Datastream roles and permissions

This page lists the IAM roles and permissions for Datastream. To search through all roles and permissions, see the role and permission index.

Datastream roles

Role Permissions

(roles/datastream.admin)

Full access to all Datastream resources.

datastream.*

  • datastream.connectionProfiles.create
  • datastream.connectionProfiles.createTagBinding
  • datastream.connectionProfiles.delete
  • datastream.connectionProfiles.deleteTagBinding
  • datastream.connectionProfiles.destinationTypes
  • datastream.connectionProfiles.discover
  • datastream.connectionProfiles.get
  • datastream.connectionProfiles.getIamPolicy
  • datastream.connectionProfiles.list
  • datastream.connectionProfiles.listEffectiveTags
  • datastream.connectionProfiles.listStaticServiceIps
  • datastream.connectionProfiles.listTagBindings
  • datastream.connectionProfiles.setIamPolicy
  • datastream.connectionProfiles.sourceTypes
  • datastream.connectionProfiles.update
  • datastream.locations.fetchStaticIps
  • datastream.locations.get
  • datastream.locations.list
  • datastream.objects.get
  • datastream.objects.list
  • datastream.objects.startBackfillJob
  • datastream.objects.stopBackfillJob
  • datastream.operations.cancel
  • datastream.operations.delete
  • datastream.operations.get
  • datastream.operations.list
  • datastream.privateConnections.create
  • datastream.privateConnections.createTagBinding
  • datastream.privateConnections.delete
  • datastream.privateConnections.deleteTagBinding
  • datastream.privateConnections.get
  • datastream.privateConnections.getIamPolicy
  • datastream.privateConnections.list
  • datastream.privateConnections.listEffectiveTags
  • datastream.privateConnections.listTagBindings
  • datastream.privateConnections.setIamPolicy
  • datastream.routes.create
  • datastream.routes.delete
  • datastream.routes.get
  • datastream.routes.getIamPolicy
  • datastream.routes.list
  • datastream.routes.setIamPolicy
  • datastream.streams.computeState
  • datastream.streams.create
  • datastream.streams.createTagBinding
  • datastream.streams.delete
  • datastream.streams.deleteTagBinding
  • datastream.streams.fetchErrors
  • datastream.streams.get
  • datastream.streams.getIamPolicy
  • datastream.streams.list
  • datastream.streams.listEffectiveTags
  • datastream.streams.listTagBindings
  • datastream.streams.pause
  • datastream.streams.resume
  • datastream.streams.setIamPolicy
  • datastream.streams.start
  • datastream.streams.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/datastream.bigqueryWriter)

Permissions needed for datastream to write to BigQuery.

bigquery.connections.delegate

bigquery.connections.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.delete

bigquery.jobs.get

bigquery.jobs.list

bigquery.jobs.update

bigquery.tables.create

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.list

bigquery.tables.update

bigquery.tables.updateData

datastream.connectionProfiles.create

datastream.connectionProfiles.delete

datastream.connectionProfiles.destinationTypes

datastream.connectionProfiles.discover

datastream.connectionProfiles.get

datastream.connectionProfiles.getIamPolicy

datastream.connectionProfiles.list

datastream.connectionProfiles.listEffectiveTags

datastream.connectionProfiles.listStaticServiceIps

datastream.connectionProfiles.listTagBindings

datastream.connectionProfiles.sourceTypes

datastream.connectionProfiles.update

datastream.locations.*

  • datastream.locations.fetchStaticIps
  • datastream.locations.get
  • datastream.locations.list

datastream.objects.*

  • datastream.objects.get
  • datastream.objects.list
  • datastream.objects.startBackfillJob
  • datastream.objects.stopBackfillJob

datastream.operations.*

  • datastream.operations.cancel
  • datastream.operations.delete
  • datastream.operations.get
  • datastream.operations.list

datastream.privateConnections.create

datastream.privateConnections.delete

datastream.privateConnections.get

datastream.privateConnections.getIamPolicy

datastream.privateConnections.list

datastream.privateConnections.listEffectiveTags

datastream.privateConnections.listTagBindings

datastream.routes.create

datastream.routes.delete

datastream.routes.get

datastream.routes.getIamPolicy

datastream.routes.list

datastream.streams.computeState

datastream.streams.create

datastream.streams.delete

datastream.streams.fetchErrors

datastream.streams.get

datastream.streams.getIamPolicy

datastream.streams.list

datastream.streams.listEffectiveTags

datastream.streams.listTagBindings

datastream.streams.pause

datastream.streams.resume

datastream.streams.start

datastream.streams.update

(roles/datastream.serviceAgent)

Grants Cloud Datastream permissions to write data in the user project.

bigquery.connections.delegate

bigquery.connections.get

bigquery.datasets.create

bigquery.datasets.get

bigquery.jobs.create

bigquery.jobs.delete

bigquery.jobs.get

bigquery.jobs.list

bigquery.jobs.update

bigquery.tables.create

bigquery.tables.get

bigquery.tables.getData

bigquery.tables.list

bigquery.tables.update

bigquery.tables.updateData

compute.globalAddresses.create

compute.globalAddresses.createInternal

compute.globalAddresses.delete

compute.globalAddresses.deleteInternal

compute.globalAddresses.get

compute.globalOperations.get

compute.networkAttachments.get

compute.networkAttachments.list

compute.networks.addPeering

compute.networks.get

compute.networks.listPeeringRoutes

compute.networks.removePeering

compute.networks.use

compute.routes.get

compute.routes.list

compute.subnetworks.get

compute.subnetworks.list

pubsub.topics.publish

storage.buckets.get

storage.objects.create

storage.objects.get

storage.objects.list

(roles/datastream.viewer)

Read-only access to all Datastream resources.

datastream.connectionProfiles.destinationTypes

datastream.connectionProfiles.discover

datastream.connectionProfiles.get

datastream.connectionProfiles.getIamPolicy

datastream.connectionProfiles.list

datastream.connectionProfiles.listEffectiveTags

datastream.connectionProfiles.listStaticServiceIps

datastream.connectionProfiles.listTagBindings

datastream.connectionProfiles.sourceTypes

datastream.locations.*

  • datastream.locations.fetchStaticIps
  • datastream.locations.get
  • datastream.locations.list

datastream.objects.get

datastream.objects.list

datastream.operations.get

datastream.operations.list

datastream.privateConnections.get

datastream.privateConnections.getIamPolicy

datastream.privateConnections.list

datastream.privateConnections.listEffectiveTags

datastream.privateConnections.listTagBindings

datastream.routes.get

datastream.routes.getIamPolicy

datastream.routes.list

datastream.streams.fetchErrors

datastream.streams.get

datastream.streams.getIamPolicy

datastream.streams.list

datastream.streams.listEffectiveTags

datastream.streams.listTagBindings

resourcemanager.projects.get

resourcemanager.projects.list

Datastream permissions

Permission Included in roles

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Datastream Viewer (roles/datastream.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Datastream Admin (roles/datastream.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Owner (roles/owner)

Editor (roles/editor)

Datastream Admin (roles/datastream.admin)

Datastream Bigquery Writer (roles/datastream.bigqueryWriter)

Dataproc Metastore Managed Migration Admin (roles/metastore.migrationAdmin)