This page
applies to Apigee and Apigee hybrid.
You can view and grant roles using the permissions panel on the IAM & Admin > IAM
page in your Google Cloud project.
Go to IAM & Admin
The following table lists the roles and the corresponding permissions required to create and
manage API hub resources.
IAM role name |
Description |
Required permissions |
Cloud API hub Viewer |
This role can view all resources in API hub |
apihub.googleapis.com/locations.searchResources
apihub.googleapis.com/apis.list
apihub.googleapis.com/apis.get
apihub.googleapis.com/specs.list
apihub.googleapis.com/specs.get
apihub.googleapis.com/apiOperations.list
apihub.googleapis.com/apiOperations.get
apihub.googleapis.com/versions.list
apihub.googleapis.com/versions.get
apihub.googleapis.com/deployments.list
apihub.googleapis.com/deployments.get
apihub.googleapis.com/attributes.list
apihub.googleapis.com/attributes.get
apihub.googleapis.com/definitions.list
apihub.googleapis.com/definitions.get
apihub.googleapis.com/definitions.get
apihub.googleapis.com/externalApis.get
apihub.googleapis.com/externalApis.list
apihub.googleapis.com/dependencies.get
apihub.googleapis.com/dependencies.list
apihub.googleapis.com/plugins.get
apihub.googleapis.com/plugins.list
apihub.googleapis.com/runTimeProjectAttachments.get
apihub.googleapis.com/runTimeProjectAttachments.list
apihub.googleapis.com/hostProjectRegistrations.list
apihub.googleapis.com/hostProjectRegistrations.get
apihub.googleapis.com/apiHubInstances.get
apihub.googleapis.com/apiHubInstances.list
apihub.googleapis.com/styleGuides.get
cloudresourcemanager.googleapis.com/projects.get
cloudresourcemanager.googleapis.com/projects.list
|
Cloud API hub Plugins Admin |
All permissions related to plugins |
cloudresourcemanager.googleapis.com/projects.get
cloudresourcemanager.googleapis.com/projects.list
apihub.googleapis.com/plugins.get
apihub.googleapis.com/plugins.list
apihub.googleapis.com/plugins.enable
apihub.googleapis.com/plugins.disable
apihub.googleapis.com/specs.lint
apihub.googleapis.com/styleGuides.get
apihub.googleapis.com/styleGuides.update
|
Cloud API hub Editor |
Editor role for resources |
In addition to the permissions of the Cloud API hub viewer role, this
role has the following permissions:
apihub.googleapis.com/apis.create
apihub.googleapis.com/apis.update
apihub.googleapis.com/apis.delete
apihub.googleapis.com/versions.create
apihub.googleapis.com/versions.update
apihub.googleapis.com/versions.delete
apihub.googleapis.com/specs.create
apihub.googleapis.com/specs.update
apihub.googleapis.com/specs.delete
apihub.googleapis.com/deployments.create
apihub.googleapis.com/deployments.update
apihub.googleapis.com/deployments.delete
apihub.googleapis.com/specs.lint
|
Cloud API hub Provisioning Admin |
All permissions related to provisioning |
cloudresourcemanager.googleapis.com/projects.get
cloudresourcemanager.googleapis.com/projects.list
apihub.googleapis.com/hostProjectRegistrations.list
apihub.googleapis.com/hostProjectRegistrations.get
apihub.googleapis.com/hostProjectRegistrations.create
apihub.googleapis.com/hostProjectRegistrations.register
apihub.googleapis.com/hostProjectRegistrations.delete
apihub.googleapis.com/runTimeProjectAttachments.list
apihub.googleapis.com/runTimeProjectAttachments.get
apihub.googleapis.com/runTimeProjectAttachments.lookup
apihub.googleapis.com/runTimeProjectAttachments.create
apihub.googleapis.com/runTimeProjectAttachments.attach
apihub.googleapis.com/runTimeProjectAttachments.delete
apihub.googleapis.com/apiHubInstances.get
apihub.googleapis.com/apiHubInstances.list
apihub.googleapis.com/apiHubInstances.create
apihub.googleapis.com/apiHubInstances.delete
|
Cloud API hub Attributes Admin |
All permissions related to attributes |
cloudresourcemanager.googleapis.com/projects.get
cloudresourcemanager.googleapis.com/projects.list
apihub.googleapis.com/attributes.create
apihub.googleapis.com/attributes.update
apihub.googleapis.com/attributes.delete
apihub.googleapis.com/attributes.list
apihub.googleapis.com/attributes.get
|
Cloud API hub Admin |
All permissions |
This role has all the permissions of the following roles:
- Cloud API hub Editor
- Cloud API hub Attributes Admin
- Cloud API hub Provisioning Admin
- Cloud API hub Plugins Admin
|