Google Distributed Cloud roles and permissions

This page lists the IAM roles and permissions for Google Distributed Cloud. To search through all roles and permissions, see the role and permission index.

Google Distributed Cloud roles

Role Permissions

(roles/gkeonprem.admin)

Full access to GKE on-prem all resources.

gkeonprem.*

  • gkeonprem.bareMetalAdminClusters.connect
  • gkeonprem.bareMetalAdminClusters.create
  • gkeonprem.bareMetalAdminClusters.createTagBinding
  • gkeonprem.bareMetalAdminClusters.deleteTagBinding
  • gkeonprem.bareMetalAdminClusters.enroll
  • gkeonprem.bareMetalAdminClusters.get
  • gkeonprem.bareMetalAdminClusters.getIamPolicy
  • gkeonprem.bareMetalAdminClusters.list
  • gkeonprem.bareMetalAdminClusters.listEffectiveTags
  • gkeonprem.bareMetalAdminClusters.listTagBindings
  • gkeonprem.bareMetalAdminClusters.queryVersionConfig
  • gkeonprem.bareMetalAdminClusters.setIamPolicy
  • gkeonprem.bareMetalAdminClusters.unenroll
  • gkeonprem.bareMetalAdminClusters.update
  • gkeonprem.bareMetalClusters.create
  • gkeonprem.bareMetalClusters.createTagBinding
  • gkeonprem.bareMetalClusters.delete
  • gkeonprem.bareMetalClusters.deleteTagBinding
  • gkeonprem.bareMetalClusters.enroll
  • gkeonprem.bareMetalClusters.get
  • gkeonprem.bareMetalClusters.getIamPolicy
  • gkeonprem.bareMetalClusters.list
  • gkeonprem.bareMetalClusters.listEffectiveTags
  • gkeonprem.bareMetalClusters.listTagBindings
  • gkeonprem.bareMetalClusters.queryVersionConfig
  • gkeonprem.bareMetalClusters.setIamPolicy
  • gkeonprem.bareMetalClusters.unenroll
  • gkeonprem.bareMetalClusters.update
  • gkeonprem.bareMetalNodePools.create
  • gkeonprem.bareMetalNodePools.delete
  • gkeonprem.bareMetalNodePools.enroll
  • gkeonprem.bareMetalNodePools.get
  • gkeonprem.bareMetalNodePools.getIamPolicy
  • gkeonprem.bareMetalNodePools.list
  • gkeonprem.bareMetalNodePools.setIamPolicy
  • gkeonprem.bareMetalNodePools.unenroll
  • gkeonprem.bareMetalNodePools.update
  • gkeonprem.locations.get
  • gkeonprem.locations.list
  • gkeonprem.operations.cancel
  • gkeonprem.operations.delete
  • gkeonprem.operations.get
  • gkeonprem.operations.list
  • gkeonprem.vmwareAdminClusters.connect
  • gkeonprem.vmwareAdminClusters.createTagBinding
  • gkeonprem.vmwareAdminClusters.deleteTagBinding
  • gkeonprem.vmwareAdminClusters.enroll
  • gkeonprem.vmwareAdminClusters.get
  • gkeonprem.vmwareAdminClusters.getIamPolicy
  • gkeonprem.vmwareAdminClusters.list
  • gkeonprem.vmwareAdminClusters.listEffectiveTags
  • gkeonprem.vmwareAdminClusters.listTagBindings
  • gkeonprem.vmwareAdminClusters.setIamPolicy
  • gkeonprem.vmwareAdminClusters.unenroll
  • gkeonprem.vmwareAdminClusters.update
  • gkeonprem.vmwareClusters.create
  • gkeonprem.vmwareClusters.createTagBinding
  • gkeonprem.vmwareClusters.delete
  • gkeonprem.vmwareClusters.deleteTagBinding
  • gkeonprem.vmwareClusters.enroll
  • gkeonprem.vmwareClusters.get
  • gkeonprem.vmwareClusters.getIamPolicy
  • gkeonprem.vmwareClusters.list
  • gkeonprem.vmwareClusters.listEffectiveTags
  • gkeonprem.vmwareClusters.listTagBindings
  • gkeonprem.vmwareClusters.queryVersionConfig
  • gkeonprem.vmwareClusters.setIamPolicy
  • gkeonprem.vmwareClusters.unenroll
  • gkeonprem.vmwareClusters.update
  • gkeonprem.vmwareNodePools.create
  • gkeonprem.vmwareNodePools.delete
  • gkeonprem.vmwareNodePools.enroll
  • gkeonprem.vmwareNodePools.get
  • gkeonprem.vmwareNodePools.getIamPolicy
  • gkeonprem.vmwareNodePools.list
  • gkeonprem.vmwareNodePools.setIamPolicy
  • gkeonprem.vmwareNodePools.unenroll
  • gkeonprem.vmwareNodePools.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/gkeonprem.serviceAgent)

Gives the GKE On-Prem service agent access to Cloud Platform resources.

gkehub.memberships.delete

gkehub.memberships.get

gkehub.memberships.update

gkeonprem.bareMetalAdminClusters.connect

gkeonprem.bareMetalAdminClusters.enroll

gkeonprem.bareMetalAdminClusters.get

gkeonprem.bareMetalAdminClusters.unenroll

gkeonprem.bareMetalClusters.enroll

gkeonprem.bareMetalClusters.get

gkeonprem.bareMetalClusters.unenroll

gkeonprem.bareMetalNodePools.enroll

gkeonprem.bareMetalNodePools.get

gkeonprem.bareMetalNodePools.unenroll

gkeonprem.operations.get

gkeonprem.operations.list

gkeonprem.vmwareAdminClusters.connect

gkeonprem.vmwareAdminClusters.enroll

gkeonprem.vmwareAdminClusters.get

gkeonprem.vmwareAdminClusters.unenroll

gkeonprem.vmwareClusters.enroll

gkeonprem.vmwareClusters.get

gkeonprem.vmwareClusters.unenroll

gkeonprem.vmwareNodePools.enroll

gkeonprem.vmwareNodePools.get

gkeonprem.vmwareNodePools.unenroll

(roles/gkeonprem.viewer)

Read-only access to GKE on-prem all resources.

gkeonprem.bareMetalAdminClusters.connect

gkeonprem.bareMetalAdminClusters.get

gkeonprem.bareMetalAdminClusters.getIamPolicy

gkeonprem.bareMetalAdminClusters.list

gkeonprem.bareMetalAdminClusters.listEffectiveTags

gkeonprem.bareMetalAdminClusters.listTagBindings

gkeonprem.bareMetalAdminClusters.queryVersionConfig

gkeonprem.bareMetalClusters.get

gkeonprem.bareMetalClusters.getIamPolicy

gkeonprem.bareMetalClusters.list

gkeonprem.bareMetalClusters.listEffectiveTags

gkeonprem.bareMetalClusters.listTagBindings

gkeonprem.bareMetalClusters.queryVersionConfig

gkeonprem.bareMetalNodePools.get

gkeonprem.bareMetalNodePools.getIamPolicy

gkeonprem.bareMetalNodePools.list

gkeonprem.locations.*

  • gkeonprem.locations.get
  • gkeonprem.locations.list

gkeonprem.operations.get

gkeonprem.operations.list

gkeonprem.vmwareAdminClusters.connect

gkeonprem.vmwareAdminClusters.get

gkeonprem.vmwareAdminClusters.getIamPolicy

gkeonprem.vmwareAdminClusters.list

gkeonprem.vmwareAdminClusters.listEffectiveTags

gkeonprem.vmwareAdminClusters.listTagBindings

gkeonprem.vmwareClusters.get

gkeonprem.vmwareClusters.getIamPolicy

gkeonprem.vmwareClusters.list

gkeonprem.vmwareClusters.listEffectiveTags

gkeonprem.vmwareClusters.listTagBindings

gkeonprem.vmwareClusters.queryVersionConfig

gkeonprem.vmwareNodePools.get

gkeonprem.vmwareNodePools.getIamPolicy

gkeonprem.vmwareNodePools.list

resourcemanager.projects.get

resourcemanager.projects.list

Google Distributed Cloud permissions

Permission Included in roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Owner (roles/owner)

GKE on-prem Admin (roles/gkeonprem.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Owner (roles/owner)

GKE on-prem Admin (roles/gkeonprem.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

GKE on-prem Admin (roles/gkeonprem.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

GKE on-prem Admin (roles/gkeonprem.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

Tag User (roles/resourcemanager.tagUser)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Owner (roles/owner)

GKE on-prem Admin (roles/gkeonprem.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

GKE on-prem Admin (roles/gkeonprem.admin)

GKE on-prem Viewer (roles/gkeonprem.viewer)

Security Admin (roles/iam.securityAdmin)

Security Reviewer (roles/iam.securityReviewer)

Owner (roles/owner)

GKE on-prem Admin (roles/gkeonprem.admin)

Security Admin (roles/iam.securityAdmin)

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)

Service agent roles

Owner (roles/owner)

Editor (roles/editor)

GKE on-prem Admin (roles/gkeonprem.admin)