Migrate to Virtual Machines roles and permissions

This page lists the IAM roles and permissions for Migrate to Virtual Machines. To search through all roles and permissions, see the role and permission index.

Migrate to Virtual Machines roles

Role Permissions

(roles/cloudmigration.inframanager)

Ability to create and manage Compute VMs to run Velostrata Infrastructure

cloudmigration.velostrataendpoints.connect

compute.addresses.create

compute.addresses.createInternal

compute.addresses.delete

compute.addresses.deleteInternal

compute.addresses.get

compute.addresses.list

compute.addresses.setLabels

compute.addresses.use

compute.addresses.useInternal

compute.diskTypes.*

  • compute.diskTypes.get
  • compute.diskTypes.list

compute.disks.create

compute.disks.createSnapshot

compute.disks.delete

compute.disks.get

compute.disks.list

compute.disks.setLabels

compute.disks.update

compute.disks.use

compute.disks.useReadOnly

compute.globalOperations.get

compute.images.get

compute.images.list

compute.images.useReadOnly

compute.instances.attachDisk

compute.instances.create

compute.instances.delete

compute.instances.detachDisk

compute.instances.get

compute.instances.getSerialPortOutput

compute.instances.list

compute.instances.reset

compute.instances.setDiskAutoDelete

compute.instances.setLabels

compute.instances.setMachineType

compute.instances.setMetadata

compute.instances.setMinCpuPlatform

compute.instances.setScheduling

compute.instances.setServiceAccount

compute.instances.setTags

compute.instances.start

compute.instances.startWithEncryptionKey

compute.instances.stop

compute.instances.update

compute.instances.updateNetworkInterface

compute.instances.updateShieldedInstanceConfig

compute.instances.use

compute.licenseCodes.get

compute.licenseCodes.list

compute.licenses.get

compute.licenses.list

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute.networks.get

compute.networks.list

compute.networks.use

compute.networks.useExternalIp

compute.nodeGroups.get

compute.nodeGroups.list

compute.nodeTemplates.list

compute.projects.get

compute.regionOperations.get

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.snapshots.create

compute.snapshots.delete

compute.snapshots.get

compute.snapshots.setLabels

compute.snapshots.useReadOnly

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

compute.subnetworks.useExternalIp

compute.zoneOperations.get

compute.zones.*

  • compute.zones.get
  • compute.zones.list

gkehub.endpoints.connect

iam.serviceAccounts.get

iam.serviceAccounts.list

resourcemanager.projects.get

storage.buckets.create

storage.buckets.delete

storage.buckets.get

storage.buckets.list

storage.buckets.update

(roles/cloudmigration.storageaccess)

Ability to access migration storage

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

(roles/cloudmigration.velostrataconnect)

Ability to set up connection between Velostrata Manager and Google

cloudmigration.velostrataendpoints.connect

gkehub.endpoints.connect

Migrate to Virtual Machines permissions

Permission Included in roles

Owner (roles/owner)

Velostrata Manager (roles/cloudmigration.inframanager)

Velostrata Manager Connection Agent (roles/cloudmigration.velostrataconnect)