Content Warehouse roles and permissions
Stay organized with collections Save and categorize content based on your preferences.

This page lists the IAM roles and permissions for Content Warehouse. To search through all roles and permissions, see the role and permission index.

Content Warehouse roles

Role Permissions

Role	Permissions
Content Warehouse Admin (`roles/contentwarehouse.admin`) Grants full access to all the resources in Content Warehouse	`contentwarehouse.corpora.` `contentwarehouse.corpora.create` `contentwarehouse.corpora.delete` `contentwarehouse.corpora.get` `contentwarehouse.corpora.list` `contentwarehouse.corpora.update` `contentwarehouse.dataExportJobs.` `contentwarehouse.dataExportJobs.create` `contentwarehouse.dataExportJobs.update` `contentwarehouse.documentSchemas.` `contentwarehouse.documentSchemas.create` `contentwarehouse.documentSchemas.delete` `contentwarehouse.documentSchemas.get` `contentwarehouse.documentSchemas.list` `contentwarehouse.documentSchemas.update` `contentwarehouse.documents.` `contentwarehouse.documents.create` `contentwarehouse.documents.delete` `contentwarehouse.documents.get` `contentwarehouse.documents.getIamPolicy` `contentwarehouse.documents.list` `contentwarehouse.documents.setIamPolicy` `contentwarehouse.documents.update` `contentwarehouse.locations.` `contentwarehouse.locations.getStatus` `contentwarehouse.locations.initialize` `contentwarehouse.operations.get` `contentwarehouse.rawDocuments.` `contentwarehouse.rawDocuments.download` `contentwarehouse.rawDocuments.upload` `contentwarehouse.ruleSets.` `contentwarehouse.ruleSets.create` `contentwarehouse.ruleSets.delete` `contentwarehouse.ruleSets.get` `contentwarehouse.ruleSets.list` `contentwarehouse.ruleSets.update` `contentwarehouse.synonymSets.` `contentwarehouse.synonymSets.create` `contentwarehouse.synonymSets.delete` `contentwarehouse.synonymSets.get` `contentwarehouse.synonymSets.list` `contentwarehouse.synonymSets.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Grants full access to the document resource in Content Warehouse	`contentwarehouse.documentSchemas.get` `contentwarehouse.documents.create` `contentwarehouse.documents.delete` `contentwarehouse.documents.get` `contentwarehouse.documents.getIamPolicy` `contentwarehouse.documents.setIamPolicy` `contentwarehouse.documents.update` `contentwarehouse.links.` `contentwarehouse.links.create` `contentwarehouse.links.delete` `contentwarehouse.links.get` `contentwarehouse.links.update` `contentwarehouse.locations.getStatus` `contentwarehouse.rawDocuments.` `contentwarehouse.rawDocuments.download` `contentwarehouse.rawDocuments.upload` `resourcemanager.projects.get` `resourcemanager.projects.list`
Content Warehouse document creator (`roles/contentwarehouse.documentCreator`) Grants access to create document in Content Warehouse	`contentwarehouse.documentSchemas.get` `contentwarehouse.documentSchemas.list` `contentwarehouse.documents.create` `contentwarehouse.locations.getStatus` `resourcemanager.projects.get` `resourcemanager.projects.list`
Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Grants access to update document resource in Content Warehouse	`contentwarehouse.documentSchemas.get` `contentwarehouse.documents.get` `contentwarehouse.documents.getIamPolicy` `contentwarehouse.documents.update` `contentwarehouse.links.` `contentwarehouse.links.create` `contentwarehouse.links.delete` `contentwarehouse.links.get` `contentwarehouse.links.update` `contentwarehouse.locations.getStatus` `contentwarehouse.rawDocuments.` `contentwarehouse.rawDocuments.download` `contentwarehouse.rawDocuments.upload` `resourcemanager.projects.get` `resourcemanager.projects.list`
Content Warehouse document schema viewer (`roles/contentwarehouse.documentSchemaViewer`) Grants access to view the document schemas in Content Warehouse	`contentwarehouse.documentSchemas.get` `contentwarehouse.documentSchemas.list` `contentwarehouse.locations.getStatus` `resourcemanager.projects.get` `resourcemanager.projects.list`
Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`) Grants access to view all the resources in Content Warehouse	`contentwarehouse.documentSchemas.get` `contentwarehouse.documents.get` `contentwarehouse.documents.getIamPolicy` `contentwarehouse.links.get` `contentwarehouse.locations.getStatus` `contentwarehouse.rawDocuments.download` `resourcemanager.projects.get` `resourcemanager.projects.list`
Content Warehouse Service Agent (`roles/contentwarehouse.serviceAgent`) Gives the Content Warehouse service account to manage customer resources Warning: Do not grant service agent roles to any principals except service agents.	`cloudfunctions.functions.invoke` `documentai.datasets.createDocuments` `documentai.processors.get` `documentai.processors.processBatch` `pubsub.topics.publish` `pubsublite.topics.publish` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`

Content Warehouse Admin

(roles/contentwarehouse.admin)

Grants full access to all the resources in Content Warehouse

contentwarehouse.corpora.*

contentwarehouse.corpora.create
contentwarehouse.corpora.delete
contentwarehouse.corpora.get
contentwarehouse.corpora.list
contentwarehouse.corpora.update

contentwarehouse.dataExportJobs.*

contentwarehouse.dataExportJobs.create
contentwarehouse.dataExportJobs.update

contentwarehouse.documentSchemas.*

contentwarehouse.documentSchemas.create
contentwarehouse.documentSchemas.delete
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.documentSchemas.update

contentwarehouse.documents.*

contentwarehouse.documents.create
contentwarehouse.documents.delete
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.list
contentwarehouse.documents.setIamPolicy
contentwarehouse.documents.update

contentwarehouse.locations.*

contentwarehouse.locations.getStatus
contentwarehouse.locations.initialize

contentwarehouse.operations.get

contentwarehouse.rawDocuments.*

contentwarehouse.rawDocuments.download
contentwarehouse.rawDocuments.upload

contentwarehouse.ruleSets.*

contentwarehouse.ruleSets.create
contentwarehouse.ruleSets.delete
contentwarehouse.ruleSets.get
contentwarehouse.ruleSets.list
contentwarehouse.ruleSets.update

contentwarehouse.synonymSets.*

contentwarehouse.synonymSets.create
contentwarehouse.synonymSets.delete
contentwarehouse.synonymSets.get
contentwarehouse.synonymSets.list
contentwarehouse.synonymSets.update

resourcemanager.projects.get

resourcemanager.projects.list

Content Warehouse Document Admin

(roles/contentwarehouse.documentAdmin)

Grants full access to the document resource in Content Warehouse

contentwarehouse.documentSchemas.get

contentwarehouse.documents.create

contentwarehouse.documents.delete

contentwarehouse.documents.get

contentwarehouse.documents.getIamPolicy

contentwarehouse.documents.setIamPolicy

contentwarehouse.documents.update

contentwarehouse.links.*

contentwarehouse.links.create
contentwarehouse.links.delete
contentwarehouse.links.get
contentwarehouse.links.update

contentwarehouse.locations.getStatus

contentwarehouse.rawDocuments.*

contentwarehouse.rawDocuments.download
contentwarehouse.rawDocuments.upload

resourcemanager.projects.get

resourcemanager.projects.list

Content Warehouse document creator

(roles/contentwarehouse.documentCreator)

Grants access to create document in Content Warehouse

contentwarehouse.documentSchemas.get

contentwarehouse.documentSchemas.list

contentwarehouse.documents.create

contentwarehouse.locations.getStatus

resourcemanager.projects.get

resourcemanager.projects.list

Content Warehouse Document Editor

(roles/contentwarehouse.documentEditor)

Grants access to update document resource in Content Warehouse

contentwarehouse.documentSchemas.get

contentwarehouse.documents.get

contentwarehouse.documents.getIamPolicy

contentwarehouse.documents.update

contentwarehouse.links.*

contentwarehouse.links.create
contentwarehouse.links.delete
contentwarehouse.links.get
contentwarehouse.links.update

contentwarehouse.locations.getStatus

contentwarehouse.rawDocuments.*

contentwarehouse.rawDocuments.download
contentwarehouse.rawDocuments.upload

resourcemanager.projects.get

resourcemanager.projects.list

Content Warehouse document schema viewer

(roles/contentwarehouse.documentSchemaViewer)

Grants access to view the document schemas in Content Warehouse

contentwarehouse.documentSchemas.get

contentwarehouse.documentSchemas.list

contentwarehouse.locations.getStatus

resourcemanager.projects.get

resourcemanager.projects.list

Content Warehouse Viewer

(roles/contentwarehouse.documentViewer)

Grants access to view all the resources in Content Warehouse

contentwarehouse.documentSchemas.get

contentwarehouse.documents.get

contentwarehouse.documents.getIamPolicy

contentwarehouse.links.get

contentwarehouse.locations.getStatus

contentwarehouse.rawDocuments.download

resourcemanager.projects.get

resourcemanager.projects.list

Content Warehouse Service Agent

(roles/contentwarehouse.serviceAgent)

Gives the Content Warehouse service account to manage customer resources

cloudfunctions.functions.invoke

documentai.datasets.createDocuments

documentai.processors.get

documentai.processors.processBatch

pubsub.topics.publish

pubsublite.topics.publish

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Content Warehouse permissions

Permission	Included in roles
`contentwarehouse.corpora.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.corpora.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.corpora.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.corpora.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`contentwarehouse.corpora.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.dataExportJobs.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.dataExportJobs.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.documentSchemas.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.documentSchemas.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.documentSchemas.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse document creator (`roles/contentwarehouse.documentCreator`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Content Warehouse document schema viewer (`roles/contentwarehouse.documentSchemaViewer`) Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`)
`contentwarehouse.documentSchemas.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse document creator (`roles/contentwarehouse.documentCreator`) Content Warehouse document schema viewer (`roles/contentwarehouse.documentSchemaViewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`contentwarehouse.documentSchemas.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.documents.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse document creator (`roles/contentwarehouse.documentCreator`)
`contentwarehouse.documents.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`)
`contentwarehouse.documents.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`)
`contentwarehouse.documents.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`contentwarehouse.documents.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`contentwarehouse.documents.setIamPolicy`	Owner (`roles/owner`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Security Admin (`roles/iam.securityAdmin`)
`contentwarehouse.documents.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`)
`contentwarehouse.links.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`)
`contentwarehouse.links.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`)
`contentwarehouse.links.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`)
`contentwarehouse.links.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`)
`contentwarehouse.locations.getStatus`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse document creator (`roles/contentwarehouse.documentCreator`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Content Warehouse document schema viewer (`roles/contentwarehouse.documentSchemaViewer`) Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`)
`contentwarehouse.locations.initialize`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.rawDocuments.download`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`) Content Warehouse Viewer (`roles/contentwarehouse.documentViewer`)
`contentwarehouse.rawDocuments.upload`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Content Warehouse Document Admin (`roles/contentwarehouse.documentAdmin`) Content Warehouse Document Editor (`roles/contentwarehouse.documentEditor`)
`contentwarehouse.ruleSets.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.ruleSets.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.ruleSets.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.ruleSets.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`contentwarehouse.ruleSets.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.synonymSets.create`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.synonymSets.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.synonymSets.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`)
`contentwarehouse.synonymSets.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Content Warehouse Admin (`roles/contentwarehouse.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`contentwarehouse.synonymSets.update`	Owner (`roles/owner`) Editor (`roles/editor`) Content Warehouse Admin (`roles/contentwarehouse.admin`)

Content Warehouse roles and permissions Stay organized with collections Save and categorize content based on your preferences.