Dataproc roles and permissions
Stay organized with collections Save and categorize content based on your preferences.

This page lists the IAM roles and permissions for Dataproc. To search through all roles and permissions, see the role and permission index.

Dataproc roles

Role Permissions

Role	Permissions
Dataproc Administrator (`roles/dataproc.admin`) Full control of Dataproc resources.	`compute.machineTypes.` `compute.machineTypes.get` `compute.machineTypes.list` `compute.networks.get` `compute.networks.list` `compute.projects.get` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `dataproc.autoscalingPolicies.` `dataproc.autoscalingPolicies.create` `dataproc.autoscalingPolicies.delete` `dataproc.autoscalingPolicies.get` `dataproc.autoscalingPolicies.getIamPolicy` `dataproc.autoscalingPolicies.list` `dataproc.autoscalingPolicies.setIamPolicy` `dataproc.autoscalingPolicies.update` `dataproc.autoscalingPolicies.use` `dataproc.batches.` `dataproc.batches.analyze` `dataproc.batches.cancel` `dataproc.batches.create` `dataproc.batches.delete` `dataproc.batches.get` `dataproc.batches.list` `dataproc.batches.sparkApplicationRead` `dataproc.batches.sparkApplicationWrite` `dataproc.clusters.` `dataproc.clusters.create` `dataproc.clusters.delete` `dataproc.clusters.get` `dataproc.clusters.getIamPolicy` `dataproc.clusters.list` `dataproc.clusters.setIamPolicy` `dataproc.clusters.start` `dataproc.clusters.stop` `dataproc.clusters.update` `dataproc.clusters.use` `dataproc.jobs.` `dataproc.jobs.cancel` `dataproc.jobs.create` `dataproc.jobs.delete` `dataproc.jobs.get` `dataproc.jobs.getIamPolicy` `dataproc.jobs.list` `dataproc.jobs.setIamPolicy` `dataproc.jobs.update` `dataproc.nodeGroups.` `dataproc.nodeGroups.create` `dataproc.nodeGroups.get` `dataproc.nodeGroups.update` `dataproc.operations.` `dataproc.operations.cancel` `dataproc.operations.delete` `dataproc.operations.get` `dataproc.operations.getIamPolicy` `dataproc.operations.list` `dataproc.operations.setIamPolicy` `dataproc.sessionTemplates.` `dataproc.sessionTemplates.create` `dataproc.sessionTemplates.delete` `dataproc.sessionTemplates.get` `dataproc.sessionTemplates.list` `dataproc.sessionTemplates.update` `dataproc.sessions.` `dataproc.sessions.create` `dataproc.sessions.delete` `dataproc.sessions.get` `dataproc.sessions.list` `dataproc.sessions.sparkApplicationRead` `dataproc.sessions.sparkApplicationWrite` `dataproc.sessions.terminate` `dataproc.workflowTemplates.` `dataproc.workflowTemplates.create` `dataproc.workflowTemplates.delete` `dataproc.workflowTemplates.get` `dataproc.workflowTemplates.getIamPolicy` `dataproc.workflowTemplates.instantiate` `dataproc.workflowTemplates.instantiateInline` `dataproc.workflowTemplates.list` `dataproc.workflowTemplates.setIamPolicy` `dataproc.workflowTemplates.update` `dataprocrm.nodePools.` `dataprocrm.nodePools.create` `dataprocrm.nodePools.delete` `dataprocrm.nodePools.deleteNodes` `dataprocrm.nodePools.get` `dataprocrm.nodePools.list` `dataprocrm.nodePools.resize` `dataprocrm.nodes.get` `dataprocrm.nodes.heartbeat` `dataprocrm.nodes.list` `dataprocrm.nodes.update` `dataprocrm.operations.get` `dataprocrm.operations.list` `dataprocrm.workloads.` `dataprocrm.workloads.cancel` `dataprocrm.workloads.create` `dataprocrm.workloads.delete` `dataprocrm.workloads.get` `dataprocrm.workloads.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataproc Editor (`roles/dataproc.editor`) Provides the permissions necessary for viewing the resources required to manage Dataproc, including machine types, networks, projects, and zones. Lowest-level resources where you can grant this role: Cluster	`compute.machineTypes.` `compute.machineTypes.get` `compute.machineTypes.list` `compute.networks.get` `compute.networks.list` `compute.projects.get` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `dataproc.autoscalingPolicies.create` `dataproc.autoscalingPolicies.delete` `dataproc.autoscalingPolicies.get` `dataproc.autoscalingPolicies.list` `dataproc.autoscalingPolicies.update` `dataproc.autoscalingPolicies.use` `dataproc.batches.` `dataproc.batches.analyze` `dataproc.batches.cancel` `dataproc.batches.create` `dataproc.batches.delete` `dataproc.batches.get` `dataproc.batches.list` `dataproc.batches.sparkApplicationRead` `dataproc.batches.sparkApplicationWrite` `dataproc.clusters.create` `dataproc.clusters.delete` `dataproc.clusters.get` `dataproc.clusters.list` `dataproc.clusters.start` `dataproc.clusters.stop` `dataproc.clusters.update` `dataproc.clusters.use` `dataproc.jobs.cancel` `dataproc.jobs.create` `dataproc.jobs.delete` `dataproc.jobs.get` `dataproc.jobs.list` `dataproc.jobs.update` `dataproc.nodeGroups.` `dataproc.nodeGroups.create` `dataproc.nodeGroups.get` `dataproc.nodeGroups.update` `dataproc.operations.cancel` `dataproc.operations.delete` `dataproc.operations.get` `dataproc.operations.list` `dataproc.sessionTemplates.` `dataproc.sessionTemplates.create` `dataproc.sessionTemplates.delete` `dataproc.sessionTemplates.get` `dataproc.sessionTemplates.list` `dataproc.sessionTemplates.update` `dataproc.sessions.` `dataproc.sessions.create` `dataproc.sessions.delete` `dataproc.sessions.get` `dataproc.sessions.list` `dataproc.sessions.sparkApplicationRead` `dataproc.sessions.sparkApplicationWrite` `dataproc.sessions.terminate` `dataproc.workflowTemplates.create` `dataproc.workflowTemplates.delete` `dataproc.workflowTemplates.get` `dataproc.workflowTemplates.instantiate` `dataproc.workflowTemplates.instantiateInline` `dataproc.workflowTemplates.list` `dataproc.workflowTemplates.update` `dataprocrm.nodePools.` `dataprocrm.nodePools.create` `dataprocrm.nodePools.delete` `dataprocrm.nodePools.deleteNodes` `dataprocrm.nodePools.get` `dataprocrm.nodePools.list` `dataprocrm.nodePools.resize` `dataprocrm.nodes.get` `dataprocrm.nodes.heartbeat` `dataprocrm.nodes.list` `dataprocrm.nodes.update` `dataprocrm.operations.get` `dataprocrm.operations.list` `dataprocrm.workloads.*` `dataprocrm.workloads.cancel` `dataprocrm.workloads.create` `dataprocrm.workloads.delete` `dataprocrm.workloads.get` `dataprocrm.workloads.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataproc Hub Agent (`roles/dataproc.hubAgent`) Allows management of Dataproc resources. Intended for service accounts running Dataproc Hub instances.	`compute.instances.get` `compute.instances.setMetadata` `compute.instances.setTags` `compute.zoneOperations.get` `compute.zones.list` `dataproc.autoscalingPolicies.get` `dataproc.autoscalingPolicies.list` `dataproc.autoscalingPolicies.use` `dataproc.clusters.create` `dataproc.clusters.delete` `dataproc.clusters.get` `dataproc.clusters.list` `dataproc.clusters.update` `dataproc.operations.cancel` `dataproc.operations.delete` `dataproc.operations.get` `dataproc.operations.list` `iam.serviceAccounts.actAs` `iam.serviceAccounts.get` `iam.serviceAccounts.list` `logging.buckets.get` `logging.buckets.list` `logging.exclusions.get` `logging.exclusions.list` `logging.links.get` `logging.links.list` `logging.locations.*` `logging.locations.get` `logging.locations.list` `logging.logEntries.create` `logging.logEntries.list` `logging.logEntries.route` `logging.logMetrics.get` `logging.logMetrics.list` `logging.logScopes.get` `logging.logScopes.list` `logging.logServiceIndexes.list` `logging.logServices.list` `logging.logs.list` `logging.operations.get` `logging.operations.list` `logging.queries.getShared` `logging.queries.listShared` `logging.queries.usePrivate` `logging.sinks.get` `logging.sinks.list` `logging.usage.get` `logging.views.get` `logging.views.list` `observability.scopes.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `storage.buckets.get` `storage.objects.get` `storage.objects.list`
Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Permissions needed to run serverless sessions and batches as a user	`compute.projects.get` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `dataproc.batches.` `dataproc.batches.analyze` `dataproc.batches.cancel` `dataproc.batches.create` `dataproc.batches.delete` `dataproc.batches.get` `dataproc.batches.list` `dataproc.batches.sparkApplicationRead` `dataproc.batches.sparkApplicationWrite` `dataproc.operations.cancel` `dataproc.operations.delete` `dataproc.operations.get` `dataproc.operations.list` `dataproc.sessionTemplates.` `dataproc.sessionTemplates.create` `dataproc.sessionTemplates.delete` `dataproc.sessionTemplates.get` `dataproc.sessionTemplates.list` `dataproc.sessionTemplates.update` `dataproc.sessions.` `dataproc.sessions.create` `dataproc.sessions.delete` `dataproc.sessions.get` `dataproc.sessions.list` `dataproc.sessions.sparkApplicationRead` `dataproc.sessions.sparkApplicationWrite` `dataproc.sessions.terminate` `dataprocrm.nodePools.` `dataprocrm.nodePools.create` `dataprocrm.nodePools.delete` `dataprocrm.nodePools.deleteNodes` `dataprocrm.nodePools.get` `dataprocrm.nodePools.list` `dataprocrm.nodePools.resize` `dataprocrm.nodes.get` `dataprocrm.nodes.heartbeat` `dataprocrm.nodes.list` `dataprocrm.nodes.update` `dataprocrm.operations.get` `dataprocrm.operations.list` `dataprocrm.workloads.*` `dataprocrm.workloads.cancel` `dataprocrm.workloads.create` `dataprocrm.workloads.delete` `dataprocrm.workloads.get` `dataprocrm.workloads.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataproc Serverless Node. (`roles/dataproc.serverlessNode`) Node access to Dataproc Serverless sessions and batches. Intended for service accounts.	`dataproc.batches.sparkApplicationWrite` `dataproc.sessions.sparkApplicationRead` `dataproc.sessions.sparkApplicationWrite` `dataprocrm.nodePools.*` `dataprocrm.nodePools.create` `dataprocrm.nodePools.delete` `dataprocrm.nodePools.deleteNodes` `dataprocrm.nodePools.get` `dataprocrm.nodePools.list` `dataprocrm.nodePools.resize` `dataprocrm.nodes.list`
Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Permissions needed to view serverless sessions and batches	`compute.projects.get` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `dataproc.batches.get` `dataproc.batches.list` `dataproc.sessionTemplates.get` `dataproc.sessionTemplates.list` `dataproc.sessions.get` `dataproc.sessions.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataproc Service Agent (`roles/dataproc.serviceAgent`) Gives Dataproc Service Account access to service accounts, compute resources, storage resources, and kubernetes resources. Includes access to service accounts. Warning: Do not grant service agent roles to any principals except service agents.	`backupdr.backupPlanAssociations.createForComputeDisk` `backupdr.backupPlanAssociations.createForComputeInstance` `backupdr.backupPlanAssociations.deleteForComputeDisk` `backupdr.backupPlanAssociations.deleteForComputeInstance` `backupdr.backupPlanAssociations.list` `backupdr.backupPlanAssociations.triggerBackupForComputeDisk` `backupdr.backupPlanAssociations.triggerBackupForComputeInstance` `backupdr.backupPlanAssociations.updateForComputeDisk` `backupdr.backupPlanAssociations.updateForComputeInstance` `backupdr.backupPlans.get` `backupdr.backupPlans.list` `backupdr.backupPlans.useForComputeDisk` `backupdr.backupPlans.useForComputeInstance` `backupdr.backupVaults.get` `backupdr.backupVaults.list` `backupdr.locations.list` `backupdr.operations.get` `backupdr.operations.list` `backupdr.serviceConfig.initialize` `compute.acceleratorTypes.` `compute.acceleratorTypes.get` `compute.acceleratorTypes.list` `compute.addresses.createInternal` `compute.addresses.deleteInternal` `compute.addresses.get` `compute.addresses.list` `compute.addresses.listEffectiveTags` `compute.addresses.listTagBindings` `compute.addresses.use` `compute.addresses.useInternal` `compute.autoscalers.` `compute.autoscalers.create` `compute.autoscalers.delete` `compute.autoscalers.get` `compute.autoscalers.list` `compute.autoscalers.update` `compute.diskSettings.get` `compute.diskTypes.` `compute.diskTypes.get` `compute.diskTypes.list` `compute.disks.create` `compute.disks.createSnapshot` `compute.disks.createTagBinding` `compute.disks.delete` `compute.disks.get` `compute.disks.list` `compute.disks.resize` `compute.disks.setLabels` `compute.disks.startAsyncReplication` `compute.disks.stopAsyncReplication` `compute.disks.stopGroupAsyncReplication` `compute.disks.update` `compute.disks.use` `compute.disks.useReadOnly` `compute.firewalls.get` `compute.firewalls.list` `compute.globalAddresses.get` `compute.globalAddresses.list` `compute.globalAddresses.listEffectiveTags` `compute.globalAddresses.listTagBindings` `compute.globalAddresses.use` `compute.globalNetworkEndpointGroups.` `compute.globalNetworkEndpointGroups.attachNetworkEndpoints` `compute.globalNetworkEndpointGroups.create` `compute.globalNetworkEndpointGroups.createTagBinding` `compute.globalNetworkEndpointGroups.delete` `compute.globalNetworkEndpointGroups.deleteTagBinding` `compute.globalNetworkEndpointGroups.detachNetworkEndpoints` `compute.globalNetworkEndpointGroups.get` `compute.globalNetworkEndpointGroups.list` `compute.globalNetworkEndpointGroups.listEffectiveTags` `compute.globalNetworkEndpointGroups.listTagBindings` `compute.globalNetworkEndpointGroups.use` `compute.globalOperations.get` `compute.globalOperations.list` `compute.images.get` `compute.images.getFromFamily` `compute.images.list` `compute.images.useReadOnly` `compute.instanceGroupManagers.` `compute.instanceGroupManagers.create` `compute.instanceGroupManagers.createTagBinding` `compute.instanceGroupManagers.delete` `compute.instanceGroupManagers.deleteTagBinding` `compute.instanceGroupManagers.get` `compute.instanceGroupManagers.list` `compute.instanceGroupManagers.listEffectiveTags` `compute.instanceGroupManagers.listTagBindings` `compute.instanceGroupManagers.update` `compute.instanceGroupManagers.use` `compute.instanceGroups.` `compute.instanceGroups.create` `compute.instanceGroups.createTagBinding` `compute.instanceGroups.delete` `compute.instanceGroups.deleteTagBinding` `compute.instanceGroups.get` `compute.instanceGroups.list` `compute.instanceGroups.listEffectiveTags` `compute.instanceGroups.listTagBindings` `compute.instanceGroups.update` `compute.instanceGroups.use` `compute.instanceSettings.get` `compute.instanceTemplates.` `compute.instanceTemplates.create` `compute.instanceTemplates.delete` `compute.instanceTemplates.get` `compute.instanceTemplates.getIamPolicy` `compute.instanceTemplates.list` `compute.instanceTemplates.setIamPolicy` `compute.instanceTemplates.useReadOnly` `compute.instances.` `compute.instances.addAccessConfig` `compute.instances.addNetworkInterface` `compute.instances.addResourcePolicies` `compute.instances.attachDisk` `compute.instances.create` `compute.instances.createTagBinding` `compute.instances.delete` `compute.instances.deleteAccessConfig` `compute.instances.deleteNetworkInterface` `compute.instances.deleteTagBinding` `compute.instances.detachDisk` `compute.instances.get` `compute.instances.getEffectiveFirewalls` `compute.instances.getGuestAttributes` `compute.instances.getIamPolicy` `compute.instances.getScreenshot` `compute.instances.getSerialPortOutput` `compute.instances.getShieldedInstanceIdentity` `compute.instances.getShieldedVmIdentity` `compute.instances.list` `compute.instances.listEffectiveTags` `compute.instances.listReferrers` `compute.instances.listTagBindings` `compute.instances.osAdminLogin` `compute.instances.osLogin` `compute.instances.pscInterfaceCreate` `compute.instances.removeResourcePolicies` `compute.instances.reset` `compute.instances.resume` `compute.instances.sendDiagnosticInterrupt` `compute.instances.setDeletionProtection` `compute.instances.setDiskAutoDelete` `compute.instances.setIamPolicy` `compute.instances.setLabels` `compute.instances.setMachineResources` `compute.instances.setMachineType` `compute.instances.setMetadata` `compute.instances.setMinCpuPlatform` `compute.instances.setName` `compute.instances.setScheduling` `compute.instances.setSecurityPolicy` `compute.instances.setServiceAccount` `compute.instances.setShieldedInstanceIntegrityPolicy` `compute.instances.setShieldedVmIntegrityPolicy` `compute.instances.setTags` `compute.instances.simulateMaintenanceEvent` `compute.instances.start` `compute.instances.startWithEncryptionKey` `compute.instances.stop` `compute.instances.suspend` `compute.instances.update` `compute.instances.updateAccessConfig` `compute.instances.updateDisplayDevice` `compute.instances.updateNetworkInterface` `compute.instances.updateSecurity` `compute.instances.updateShieldedInstanceConfig` `compute.instances.updateShieldedVmConfig` `compute.instances.use` `compute.instances.useReadOnly` `compute.licenses.get` `compute.licenses.list` `compute.machineImages.` `compute.machineImages.create` `compute.machineImages.delete` `compute.machineImages.get` `compute.machineImages.getIamPolicy` `compute.machineImages.list` `compute.machineImages.setIamPolicy` `compute.machineImages.setLabels` `compute.machineImages.useReadOnly` `compute.machineTypes.` `compute.machineTypes.get` `compute.machineTypes.list` `compute.multiMig.` `compute.multiMig.create` `compute.multiMig.delete` `compute.multiMig.get` `compute.multiMig.list` `compute.networkEndpointGroups.` `compute.networkEndpointGroups.attachNetworkEndpoints` `compute.networkEndpointGroups.create` `compute.networkEndpointGroups.createTagBinding` `compute.networkEndpointGroups.delete` `compute.networkEndpointGroups.deleteTagBinding` `compute.networkEndpointGroups.detachNetworkEndpoints` `compute.networkEndpointGroups.get` `compute.networkEndpointGroups.list` `compute.networkEndpointGroups.listEffectiveTags` `compute.networkEndpointGroups.listTagBindings` `compute.networkEndpointGroups.use` `compute.networks.get` `compute.networks.getEffectiveFirewalls` `compute.networks.list` `compute.networks.listEffectiveTags` `compute.networks.listTagBindings` `compute.networks.use` `compute.networks.useExternalIp` `compute.nodeGroups.get` `compute.nodeTypes.get` `compute.projects.get` `compute.regionNetworkEndpointGroups.` `compute.regionNetworkEndpointGroups.attachNetworkEndpoints` `compute.regionNetworkEndpointGroups.create` `compute.regionNetworkEndpointGroups.createTagBinding` `compute.regionNetworkEndpointGroups.delete` `compute.regionNetworkEndpointGroups.deleteTagBinding` `compute.regionNetworkEndpointGroups.detachNetworkEndpoints` `compute.regionNetworkEndpointGroups.get` `compute.regionNetworkEndpointGroups.list` `compute.regionNetworkEndpointGroups.listEffectiveTags` `compute.regionNetworkEndpointGroups.listTagBindings` `compute.regionNetworkEndpointGroups.use` `compute.regionOperations.get` `compute.regionOperations.list` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.reservationBlocks.get` `compute.reservationBlocks.list` `compute.reservations.get` `compute.reservations.list` `compute.resourcePolicies.list` `compute.resourcePolicies.useReadOnly` `compute.storagePools.get` `compute.storagePools.list` `compute.storagePools.use` `compute.subnetworks.get` `compute.subnetworks.list` `compute.subnetworks.listEffectiveTags` `compute.subnetworks.listTagBindings` `compute.subnetworks.setPrivateIpGoogleAccess` `compute.subnetworks.use` `compute.subnetworks.useExternalIp` `compute.targetPools.get` `compute.targetPools.list` `compute.targetPools.listEffectiveTags` `compute.targetPools.listTagBindings` `compute.zoneOperations.get` `compute.zoneOperations.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `container.clusterRoleBindings.` `container.clusterRoleBindings.create` `container.clusterRoleBindings.delete` `container.clusterRoleBindings.get` `container.clusterRoleBindings.list` `container.clusterRoleBindings.update` `container.clusterRoles.` `container.clusterRoles.bind` `container.clusterRoles.create` `container.clusterRoles.delete` `container.clusterRoles.escalate` `container.clusterRoles.get` `container.clusterRoles.list` `container.clusterRoles.update` `container.clusters.get` `container.clusters.update` `container.customResourceDefinitions.create` `container.customResourceDefinitions.delete` `container.customResourceDefinitions.get` `container.customResourceDefinitions.list` `container.customResourceDefinitions.update` `container.namespaces.create` `container.namespaces.delete` `container.namespaces.get` `container.namespaces.list` `container.namespaces.update` `container.operations.get` `container.roleBindings.` `container.roleBindings.create` `container.roleBindings.delete` `container.roleBindings.get` `container.roleBindings.list` `container.roleBindings.update` `container.roles.bind` `container.roles.escalate` `dataproc.autoscalingPolicies.create` `dataproc.autoscalingPolicies.delete` `dataproc.autoscalingPolicies.get` `dataproc.autoscalingPolicies.getIamPolicy` `dataproc.autoscalingPolicies.list` `dataproc.autoscalingPolicies.update` `dataproc.autoscalingPolicies.use` `dataproc.clusters.` `dataproc.clusters.create` `dataproc.clusters.delete` `dataproc.clusters.get` `dataproc.clusters.getIamPolicy` `dataproc.clusters.list` `dataproc.clusters.setIamPolicy` `dataproc.clusters.start` `dataproc.clusters.stop` `dataproc.clusters.update` `dataproc.clusters.use` `dataproc.jobs.` `dataproc.jobs.cancel` `dataproc.jobs.create` `dataproc.jobs.delete` `dataproc.jobs.get` `dataproc.jobs.getIamPolicy` `dataproc.jobs.list` `dataproc.jobs.setIamPolicy` `dataproc.jobs.update` `dataproc.nodeGroups.` `dataproc.nodeGroups.create` `dataproc.nodeGroups.get` `dataproc.nodeGroups.update` `dataproc.operations.cancel` `dataproc.sessionTemplates.get` `dataproc.sessions.` `dataproc.sessions.create` `dataproc.sessions.delete` `dataproc.sessions.get` `dataproc.sessions.list` `dataproc.sessions.sparkApplicationRead` `dataproc.sessions.sparkApplicationWrite` `dataproc.sessions.terminate` `dataprocrm.nodePools.` `dataprocrm.nodePools.create` `dataprocrm.nodePools.delete` `dataprocrm.nodePools.deleteNodes` `dataprocrm.nodePools.get` `dataprocrm.nodePools.list` `dataprocrm.nodePools.resize` `dataprocrm.nodes.` `dataprocrm.nodes.get` `dataprocrm.nodes.heartbeat` `dataprocrm.nodes.list` `dataprocrm.nodes.mintOAuthToken` `dataprocrm.nodes.update` `dataprocrm.operations.cancel` `dataprocrm.operations.get` `dataprocrm.operations.list` `dataprocrm.workloads.` `dataprocrm.workloads.cancel` `dataprocrm.workloads.create` `dataprocrm.workloads.delete` `dataprocrm.workloads.get` `dataprocrm.workloads.list` `firebase.projects.get` `iam.serviceAccounts.actAs` `iam.serviceAccounts.getAccessToken` `metastore.services.get` `orgpolicy.policy.get` `recommender.iamPolicyInsights.` `recommender.iamPolicyInsights.get` `recommender.iamPolicyInsights.list` `recommender.iamPolicyInsights.update` `recommender.iamPolicyRecommendations.` `recommender.iamPolicyRecommendations.get` `recommender.iamPolicyRecommendations.list` `recommender.iamPolicyRecommendations.update` `recommender.storageBucketSoftDeleteInsights.` `recommender.storageBucketSoftDeleteInsights.get` `recommender.storageBucketSoftDeleteInsights.list` `recommender.storageBucketSoftDeleteInsights.update` `recommender.storageBucketSoftDeleteRecommendations.` `recommender.storageBucketSoftDeleteRecommendations.get` `recommender.storageBucketSoftDeleteRecommendations.list` `recommender.storageBucketSoftDeleteRecommendations.update` `resourcemanager.hierarchyNodes.listEffectiveTags` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list` `serviceusage.services.use` `storage.anywhereCaches.` `storage.anywhereCaches.create` `storage.anywhereCaches.disable` `storage.anywhereCaches.get` `storage.anywhereCaches.list` `storage.anywhereCaches.pause` `storage.anywhereCaches.resume` `storage.anywhereCaches.update` `storage.bucketOperations.` `storage.bucketOperations.cancel` `storage.bucketOperations.get` `storage.bucketOperations.list` `storage.buckets.` `storage.buckets.create` `storage.buckets.createTagBinding` `storage.buckets.delete` `storage.buckets.deleteTagBinding` `storage.buckets.enableObjectRetention` `storage.buckets.get` `storage.buckets.getIamPolicy` `storage.buckets.getIpFilter` `storage.buckets.getObjectInsights` `storage.buckets.list` `storage.buckets.listEffectiveTags` `storage.buckets.listTagBindings` `storage.buckets.relocate` `storage.buckets.restore` `storage.buckets.setIamPolicy` `storage.buckets.setIpFilter` `storage.buckets.update` `storage.folders.` `storage.folders.create` `storage.folders.delete` `storage.folders.get` `storage.folders.list` `storage.folders.rename` `storage.intelligenceConfigs.` `storage.intelligenceConfigs.get` `storage.intelligenceConfigs.update` `storage.managedFolders.` `storage.managedFolders.create` `storage.managedFolders.delete` `storage.managedFolders.get` `storage.managedFolders.getIamPolicy` `storage.managedFolders.list` `storage.managedFolders.setIamPolicy` `storage.multipartUploads.` `storage.multipartUploads.abort` `storage.multipartUploads.create` `storage.multipartUploads.list` `storage.multipartUploads.listParts` `storage.objects.*` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.getIamPolicy` `storage.objects.list` `storage.objects.move` `storage.objects.overrideUnlockedRetention` `storage.objects.restore` `storage.objects.setIamPolicy` `storage.objects.setRetention` `storage.objects.update`
Dataproc Viewer (`roles/dataproc.viewer`) Provides read-only access to Dataproc resources. Lowest-level resources where you can grant this role: Cluster	`compute.machineTypes.get` `compute.regions.` `compute.regions.get` `compute.regions.list` `compute.zones.` `compute.zones.get` `compute.zones.list` `dataproc.autoscalingPolicies.get` `dataproc.autoscalingPolicies.list` `dataproc.batches.analyze` `dataproc.batches.get` `dataproc.batches.list` `dataproc.batches.sparkApplicationRead` `dataproc.clusters.get` `dataproc.clusters.list` `dataproc.jobs.get` `dataproc.jobs.list` `dataproc.nodeGroups.get` `dataproc.operations.get` `dataproc.operations.list` `dataproc.sessionTemplates.get` `dataproc.sessionTemplates.list` `dataproc.sessions.get` `dataproc.sessions.list` `dataproc.sessions.sparkApplicationRead` `dataproc.workflowTemplates.get` `dataproc.workflowTemplates.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Dataproc Worker (`roles/dataproc.worker`) Provides worker access to Dataproc resources. Intended for service accounts.	`cloudprofiler.profiles.create` `cloudprofiler.profiles.update` `dataproc.agents.` `dataproc.agents.create` `dataproc.agents.delete` `dataproc.agents.get` `dataproc.agents.list` `dataproc.agents.update` `dataproc.batches.sparkApplicationWrite` `dataproc.sessions.sparkApplicationWrite` `dataproc.tasks.` `dataproc.tasks.lease` `dataproc.tasks.listInvalidatedLeases` `dataproc.tasks.reportStatus` `dataprocrm.nodePools.` `dataprocrm.nodePools.create` `dataprocrm.nodePools.delete` `dataprocrm.nodePools.deleteNodes` `dataprocrm.nodePools.get` `dataprocrm.nodePools.list` `dataprocrm.nodePools.resize` `dataprocrm.nodes.get` `dataprocrm.nodes.heartbeat` `dataprocrm.nodes.list` `dataprocrm.nodes.mintOAuthToken` `logging.logEntries.create` `logging.logEntries.route` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create` `storage.buckets.get` `storage.folders.` `storage.folders.create` `storage.folders.delete` `storage.folders.get` `storage.folders.list` `storage.folders.rename` `storage.managedFolders.create` `storage.managedFolders.delete` `storage.managedFolders.get` `storage.managedFolders.list` `storage.multipartUploads.` `storage.multipartUploads.abort` `storage.multipartUploads.create` `storage.multipartUploads.list` `storage.multipartUploads.listParts` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.getIamPolicy` `storage.objects.list` `storage.objects.overrideUnlockedRetention` `storage.objects.restore` `storage.objects.setIamPolicy` `storage.objects.setRetention` `storage.objects.update`

Dataproc Administrator

(roles/dataproc.admin)

Full control of Dataproc resources.

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.networks.get

compute.networks.list

compute.projects.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.zones.*

compute.zones.get
compute.zones.list

dataproc.autoscalingPolicies.*

dataproc.autoscalingPolicies.create
dataproc.autoscalingPolicies.delete
dataproc.autoscalingPolicies.get
dataproc.autoscalingPolicies.getIamPolicy
dataproc.autoscalingPolicies.list
dataproc.autoscalingPolicies.setIamPolicy
dataproc.autoscalingPolicies.update
dataproc.autoscalingPolicies.use

dataproc.batches.*

dataproc.batches.analyze
dataproc.batches.cancel
dataproc.batches.create
dataproc.batches.delete
dataproc.batches.get
dataproc.batches.list
dataproc.batches.sparkApplicationRead
dataproc.batches.sparkApplicationWrite

dataproc.clusters.*

dataproc.clusters.create
dataproc.clusters.delete
dataproc.clusters.get
dataproc.clusters.getIamPolicy
dataproc.clusters.list
dataproc.clusters.setIamPolicy
dataproc.clusters.start
dataproc.clusters.stop
dataproc.clusters.update
dataproc.clusters.use

dataproc.jobs.*

dataproc.jobs.cancel
dataproc.jobs.create
dataproc.jobs.delete
dataproc.jobs.get
dataproc.jobs.getIamPolicy
dataproc.jobs.list
dataproc.jobs.setIamPolicy
dataproc.jobs.update

dataproc.nodeGroups.*

dataproc.nodeGroups.create
dataproc.nodeGroups.get
dataproc.nodeGroups.update

dataproc.operations.*

dataproc.operations.cancel
dataproc.operations.delete
dataproc.operations.get
dataproc.operations.getIamPolicy
dataproc.operations.list
dataproc.operations.setIamPolicy

dataproc.sessionTemplates.*

dataproc.sessionTemplates.create
dataproc.sessionTemplates.delete
dataproc.sessionTemplates.get
dataproc.sessionTemplates.list
dataproc.sessionTemplates.update

dataproc.sessions.*

dataproc.sessions.create
dataproc.sessions.delete
dataproc.sessions.get
dataproc.sessions.list
dataproc.sessions.sparkApplicationRead
dataproc.sessions.sparkApplicationWrite
dataproc.sessions.terminate

dataproc.workflowTemplates.*

dataproc.workflowTemplates.create
dataproc.workflowTemplates.delete
dataproc.workflowTemplates.get
dataproc.workflowTemplates.getIamPolicy
dataproc.workflowTemplates.instantiate
dataproc.workflowTemplates.instantiateInline
dataproc.workflowTemplates.list
dataproc.workflowTemplates.setIamPolicy
dataproc.workflowTemplates.update

dataprocrm.nodePools.*

dataprocrm.nodePools.create
dataprocrm.nodePools.delete
dataprocrm.nodePools.deleteNodes
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodePools.resize

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.list

dataprocrm.nodes.update

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.*

dataprocrm.workloads.cancel
dataprocrm.workloads.create
dataprocrm.workloads.delete
dataprocrm.workloads.get
dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataproc Editor

(roles/dataproc.editor)

Provides the permissions necessary for viewing the resources required to manage Dataproc, including machine types, networks, projects, and zones.

Lowest-level resources where you can grant this role:

Cluster

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.networks.get

compute.networks.list

compute.projects.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.zones.*

compute.zones.get
compute.zones.list

dataproc.autoscalingPolicies.create

dataproc.autoscalingPolicies.delete

dataproc.autoscalingPolicies.get

dataproc.autoscalingPolicies.list

dataproc.autoscalingPolicies.update

dataproc.autoscalingPolicies.use

dataproc.batches.*

dataproc.batches.analyze
dataproc.batches.cancel
dataproc.batches.create
dataproc.batches.delete
dataproc.batches.get
dataproc.batches.list
dataproc.batches.sparkApplicationRead
dataproc.batches.sparkApplicationWrite

dataproc.clusters.create

dataproc.clusters.delete

dataproc.clusters.get

dataproc.clusters.list

dataproc.clusters.start

dataproc.clusters.stop

dataproc.clusters.update

dataproc.clusters.use

dataproc.jobs.cancel

dataproc.jobs.create

dataproc.jobs.delete

dataproc.jobs.get

dataproc.jobs.list

dataproc.jobs.update

dataproc.nodeGroups.*

dataproc.nodeGroups.create
dataproc.nodeGroups.get
dataproc.nodeGroups.update

dataproc.operations.cancel

dataproc.operations.delete

dataproc.operations.get

dataproc.operations.list

dataproc.sessionTemplates.*

dataproc.sessionTemplates.create
dataproc.sessionTemplates.delete
dataproc.sessionTemplates.get
dataproc.sessionTemplates.list
dataproc.sessionTemplates.update

dataproc.sessions.*

dataproc.sessions.create
dataproc.sessions.delete
dataproc.sessions.get
dataproc.sessions.list
dataproc.sessions.sparkApplicationRead
dataproc.sessions.sparkApplicationWrite
dataproc.sessions.terminate

dataproc.workflowTemplates.create

dataproc.workflowTemplates.delete

dataproc.workflowTemplates.get

dataproc.workflowTemplates.instantiate

dataproc.workflowTemplates.instantiateInline

dataproc.workflowTemplates.list

dataproc.workflowTemplates.update

dataprocrm.nodePools.*

dataprocrm.nodePools.create
dataprocrm.nodePools.delete
dataprocrm.nodePools.deleteNodes
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodePools.resize

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.list

dataprocrm.nodes.update

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.*

dataprocrm.workloads.cancel
dataprocrm.workloads.create
dataprocrm.workloads.delete
dataprocrm.workloads.get
dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataproc Hub Agent

(roles/dataproc.hubAgent)

Allows management of Dataproc resources. Intended for service accounts running Dataproc Hub instances.

compute.instances.get

compute.instances.setMetadata

compute.instances.setTags

compute.zoneOperations.get

compute.zones.list

dataproc.autoscalingPolicies.get

dataproc.autoscalingPolicies.list

dataproc.autoscalingPolicies.use

dataproc.clusters.create

dataproc.clusters.delete

dataproc.clusters.get

dataproc.clusters.list

dataproc.clusters.update

dataproc.operations.cancel

dataproc.operations.delete

dataproc.operations.get

dataproc.operations.list

iam.serviceAccounts.actAs

iam.serviceAccounts.get

iam.serviceAccounts.list

logging.buckets.get

logging.buckets.list

logging.exclusions.get

logging.exclusions.list

logging.links.get

logging.links.list

logging.locations.*

logging.locations.get
logging.locations.list

logging.logEntries.create

logging.logEntries.list

logging.logEntries.route

logging.logMetrics.get

logging.logMetrics.list

logging.logScopes.get

logging.logScopes.list

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.operations.get

logging.operations.list

logging.queries.getShared

logging.queries.listShared

logging.queries.usePrivate

logging.sinks.get

logging.sinks.list

logging.usage.get

logging.views.get

logging.views.list

observability.scopes.get

resourcemanager.projects.get

resourcemanager.projects.list

storage.buckets.get

storage.objects.get

storage.objects.list

Dataproc Serverless Editor

(roles/dataproc.serverlessEditor)

Permissions needed to run serverless sessions and batches as a user

compute.projects.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.zones.*

compute.zones.get
compute.zones.list

dataproc.batches.*

dataproc.batches.analyze
dataproc.batches.cancel
dataproc.batches.create
dataproc.batches.delete
dataproc.batches.get
dataproc.batches.list
dataproc.batches.sparkApplicationRead
dataproc.batches.sparkApplicationWrite

dataproc.operations.cancel

dataproc.operations.delete

dataproc.operations.get

dataproc.operations.list

dataproc.sessionTemplates.*

dataproc.sessionTemplates.create
dataproc.sessionTemplates.delete
dataproc.sessionTemplates.get
dataproc.sessionTemplates.list
dataproc.sessionTemplates.update

dataproc.sessions.*

dataproc.sessions.create
dataproc.sessions.delete
dataproc.sessions.get
dataproc.sessions.list
dataproc.sessions.sparkApplicationRead
dataproc.sessions.sparkApplicationWrite
dataproc.sessions.terminate

dataprocrm.nodePools.*

dataprocrm.nodePools.create
dataprocrm.nodePools.delete
dataprocrm.nodePools.deleteNodes
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodePools.resize

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.list

dataprocrm.nodes.update

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.*

dataprocrm.workloads.cancel
dataprocrm.workloads.create
dataprocrm.workloads.delete
dataprocrm.workloads.get
dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataproc Serverless Node.

(roles/dataproc.serverlessNode)

Node access to Dataproc Serverless sessions and batches. Intended for service accounts.

dataproc.batches.sparkApplicationWrite

dataproc.sessions.sparkApplicationRead

dataproc.sessions.sparkApplicationWrite

dataprocrm.nodePools.*

dataprocrm.nodePools.create
dataprocrm.nodePools.delete
dataprocrm.nodePools.deleteNodes
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodePools.resize

dataprocrm.nodes.list

Dataproc Serverless Viewer

(roles/dataproc.serverlessViewer)

Permissions needed to view serverless sessions and batches

compute.projects.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.zones.*

compute.zones.get
compute.zones.list

dataproc.batches.get

dataproc.batches.list

dataproc.sessionTemplates.get

dataproc.sessionTemplates.list

dataproc.sessions.get

dataproc.sessions.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataproc Service Agent

(roles/dataproc.serviceAgent)

Gives Dataproc Service Account access to service accounts, compute resources, storage resources, and kubernetes resources. Includes access to service accounts.

backupdr.backupPlanAssociations.createForComputeDisk

backupdr.backupPlanAssociations.createForComputeInstance

backupdr.backupPlanAssociations.deleteForComputeDisk

backupdr.backupPlanAssociations.deleteForComputeInstance

backupdr.backupPlanAssociations.list

backupdr.backupPlanAssociations.triggerBackupForComputeDisk

backupdr.backupPlanAssociations.triggerBackupForComputeInstance

backupdr.backupPlanAssociations.updateForComputeDisk

backupdr.backupPlanAssociations.updateForComputeInstance

backupdr.backupPlans.get

backupdr.backupPlans.list

backupdr.backupPlans.useForComputeDisk

backupdr.backupPlans.useForComputeInstance

backupdr.backupVaults.get

backupdr.backupVaults.list

backupdr.locations.list

backupdr.operations.get

backupdr.operations.list

backupdr.serviceConfig.initialize

compute.acceleratorTypes.*

compute.acceleratorTypes.get
compute.acceleratorTypes.list

compute.addresses.createInternal

compute.addresses.deleteInternal

compute.addresses.get

compute.addresses.list

compute.addresses.listEffectiveTags

compute.addresses.listTagBindings

compute.addresses.use

compute.addresses.useInternal

compute.autoscalers.*

compute.autoscalers.create
compute.autoscalers.delete
compute.autoscalers.get
compute.autoscalers.list
compute.autoscalers.update

compute.diskSettings.get

compute.diskTypes.*

compute.diskTypes.get
compute.diskTypes.list

compute.disks.create

compute.disks.createSnapshot

compute.disks.createTagBinding

compute.disks.delete

compute.disks.get

compute.disks.list

compute.disks.resize

compute.disks.setLabels

compute.disks.startAsyncReplication

compute.disks.stopAsyncReplication

compute.disks.stopGroupAsyncReplication

compute.disks.update

compute.disks.use

compute.disks.useReadOnly

compute.firewalls.get

compute.firewalls.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalAddresses.listEffectiveTags

compute.globalAddresses.listTagBindings

compute.globalAddresses.use

compute.globalNetworkEndpointGroups.*

compute.globalNetworkEndpointGroups.attachNetworkEndpoints
compute.globalNetworkEndpointGroups.create
compute.globalNetworkEndpointGroups.createTagBinding
compute.globalNetworkEndpointGroups.delete
compute.globalNetworkEndpointGroups.deleteTagBinding
compute.globalNetworkEndpointGroups.detachNetworkEndpoints
compute.globalNetworkEndpointGroups.get
compute.globalNetworkEndpointGroups.list
compute.globalNetworkEndpointGroups.listEffectiveTags
compute.globalNetworkEndpointGroups.listTagBindings
compute.globalNetworkEndpointGroups.use

compute.globalOperations.get

compute.globalOperations.list

compute.images.get

compute.images.getFromFamily

compute.images.list

compute.images.useReadOnly

compute.instanceGroupManagers.*

compute.instanceGroupManagers.create
compute.instanceGroupManagers.createTagBinding
compute.instanceGroupManagers.delete
compute.instanceGroupManagers.deleteTagBinding
compute.instanceGroupManagers.get
compute.instanceGroupManagers.list
compute.instanceGroupManagers.listEffectiveTags
compute.instanceGroupManagers.listTagBindings
compute.instanceGroupManagers.update
compute.instanceGroupManagers.use

compute.instanceGroups.*

compute.instanceGroups.create
compute.instanceGroups.createTagBinding
compute.instanceGroups.delete
compute.instanceGroups.deleteTagBinding
compute.instanceGroups.get
compute.instanceGroups.list
compute.instanceGroups.listEffectiveTags
compute.instanceGroups.listTagBindings
compute.instanceGroups.update
compute.instanceGroups.use

compute.instanceSettings.get

compute.instanceTemplates.*

compute.instanceTemplates.create
compute.instanceTemplates.delete
compute.instanceTemplates.get
compute.instanceTemplates.getIamPolicy
compute.instanceTemplates.list
compute.instanceTemplates.setIamPolicy
compute.instanceTemplates.useReadOnly

compute.instances.*

compute.instances.addAccessConfig
compute.instances.addNetworkInterface
compute.instances.addResourcePolicies
compute.instances.attachDisk
compute.instances.create
compute.instances.createTagBinding
compute.instances.delete
compute.instances.deleteAccessConfig
compute.instances.deleteNetworkInterface
compute.instances.deleteTagBinding
compute.instances.detachDisk
compute.instances.get
compute.instances.getEffectiveFirewalls
compute.instances.getGuestAttributes
compute.instances.getIamPolicy
compute.instances.getScreenshot
compute.instances.getSerialPortOutput
compute.instances.getShieldedInstanceIdentity
compute.instances.getShieldedVmIdentity
compute.instances.list
compute.instances.listEffectiveTags
compute.instances.listReferrers
compute.instances.listTagBindings
compute.instances.osAdminLogin
compute.instances.osLogin
compute.instances.pscInterfaceCreate
compute.instances.removeResourcePolicies
compute.instances.reset
compute.instances.resume
compute.instances.sendDiagnosticInterrupt
compute.instances.setDeletionProtection
compute.instances.setDiskAutoDelete
compute.instances.setIamPolicy
compute.instances.setLabels
compute.instances.setMachineResources
compute.instances.setMachineType
compute.instances.setMetadata
compute.instances.setMinCpuPlatform
compute.instances.setName
compute.instances.setScheduling
compute.instances.setSecurityPolicy
compute.instances.setServiceAccount
compute.instances.setShieldedInstanceIntegrityPolicy
compute.instances.setShieldedVmIntegrityPolicy
compute.instances.setTags
compute.instances.simulateMaintenanceEvent
compute.instances.start
compute.instances.startWithEncryptionKey
compute.instances.stop
compute.instances.suspend
compute.instances.update
compute.instances.updateAccessConfig
compute.instances.updateDisplayDevice
compute.instances.updateNetworkInterface
compute.instances.updateSecurity
compute.instances.updateShieldedInstanceConfig
compute.instances.updateShieldedVmConfig
compute.instances.use
compute.instances.useReadOnly

compute.licenses.get

compute.licenses.list

compute.machineImages.*

compute.machineImages.create
compute.machineImages.delete
compute.machineImages.get
compute.machineImages.getIamPolicy
compute.machineImages.list
compute.machineImages.setIamPolicy
compute.machineImages.setLabels
compute.machineImages.useReadOnly

compute.machineTypes.*

compute.machineTypes.get
compute.machineTypes.list

compute.multiMig.*

compute.multiMig.create
compute.multiMig.delete
compute.multiMig.get
compute.multiMig.list

compute.networkEndpointGroups.*

compute.networkEndpointGroups.attachNetworkEndpoints
compute.networkEndpointGroups.create
compute.networkEndpointGroups.createTagBinding
compute.networkEndpointGroups.delete
compute.networkEndpointGroups.deleteTagBinding
compute.networkEndpointGroups.detachNetworkEndpoints
compute.networkEndpointGroups.get
compute.networkEndpointGroups.list
compute.networkEndpointGroups.listEffectiveTags
compute.networkEndpointGroups.listTagBindings
compute.networkEndpointGroups.use

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.list

compute.networks.listEffectiveTags

compute.networks.listTagBindings

compute.networks.use

compute.networks.useExternalIp

compute.nodeGroups.get

compute.nodeTypes.get

compute.projects.get

compute.regionNetworkEndpointGroups.*

compute.regionNetworkEndpointGroups.attachNetworkEndpoints
compute.regionNetworkEndpointGroups.create
compute.regionNetworkEndpointGroups.createTagBinding
compute.regionNetworkEndpointGroups.delete
compute.regionNetworkEndpointGroups.deleteTagBinding
compute.regionNetworkEndpointGroups.detachNetworkEndpoints
compute.regionNetworkEndpointGroups.get
compute.regionNetworkEndpointGroups.list
compute.regionNetworkEndpointGroups.listEffectiveTags
compute.regionNetworkEndpointGroups.listTagBindings
compute.regionNetworkEndpointGroups.use

compute.regionOperations.get

compute.regionOperations.list

compute.regions.*

compute.regions.get
compute.regions.list

compute.reservationBlocks.get

compute.reservationBlocks.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.list

compute.resourcePolicies.useReadOnly

compute.storagePools.get

compute.storagePools.list

compute.storagePools.use

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.listEffectiveTags

compute.subnetworks.listTagBindings

compute.subnetworks.setPrivateIpGoogleAccess

compute.subnetworks.use

compute.subnetworks.useExternalIp

compute.targetPools.get

compute.targetPools.list

compute.targetPools.listEffectiveTags

compute.targetPools.listTagBindings

compute.zoneOperations.get

compute.zoneOperations.list

compute.zones.*

compute.zones.get
compute.zones.list

container.clusterRoleBindings.*

container.clusterRoleBindings.create
container.clusterRoleBindings.delete
container.clusterRoleBindings.get
container.clusterRoleBindings.list
container.clusterRoleBindings.update

container.clusterRoles.*

container.clusterRoles.bind
container.clusterRoles.create
container.clusterRoles.delete
container.clusterRoles.escalate
container.clusterRoles.get
container.clusterRoles.list
container.clusterRoles.update

container.clusters.get

container.clusters.update

container.customResourceDefinitions.create

container.customResourceDefinitions.delete

container.customResourceDefinitions.get

container.customResourceDefinitions.list

container.customResourceDefinitions.update

container.namespaces.create

container.namespaces.delete

container.namespaces.get

container.namespaces.list

container.namespaces.update

container.operations.get

container.roleBindings.*

container.roleBindings.create
container.roleBindings.delete
container.roleBindings.get
container.roleBindings.list
container.roleBindings.update

container.roles.bind

container.roles.escalate

dataproc.autoscalingPolicies.create

dataproc.autoscalingPolicies.delete

dataproc.autoscalingPolicies.get

dataproc.autoscalingPolicies.getIamPolicy

dataproc.autoscalingPolicies.list

dataproc.autoscalingPolicies.update

dataproc.autoscalingPolicies.use

dataproc.clusters.*

dataproc.clusters.create
dataproc.clusters.delete
dataproc.clusters.get
dataproc.clusters.getIamPolicy
dataproc.clusters.list
dataproc.clusters.setIamPolicy
dataproc.clusters.start
dataproc.clusters.stop
dataproc.clusters.update
dataproc.clusters.use

dataproc.jobs.*

dataproc.jobs.cancel
dataproc.jobs.create
dataproc.jobs.delete
dataproc.jobs.get
dataproc.jobs.getIamPolicy
dataproc.jobs.list
dataproc.jobs.setIamPolicy
dataproc.jobs.update

dataproc.nodeGroups.*

dataproc.nodeGroups.create
dataproc.nodeGroups.get
dataproc.nodeGroups.update

dataproc.operations.cancel

dataproc.sessionTemplates.get

dataproc.sessions.*

dataproc.sessions.create
dataproc.sessions.delete
dataproc.sessions.get
dataproc.sessions.list
dataproc.sessions.sparkApplicationRead
dataproc.sessions.sparkApplicationWrite
dataproc.sessions.terminate

dataprocrm.nodePools.*

dataprocrm.nodePools.create
dataprocrm.nodePools.delete
dataprocrm.nodePools.deleteNodes
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodePools.resize

dataprocrm.nodes.*

dataprocrm.nodes.get
dataprocrm.nodes.heartbeat
dataprocrm.nodes.list
dataprocrm.nodes.mintOAuthToken
dataprocrm.nodes.update

dataprocrm.operations.cancel

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.*

dataprocrm.workloads.cancel
dataprocrm.workloads.create
dataprocrm.workloads.delete
dataprocrm.workloads.get
dataprocrm.workloads.list

firebase.projects.get

iam.serviceAccounts.actAs

iam.serviceAccounts.getAccessToken

metastore.services.get

orgpolicy.policy.get

recommender.iamPolicyInsights.*

recommender.iamPolicyInsights.get
recommender.iamPolicyInsights.list
recommender.iamPolicyInsights.update

recommender.iamPolicyRecommendations.*

recommender.iamPolicyRecommendations.get
recommender.iamPolicyRecommendations.list
recommender.iamPolicyRecommendations.update

recommender.storageBucketSoftDeleteInsights.*

recommender.storageBucketSoftDeleteInsights.get
recommender.storageBucketSoftDeleteInsights.list
recommender.storageBucketSoftDeleteInsights.update

recommender.storageBucketSoftDeleteRecommendations.*

recommender.storageBucketSoftDeleteRecommendations.get
recommender.storageBucketSoftDeleteRecommendations.list
recommender.storageBucketSoftDeleteRecommendations.update

resourcemanager.hierarchyNodes.listEffectiveTags

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

serviceusage.services.use

storage.anywhereCaches.*

storage.anywhereCaches.create
storage.anywhereCaches.disable
storage.anywhereCaches.get
storage.anywhereCaches.list
storage.anywhereCaches.pause
storage.anywhereCaches.resume
storage.anywhereCaches.update

storage.bucketOperations.*

storage.bucketOperations.cancel
storage.bucketOperations.get
storage.bucketOperations.list

storage.buckets.*

storage.buckets.create
storage.buckets.createTagBinding
storage.buckets.delete
storage.buckets.deleteTagBinding
storage.buckets.enableObjectRetention
storage.buckets.get
storage.buckets.getIamPolicy
storage.buckets.getIpFilter
storage.buckets.getObjectInsights
storage.buckets.list
storage.buckets.listEffectiveTags
storage.buckets.listTagBindings
storage.buckets.relocate
storage.buckets.restore
storage.buckets.setIamPolicy
storage.buckets.setIpFilter
storage.buckets.update

storage.folders.*

storage.folders.create
storage.folders.delete
storage.folders.get
storage.folders.list
storage.folders.rename

storage.intelligenceConfigs.*

storage.intelligenceConfigs.get
storage.intelligenceConfigs.update

storage.managedFolders.*

storage.managedFolders.create
storage.managedFolders.delete
storage.managedFolders.get
storage.managedFolders.getIamPolicy
storage.managedFolders.list
storage.managedFolders.setIamPolicy

storage.multipartUploads.*

storage.multipartUploads.abort
storage.multipartUploads.create
storage.multipartUploads.list
storage.multipartUploads.listParts

storage.objects.*

storage.objects.create
storage.objects.delete
storage.objects.get
storage.objects.getIamPolicy
storage.objects.list
storage.objects.move
storage.objects.overrideUnlockedRetention
storage.objects.restore
storage.objects.setIamPolicy
storage.objects.setRetention
storage.objects.update

Dataproc Viewer

(roles/dataproc.viewer)

Provides read-only access to Dataproc resources.

Lowest-level resources where you can grant this role:

Cluster

compute.machineTypes.get

compute.regions.*

compute.regions.get
compute.regions.list

compute.zones.*

compute.zones.get
compute.zones.list

dataproc.autoscalingPolicies.get

dataproc.autoscalingPolicies.list

dataproc.batches.analyze

dataproc.batches.get

dataproc.batches.list

dataproc.batches.sparkApplicationRead

dataproc.clusters.get

dataproc.clusters.list

dataproc.jobs.get

dataproc.jobs.list

dataproc.nodeGroups.get

dataproc.operations.get

dataproc.operations.list

dataproc.sessionTemplates.get

dataproc.sessionTemplates.list

dataproc.sessions.get

dataproc.sessions.list

dataproc.sessions.sparkApplicationRead

dataproc.workflowTemplates.get

dataproc.workflowTemplates.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataproc Worker

(roles/dataproc.worker)

Provides worker access to Dataproc resources. Intended for service accounts.

cloudprofiler.profiles.create

cloudprofiler.profiles.update

dataproc.agents.*

dataproc.agents.create
dataproc.agents.delete
dataproc.agents.get
dataproc.agents.list
dataproc.agents.update

dataproc.batches.sparkApplicationWrite

dataproc.sessions.sparkApplicationWrite

dataproc.tasks.*

dataproc.tasks.lease
dataproc.tasks.listInvalidatedLeases
dataproc.tasks.reportStatus

dataprocrm.nodePools.*

dataprocrm.nodePools.create
dataprocrm.nodePools.delete
dataprocrm.nodePools.deleteNodes
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodePools.resize

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.list

dataprocrm.nodes.mintOAuthToken

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

storage.buckets.get

storage.folders.*

storage.folders.create
storage.folders.delete
storage.folders.get
storage.folders.list
storage.folders.rename

storage.managedFolders.create

storage.managedFolders.delete

storage.managedFolders.get

storage.managedFolders.list

storage.multipartUploads.*

storage.multipartUploads.abort
storage.multipartUploads.create
storage.multipartUploads.list
storage.multipartUploads.listParts

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.getIamPolicy

storage.objects.list

storage.objects.overrideUnlockedRetention

storage.objects.restore

storage.objects.setIamPolicy

storage.objects.setRetention

storage.objects.update

Dataproc permissions

Permission	Included in roles
`dataproc.agents.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.agents.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.agents.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.agents.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Worker (`roles/dataproc.worker`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`dataproc.agents.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.autoscalingPolicies.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.autoscalingPolicies.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.autoscalingPolicies.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.autoscalingPolicies.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`)
`dataproc.autoscalingPolicies.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.autoscalingPolicies.setIamPolicy`	Owner (`roles/owner`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataproc.autoscalingPolicies.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.autoscalingPolicies.use`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.batches.analyze`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.create`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.delete`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.sparkApplicationRead`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.batches.sparkApplicationWrite`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Node. (`roles/dataproc.serverlessNode`) Dataproc Worker (`roles/dataproc.worker`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.clusters.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.clusters.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.clusters.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.clusters.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`)
`dataproc.clusters.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.clusters.setIamPolicy`	Owner (`roles/owner`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`)
`dataproc.clusters.start`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.clusters.stop`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.clusters.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.clusters.use`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.jobs.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.jobs.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.jobs.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.jobs.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.jobs.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`)
`dataproc.jobs.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.jobs.setIamPolicy`	Owner (`roles/owner`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`)
`dataproc.jobs.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) AI Platform Notebooks Service Agent (`roles/notebooks.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.nodeGroups.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.nodeGroups.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.nodeGroups.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.operations.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`dataproc.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataplex Service Agent (`roles/dataplex.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.operations.setIamPolicy`	Owner (`roles/owner`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataproc.sessionTemplates.create`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessionTemplates.delete`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessionTemplates.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessionTemplates.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessionTemplates.update`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.create`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.delete`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Viewer (`roles/dataproc.serverlessViewer`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.sparkApplicationRead`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Node. (`roles/dataproc.serverlessNode`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.sparkApplicationWrite`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Dataproc Serverless Node. (`roles/dataproc.serverlessNode`) Dataproc Worker (`roles/dataproc.worker`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.sessions.terminate`	Owner (`roles/owner`) Editor (`roles/editor`) BigQuery Studio Admin (`roles/bigquery.studioAdmin`) BigQuery Studio User (`roles/bigquery.studioUser`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Serverless Editor (`roles/dataproc.serverlessEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Dataproc Service Agent (`roles/dataproc.serviceAgent`) Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.tasks.lease`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.tasks.listInvalidatedLeases`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.tasks.reportStatus`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Worker (`roles/dataproc.worker`)
`dataproc.workflowTemplates.create`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.workflowTemplates.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.workflowTemplates.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Viewer (`roles/dataproc.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`dataproc.workflowTemplates.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`dataproc.workflowTemplates.instantiate`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.workflowTemplates.instantiateInline`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.workflowTemplates.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Dataproc Viewer (`roles/dataproc.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)
`dataproc.workflowTemplates.setIamPolicy`	Owner (`roles/owner`) Dataproc Administrator (`roles/dataproc.admin`) Security Admin (`roles/iam.securityAdmin`)
`dataproc.workflowTemplates.update`	Owner (`roles/owner`) Editor (`roles/editor`) Dataproc Administrator (`roles/dataproc.admin`) Dataproc Editor (`roles/dataproc.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Data Fusion API Service Agent (`roles/datafusion.serviceAgent`)

Dataproc roles and permissions Stay organized with collections Save and categorize content based on your preferences.

Dataproc roles

Dataproc Administrator

Dataproc Editor

Dataproc Hub Agent

Dataproc Serverless Editor

Dataproc Serverless Node.

Dataproc Serverless Viewer

Dataproc Service Agent

Dataproc Viewer

Dataproc Worker

Dataproc permissions

dataproc.agents.create

dataproc.agents.delete

dataproc.agents.get

dataproc.agents.list

dataproc.agents.update

dataproc.autoscalingPolicies.create

dataproc.autoscalingPolicies.delete

dataproc.autoscalingPolicies.get

dataproc.autoscalingPolicies.getIamPolicy

dataproc.autoscalingPolicies.list

dataproc.autoscalingPolicies.setIamPolicy

dataproc.autoscalingPolicies.update

dataproc.autoscalingPolicies.use

dataproc.batches.analyze

dataproc.batches.cancel

dataproc.batches.create

dataproc.batches.delete

dataproc.batches.get

dataproc.batches.list

dataproc.batches.sparkApplicationRead

dataproc.batches.sparkApplicationWrite

dataproc.clusters.create

dataproc.clusters.delete

dataproc.clusters.get

dataproc.clusters.getIamPolicy

dataproc.clusters.list

dataproc.clusters.setIamPolicy

dataproc.clusters.start

dataproc.clusters.stop

dataproc.clusters.update

dataproc.clusters.use

dataproc.jobs.cancel

dataproc.jobs.create

dataproc.jobs.delete

dataproc.jobs.get

dataproc.jobs.getIamPolicy

dataproc.jobs.list

dataproc.jobs.setIamPolicy

dataproc.jobs.update

dataproc.nodeGroups.create

dataproc.nodeGroups.get

dataproc.nodeGroups.update

dataproc.operations.cancel

dataproc.operations.delete

dataproc.operations.get

dataproc.operations.getIamPolicy

dataproc.operations.list

dataproc.operations.setIamPolicy

dataproc.sessionTemplates.create

dataproc.sessionTemplates.delete

dataproc.sessionTemplates.get

dataproc.sessionTemplates.list

dataproc.sessionTemplates.update

dataproc.sessions.create

dataproc.sessions.delete

dataproc.sessions.get

dataproc.sessions.list

dataproc.sessions.sparkApplicationRead

dataproc.sessions.sparkApplicationWrite

dataproc.sessions.terminate

dataproc.tasks.lease

dataproc.tasks.listInvalidatedLeases

dataproc.tasks.reportStatus

dataproc.workflowTemplates.create

dataproc.workflowTemplates.delete

dataproc.workflowTemplates.get

dataproc.workflowTemplates.getIamPolicy

dataproc.workflowTemplates.instantiate

Dataproc roles and permissions
Stay organized with collections Save and categorize content based on your preferences.

`dataproc.agents.create`

`dataproc.agents.delete`

`dataproc.agents.get`

`dataproc.agents.list`

`dataproc.agents.update`

`dataproc.autoscalingPolicies.create`

`dataproc.autoscalingPolicies.delete`

`dataproc.autoscalingPolicies.get`

`dataproc.autoscalingPolicies.getIamPolicy`

`dataproc.autoscalingPolicies.list`

`dataproc.autoscalingPolicies.setIamPolicy`

`dataproc.autoscalingPolicies.update`

`dataproc.autoscalingPolicies.use`

`dataproc.batches.analyze`

`dataproc.batches.cancel`

`dataproc.batches.create`

`dataproc.batches.delete`

`dataproc.batches.get`

`dataproc.batches.list`

`dataproc.batches.sparkApplicationRead`

`dataproc.batches.sparkApplicationWrite`

`dataproc.clusters.create`

`dataproc.clusters.delete`

`dataproc.clusters.get`

`dataproc.clusters.getIamPolicy`

`dataproc.clusters.list`

`dataproc.clusters.setIamPolicy`

`dataproc.clusters.start`

`dataproc.clusters.stop`

`dataproc.clusters.update`

`dataproc.clusters.use`

`dataproc.jobs.cancel`

`dataproc.jobs.create`

`dataproc.jobs.delete`

`dataproc.jobs.get`

`dataproc.jobs.getIamPolicy`

`dataproc.jobs.list`

`dataproc.jobs.setIamPolicy`

`dataproc.jobs.update`

`dataproc.nodeGroups.create`

`dataproc.nodeGroups.get`

`dataproc.nodeGroups.update`

`dataproc.operations.cancel`

`dataproc.operations.delete`

`dataproc.operations.get`

`dataproc.operations.getIamPolicy`

`dataproc.operations.list`

`dataproc.operations.setIamPolicy`

`dataproc.sessionTemplates.create`

`dataproc.sessionTemplates.delete`

`dataproc.sessionTemplates.get`

`dataproc.sessionTemplates.list`

`dataproc.sessionTemplates.update`

`dataproc.sessions.create`

`dataproc.sessions.delete`

`dataproc.sessions.get`

`dataproc.sessions.list`

`dataproc.sessions.sparkApplicationRead`

`dataproc.sessions.sparkApplicationWrite`

`dataproc.sessions.terminate`

`dataproc.tasks.lease`

`dataproc.tasks.listInvalidatedLeases`

`dataproc.tasks.reportStatus`

`dataproc.workflowTemplates.create`

`dataproc.workflowTemplates.delete`

`dataproc.workflowTemplates.get`

`dataproc.workflowTemplates.getIamPolicy`

`dataproc.workflowTemplates.instantiate`

`dataproc.workflowTemplates.instantiateInline`

`dataproc.workflowTemplates.list`

`dataproc.workflowTemplates.setIamPolicy`

`dataproc.workflowTemplates.update`