviceClasses.usenetworkconnectivity.serviceConnectionMaps.*
networkconnectivity.serviceConnectionMaps.createnetworkconnectivity.serviceConnectionMaps.deletenetworkconnectivity.serviceConnectionMaps.getnetworkconnectivity.serviceConnectionMaps.listnetworkconnectivity.serviceConnectionMaps.updatenetworkconnectivity.serviceConnectionPolicies.*
networkconnectivity.serviceConnectionPolicies.createnetworkconnectivity.serviceConnectionPolicies.deletenetworkconnectivity.serviceConnectionPolicies.getnetworkconnectivity.serviceConnectionPolicies.listnetworkconnectivity.serviceConnectionPolicies.updatenetworkmanagement.connectivitytests.get
networkmanagement.connectivitytests.list
networksecurity.addressGroups.*
networksecurity.addressGroups.createnetworksecurity.addressGroups.deletenetworksecurity.addressGroups.getnetworksecurity.addressGroups.getIamPolicynetworksecurity.addressGroups.listnetworksecurity.addressGroups.setIamPolicynetworksecurity.addressGroups.updatenetworksecurity.addressGroups.usenetworksecurity.authorizationPolicies.*
networksecurity.authorizationPolicies.createnetworksecurity.authorizationPolicies.deletenetworksecurity.authorizationPolicies.getnetworksecurity.authorizationPolicies.getIamPolicynetworksecurity.authorizationPolicies.listnetworksecurity.authorizationPolicies.setIamPolicynetworksecurity.authorizationPolicies.updatenetworksecurity.authorizationPolicies.usenetworksecurity.authzPolicies.*
networksecurity.authzPolicies.createnetworksecurity.authzPolicies.deletenetworksecurity.authzPolicies.getnetworksecurity.authzPolicies.getIamPolicynetworksecurity.authzPolicies.listnetworksecurity.authzPolicies.setIamPolicynetworksecurity.authzPolicies.updatenetworksecurity.backendAuthenticationConfigs.*
networksecurity.backendAuthenticationConfigs.createnetworksecurity.backendAuthenticationConfigs.deletenetworksecurity.backendAuthenticationConfigs.getnetworksecurity.backendAuthenticationConfigs.listnetworksecurity.backendAuthenticationConfigs.updatenetworksecurity.backendAuthenticationConfigs.usenetworksecurity.clientTlsPolicies.*
networksecurity.clientTlsPolicies.createnetworksecurity.clientTlsPolicies.deletenetworksecurity.clientTlsPolicies.getnetworksecurity.clientTlsPolicies.getIamPolicynetworksecurity.clientTlsPolicies.listnetworksecurity.clientTlsPolicies.setIamPolicynetworksecurity.clientTlsPolicies.updatenetworksecurity.clientTlsPolicies.usenetworksecurity.firewallEndpointAssociations.*
networksecurity.firewallEndpointAssociations.createnetworksecurity.firewallEndpointAssociations.deletenetworksecurity.firewallEndpointAssociations.getnetworksecurity.firewallEndpointAssociations.listnetworksecurity.firewallEndpointAssociations.updatenetworksecurity.firewallEndpoints.*
networksecurity.firewallEndpoints.createnetworksecurity.firewallEndpoints.deletenetworksecurity.firewallEndpoints.getnetworksecurity.firewallEndpoints.listnetworksecurity.firewallEndpoints.updatenetworksecurity.firewallEndpoints.usenetworksecurity.gatewaySecurityPolicies.*
networksecurity.gatewaySecurityPolicies.createnetworksecurity.gatewaySecurityPolicies.deletenetworksecurity.gatewaySecurityPolicies.getnetworksecurity.gatewaySecurityPolicies.listnetworksecurity.gatewaySecurityPolicies.updatenetworksecurity.gatewaySecurityPolicies.usenetworksecurity.gatewaySecurityPolicyRules.*
networksecurity.gatewaySecurityPolicyRules.createnetworksecurity.gatewaySecurityPolicyRules.deletenetworksecurity.gatewaySecurityPolicyRules.getnetworksecurity.gatewaySecurityPolicyRules.listnetworksecurity.gatewaySecurityPolicyRules.updatenetworksecurity.gatewaySecurityPolicyRules.usenetworksecurity.locations.*
networksecurity.locations.getnetworksecurity.locations.listnetworksecurity.operations.*
networksecurity.operations.cancelnetworksecurity.operations.deletenetworksecurity.operations.getnetworksecurity.operations.listnetworksecurity.sacAttachments.*
networksecurity.sacAttachments.createnetworksecurity.sacAttachments.deletenetworksecurity.sacAttachments.getnetworksecurity.sacAttachments.listnetworksecurity.sacRealms.*
networksecurity.sacRealms.createnetworksecurity.sacRealms.deletenetworksecurity.sacRealms.getnetworksecurity.sacRealms.listnetworksecurity.securityProfileGroups.*
networksecurity.securityProfileGroups.createnetworksecurity.securityProfileGroups.deletenetworksecurity.securityProfileGroups.getnetworksecurity.securityProfileGroups.listnetworksecurity.securityProfileGroups.updatenetworksecurity.securityProfileGroups.usenetworksecurity.securityProfiles.*
networksecurity.securityProfiles.createnetworksecurity.securityProfiles.deletenetworksecurity.securityProfiles.getnetworksecurity.securityProfiles.listnetworksecurity.securityProfiles.updatenetworksecurity.securityProfiles.usenetworksecurity.serverTlsPolicies.*
networksecurity.serverTlsPolicies.createnetworksecurity.serverTlsPolicies.deletenetworksecurity.serverTlsPolicies.getnetworksecurity.serverTlsPolicies.getIamPolicynetworksecurity.serverTlsPolicies.listnetworksecurity.serverTlsPolicies.setIamPolicynetworksecurity.serverTlsPolicies.updatenetworksecurity.serverTlsPolicies.usenetworksecurity.tlsInspectionPolicies.*
networksecurity.tlsInspectionPolicies.createnetworksecurity.tlsInspectionPolicies.deletenetworksecurity.tlsInspectionPolicies.getnetworksecurity.tlsInspectionPolicies.listnetworksecurity.tlsInspectionPolicies.updatenetworksecurity.tlsInspectionPolicies.usenetworksecurity.urlLists.*
networksecurity.urlLists.createnetworksecurity.urlLists.deletenetworksecurity.urlLists.getnetworksecurity.urlLists.listnetworksecurity.urlLists.updatenetworksecurity.urlLists.usenetworkservices.*
networkservices.authzExtensions.createnetworkservices.authzExtensions.deletenetworkservices.authzExtensions.getnetworkservices.authzExtensions.listnetworkservices.authzExtensions.updatenetworkservices.authzExtensions.usenetworkservices.endpointPolicies.createnetworkservices.endpointPolicies.deletenetworkservices.endpointPolicies.getnetworkservices.endpointPolicies.listnetworkservices.endpointPolicies.updatenetworkservices.gateways.createnetworkservices.gateways.deletenetworkservices.gateways.getnetworkservices.gateways.listnetworkservices.gateways.updatenetworkservices.gateways.usenetworkservices.grpcRoutes.createnetworkservices.grpcRoutes.deletenetworkservices.grpcRoutes.getnetworkservices.grpcRoutes.listnetworkservices.grpcRoutes.updatenetworkservices.httpFilters.createnetworkservices.httpFilters.deletenetworkservices.httpFilters.getnetworkservices.httpFilters.listnetworkservices.httpFilters.updatenetworkservices.httpRoutes.createnetworkservices.httpRoutes.deletenetworkservices.httpRoutes.getnetworkservices.httpRoutes.listnetworkservices.httpRoutes.updatenetworkservices.httpfilters.createnetworkservices.httpfilters.deletenetworkservices.httpfilters.getnetworkservices.httpfilters.getIamPolicynetworkservices.httpfilters.listnetworkservices.httpfilters.setIamPolicynetworkservices.httpfilters.updatenetworkservices.httpfilters.usenetworkservices.lbEdgeExtensions.createnetworkservices.lbEdgeExtensions.deletenetworkservices.lbEdgeExtensions.getnetworkservices.lbEdgeExtensions.listnetworkservices.lbEdgeExtensions.updatenetworkservices.lbRouteExtensions.createnetworkservices.lbRouteExtensions.deletenetworkservices.lbRouteExtensions.getnetworkservices.lbRouteExtensions.listnetworkservices.lbRouteExtensions.updatenetworkservices.lbTrafficExtensions.createnetworkservices.lbTrafficExtensions.deletenetworkservices.lbTrafficExtensions.getnetworkservices.lbTrafficExtensions.listnetworkservices.lbTrafficExtensions.updatenetworkservices.locations.getnetworkservices.locations.listnetworkservices.meshes.createnetworkservices.meshes.deletenetworkservices.meshes.getnetworkservices.meshes.listnetworkservices.meshes.updatenetworkservices.meshes.usenetworkservices.operations.cancelnetworkservices.operations.deletenetworkservices.operations.getnetworkservices.operations.listnetworkservices.route_views.getnetworkservices.route_views.listnetworkservices.serviceBindings.createnetworkservices.serviceBindings.deletenetworkservices.serviceBindings.getnetworkservices.serviceBindings.listnetworkservices.serviceBindings.updatenetworkservices.serviceLbPolicies.createnetworkservices.serviceLbPolicies.deletenetworkservices.serviceLbPolicies.getnetworkservices.serviceLbPolicies.listnetworkservices.serviceLbPolicies.updatenetworkservices.tcpRoutes.createnetworkservices.tcpRoutes.deletenetworkservices.tcpRoutes.getnetworkservices.tcpRoutes.listnetworkservices.tcpRoutes.updatenetworkservices.tlsRoutes.createnetworkservices.tlsRoutes.deletenetworkservices.tlsRoutes.getnetworkservices.tlsRoutes.listnetworkservices.tlsRoutes.updatenetworkservices.wasmPlugins.createnetworkservices.wasmPlugins.deletenetworkservices.wasmPlugins.getnetworkservices.wasmPlugins.listnetworkservices.wasmPlugins.updatenetworkservices.wasmPlugins.useparallelstore.instances.create
parallelstore.instances.delete
parallelstore.instances.get
parallelstore.instances.importData
parallelstore.instances.list
parallelstore.instances.update
parallelstore.locations.*
parallelstore.locations.getparallelstore.locations.listparallelstore.operations.*
parallelstore.operations.cancelparallelstore.operations.deleteparallelstore.operations.getparallelstore.operations.listpubsub.topics.create
pubsub.topics.get
pubsub.topics.publish
recommender.containerDiagnosisInsights.*
recommender.containerDiagnosisInsights.getrecommender.containerDiagnosisInsights.listrecommender.containerDiagnosisInsights.updaterecommender.containerDiagnosisRecommendations.*
recommender.containerDiagnosisRecommendations.getrecommender.containerDiagnosisRecommendations.listrecommender.containerDiagnosisRecommendations.updaterecommender.locations.*
recommender.locations.getrecommender.locations.listrecommender.networkAnalyzerGkeConnectivityInsights.*
recommender.networkAnalyzerGkeConnectivityInsights.getrecommender.networkAnalyzerGkeConnectivityInsights.listrecommender.networkAnalyzerGkeConnectivityInsights.updaterecommender.networkAnalyzerGkeIpAddressInsights.*
recommender.networkAnalyzerGkeIpAddressInsights.getrecommender.networkAnalyzerGkeIpAddressInsights.listrecommender.networkAnalyzerGkeIpAddressInsights.updateresourcemanager.projects.get
resourcemanager.projects.list
resourcemanager.tagValueBindings.create
servicedirectory.namespaces.create
servicedirectory.namespaces.delete
servicedirectory.services.create
servicedirectory.services.delete
servicenetworking.operations.get
servicenetworking.services.addPeering
servicenetworking.services.createPeeredDnsDomain
servicenetworking.services.deleteConnection
servicenetworking.services.deletePeeredDnsDomain
servicenetworking.services.disableVpcServiceControls
servicenetworking.services.enableVpcServiceControls
servicenetworking.services.get
servicenetworking.services.listPeeredDnsDomains
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
serviceusage.services.use
tpu.locations.*
tpu.locations.gettpu.locations.listtpu.nodes.create
tpu.nodes.delete
tpu.nodes.get
tpu.nodes.list
tpu.operations.*
tpu.operations.gettpu.operations.listtrafficdirector.*
trafficdirector.networks.getConfigstrafficdirector.networks.reportMetrics(roles/container.viewer)
Provides read-only access to resources within GKE clusters, such as nodes, pods, and GKE API objects.
Lowest-level resources where you can grant this role:
container.apiServices.get
container.apiServices.getStatus
container.apiServices.list
container.auditSinks.get
container.auditSinks.list
container.backendConfigs.get
container.backendConfigs.list
container.bindings.get
container.bindings.list
container.certificateSigningRequests.get
container.certificateSigningRequests.getStatus
container.certificateSigningRequests.list
container.clusterRoleBindings.get
container.clusterRoleBindings.list
container.clusterRoles.get
container.clusterRoles.list
container.clusters.connect
container.clusters.get
container.clusters.list
container.componentStatuses.*
container.componentStatuses.getcontainer.componentStatuses.listcontainer.configMaps.get
container.configMaps.list
container.controllerRevisions.get
container.controllerRevisions.list
container.cronJobs.get
container.cronJobs.getStatus
container.cronJobs.list
container.csiDrivers.get
container.csiDrivers.list
container.csiNodeInfos.get
container.csiNodeInfos.list
container.csiNodes.get
container.csiNodes.list
container.customResourceDefinitions.get
container.customResourceDefinitions.getStatus
container.customResourceDefinitions.list
container.daemonSets.get
container.daemonSets.getStatus
container.daemonSets.list
container.deployments.get
container.deployments.getScale
container.deployments.getStatus
container.deployments.list
container.endpointSlices.get
container.endpointSlices.list
container.endpoints.get
container.endpoints.list
container.events.get
container.events.list
container.frontendConfigs.get
container.frontendConfigs.list
container.horizontalPodAutoscalers.get
container.horizontalPodAutoscalers.getStatus
container.horizontalPodAutoscalers.list
container.ingresses.get
container.ingresses.getStatus
container.ingresses.list
container.initializerConfigurations.get
container.initializerConfigurations.list
container.jobs.get
container.jobs.getStatus
container.jobs.list
container.leases.get
container.leases.list
container.limitRanges.get
container.limitRanges.list
container.managedCertificates.get
container.managedCertificates.list
container.mutatingWebhookConfigurations.get
container.mutatingWebhookConfigurations.list
container.namespaces.get
container.namespaces.getStatus
container.namespaces.list
container.networkPolicies.get
container.networkPolicies.list
container.nodes.get
container.nodes.getStatus
container.nodes.list
container.operations.*
container.operations.getcontainer.operations.listcontainer.persistentVolumeClaims.get
container.persistentVolumeClaims.getStatus
container.persistentVolumeClaims.list
container.persistentVolumes.get
container.persistentVolumes.getStatus
container.persistentVolumes.list
container.petSets.get
container.petSets.list
container.podDisruptionBudgets.get
container.podDisruptionBudgets.getStatus
container.podDisruptionBudgets.list
container.podPresets.get
container.podPresets.list
container.podSecurityPolicies.get
container.podSecurityPolicies.list
container.podTemplates.get
container.podTemplates.list
container.pods.get
container.pods.getStatus
container.pods.list
container.priorityClasses.get
container.priorityClasses.list
container.replicaSets.get
container.replicaSets.getScale
container.replicaSets.getStatus
container.replicaSets.list
container.replicationControllers.get
container.replicationControllers.getScale
container.replicationControllers.getStatus
container.replicationControllers.list
container.resourceQuotas.get
container.resourceQuotas.getStatus
container.resourceQuotas.list
container.roleBindings.get
container.roleBindings.list
container.roles.get
container.roles.list
container.runtimeClasses.get
container.runtimeClasses.list
container.scheduledJobs.get
container.scheduledJobs.list
container.serviceAccounts.get
container.serviceAccounts.list
container.services.get
container.services.getStatus
container.services.list
container.statefulSets.get
container.statefulSets.getScale
container.statefulSets.getStatus
container.statefulSets.list
container.storageClasses.get
container.storageClasses.list
container.storageStates.get
container.storageStates.getStatus
container.storageStates.list
container.storageVersionMigrations.get
container.storageVersionMigrations.getStatus
container.storageVersionMigrations.list
container.thirdPartyObjects.get
container.thirdPartyObjects.list
container.thirdPartyResources.get
container.thirdPartyResources.list
container.tokenReviews.create
container.updateInfos.get
container.updateInfos.list
container.validatingWebhookConfigurations.get
container.validatingWebhookConfigurations.list
container.volumeAttachments.get
container.volumeAttachments.getStatus
container.volumeAttachments.list
container.volumeSnapshotClasses.get
container.volumeSnapshotClasses.list
container.volumeSnapshotContents.get
container.volumeSnapshotContents.getStatus
container.volumeSnapshotContents.list
container.volumeSnapshots.get
container.volumeSnapshots.list
recommender.containerDiagnosisInsights.get
recommender.containerDiagnosisInsights.list
recommender.containerDiagnosisRecommendations.get
recommender.containerDiagnosisRecommendations.list
recommender.locations.*
recommender.locations.getrecommender.locations.listrecommender.networkAnalyzerGkeConnectivityInsights.get
recommender.networkAnalyzerGkeConnectivityInsights.list
recommender.networkAnalyzerGkeIpAddressInsights.get
recommender.networkAnalyzerGkeIpAddressInsights.list
resourcemanager.projects.get
resourcemanager.projects.list
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4