Cloud Trace roles and permissions

This page lists the IAM roles and permissions for Cloud Trace. To search through all roles and permissions, see the role and permission index.

Cloud Trace roles

Role Permissions

(roles/cloudtrace.admin)

Provides full access to the Trace console and read-write access to traces.

Lowest-level resources where you can grant this role:

  • Project

cloudtrace.*

  • cloudtrace.insights.get
  • cloudtrace.insights.list
  • cloudtrace.stats.get
  • cloudtrace.tasks.create
  • cloudtrace.tasks.delete
  • cloudtrace.tasks.get
  • cloudtrace.tasks.list
  • cloudtrace.traceScopes.create
  • cloudtrace.traceScopes.delete
  • cloudtrace.traceScopes.get
  • cloudtrace.traceScopes.list
  • cloudtrace.traceScopes.update
  • cloudtrace.traces.get
  • cloudtrace.traces.list
  • cloudtrace.traces.patch

observability.scopes.get

resourcemanager.projects.get

resourcemanager.projects.list

telemetry.traces.write

(roles/cloudtrace.agent)

For service accounts. Provides ability to write traces by sending the data to Stackdriver Trace.

Lowest-level resources where you can grant this role:

  • Project

cloudtrace.traces.patch

telemetry.traces.write

(roles/cloudtrace.user)

Provides full access to the Trace console and read access to traces.

Lowest-level resources where you can grant this role:

  • Project

cloudtrace.insights.*

  • cloudtrace.insights.get
  • cloudtrace.insights.list

cloudtrace.stats.get

cloudtrace.tasks.*

  • cloudtrace.tasks.create
  • cloudtrace.tasks.delete
  • cloudtrace.tasks.get
  • cloudtrace.tasks.list

cloudtrace.traceScopes.*

  • cloudtrace.traceScopes.create
  • cloudtrace.traceScopes.delete
  • cloudtrace.traceScopes.get
  • cloudtrace.traceScopes.list
  • cloudtrace.traceScopes.update

cloudtrace.traces.get

cloudtrace.traces.list

observability.scopes.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Trace permissions

Permission Included in roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace User (roles/cloudtrace.user)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Cloud Trace Admin (roles/cloudtrace.admin)

Cloud Trace Agent (roles/cloudtrace.agent)

Service agent roles