Send feedback
Data Pipelines roles and permissions
Stay organized with collections
Save and categorize content based on your preferences.
This page lists the IAM roles and permissions for Data Pipelines. To
search through all roles and permissions, see the role and
permission index .
Data Pipelines roles
Role
Permissions
Data pipelines Admin
(roles/datapipelines.admin )
Administrator of Data pipelines resources
datapipelines.*
datapipelines.jobs.listdatapipelines.pipelines.createdatapipelines.pipelines.deletedatapipelines.pipelines.getdatapipelines.pipelines.listdatapipelines.pipelines.rundatapipelines.pipelines.stopdatapipelines.pipelines.update
resourcemanager.projects.get
resourcemanager.projects.list
Data pipelines Invoker
(roles/datapipelines.invoker )
Invoker of Data pipelines jobs
datapipelines.pipelines.run
resourcemanager.projects.get
resourcemanager.projects.list
Datapipelines Service Agent
(roles/datapipelines.serviceAgent )
Gives Datapipelines service permissions to create Dataflow & Cloud Scheduler jobs in the user project.
Warning: Do not grant service agent roles to any principals except
service agents .
appengine.applications.get
bigquery.tables.get
bigtable.tables.get
cloudbuild.builds.create
cloudbuild.builds.get
cloudbuild.builds.list
cloudbuild.builds.update
cloudbuild.locations.*
cloudbuild.locations.getcloudbuild.locations.list
cloudbuild.operations.*
cloudbuild.operations.getcloudbuild.operations.list
cloudscheduler.*
cloudscheduler.jobs.createcloudscheduler.jobs.deletecloudscheduler.jobs.enablecloudscheduler.jobs.fullViewcloudscheduler.jobs.getcloudscheduler.jobs.listcloudscheduler.jobs.pausecloudscheduler.jobs.runcloudscheduler.jobs.updatecloudscheduler.locations.getcloudscheduler.locations.list
compute.machineTypes.get
compute.projects.get
compute.regions.list
compute.zones.list
dataflow.jobs.*
dataflow.jobs.canceldataflow.jobs.createdataflow.jobs.getdataflow.jobs.listdataflow.jobs.snapshotdataflow.jobs.updateContents
dataflow.messages.list
dataflow.metrics.get
dataflow.snapshots.*
dataflow.snapshots.deletedataflow.snapshots.getdataflow.snapshots.list
firebase.projects.get
iam.serviceAccounts.actAs
iam.serviceAccounts.get
iam.serviceAccounts.list
orgpolicy.policy.get
pubsub.schemas.get
pubsub.topics.get
recommender.dataflowDiagnosticsInsights.*
recommender.dataflowDiagnosticsInsights.get recommender.dataflowDiagnosticsInsights.list recommender.dataflowDiagnosticsInsights.update
recommender.iamPolicyInsights.*
recommender.iamPolicyInsights.get recommender.iamPolicyInsights.list recommender.iamPolicyInsights.update
recommender.iamPolicyRecommendations.*
recommender.iamPolicyRecommendations.get recommender.iamPolicyRecommendations.list recommender.iamPolicyRecommendations.update
recommender.storageBucketSoftDeleteInsights.*
recommender.storageBucketSoftDeleteInsights.get recommender.storageBucketSoftDeleteInsights.list recommender.storageBucketSoftDeleteInsights.update
recommender.storageBucketSoftDeleteRecommendations.*
recommender.storageBucketSoftDeleteRecommendations.get recommender.storageBucketSoftDeleteRecommendations.list recommender.storageBucketSoftDeleteRecommendations.update
remotebuildexecution.blobs.get
resourcemanager.hierarchyNodes.listEffectiveTags
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.get
serviceusage.services.list
storage.anywhereCaches.*
storage.anywhereCaches.createstorage.anywhereCaches.disablestorage.anywhereCaches.getstorage.anywhereCaches.liststorage.anywhereCaches.pausestorage.anywhereCaches.resumestorage.anywhereCaches.update
storage.bucketOperations.*
storage.bucketOperations.cancel storage.bucketOperations.getstorage.bucketOperations.list
storage.buckets.*
storage.buckets.createstorage.buckets.createTagBinding storage.buckets.deletestorage.buckets.deleteTagBinding storage.buckets.enableObjectRetention storage.buckets.getstorage.buckets.getIamPolicystorage.buckets.getIpFilterstorage.buckets.getObjectInsights storage.buckets.liststorage.buckets.listEffectiveTags storage.buckets.listTagBindings storage.buckets.relocatestorage.buckets.restorestorage.buckets.setIamPolicystorage.buckets.setIpFilterstorage.buckets.update
storage.folders.*
storage.folders.createstorage.folders.deletestorage.folders.getstorage.folders.liststorage.folders.rename
storage.intelligenceConfigs.*
storage.intelligenceConfigs.get storage.intelligenceConfigs.update
storage.managedFolders.*
storage.managedFolders.createstorage.managedFolders.deletestorage.managedFolders.getstorage.managedFolders.getIamPolicy storage.managedFolders.liststorage.managedFolders.setIamPolicy
storage.multipartUploads.*
storage.multipartUploads.abortstorage.multipartUploads.create storage.multipartUploads.liststorage.multipartUploads.listParts
storage.objects.*
storage.objects.createstorage.objects.deletestorage.objects.getstorage.objects.getIamPolicystorage.objects.liststorage.objects.movestorage.objects.overrideUnlockedRetention storage.objects.restorestorage.objects.setIamPolicystorage.objects.setRetentionstorage.objects.update
Data pipelines Viewer
(roles/datapipelines.viewer )
Viewer of Data pipelines resources
datapipelines.jobs.list
datapipelines.pipelines.get
datapipelines.pipelines.list
resourcemanager.projects.get
resourcemanager.projects.list
Data Pipelines permissions
Send feedback
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-16 UTC.
Need to tell us more?
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-16 UTC."],[],[]]
