Dataproc Resource Manager roles and permissions

This page lists the IAM roles and permissions for Dataproc Resource Manager. To search through all roles and permissions, see the role and permission index.

Dataproc Resource Manager roles

Role Permissions

(roles/dataprocrm.admin)

Grants full access to all Dataproc Resource Manager resources. Intended for users that need to create and delete any Dataproc Resource Manager resources.

dataprocrm.*

  • dataprocrm.locations.get
  • dataprocrm.locations.list
  • dataprocrm.nodePools.create
  • dataprocrm.nodePools.delete
  • dataprocrm.nodePools.deleteNodes
  • dataprocrm.nodePools.get
  • dataprocrm.nodePools.list
  • dataprocrm.nodePools.resize
  • dataprocrm.nodes.get
  • dataprocrm.nodes.heartbeat
  • dataprocrm.nodes.list
  • dataprocrm.nodes.mintOAuthToken
  • dataprocrm.nodes.update
  • dataprocrm.operations.cancel
  • dataprocrm.operations.delete
  • dataprocrm.operations.get
  • dataprocrm.operations.list
  • dataprocrm.workloads.cancel
  • dataprocrm.workloads.create
  • dataprocrm.workloads.delete
  • dataprocrm.workloads.get
  • dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/dataprocrm.nodeServiceAgent)

Dataproc Resource Manager Node Service Agent used to run managed resources in user project with restricted permissions.

dataprocrm.nodes.get

dataprocrm.nodes.heartbeat

dataprocrm.nodes.mintOAuthToken

logging.logEntries.create

logging.logEntries.route

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

serviceusage.services.use

(roles/dataprocrm.viewer)

Grants read access to all Dataproc Resource Manager resources. Intended for users that need read-only access to Dataproc Resource Manager resources.

dataprocrm.locations.*

  • dataprocrm.locations.get
  • dataprocrm.locations.list

dataprocrm.nodePools.get

dataprocrm.nodePools.list

dataprocrm.nodes.get

dataprocrm.nodes.list

dataprocrm.nodes.mintOAuthToken

dataprocrm.operations.get

dataprocrm.operations.list

dataprocrm.workloads.get

dataprocrm.workloads.list

resourcemanager.projects.get

resourcemanager.projects.list

Dataproc Resource Manager permissions

Permission Included in roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Serverless Node. (roles/dataproc.serverlessNode)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Dataproc Worker (roles/dataproc.worker)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

BigQuery Studio Admin (roles/bigquery.studioAdmin)

BigQuery Studio User (roles/bigquery.studioUser)

Dataproc Administrator (roles/dataproc.admin)

Dataproc Editor (roles/dataproc.editor)

Dataproc Serverless Editor (roles/dataproc.serverlessEditor)

Dataproc Resource Manager Admin (roles/dataprocrm.admin)

Dataproc Resource Manager Viewer (roles/dataprocrm.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Service agent roles