Google Cloud Managed Service for Apache Kafka roles and permissions
Stay organized with collections Save and categorize content based on your preferences.

This page lists the IAM roles and permissions for Google Cloud Managed Service for Apache Kafka. To search through all roles and permissions, see the role and permission index.

Google Cloud Managed Service for Apache Kafka roles

Role Permissions

Role	Permissions
Managed Kafka Admin (`roles/managedkafka.admin`) Full access to Managed Kafka resources.	`cloudasset.assets.searchAllResources` `managedkafka.*` `managedkafka.clusters.attachConnectCluster` `managedkafka.clusters.connect` `managedkafka.clusters.create` `managedkafka.clusters.delete` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.clusters.update` `managedkafka.connectClusters.create` `managedkafka.connectClusters.delete` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectClusters.update` `managedkafka.connectors.create` `managedkafka.connectors.delete` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.connectors.pause` `managedkafka.connectors.restart` `managedkafka.connectors.resume` `managedkafka.connectors.stop` `managedkafka.connectors.update` `managedkafka.consumerGroups.delete` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.consumerGroups.update` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.cancel` `managedkafka.operations.delete` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.create` `managedkafka.topics.delete` `managedkafka.topics.get` `managedkafka.topics.list` `managedkafka.topics.update` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`
Managed Kafka Client (`roles/managedkafka.client`) Provides access to connect to the Kafka servers in a cluster, i.e. provides Kafka data plane access. Intended for, e.g., producers and consumers.	`cloudasset.assets.searchAllResources` `managedkafka.clusters.attachConnectCluster` `managedkafka.clusters.connect` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.consumerGroups.` `managedkafka.consumerGroups.delete` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.consumerGroups.update` `managedkafka.locations.` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.*` `managedkafka.topics.create` `managedkafka.topics.delete` `managedkafka.topics.get` `managedkafka.topics.list` `managedkafka.topics.update` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`
Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Provides read and write access to Kafka clusters. Intended for, e.g., IT Departments that provision Kafka clusters, but need not be able to read or modify topics or consumer groups.	`cloudasset.assets.searchAllResources` `managedkafka.clusters.create` `managedkafka.clusters.delete` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.clusters.update` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.locations.*` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.get` `managedkafka.topics.list` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`
Managed Kafka Connect Cluster Editor ^Beta (`roles/managedkafka.connectClusterEditor`) Provides read and write access to Kafka Connect clusters. Intended for, e.g., IT Departments that provision Kafka Connect clusters, but need not be able to read or modify connectors.	`managedkafka.connectClusters.*` `managedkafka.connectClusters.create` `managedkafka.connectClusters.delete` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectClusters.update` `managedkafka.connectors.get` `managedkafka.connectors.list`
Managed Kafka Connector Editor ^Beta (`roles/managedkafka.connectorEditor`) Provides read and write access to connectors. Intended for, e.g., developers who configure and operate connectors.	`cloudasset.assets.searchAllResources` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectors.` `managedkafka.connectors.create` `managedkafka.connectors.delete` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.connectors.pause` `managedkafka.connectors.restart` `managedkafka.connectors.resume` `managedkafka.connectors.stop` `managedkafka.connectors.update` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.locations.` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.get` `managedkafka.topics.list` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`
Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Provides read and write access to consumer group metadata. Intended for, e.g., developers who configure consumer groups.	`cloudasset.assets.searchAllResources` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.consumerGroups.` `managedkafka.consumerGroups.delete` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.consumerGroups.update` `managedkafka.locations.` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.get` `managedkafka.topics.list` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`
Managed Kafka Service Agent (`roles/managedkafka.serviceAgent`) Gives Managed Kafka Service Agent access to Cloud Platform resources. Warning: Do not grant service agent roles to any principals except service agents.	`compute.addresses.create` `compute.addresses.createInternal` `compute.addresses.delete` `compute.addresses.deleteInternal` `compute.addresses.list` `compute.addresses.use` `compute.addresses.useInternal` `compute.forwardingRules.create` `compute.forwardingRules.delete` `compute.forwardingRules.list` `compute.forwardingRules.pscCreate` `compute.forwardingRules.pscDelete` `compute.networkAttachments.create` `compute.networkAttachments.delete` `compute.networkAttachments.get` `compute.networkAttachments.list` `compute.networks.get` `compute.networks.use` `compute.regionOperations.get` `compute.subnetworks.get` `compute.subnetworks.use` `dns.changes.create` `dns.managedZones.create` `dns.managedZones.delete` `dns.managedZones.list` `dns.networks.bindPrivateDNSZone` `dns.networks.targetWithPeeringZone` `dns.resourceRecordSets.create` `dns.resourceRecordSets.delete` `dns.resourceRecordSets.list` `dns.resourceRecordSets.update` `managedkafka.clusters.connect` `privateca.caPools.get` `servicedirectory.namespaces.create` `servicedirectory.services.create` `servicedirectory.services.delete`
Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Provides read and write access to topic metadata. Intended for, e.g., developers who configure topics.	`cloudasset.assets.searchAllResources` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.locations.` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.` `managedkafka.topics.create` `managedkafka.topics.delete` `managedkafka.topics.get` `managedkafka.topics.list` `managedkafka.topics.update` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`
Managed Kafka Viewer (`roles/managedkafka.viewer`) Readonly access to Managed Kafka resources.	`cloudasset.assets.searchAllResources` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.connectClusters.get` `managedkafka.connectClusters.list` `managedkafka.connectors.get` `managedkafka.connectors.list` `managedkafka.consumerGroups.get` `managedkafka.consumerGroups.list` `managedkafka.locations.*` `managedkafka.locations.get` `managedkafka.locations.list` `managedkafka.operations.get` `managedkafka.operations.list` `managedkafka.topics.get` `managedkafka.topics.list` `resourcemanager.projects.get` `resourcemanager.projects.list` `serviceusage.quotas.get` `serviceusage.services.get` `serviceusage.services.list`

Managed Kafka Admin

(roles/managedkafka.admin)

Full access to Managed Kafka resources.

cloudasset.assets.searchAllResources

managedkafka.*

managedkafka.clusters.attachConnectCluster
managedkafka.clusters.connect
managedkafka.clusters.create
managedkafka.clusters.delete
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.clusters.update
managedkafka.connectClusters.create
managedkafka.connectClusters.delete
managedkafka.connectClusters.get
managedkafka.connectClusters.list
managedkafka.connectClusters.update
managedkafka.connectors.create
managedkafka.connectors.delete
managedkafka.connectors.get
managedkafka.connectors.list
managedkafka.connectors.pause
managedkafka.connectors.restart
managedkafka.connectors.resume
managedkafka.connectors.stop
managedkafka.connectors.update
managedkafka.consumerGroups.delete
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.consumerGroups.update
managedkafka.locations.get
managedkafka.locations.list
managedkafka.operations.cancel
managedkafka.operations.delete
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.create
managedkafka.topics.delete
managedkafka.topics.get
managedkafka.topics.list
managedkafka.topics.update

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Managed Kafka Client

(roles/managedkafka.client)

Provides access to connect to the Kafka servers in a cluster, i.e. provides Kafka data plane access. Intended for, e.g., producers and consumers.

cloudasset.assets.searchAllResources

managedkafka.clusters.attachConnectCluster

managedkafka.clusters.connect

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.connectClusters.get

managedkafka.connectClusters.list

managedkafka.connectors.get

managedkafka.connectors.list

managedkafka.consumerGroups.*

managedkafka.consumerGroups.delete
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.consumerGroups.update

managedkafka.locations.*

managedkafka.locations.get
managedkafka.locations.list

managedkafka.operations.get

managedkafka.operations.list

managedkafka.topics.*

managedkafka.topics.create
managedkafka.topics.delete
managedkafka.topics.get
managedkafka.topics.list
managedkafka.topics.update

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Managed Kafka Cluster Editor

(roles/managedkafka.clusterEditor)

Provides read and write access to Kafka clusters. Intended for, e.g., IT Departments that provision Kafka clusters, but need not be able to read or modify topics or consumer groups.

cloudasset.assets.searchAllResources

managedkafka.clusters.create

managedkafka.clusters.delete

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.clusters.update

managedkafka.connectClusters.get

managedkafka.connectClusters.list

managedkafka.connectors.get

managedkafka.connectors.list

managedkafka.consumerGroups.get

managedkafka.consumerGroups.list

managedkafka.locations.*

managedkafka.locations.get
managedkafka.locations.list

managedkafka.operations.get

managedkafka.operations.list

managedkafka.topics.get

managedkafka.topics.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Managed Kafka Connect Cluster Editor ^Beta

(roles/managedkafka.connectClusterEditor)

Provides read and write access to Kafka Connect clusters. Intended for, e.g., IT Departments that provision Kafka Connect clusters, but need not be able to read or modify connectors.

managedkafka.connectClusters.*

managedkafka.connectClusters.create
managedkafka.connectClusters.delete
managedkafka.connectClusters.get
managedkafka.connectClusters.list
managedkafka.connectClusters.update

managedkafka.connectors.get

managedkafka.connectors.list

Managed Kafka Connector Editor ^Beta

(roles/managedkafka.connectorEditor)

Provides read and write access to connectors. Intended for, e.g., developers who configure and operate connectors.

cloudasset.assets.searchAllResources

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.connectClusters.get

managedkafka.connectClusters.list

managedkafka.connectors.*

managedkafka.connectors.create
managedkafka.connectors.delete
managedkafka.connectors.get
managedkafka.connectors.list
managedkafka.connectors.pause
managedkafka.connectors.restart
managedkafka.connectors.resume
managedkafka.connectors.stop
managedkafka.connectors.update

managedkafka.consumerGroups.get

managedkafka.consumerGroups.list

managedkafka.locations.*

managedkafka.locations.get
managedkafka.locations.list

managedkafka.operations.get

managedkafka.operations.list

managedkafka.topics.get

managedkafka.topics.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Managed Kafka Consumer Group Editor

(roles/managedkafka.consumerGroupEditor)

Provides read and write access to consumer group metadata. Intended for, e.g., developers who configure consumer groups.

cloudasset.assets.searchAllResources

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.connectClusters.get

managedkafka.connectClusters.list

managedkafka.connectors.get

managedkafka.connectors.list

managedkafka.consumerGroups.*

managedkafka.consumerGroups.delete
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.consumerGroups.update

managedkafka.locations.*

managedkafka.locations.get
managedkafka.locations.list

managedkafka.operations.get

managedkafka.operations.list

managedkafka.topics.get

managedkafka.topics.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Managed Kafka Service Agent

(roles/managedkafka.serviceAgent)

Gives Managed Kafka Service Agent access to Cloud Platform resources.

compute.addresses.create

compute.addresses.createInternal

compute.addresses.delete

compute.addresses.deleteInternal

compute.addresses.list

compute.addresses.use

compute.addresses.useInternal

compute.forwardingRules.create

compute.forwardingRules.delete

compute.forwardingRules.list

compute.forwardingRules.pscCreate

compute.forwardingRules.pscDelete

compute.networkAttachments.create

compute.networkAttachments.delete

compute.networkAttachments.get

compute.networkAttachments.list

compute.networks.get

compute.networks.use

compute.regionOperations.get

compute.subnetworks.get

compute.subnetworks.use

dns.changes.create

dns.managedZones.create

dns.managedZones.delete

dns.managedZones.list

dns.networks.bindPrivateDNSZone

dns.networks.targetWithPeeringZone

dns.resourceRecordSets.create

dns.resourceRecordSets.delete

dns.resourceRecordSets.list

dns.resourceRecordSets.update

managedkafka.clusters.connect

privateca.caPools.get

servicedirectory.namespaces.create

servicedirectory.services.create

servicedirectory.services.delete

Managed Kafka Topic Editor

(roles/managedkafka.topicEditor)

Provides read and write access to topic metadata. Intended for, e.g., developers who configure topics.

cloudasset.assets.searchAllResources

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.connectClusters.get

managedkafka.connectClusters.list

managedkafka.connectors.get

managedkafka.connectors.list

managedkafka.consumerGroups.get

managedkafka.consumerGroups.list

managedkafka.locations.*

managedkafka.locations.get
managedkafka.locations.list

managedkafka.operations.get

managedkafka.operations.list

managedkafka.topics.*

managedkafka.topics.create
managedkafka.topics.delete
managedkafka.topics.get
managedkafka.topics.list
managedkafka.topics.update

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Managed Kafka Viewer

(roles/managedkafka.viewer)

Readonly access to Managed Kafka resources.

cloudasset.assets.searchAllResources

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.connectClusters.get

managedkafka.connectClusters.list

managedkafka.connectors.get

managedkafka.connectors.list

managedkafka.consumerGroups.get

managedkafka.consumerGroups.list

managedkafka.locations.*

managedkafka.locations.get
managedkafka.locations.list

managedkafka.operations.get

managedkafka.operations.list

managedkafka.topics.get

managedkafka.topics.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Google Cloud Managed Service for Apache Kafka permissions

Permission	Included in roles
`managedkafka.clusters.attachConnectCluster`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`)
`managedkafka.clusters.connect`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Managed Kafka Service Agent (`roles/managedkafka.serviceAgent`)
`managedkafka.clusters.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`)
`managedkafka.clusters.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`)
`managedkafka.clusters.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Managed Flink Service Agent (`roles/managedflink.serviceAgent`)
`managedkafka.clusters.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Managed Flink Service Agent (`roles/managedflink.serviceAgent`)
`managedkafka.clusters.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Managed Flink Service Agent (`roles/managedflink.serviceAgent`)
`managedkafka.connectClusters.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`)
`managedkafka.connectClusters.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`)
`managedkafka.connectClusters.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.connectClusters.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.connectClusters.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`)
`managedkafka.connectors.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.connectors.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.connectors.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.connectors.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connect Cluster Editor (`roles/managedkafka.connectClusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.connectors.pause`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.connectors.restart`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.connectors.resume`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.connectors.stop`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.connectors.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`)
`managedkafka.consumerGroups.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`)
`managedkafka.consumerGroups.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.consumerGroups.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.consumerGroups.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`)
`managedkafka.locations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.locations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`)
`managedkafka.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`)
`managedkafka.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.topics.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`)
`managedkafka.topics.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`)
`managedkafka.topics.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.topics.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Cluster Editor (`roles/managedkafka.clusterEditor`) Managed Kafka Connector Editor (`roles/managedkafka.connectorEditor`) Managed Kafka Consumer Group Editor (`roles/managedkafka.consumerGroupEditor`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`) Managed Kafka Viewer (`roles/managedkafka.viewer`)
`managedkafka.topics.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Kafka Admin (`roles/managedkafka.admin`) Managed Kafka Client (`roles/managedkafka.client`) Managed Kafka Topic Editor (`roles/managedkafka.topicEditor`)

Google Cloud Managed Service for Apache Kafka roles and permissions Stay organized with collections Save and categorize content based on your preferences.