Permissões e papéis do IAM do BigQuery

Este documento fornece uma lista de papéis e permissões predefinidos do Identity and Access Management (IAM) para o BigQuery. Esta página inclui papéis e permissões para o seguinte:

  • BigQuery: papéis e permissões aplicáveis a recursos do BigQuery, como conjuntos de dados, tabelas, visualizações e rotinas. Muitos desses papéis e permissões também podem ser concedidos a recursos do Resource Manager, como projetos, pastas e organizações.
  • API BigQuery Connection: função que concede a um agente de serviço acesso a uma conexão do Cloud SQL.
  • Consulta contínua do BigQuery: papel que concede a uma conta de serviço acesso a uma consulta contínua.
  • Política de dados do BigQuery: papéis e permissões aplicáveis às políticas de dados no BigQuery.
  • Serviço de transferência de dados do BigQuery: papel que concede a um agente de serviço acesso para criar jobs que transferem dados.
  • BigQuery Engine para Apache Flink: papéis e permissões aplicáveis aos recursos do BigQuery Engine para Apache Flink.
  • API BigQuery Migration Service: papéis e permissões aplicáveis aos recursos do serviço de migração do BigQuery.
  • BigQuery Omni: função que concede a um agente de serviço acesso a tabelas.
  • Compartilhamento do BigQuery: papéis e permissões aplicáveis aos recursos de compartilhamento do BigQuery.

Papéis predefinidos do IAM do BigQuery

As tabelas abaixo mostram os papéis predefinidos do IAM do BigQuery com uma lista correspondente de todas as permissões que cada papel inclui. Cada permissão se aplica a um tipo específico de recurso.

Papéis do BigQuery

Esta tabela lista os papéis e as permissões do IAM para o BigQuery. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigquery.admin)

Provides permissions to manage all resources within the project. Can manage all data within the project, and can cancel jobs from other users running within the project.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Table
    • View
    • Routine
  • Connection
  • Saved query
  • Data canvas
  • Pipeline
  • Data preparation
  • Repository

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.bireservations.*

  • bigquery.bireservations.get
  • bigquery.bireservations.update

bigquery.capacityCommitments.*

  • bigquery.capacityCommitments.create
  • bigquery.capacityCommitments.delete
  • bigquery.capacityCommitments.get
  • bigquery.capacityCommitments.list
  • bigquery.capacityCommitments.update

bigquery.config.*

  • bigquery.config.get
  • bigquery.config.update

bigquery.connections.*

  • bigquery.connections.create
  • bigquery.connections.delegate
  • bigquery.connections.delete
  • bigquery.connections.get
  • bigquery.connections.getIamPolicy
  • bigquery.connections.list
  • bigquery.connections.setIamPolicy
  • bigquery.connections.update
  • bigquery.connections.updateTag
  • bigquery.connections.use

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

bigquery.datasets.*

  • bigquery.datasets.create
  • bigquery.datasets.createTagBinding
  • bigquery.datasets.delete
  • bigquery.datasets.deleteTagBinding
  • bigquery.datasets.get
  • bigquery.datasets.getIamPolicy
  • bigquery.datasets.link
  • bigquery.datasets.listEffectiveTags
  • bigquery.datasets.listSharedDatasetUsage
  • bigquery.datasets.listTagBindings
  • bigquery.datasets.setIamPolicy
  • bigquery.datasets.update
  • bigquery.datasets.updateTag

bigquery.jobs.*

  • bigquery.jobs.create
  • bigquery.jobs.delete
  • bigquery.jobs.get
  • bigquery.jobs.list
  • bigquery.jobs.listAll
  • bigquery.jobs.listExecutionMetadata
  • bigquery.jobs.update

bigquery.models.*

  • bigquery.models.create
  • bigquery.models.delete
  • bigquery.models.export
  • bigquery.models.getData
  • bigquery.models.getMetadata
  • bigquery.models.list
  • bigquery.models.updateData
  • bigquery.models.updateMetadata
  • bigquery.models.updateTag

bigquery.objectRefs.*

  • bigquery.objectRefs.read
  • bigquery.objectRefs.write

bigquery.readsessions.*

  • bigquery.readsessions.create
  • bigquery.readsessions.getData
  • bigquery.readsessions.update

bigquery.reservationAssignments.*

  • bigquery.reservationAssignments.create
  • bigquery.reservationAssignments.delete
  • bigquery.reservationAssignments.list
  • bigquery.reservationAssignments.search

bigquery.reservations.*

  • bigquery.reservations.create
  • bigquery.reservations.delete
  • bigquery.reservations.get
  • bigquery.reservations.list
  • bigquery.reservations.listFailoverDatasets
  • bigquery.reservations.update
  • bigquery.reservations.use

bigquery.routines.*

  • bigquery.routines.create
  • bigquery.routines.delete
  • bigquery.routines.get
  • bigquery.routines.list
  • bigquery.routines.update
  • bigquery.routines.updateTag

bigquery.rowAccessPolicies.create

bigquery.rowAccessPolicies.delete

bigquery.rowAccessPolicies.get

bigquery.rowAccessPolicies.getIamPolicy

bigquery.rowAccessPolicies.list

bigquery.rowAccessPolicies.overrideTimeTravelRestrictions

bigquery.rowAccessPolicies.setIamPolicy

bigquery.rowAccessPolicies.update

bigquery.savedqueries.*

  • bigquery.savedqueries.create
  • bigquery.savedqueries.delete
  • bigquery.savedqueries.get
  • bigquery.savedqueries.list
  • bigquery.savedqueries.update

bigquery.tables.*

  • bigquery.tables.create
  • bigquery.tables.createIndex
  • bigquery.tables.createSnapshot
  • bigquery.tables.createTagBinding
  • bigquery.tables.delete
  • bigquery.tables.deleteIndex
  • bigquery.tables.deleteSnapshot
  • bigquery.tables.deleteTagBinding
  • bigquery.tables.export
  • bigquery.tables.get
  • bigquery.tables.getData
  • bigquery.tables.getIamPolicy
  • bigquery.tables.list
  • bigquery.tables.listEffectiveTags
  • bigquery.tables.listTagBindings
  • bigquery.tables.replicateData
  • bigquery.tables.restoreSnapshot
  • bigquery.tables.setCategory
  • bigquery.tables.setColumnDataPolicy
  • bigquery.tables.setIamPolicy
  • bigquery.tables.update
  • bigquery.tables.updateData
  • bigquery.tables.updateIndex
  • bigquery.tables.updateTag

bigquery.transfers.*

  • bigquery.transfers.get
  • bigquery.transfers.update

bigquerymigration.translation.translate

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

dataform.*

  • dataform.commentThreads.create
  • dataform.commentThreads.delete
  • dataform.commentThreads.get
  • dataform.commentThreads.list
  • dataform.commentThreads.update
  • dataform.comments.create
  • dataform.comments.delete
  • dataform.comments.get
  • dataform.comments.list
  • dataform.comments.update
  • dataform.compilationResults.create
  • dataform.compilationResults.get
  • dataform.compilationResults.list
  • dataform.compilationResults.query
  • dataform.config.get
  • dataform.config.update
  • dataform.locations.get
  • dataform.locations.list
  • dataform.releaseConfigs.create
  • dataform.releaseConfigs.delete
  • dataform.releaseConfigs.get
  • dataform.releaseConfigs.list
  • dataform.releaseConfigs.update
  • dataform.repositories.commit
  • dataform.repositories.computeAccessTokenStatus
  • dataform.repositories.create
  • dataform.repositories.delete
  • dataform.repositories.fetchHistory
  • dataform.repositories.fetchRemoteBranches
  • dataform.repositories.get
  • dataform.repositories.getIamPolicy
  • dataform.repositories.list
  • dataform.repositories.queryDirectoryContents
  • dataform.repositories.readFile
  • dataform.repositories.setIamPolicy
  • dataform.repositories.update
  • dataform.workflowConfigs.create
  • dataform.workflowConfigs.delete
  • dataform.workflowConfigs.get
  • dataform.workflowConfigs.list
  • dataform.workflowConfigs.update
  • dataform.workflowInvocations.cancel
  • dataform.workflowInvocations.create
  • dataform.workflowInvocations.delete
  • dataform.workflowInvocations.get
  • dataform.workflowInvocations.list
  • dataform.workflowInvocations.query
  • dataform.workspaces.commit
  • dataform.workspaces.create
  • dataform.workspaces.delete
  • dataform.workspaces.fetchFileDiff
  • dataform.workspaces.fetchFileGitStatuses
  • dataform.workspaces.fetchGitAheadBehind
  • dataform.workspaces.get
  • dataform.workspaces.getIamPolicy
  • dataform.workspaces.installNpmPackages
  • dataform.workspaces.list
  • dataform.workspaces.makeDirectory
  • dataform.workspaces.moveDirectory
  • dataform.workspaces.moveFile
  • dataform.workspaces.pull
  • dataform.workspaces.push
  • dataform.workspaces.queryDirectoryContents
  • dataform.workspaces.readFile
  • dataform.workspaces.removeDirectory
  • dataform.workspaces.removeFile
  • dataform.workspaces.reset
  • dataform.workspaces.searchFiles
  • dataform.workspaces.setIamPolicy
  • dataform.workspaces.writeFile

dataplex.datascans.*

  • dataplex.datascans.create
  • dataplex.datascans.delete
  • dataplex.datascans.get
  • dataplex.datascans.getData
  • dataplex.datascans.getIamPolicy
  • dataplex.datascans.list
  • dataplex.datascans.run
  • dataplex.datascans.setIamPolicy
  • dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.connectionAdmin)

Lowest-level resources where you can grant this role:

  • Connection

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.connections.*

  • bigquery.connections.create
  • bigquery.connections.delegate
  • bigquery.connections.delete
  • bigquery.connections.get
  • bigquery.connections.getIamPolicy
  • bigquery.connections.list
  • bigquery.connections.setIamPolicy
  • bigquery.connections.update
  • bigquery.connections.updateTag
  • bigquery.connections.use

(roles/bigquery.connectionUser)

Lowest-level resources where you can grant this role:

  • Connection

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.connections.get

bigquery.connections.getIamPolicy

bigquery.connections.list

bigquery.connections.use

(roles/bigquery.dataEditor)

When granted on a table or view, this role provides permissions to:

  • Read and update data and metadata for the table or view.
  • Delete the table or view.

This role cannot be granted to individual models.

When granted on a dataset, this role provides permissions to:

  • Read the dataset's metadata and list tables in the dataset.
  • Create, update, get, and delete the dataset's tables.

The BigQuery Data Editor role is mapped to the WRITER BigQuery basic role. When you grant the BigQuery Data Editor role to a principal at the dataset level, the principal is granted WRITER access to the dataset.

When applied at the project or organization level, this role also lets users create new datasets.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Table
    • View
    • Routine

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.config.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.datasets.getIamPolicy

bigquery.datasets.updateTag

bigquery.models.*

  • bigquery.models.create
  • bigquery.models.delete
  • bigquery.models.export
  • bigquery.models.getData
  • bigquery.models.getMetadata
  • bigquery.models.list
  • bigquery.models.updateData
  • bigquery.models.updateMetadata
  • bigquery.models.updateTag

bigquery.routines.*

  • bigquery.routines.create
  • bigquery.routines.delete
  • bigquery.routines.get
  • bigquery.routines.list
  • bigquery.routines.update
  • bigquery.routines.updateTag

bigquery.tables.create

bigquery.tables.createIndex

bigquery.tables.createSnapshot

bigquery.tables.delete

bigquery.tables.deleteIndex

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.getIamPolicy

bigquery.tables.list

bigquery.tables.replicateData

bigquery.tables.restoreSnapshot

bigquery.tables.update

bigquery.tables.updateData

bigquery.tables.updateIndex

bigquery.tables.updateTag

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

dataplex.datascans.create

dataplex.datascans.delete

dataplex.datascans.get

dataplex.datascans.getData

dataplex.datascans.getIamPolicy

dataplex.datascans.list

dataplex.datascans.run

dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.dataOwner)

When granted on a table or view, this role provides permissions to:

  • Read and update data and metadata for the table or view.
  • Share the table or view.
  • Delete the table or view.

This role cannot be granted to individual models.

When granted on a dataset, this role provides permissions to:

  • Read, update, and delete the dataset.
  • Create, update, get, and delete the dataset's tables.

The BigQuery Data Owner role is mapped to the OWNER BigQuery basic role. When you grant the BigQuery Data Owner role to a principal at the dataset level, the principal is granted OWNER access to the dataset.

When applied at the project or organization level, this role can also create new datasets.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Table
    • View
    • Routine

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.config.get

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

bigquery.datasets.*

  • bigquery.datasets.create
  • bigquery.datasets.createTagBinding
  • bigquery.datasets.delete
  • bigquery.datasets.deleteTagBinding
  • bigquery.datasets.get
  • bigquery.datasets.getIamPolicy
  • bigquery.datasets.link
  • bigquery.datasets.listEffectiveTags
  • bigquery.datasets.listSharedDatasetUsage
  • bigquery.datasets.listTagBindings
  • bigquery.datasets.setIamPolicy
  • bigquery.datasets.update
  • bigquery.datasets.updateTag

bigquery.models.*

  • bigquery.models.create
  • bigquery.models.delete
  • bigquery.models.export
  • bigquery.models.getData
  • bigquery.models.getMetadata
  • bigquery.models.list
  • bigquery.models.updateData
  • bigquery.models.updateMetadata
  • bigquery.models.updateTag

bigquery.routines.*

  • bigquery.routines.create
  • bigquery.routines.delete
  • bigquery.routines.get
  • bigquery.routines.list
  • bigquery.routines.update
  • bigquery.routines.updateTag

bigquery.rowAccessPolicies.create

bigquery.rowAccessPolicies.delete

bigquery.rowAccessPolicies.get

bigquery.rowAccessPolicies.getIamPolicy

bigquery.rowAccessPolicies.list

bigquery.rowAccessPolicies.setIamPolicy

bigquery.rowAccessPolicies.update

bigquery.tables.*

  • bigquery.tables.create
  • bigquery.tables.createIndex
  • bigquery.tables.createSnapshot
  • bigquery.tables.createTagBinding
  • bigquery.tables.delete
  • bigquery.tables.deleteIndex
  • bigquery.tables.deleteSnapshot
  • bigquery.tables.deleteTagBinding
  • bigquery.tables.export
  • bigquery.tables.get
  • bigquery.tables.getData
  • bigquery.tables.getIamPolicy
  • bigquery.tables.list
  • bigquery.tables.listEffectiveTags
  • bigquery.tables.listTagBindings
  • bigquery.tables.replicateData
  • bigquery.tables.restoreSnapshot
  • bigquery.tables.setCategory
  • bigquery.tables.setColumnDataPolicy
  • bigquery.tables.setIamPolicy
  • bigquery.tables.update
  • bigquery.tables.updateData
  • bigquery.tables.updateIndex
  • bigquery.tables.updateTag

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

dataplex.datascans.*

  • dataplex.datascans.create
  • dataplex.datascans.delete
  • dataplex.datascans.get
  • dataplex.datascans.getData
  • dataplex.datascans.getIamPolicy
  • dataplex.datascans.list
  • dataplex.datascans.run
  • dataplex.datascans.setIamPolicy
  • dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.dataViewer)

When granted on a table or view, this role provides permissions to:

  • Read data and metadata from the table or view.

This role cannot be granted to individual models.

When granted on a dataset, this role provides permissions to list all of the resources in the dataset (such as tables, views, snapshots, models, and routines) and to read their data and metadata with applicable APIs and in queries.

The BigQuery Data Viewer role is mapped to the READER BigQuery basic role. When you grant the BigQuery Data Viewer role to a principal at the dataset level, the principal is granted READER access to the dataset.

When applied at the project or organization level, this role can also enumerate all datasets in the project. Additional roles, however, are necessary to allow the running of jobs.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Table
    • View
    • Routine

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.datasets.get

bigquery.datasets.getIamPolicy

bigquery.models.export

bigquery.models.getData

bigquery.models.getMetadata

bigquery.models.list

bigquery.routines.get

bigquery.routines.list

bigquery.tables.createSnapshot

bigquery.tables.export

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.getIamPolicy

bigquery.tables.list

bigquery.tables.replicateData

dataplex.datascans.get

dataplex.datascans.getData

dataplex.datascans.getIamPolicy

dataplex.datascans.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.filteredDataViewer)

Access to view filtered table data defined by a row access policy. bigquery.filteredDataViewer is a system-managed role. Grant the role by using row-level access policies. Don't apply the role directly to a resource through Identity and Access Management (IAM).

bigquery.rowAccessPolicies.getFilteredData

(roles/bigquery.jobUser)

Provides permissions to run jobs, including queries, within the project.

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.config.get

bigquery.jobs.create

dataform.locations.*

  • dataform.locations.get
  • dataform.locations.list

dataform.repositories.create

dataform.repositories.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.metadataViewer)

When granted on a table or view, this role provides permissions to:

  • Read metadata from the table or view.

This role cannot be granted to individual models.

When granted on a dataset, this role provides permissions to:

  • List tables and views in the dataset.
  • Read metadata from the dataset's tables and views.

When applied at the project or organization level, this role provides permissions to:

  • List all datasets and read metadata for all datasets in the project.
  • List all tables and views and read metadata for all tables and views in the project.

Additional roles are necessary to allow the running of jobs.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Table
    • View
    • Routine

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.datasets.get

bigquery.datasets.getIamPolicy

bigquery.models.getMetadata

bigquery.models.list

bigquery.routines.get

bigquery.routines.list

bigquery.tables.get

bigquery.tables.getIamPolicy

bigquery.tables.list

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.objectRefAdmin)

Administer ObjectRef resources that includes read and write permissions

Lowest-level resources where you can grant this role:

  • Connection

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.objectRefs.*

  • bigquery.objectRefs.read
  • bigquery.objectRefs.write

(roles/bigquery.objectRefReader)

Role for reading referenced objects via ObjectRefs in BigQuery

Lowest-level resources where you can grant this role:

  • Connection

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.objectRefs.read

(roles/bigquery.readSessionUser)

Provides the ability to create and use read sessions.

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.readsessions.*

  • bigquery.readsessions.create
  • bigquery.readsessions.getData
  • bigquery.readsessions.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.resourceAdmin)

Administers BigQuery workloads, including slot assignments, commitments, and reservations.

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.bireservations.*

  • bigquery.bireservations.get
  • bigquery.bireservations.update

bigquery.capacityCommitments.*

  • bigquery.capacityCommitments.create
  • bigquery.capacityCommitments.delete
  • bigquery.capacityCommitments.get
  • bigquery.capacityCommitments.list
  • bigquery.capacityCommitments.update

bigquery.jobs.get

bigquery.jobs.list

bigquery.jobs.listAll

bigquery.jobs.listExecutionMetadata

bigquery.reservationAssignments.*

  • bigquery.reservationAssignments.create
  • bigquery.reservationAssignments.delete
  • bigquery.reservationAssignments.list
  • bigquery.reservationAssignments.search

bigquery.reservations.*

  • bigquery.reservations.create
  • bigquery.reservations.delete
  • bigquery.reservations.get
  • bigquery.reservations.list
  • bigquery.reservations.listFailoverDatasets
  • bigquery.reservations.update
  • bigquery.reservations.use

recommender.bigqueryCapacityCommitmentsInsights.*

  • recommender.bigqueryCapacityCommitmentsInsights.get
  • recommender.bigqueryCapacityCommitmentsInsights.list
  • recommender.bigqueryCapacityCommitmentsInsights.update

recommender.bigqueryCapacityCommitmentsRecommendations.*

  • recommender.bigqueryCapacityCommitmentsRecommendations.get
  • recommender.bigqueryCapacityCommitmentsRecommendations.list
  • recommender.bigqueryCapacityCommitmentsRecommendations.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.resourceEditor)

Manages BigQuery workloads, but is unable to create or modify slot commitments.

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.bireservations.get

bigquery.capacityCommitments.get

bigquery.capacityCommitments.list

bigquery.jobs.get

bigquery.jobs.list

bigquery.jobs.listAll

bigquery.jobs.listExecutionMetadata

bigquery.reservationAssignments.*

  • bigquery.reservationAssignments.create
  • bigquery.reservationAssignments.delete
  • bigquery.reservationAssignments.list
  • bigquery.reservationAssignments.search

bigquery.reservations.*

  • bigquery.reservations.create
  • bigquery.reservations.delete
  • bigquery.reservations.get
  • bigquery.reservations.list
  • bigquery.reservations.listFailoverDatasets
  • bigquery.reservations.update
  • bigquery.reservations.use

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.resourceViewer)

Can view BigQuery workloads, but cannot create or modify slot reservations or commitments.

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.bireservations.get

bigquery.capacityCommitments.get

bigquery.capacityCommitments.list

bigquery.jobs.get

bigquery.jobs.list

bigquery.jobs.listAll

bigquery.jobs.listExecutionMetadata

bigquery.reservationAssignments.list

bigquery.reservationAssignments.search

bigquery.reservations.get

bigquery.reservations.list

bigquery.reservations.listFailoverDatasets

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.securityAdmin)

Administer all BigQuery security controls

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

bigquery.datasets.createTagBinding

bigquery.datasets.deleteTagBinding

bigquery.datasets.get

bigquery.datasets.getIamPolicy

bigquery.datasets.listEffectiveTags

bigquery.datasets.listSharedDatasetUsage

bigquery.datasets.listTagBindings

bigquery.datasets.setIamPolicy

bigquery.datasets.update

bigquery.datasets.updateTag

bigquery.rowAccessPolicies.create

bigquery.rowAccessPolicies.delete

bigquery.rowAccessPolicies.get

bigquery.rowAccessPolicies.getIamPolicy

bigquery.rowAccessPolicies.list

bigquery.rowAccessPolicies.setIamPolicy

bigquery.rowAccessPolicies.update

bigquery.tables.createTagBinding

bigquery.tables.deleteTagBinding

bigquery.tables.get

bigquery.tables.getIamPolicy

bigquery.tables.list

bigquery.tables.listEffectiveTags

bigquery.tables.listTagBindings

bigquery.tables.setColumnDataPolicy

bigquery.tables.setIamPolicy

bigquery.tables.update

bigquery.tables.updateTag

dataplex.projects.search

(roles/bigquery.studioAdmin)

Combination role of BigQuery Admin, Dataform Admin, Notebook Runtime Admin and Dataproc Serverless Editor.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Table
    • View
    • Routine
  • Connection
  • Saved query
  • Data canvas
  • Data preparation
  • Pipeline
  • Repository

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

aiplatform.notebookRuntimeTemplates.*

  • aiplatform.notebookRuntimeTemplates.apply
  • aiplatform.notebookRuntimeTemplates.create
  • aiplatform.notebookRuntimeTemplates.delete
  • aiplatform.notebookRuntimeTemplates.get
  • aiplatform.notebookRuntimeTemplates.getIamPolicy
  • aiplatform.notebookRuntimeTemplates.list
  • aiplatform.notebookRuntimeTemplates.setIamPolicy
  • aiplatform.notebookRuntimeTemplates.update

aiplatform.notebookRuntimes.*

  • aiplatform.notebookRuntimes.assign
  • aiplatform.notebookRuntimes.delete
  • aiplatform.notebookRuntimes.get
  • aiplatform.notebookRuntimes.list
  • aiplatform.notebookRuntimes.start
  • aiplatform.notebookRuntimes.update
  • aiplatform.notebookRuntimes.upgrade

aiplatform.operations.list

bigquery.bireservations.*

  • bigquery.bireservations.get
  • bigquery.bireservations.update

bigquery.capacityCommitments.*

  • bigquery.capacityCommitments.create
  • bigquery.capacityCommitments.delete
  • bigquery.capacityCommitments.get
  • bigquery.capacityCommitments.list
  • bigquery.capacityCommitments.update

bigquery.config.*

  • bigquery.config.get
  • bigquery.config.update

bigquery.connections.*

  • bigquery.connections.create
  • bigquery.connections.delegate
  • bigquery.connections.delete
  • bigquery.connections.get
  • bigquery.connections.getIamPolicy
  • bigquery.connections.list
  • bigquery.connections.setIamPolicy
  • bigquery.connections.update
  • bigquery.connections.updateTag
  • bigquery.connections.use

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

bigquery.datasets.*

  • bigquery.datasets.create
  • bigquery.datasets.createTagBinding
  • bigquery.datasets.delete
  • bigquery.datasets.deleteTagBinding
  • bigquery.datasets.get
  • bigquery.datasets.getIamPolicy
  • bigquery.datasets.link
  • bigquery.datasets.listEffectiveTags
  • bigquery.datasets.listSharedDatasetUsage
  • bigquery.datasets.listTagBindings
  • bigquery.datasets.setIamPolicy
  • bigquery.datasets.update
  • bigquery.datasets.updateTag

bigquery.jobs.*

  • bigquery.jobs.create
  • bigquery.jobs.delete
  • bigquery.jobs.get
  • bigquery.jobs.list
  • bigquery.jobs.listAll
  • bigquery.jobs.listExecutionMetadata
  • bigquery.jobs.update

bigquery.models.*

  • bigquery.models.create
  • bigquery.models.delete
  • bigquery.models.export
  • bigquery.models.getData
  • bigquery.models.getMetadata
  • bigquery.models.list
  • bigquery.models.updateData
  • bigquery.models.updateMetadata
  • bigquery.models.updateTag

bigquery.objectRefs.*

  • bigquery.objectRefs.read
  • bigquery.objectRefs.write

bigquery.readsessions.*

  • bigquery.readsessions.create
  • bigquery.readsessions.getData
  • bigquery.readsessions.update

bigquery.reservationAssignments.*

  • bigquery.reservationAssignments.create
  • bigquery.reservationAssignments.delete
  • bigquery.reservationAssignments.list
  • bigquery.reservationAssignments.search

bigquery.reservations.*

  • bigquery.reservations.create
  • bigquery.reservations.delete
  • bigquery.reservations.get
  • bigquery.reservations.list
  • bigquery.reservations.listFailoverDatasets
  • bigquery.reservations.update
  • bigquery.reservations.use

bigquery.routines.*

  • bigquery.routines.create
  • bigquery.routines.delete
  • bigquery.routines.get
  • bigquery.routines.list
  • bigquery.routines.update
  • bigquery.routines.updateTag

bigquery.rowAccessPolicies.create

bigquery.rowAccessPolicies.delete

bigquery.rowAccessPolicies.get

bigquery.rowAccessPolicies.getIamPolicy

bigquery.rowAccessPolicies.list

bigquery.rowAccessPolicies.overrideTimeTravelRestrictions

bigquery.rowAccessPolicies.setIamPolicy

bigquery.rowAccessPolicies.update

bigquery.savedqueries.*

  • bigquery.savedqueries.create
  • bigquery.savedqueries.delete
  • bigquery.savedqueries.get
  • bigquery.savedqueries.list
  • bigquery.savedqueries.update

bigquery.tables.*

  • bigquery.tables.create
  • bigquery.tables.createIndex
  • bigquery.tables.createSnapshot
  • bigquery.tables.createTagBinding
  • bigquery.tables.delete
  • bigquery.tables.deleteIndex
  • bigquery.tables.deleteSnapshot
  • bigquery.tables.deleteTagBinding
  • bigquery.tables.export
  • bigquery.tables.get
  • bigquery.tables.getData
  • bigquery.tables.getIamPolicy
  • bigquery.tables.list
  • bigquery.tables.listEffectiveTags
  • bigquery.tables.listTagBindings
  • bigquery.tables.replicateData
  • bigquery.tables.restoreSnapshot
  • bigquery.tables.setCategory
  • bigquery.tables.setColumnDataPolicy
  • bigquery.tables.setIamPolicy
  • bigquery.tables.update
  • bigquery.tables.updateData
  • bigquery.tables.updateIndex
  • bigquery.tables.updateTag

bigquery.transfers.*

  • bigquery.transfers.get
  • bigquery.transfers.update

bigquerymigration.translation.translate

cloudaicompanion.codeToolsSettings.*

  • cloudaicompanion.codeToolsSettings.create
  • cloudaicompanion.codeToolsSettings.delete
  • cloudaicompanion.codeToolsSettings.get
  • cloudaicompanion.codeToolsSettings.list
  • cloudaicompanion.codeToolsSettings.update

cloudaicompanion.companions.*

  • cloudaicompanion.companions.generateChat
  • cloudaicompanion.companions.generateCode

cloudaicompanion.dataSharingWithGoogleSettings.*

  • cloudaicompanion.dataSharingWithGoogleSettings.create
  • cloudaicompanion.dataSharingWithGoogleSettings.delete
  • cloudaicompanion.dataSharingWithGoogleSettings.get
  • cloudaicompanion.dataSharingWithGoogleSettings.list
  • cloudaicompanion.dataSharingWithGoogleSettings.update

cloudaicompanion.entitlements.get

cloudaicompanion.geminiGcpEnablementSettings.*

  • cloudaicompanion.geminiGcpEnablementSettings.create
  • cloudaicompanion.geminiGcpEnablementSettings.delete
  • cloudaicompanion.geminiGcpEnablementSettings.get
  • cloudaicompanion.geminiGcpEnablementSettings.list
  • cloudaicompanion.geminiGcpEnablementSettings.update

cloudaicompanion.instances.*

  • cloudaicompanion.instances.completeCode
  • cloudaicompanion.instances.completeTask
  • cloudaicompanion.instances.exportMetrics
  • cloudaicompanion.instances.generateCode
  • cloudaicompanion.instances.generateText
  • cloudaicompanion.instances.queryEffectiveSetting
  • cloudaicompanion.instances.queryEffectiveSettingBindings

cloudaicompanion.licenses.selfAssign

cloudaicompanion.loggingSettings.*

  • cloudaicompanion.loggingSettings.create
  • cloudaicompanion.loggingSettings.delete
  • cloudaicompanion.loggingSettings.get
  • cloudaicompanion.loggingSettings.list
  • cloudaicompanion.loggingSettings.update

cloudaicompanion.operations.get

cloudaicompanion.releaseChannelSettings.*

  • cloudaicompanion.releaseChannelSettings.create
  • cloudaicompanion.releaseChannelSettings.delete
  • cloudaicompanion.releaseChannelSettings.get
  • cloudaicompanion.releaseChannelSettings.list
  • cloudaicompanion.releaseChannelSettings.update

cloudaicompanion.settingBindings.*

  • cloudaicompanion.settingBindings.codeToolsSettingsCreate
  • cloudaicompanion.settingBindings.codeToolsSettingsDelete
  • cloudaicompanion.settingBindings.codeToolsSettingsGet
  • cloudaicompanion.settingBindings.codeToolsSettingsList
  • cloudaicompanion.settingBindings.codeToolsSettingsUpdate
  • cloudaicompanion.settingBindings.codeToolsSettingsUse
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsCreate
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsDelete
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsGet
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsList
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUpdate
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUse
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsCreate
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsDelete
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsGet
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsList
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUpdate
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUse
  • cloudaicompanion.settingBindings.loggingSettingsCreate
  • cloudaicompanion.settingBindings.loggingSettingsDelete
  • cloudaicompanion.settingBindings.loggingSettingsGet
  • cloudaicompanion.settingBindings.loggingSettingsList
  • cloudaicompanion.settingBindings.loggingSettingsUpdate
  • cloudaicompanion.settingBindings.loggingSettingsUse
  • cloudaicompanion.settingBindings.releaseChannelSettingsCreate
  • cloudaicompanion.settingBindings.releaseChannelSettingsDelete
  • cloudaicompanion.settingBindings.releaseChannelSettingsGet
  • cloudaicompanion.settingBindings.releaseChannelSettingsList
  • cloudaicompanion.settingBindings.releaseChannelSettingsUpdate
  • cloudaicompanion.settingBindings.releaseChannelSettingsUse

cloudaicompanion.topics.create

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

compute.projects.get

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.reservations.get

compute.reservations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

dataform.*

  • dataform.commentThreads.create
  • dataform.commentThreads.delete
  • dataform.commentThreads.get
  • dataform.commentThreads.list
  • dataform.commentThreads.update
  • dataform.comments.create
  • dataform.comments.delete
  • dataform.comments.get
  • dataform.comments.list
  • dataform.comments.update
  • dataform.compilationResults.create
  • dataform.compilationResults.get
  • dataform.compilationResults.list
  • dataform.compilationResults.query
  • dataform.config.get
  • dataform.config.update
  • dataform.locations.get
  • dataform.locations.list
  • dataform.releaseConfigs.create
  • dataform.releaseConfigs.delete
  • dataform.releaseConfigs.get
  • dataform.releaseConfigs.list
  • dataform.releaseConfigs.update
  • dataform.repositories.commit
  • dataform.repositories.computeAccessTokenStatus
  • dataform.repositories.create
  • dataform.repositories.delete
  • dataform.repositories.fetchHistory
  • dataform.repositories.fetchRemoteBranches
  • dataform.repositories.get
  • dataform.repositories.getIamPolicy
  • dataform.repositories.list
  • dataform.repositories.queryDirectoryContents
  • dataform.repositories.readFile
  • dataform.repositories.setIamPolicy
  • dataform.repositories.update
  • dataform.workflowConfigs.create
  • dataform.workflowConfigs.delete
  • dataform.workflowConfigs.get
  • dataform.workflowConfigs.list
  • dataform.workflowConfigs.update
  • dataform.workflowInvocations.cancel
  • dataform.workflowInvocations.create
  • dataform.workflowInvocations.delete
  • dataform.workflowInvocations.get
  • dataform.workflowInvocations.list
  • dataform.workflowInvocations.query
  • dataform.workspaces.commit
  • dataform.workspaces.create
  • dataform.workspaces.delete
  • dataform.workspaces.fetchFileDiff
  • dataform.workspaces.fetchFileGitStatuses
  • dataform.workspaces.fetchGitAheadBehind
  • dataform.workspaces.get
  • dataform.workspaces.getIamPolicy
  • dataform.workspaces.installNpmPackages
  • dataform.workspaces.list
  • dataform.workspaces.makeDirectory
  • dataform.workspaces.moveDirectory
  • dataform.workspaces.moveFile
  • dataform.workspaces.pull
  • dataform.workspaces.push
  • dataform.workspaces.queryDirectoryContents
  • dataform.workspaces.readFile
  • dataform.workspaces.removeDirectory
  • dataform.workspaces.removeFile
  • dataform.workspaces.reset
  • dataform.workspaces.searchFiles
  • dataform.workspaces.setIamPolicy
  • dataform.workspaces.writeFile

dataplex.datascans.*

  • dataplex.datascans.create
  • dataplex.datascans.delete
  • dataplex.datascans.get
  • dataplex.datascans.getData
  • dataplex.datascans.getIamPolicy
  • dataplex.datascans.list
  • dataplex.datascans.run
  • dataplex.datascans.setIamPolicy
  • dataplex.datascans.update

dataplex.operations.get

dataplex.operations.list

dataplex.projects.search

dataproc.batches.*

  • dataproc.batches.analyze
  • dataproc.batches.cancel
  • dataproc.batches.create
  • dataproc.batches.delete
  • dataproc.batches.get
  • dataproc.batches.list
  • dataproc.batches.sparkApplicationRead
  • dataproc.batches.sparkApplicationWrite

dataproc.operations.cancel

dataproc.operations.delete

dataproc.operations.get

dataproc.operations.list

dataproc.sessionTemplates.*

  • dataproc.sessionTemplates.create
  • dataproc.sessionTemplates.delete
  • dataproc.sessionTemplates.get
  • dataproc.sessionTemplates.list
  • dataproc.sessionTemplates.update

dataproc.sessions.*

  • dataproc.sessions.create
  • dataproc.sessions.delete
  • dataproc.sessions.get
  • dataproc.sessions.list
  • dataproc.sessions.sparkApplicationRead
  • dataproc.sessions.sparkApplicationWrite
  • dataproc.sessions.terminate

dataprocrm.nodePools.*

  • dataprocrm.nodePools.create
  • dataprocrm.nodePools.delete
  • dataprocrm.nodePools.deleteNodes
  • dataprocrm.nodePools.get
  • dataprocrm.nodePools.list
  • dataprocrm.nodePools.resize

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.list

dataprocrm.nodes.update

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.*

  • dataprocrm.workloads.cancel
  • dataprocrm.workloads.create
  • dataprocrm.workloads.delete
  • dataprocrm.workloads.get
  • dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.studioUser)

Combination role of BigQuery Job User, BigQuery Read Session User, Dataform Code Creator, Notebook Runtime User and Dataproc Serverless Editor.

Lowest-level resources where you can grant this role:

  • Saved query
  • Data canvas
  • Data preparation
  • Pipeline
  • Repository

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

aiplatform.notebookRuntimeTemplates.apply

aiplatform.notebookRuntimeTemplates.get

aiplatform.notebookRuntimeTemplates.getIamPolicy

aiplatform.notebookRuntimeTemplates.list

aiplatform.notebookRuntimes.assign

aiplatform.notebookRuntimes.get

aiplatform.notebookRuntimes.list

aiplatform.operations.list

bigquery.config.get

bigquery.jobs.create

bigquery.readsessions.*

  • bigquery.readsessions.create
  • bigquery.readsessions.getData
  • bigquery.readsessions.update

cloudaicompanion.companions.*

  • cloudaicompanion.companions.generateChat
  • cloudaicompanion.companions.generateCode

cloudaicompanion.entitlements.get

cloudaicompanion.instances.*

  • cloudaicompanion.instances.completeCode
  • cloudaicompanion.instances.completeTask
  • cloudaicompanion.instances.exportMetrics
  • cloudaicompanion.instances.generateCode
  • cloudaicompanion.instances.generateText
  • cloudaicompanion.instances.queryEffectiveSetting
  • cloudaicompanion.instances.queryEffectiveSettingBindings

cloudaicompanion.licenses.selfAssign

cloudaicompanion.operations.get

cloudaicompanion.topics.create

compute.projects.get

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

dataform.commentThreads.get

dataform.commentThreads.list

dataform.comments.get

dataform.comments.list

dataform.locations.*

  • dataform.locations.get
  • dataform.locations.list

dataform.repositories.create

dataform.repositories.list

dataplex.projects.search

dataproc.batches.*

  • dataproc.batches.analyze
  • dataproc.batches.cancel
  • dataproc.batches.create
  • dataproc.batches.delete
  • dataproc.batches.get
  • dataproc.batches.list
  • dataproc.batches.sparkApplicationRead
  • dataproc.batches.sparkApplicationWrite

dataproc.operations.cancel

dataproc.operations.delete

dataproc.operations.get

dataproc.operations.list

dataproc.sessionTemplates.*

  • dataproc.sessionTemplates.create
  • dataproc.sessionTemplates.delete
  • dataproc.sessionTemplates.get
  • dataproc.sessionTemplates.list
  • dataproc.sessionTemplates.update

dataproc.sessions.*

  • dataproc.sessions.create
  • dataproc.sessions.delete
  • dataproc.sessions.get
  • dataproc.sessions.list
  • dataproc.sessions.sparkApplicationRead
  • dataproc.sessions.sparkApplicationWrite
  • dataproc.sessions.terminate

dataprocrm.nodePools.*

  • dataprocrm.nodePools.create
  • dataprocrm.nodePools.delete
  • dataprocrm.nodePools.deleteNodes
  • dataprocrm.nodePools.get
  • dataprocrm.nodePools.list
  • dataprocrm.nodePools.resize

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.list

dataprocrm.nodes.update

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.*

  • dataprocrm.workloads.cancel
  • dataprocrm.workloads.create
  • dataprocrm.workloads.delete
  • dataprocrm.workloads.get
  • dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/bigquery.user)

When granted on a dataset, this role provides the ability to read the dataset's metadata and list tables in the dataset.

When granted on a project, this role also provides the ability to run jobs, including queries, within the project. A principal with this role can enumerate their own jobs, cancel their own jobs, and enumerate datasets within a project. Additionally, allows the creation of new datasets within the project; the creator is granted the BigQuery Data Owner role (roles/bigquery.dataOwner) on these new datasets.

Lowest-level resources where you can grant this role:

  • Dataset
  • These resources within a dataset:
    • Routine

This role can also be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.bireservations.get

bigquery.capacityCommitments.get

bigquery.capacityCommitments.list

bigquery.config.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.datasets.getIamPolicy

bigquery.jobs.create

bigquery.jobs.list

bigquery.models.list

bigquery.readsessions.*

  • bigquery.readsessions.create
  • bigquery.readsessions.getData
  • bigquery.readsessions.update

bigquery.reservationAssignments.list

bigquery.reservationAssignments.search

bigquery.reservations.get

bigquery.reservations.list

bigquery.reservations.listFailoverDatasets

bigquery.reservations.use

bigquery.routines.list

bigquery.savedqueries.get

bigquery.savedqueries.list

bigquery.tables.list

bigquery.transfers.get

bigquerymigration.translation.translate

cloudkms.keyHandles.*

  • cloudkms.keyHandles.create
  • cloudkms.keyHandles.get
  • cloudkms.keyHandles.list

cloudkms.operations.get

cloudkms.projects.showEffectiveAutokeyConfig

dataform.locations.*

  • dataform.locations.get
  • dataform.locations.list

dataform.repositories.create

dataform.repositories.list

dataplex.projects.search

resourcemanager.projects.get

resourcemanager.projects.list

Papéis da API BigQuery Connection

Esta tabela lista os papéis e as permissões do IAM para a API BigQuery Connection. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigqueryconnection.serviceAgent)

Gives BigQuery Connection Service access to Cloud SQL instances in user projects.

cloudsql.instances.connect

cloudsql.instances.get

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

Papéis de consulta contínua do BigQuery

Esta tabela lista os papéis e as permissões do IAM para consultas contínuas do BigQuery. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigquerycontinuousquery.serviceAgent)

Gives BigQuery Continuous Query access to the service accounts in the user project.

iam.serviceAccounts.getAccessToken

Funções da política de dados do BigQuery

Esta tabela lista os papéis e as permissões do IAM para a política de dados do BigQuery. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigquerydatapolicy.admin)

Role for managing Data Policies in BigQuery

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.dataPolicies.create

bigquery.dataPolicies.delete

bigquery.dataPolicies.get

bigquery.dataPolicies.getIamPolicy

bigquery.dataPolicies.list

bigquery.dataPolicies.setIamPolicy

bigquery.dataPolicies.update

(roles/bigquerydatapolicy.maskedReader)

Masked read access to sub-resources tagged by the policy tag associated with a data policy, for example, BigQuery columns

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.dataPolicies.maskedGet

(roles/bigquerydatapolicy.rawDataReader)

Raw read access to sub-resources associated with a data policy, for example, BigQuery columns

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.dataPolicies.getRawData

(roles/bigquerydatapolicy.viewer)

Role for viewing Data Policies in BigQuery

This role can only be granted on Resource Manager resources (projects, folders, and organizations).

bigquery.dataPolicies.get

bigquery.dataPolicies.list

Funções do serviço de transferência de dados do BigQuery

Esta tabela lista os papéis e as permissões do IAM para o serviço de transferência de dados do BigQuery. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigquerydatatransfer.serviceAgent)

Gives BigQuery Data Transfer Service access to start BigQuery jobs in consumer project.

bigquery.config.get

bigquery.jobs.create

compute.networkAttachments.get

compute.networkAttachments.update

compute.regionOperations.get

compute.subnetworks.use

dataform.locations.*

  • dataform.locations.get
  • dataform.locations.list

dataform.repositories.create

dataform.repositories.list

iam.serviceAccounts.getAccessToken

logging.logEntries.create

logging.logEntries.route

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

Esta tabela lista os papéis e as permissões do IAM para o BigQuery Engine para Apache Flink. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/managedflink.admin)

Full access to Managed Flink resources.

managedflink.*

  • managedflink.deployments.create
  • managedflink.deployments.delete
  • managedflink.deployments.get
  • managedflink.deployments.list
  • managedflink.deployments.update
  • managedflink.jobs.create
  • managedflink.jobs.delete
  • managedflink.jobs.get
  • managedflink.jobs.list
  • managedflink.jobs.update
  • managedflink.locations.get
  • managedflink.locations.list
  • managedflink.operations.cancel
  • managedflink.operations.delete
  • managedflink.operations.get
  • managedflink.operations.list
  • managedflink.sessions.create
  • managedflink.sessions.delete
  • managedflink.sessions.get
  • managedflink.sessions.list
  • managedflink.sessions.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/managedflink.developer)

Full access to Managed Flink Jobs and Sessions and read access to Deployments.

managedflink.deployments.get

managedflink.deployments.list

managedflink.jobs.*

  • managedflink.jobs.create
  • managedflink.jobs.delete
  • managedflink.jobs.get
  • managedflink.jobs.list
  • managedflink.jobs.update

managedflink.locations.*

  • managedflink.locations.get
  • managedflink.locations.list

managedflink.operations.get

managedflink.operations.list

managedflink.sessions.*

  • managedflink.sessions.create
  • managedflink.sessions.delete
  • managedflink.sessions.get
  • managedflink.sessions.list
  • managedflink.sessions.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/managedflink.serviceAgent)

Gives Managed Flink Service Agent access to Cloud Platform resources.

compute.networkAttachments.create

compute.networkAttachments.delete

compute.networkAttachments.get

compute.networkAttachments.list

compute.networkAttachments.update

compute.networks.get

compute.networks.list

compute.regionOperations.get

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

dns.networks.targetWithPeeringZone

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.clusters.update

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

serviceusage.services.use

storage.objects.get

(roles/managedflink.viewer)

Readonly access to Managed Flink resources.

managedflink.deployments.get

managedflink.deployments.list

managedflink.jobs.get

managedflink.jobs.list

managedflink.locations.*

  • managedflink.locations.get
  • managedflink.locations.list

managedflink.operations.get

managedflink.operations.list

managedflink.sessions.get

managedflink.sessions.list

resourcemanager.projects.get

resourcemanager.projects.list

Papéis do serviço de migração do BigQuery

Esta tabela lista os papéis e as permissões do IAM para o BigQuery Migration Service. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigquerymigration.editor)

Editor of EDW migration workflows.

bigquerymigration.subtasks.*

  • bigquerymigration.subtasks.get
  • bigquerymigration.subtasks.list

bigquerymigration.workflows.create

bigquerymigration.workflows.delete

bigquerymigration.workflows.enableAiOutputTypes

bigquerymigration.workflows.enableLineageOutputTypes

bigquerymigration.workflows.enableOutputTypePermissions

bigquerymigration.workflows.get

bigquerymigration.workflows.list

bigquerymigration.workflows.update

(roles/bigquerymigration.orchestrator)

Orchestrator of EDW migration tasks.

bigquerymigration.workflows.orchestrateTask

storage.objects.list

(roles/bigquerymigration.translationUser)

User of EDW migration interactive SQL translation service.

bigquerymigration.translation.translate

(roles/bigquerymigration.viewer)

Viewer of EDW migration MigrationWorkflow.

bigquerymigration.subtasks.*

  • bigquerymigration.subtasks.get
  • bigquerymigration.subtasks.list

bigquerymigration.workflows.get

bigquerymigration.workflows.list

(roles/bigquerymigration.worker)

Worker that executes EDW migration subtasks.

storage.objects.create

storage.objects.get

storage.objects.list

Papéis do BigQuery Omni

Esta tabela lista os papéis e as permissões do IAM para o BigQuery Omni. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/bigqueryomni.serviceAgent)

Gives BigQuery Omni access to tables in user projects.

bigquery.jobs.create

bigquery.tables.updateData

Papéis de compartilhamento do BigQuery

Esta tabela lista os papéis e as permissões do IAM para compartilhamento do BigQuery. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Role Permissions

(roles/analyticshub.admin)

Administer Data Exchanges and Listings

analyticshub.dataExchanges.create

analyticshub.dataExchanges.delete

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.dataExchanges.setIamPolicy

analyticshub.dataExchanges.update

analyticshub.dataExchanges.viewSubscriptions

analyticshub.listings.create

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

analyticshub.listings.viewSubscriptions

analyticshub.subscriptions.*

  • analyticshub.subscriptions.create
  • analyticshub.subscriptions.delete
  • analyticshub.subscriptions.get
  • analyticshub.subscriptions.list
  • analyticshub.subscriptions.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.listingAdmin)

Grants full control over the Listing, including updating, deleting and setting ACLs

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

analyticshub.listings.viewSubscriptions

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.publisher)

Can publish to Data Exchanges thus creating Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.create

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.subscriber)

Can browse Data Exchanges and subscribe to Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.dataExchanges.subscribe

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.subscribe

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.subscriptionOwner)

Grants full control over the Subscription, including updating and deleting

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.subscriptions.*

  • analyticshub.subscriptions.create
  • analyticshub.subscriptions.delete
  • analyticshub.subscriptions.get
  • analyticshub.subscriptions.list
  • analyticshub.subscriptions.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.viewer)

Can browse Data Exchanges and Listings

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

Permissões do BigQuery

As tabelas a seguir listam as permissões disponíveis no BigQuery. Elas estão incluídas em papéis predefinidos e podem ser usadas em definições de papéis personalizados. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Permissões do BigQuery

Esta tabela lista as permissões do IAM para o BigQuery e os papéis que as incluem. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Permissão Incluído em papéis

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Usuário de jobs do BigQuery (roles/bigquery.jobUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery Studio (roles/bigquery.studioUser)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Assured Workloads (roles/assuredworkloads.admin)

Editor do Assured Workloads (roles/assuredworkloads.editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Usuário de conexão do BigQuery (roles/bigquery.connectionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Leitor do Data Catalog (roles/datacatalog.viewer)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Usuário de conexão do BigQuery (roles/bigquery.connectionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Usuário de conexão do BigQuery (roles/bigquery.connectionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Editor de tags do Data Catalog (roles/datacatalog.tagEditor)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de conexão do BigQuery (roles/bigquery.connectionAdmin)

Usuário de conexão do BigQuery (roles/bigquery.connectionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Leitor de políticas de dados do BigQuery (roles/bigquerydatapolicy.viewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Leitor de dados brutos (roles/bigquerydatapolicy.rawDataReader)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Leitor de políticas de dados do BigQuery (roles/bigquerydatapolicy.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Leitor mascarado (roles/bigquerydatapolicy.maskedReader)

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Administrador de segurança (roles/iam.securityAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de políticas de dados do BigQuery (roles/bigquerydatapolicy.admin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Administrador do Data Catalog (roles/datacatalog.admin)

Leitor do Data Catalog (roles/datacatalog.viewer)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Remediador do nível SLZ BQDW Blueprint do projeto (roles/securedlandingzone.bqdwProjectRemediator)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Remediador do nível SLZ BQDW Blueprint do projeto (roles/securedlandingzone.bqdwProjectRemediator)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Leitor de tags (roles/resourcemanager.tagViewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Leitor de tags (roles/resourcemanager.tagViewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Remediador do nível SLZ BQDW Blueprint do projeto (roles/securedlandingzone.bqdwProjectRemediator)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Remediador do nível SLZ BQDW Blueprint do projeto (roles/securedlandingzone.bqdwProjectRemediator)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Editor de tags do Data Catalog (roles/datacatalog.tagEditor)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Usuário de jobs do BigQuery (roles/bigquery.jobUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery Studio (roles/bigquery.studioUser)

Usuário do BigQuery (roles/bigquery.user)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Leitor do Data Catalog (roles/datacatalog.viewer)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Editor de tags do Data Catalog (roles/datacatalog.tagEditor)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de ObjectRef do BigQuery (roles/bigquery.objectRefAdmin)

Leitor de ObjectRef do BigQuery (roles/bigquery.objectRefReader)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de ObjectRef do BigQuery (roles/bigquery.objectRefAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Usuário de sessão de leitura do BigQuery (roles/bigquery.readSessionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery Studio (roles/bigquery.studioUser)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Usuário de sessão de leitura do BigQuery (roles/bigquery.readSessionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery Studio (roles/bigquery.studioUser)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Usuário de sessão de leitura do BigQuery (roles/bigquery.readSessionUser)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery Studio (roles/bigquery.studioUser)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Leitor de recursos do BigQuery (roles/bigquery.resourceViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador de recursos do BigQuery (roles/bigquery.resourceAdmin)

Editor de recursos do BigQuery (roles/bigquery.resourceEditor)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Leitor do Data Catalog (roles/datacatalog.viewer)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Editor de tags do Data Catalog (roles/datacatalog.tagEditor)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Visualizador de dados filtrados do BigQuery (roles/bigquery.filteredDataViewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Leitor do Data Catalog (roles/datacatalog.viewer)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Leitor de metadados do BigQuery (roles/bigquery.metadataViewer)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Leitor de dados de armazenamento do Dataplex (roles/dataplex.storageDataReader)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Leitor de tags (roles/resourcemanager.tagViewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Usuário de tags (roles/resourcemanager.tagUser)

Leitor de tags (roles/resourcemanager.tagViewer)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Visualizador de dados do BigQuery (roles/bigquery.dataViewer)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Proprietário (roles/owner)

Administrador do BigQuery (roles/bigquery.admin)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Proprietário de dados de armazenamento do Dataplex (roles/dataplex.storageDataOwner)

Gravador de dados de armazenamento do Dataplex (roles/dataplex.storageDataWriter)

Gravador BigQuery do Datastream (roles/datastream.bigqueryWriter)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Administrador do BigQuery (roles/bigquery.admin)

Editor de dados do BigQuery (roles/bigquery.dataEditor)

Proprietário de dados do BigQuery (roles/bigquery.dataOwner)

Administrador de segurança do BigQuery (roles/bigquery.securityAdmin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Administrador do Data Catalog (roles/datacatalog.admin)

Editor de tags do Data Catalog (roles/datacatalog.tagEditor)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Papéis de agente de serviço

Permissões da API BigQuery Connection

Não há permissões do IAM para esse serviço.

Permissões de consulta contínua do BigQuery

Não há permissões do IAM para esse serviço.

Permissões da política de dados do BigQuery

Não há permissões do IAM para esse serviço.

Permissões do serviço de transferência de dados do BigQuery

Não há permissões do IAM para esse serviço.

Esta tabela lista as permissões do IAM para o BigQuery Engine para Apache Flink e os papéis que as incluem. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Permissão Incluído em papéis

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Leitor do Flink gerenciado (roles/managedflink.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Flink gerenciado (roles/managedflink.admin)

Desenvolvedor do Flink gerenciado (roles/managedflink.developer)

Permissões do serviço de migração do BigQuery

Esta tabela lista as permissões do IAM para o BigQuery Migration Service e os papéis que as incluem. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Permissão Incluído em papéis

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Leitor do MigrationWorkflow (roles/bigquerymigration.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Leitor do MigrationWorkflow (roles/bigquerymigration.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do BigQuery (roles/bigquery.admin)

Administrador do BigQuery Studio (roles/bigquery.studioAdmin)

Usuário do BigQuery (roles/bigquery.user)

Usuário de tradução da migração (roles/bigquerymigration.translationUser)

Driver dos perfis de dados da organização da DLP (roles/dlp.orgdriver)

Driver dos perfis de dados do projeto da DLP (roles/dlp.projectdriver)

Papéis de agente de serviço

Proprietário (roles/owner)

Editor (roles/editor)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Proprietário (roles/owner)

Editor (roles/editor)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Proprietário (roles/owner)

Editor (roles/editor)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Proprietário (roles/owner)

Editor (roles/editor)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Proprietário (roles/owner)

Editor (roles/editor)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Leitor do MigrationWorkflow (roles/bigquerymigration.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Leitor do MigrationWorkflow (roles/bigquerymigration.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Orquestrador de tarefas (roles/bigquerymigration.orchestrator)

Proprietário (roles/owner)

Editor (roles/editor)

Editor do MigrationWorkflow (roles/bigquerymigration.editor)

Permissões do BigQuery Omni

Não há permissões do IAM para esse serviço.

Permissões de compartilhamento do BigQuery

Esta tabela lista as permissões do IAM para compartilhamento do BigQuery e os papéis que as incluem. Para pesquisar todos os papéis e permissões, consulte o índice de papéis e permissões.

Permissão Incluído em papéis

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Leitor do Analytics Hub (roles/analyticshub.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Leitor do Analytics Hub (roles/analyticshub.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Leitor do Analytics Hub (roles/analyticshub.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de segurança (roles/iam.securityAdmin)

Proprietário (roles/owner)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário (roles/owner)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Leitor do Analytics Hub (roles/analyticshub.viewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Leitor do Analytics Hub (roles/analyticshub.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Editor do Analytics Hub (roles/analyticshub.publisher)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Leitor do Analytics Hub (roles/analyticshub.viewer)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Administrador de segurança (roles/iam.securityAdmin)

Proprietário (roles/owner)

Assinante do Analytics Hub (roles/analyticshub.subscriber)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Proprietário (roles/owner)

Administrador do Analytics Hub (roles/analyticshub.admin)

Administrador de listagens do Analytics Hub (roles/analyticshub.listingAdmin)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Proprietário (roles/owner)

Editor (roles/editor)

Leitor (roles/viewer)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Administrador de segurança (roles/iam.securityAdmin)

Revisor de segurança (roles/iam.securityReviewer)

Proprietário (roles/owner)

Editor (roles/editor)

Administrador do Analytics Hub (roles/analyticshub.admin)

Proprietário de assinatura do Analytics Hub (roles/analyticshub.subscriptionOwner)

Permissões para tarefas do BigQuery ML

A tabela a seguir descreve as permissões necessárias para tarefas comuns do BigQuery ML.

Permissão Descrição
bigquery.jobs.create
bigquery.models.create
bigquery.models.getData
bigquery.models.updateData
 Criar um novo modelo usando a instrução CREATE MODEL
bigquery.jobs.create
bigquery.models.create
bigquery.models.getData
bigquery.models.updateData
bigquery.models.updateMetadata
 Substituir um modelo atual usando a instrução CREATE OR REPLACE MODEL
bigquery.models.delete Excluir modelo usando a API models.delete
bigquery.jobs.create
bigquery.models.delete
 Excluir modelo usando a instrução DROP MODEL
bigquery.models.getMetadata Receber metadados do modelo usando a API models.get
bigquery.models.list Listar modelos e metadados em modelos usando a API models.list
bigquery.models.updateMetadata Atualize os metadados do modelo usando a API models.delete. Se você definir ou atualizar um prazo de validade diferente de zero para o modelo, a permissão bigquery.models.delete também será necessária.
bigquery.jobs.create
bigquery.models.getData 		Execute avaliação, previsão e inspeções de modelos e recursos usando funções como ML.EVALUATE, ML.PREDICT, ML.TRAINING_INFO e ML.WEIGHTS.
bigquery.jobs.create
bigquery.models.export 		Exportar um modelo
bigquery.models.updateTag Atualize as tags do Data Catalog de um modelo.

A seguir