English
Deutsch
Español – América Latina
Français
Português – Brasil
中文 – 简体
日本語
한국어

Console

Contact Us Start free

Google Cloud Observability roles and permissions
Stay organized with collections Save and categorize content based on your preferences.

This page lists the IAM roles and permissions for Google Cloud Observability. To search through all roles and permissions, see the role and permission index.

Google Cloud Observability roles

Role	Permissions
Observability Admin ^Beta (`roles/observability.admin`) Full access to Observability resources.	`observability.*` `observability.analyticsViews.create` `observability.analyticsViews.delete` `observability.analyticsViews.get` `observability.analyticsViews.list` `observability.analyticsViews.update` `observability.scopes.get` `observability.scopes.update`
Observability Analytics User ^Beta (`roles/observability.analyticsUser`) Grants permissions to use Cloud Observability Analytics.	`observability.analyticsViews.*` `observability.analyticsViews.create` `observability.analyticsViews.delete` `observability.analyticsViews.get` `observability.analyticsViews.list` `observability.analyticsViews.update` `observability.scopes.get`
Observability Editor ^Beta (`roles/observability.editor`) Edit access to Observability resources.	`observability.*` `observability.analyticsViews.create` `observability.analyticsViews.delete` `observability.analyticsViews.get` `observability.analyticsViews.list` `observability.analyticsViews.update` `observability.scopes.get` `observability.scopes.update`
Observability Viewer ^Beta (`roles/observability.viewer`) Read only access to Observability resources.	`observability.analyticsViews.get` `observability.analyticsViews.list` `observability.scopes.get`

Google Cloud Observability permissions

Permission	Included in roles
`observability.analyticsViews.create`	Owner (`roles/owner`) Editor (`roles/editor`) Observability Admin (`roles/observability.admin`) Observability Analytics User (`roles/observability.analyticsUser`) Observability Editor (`roles/observability.editor`)
`observability.analyticsViews.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Observability Admin (`roles/observability.admin`) Observability Analytics User (`roles/observability.analyticsUser`) Observability Editor (`roles/observability.editor`)
`observability.analyticsViews.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Observability Admin (`roles/observability.admin`) Observability Analytics User (`roles/observability.analyticsUser`) Observability Editor (`roles/observability.editor`) Observability Viewer (`roles/observability.viewer`)
`observability.analyticsViews.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Observability Admin (`roles/observability.admin`) Observability Analytics User (`roles/observability.analyticsUser`) Observability Editor (`roles/observability.editor`) Observability Viewer (`roles/observability.viewer`)
`observability.analyticsViews.update`	Owner (`roles/owner`) Editor (`roles/editor`) Observability Admin (`roles/observability.admin`) Observability Analytics User (`roles/observability.analyticsUser`) Observability Editor (`roles/observability.editor`)
`observability.scopes.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Cloud Hub Operator (`roles/cloudhub.operator`) Cloud Trace Admin (`roles/cloudtrace.admin`) Cloud Trace User (`roles/cloudtrace.user`) Dataproc Hub Agent (`roles/dataproc.hubAgent`) Logging Admin (`roles/logging.admin`) Logs Configuration Writer (`roles/logging.configWriter`) Private Logs Viewer (`roles/logging.privateLogViewer`) Logs Viewer (`roles/logging.viewer`) Observability Admin (`roles/observability.admin`) Observability Analytics User (`roles/observability.analyticsUser`) Observability Editor (`roles/observability.editor`) Observability Viewer (`roles/observability.viewer`) Telco Automation Admin (`roles/telcoautomation.admin`) Telco Automation Tier 1 Operations Admin (`roles/telcoautomation.opsAdminTier1`) Telco Automation Tier 4 Operations Admin (`roles/telcoautomation.opsAdminTier4`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Cloud Composer API Service Agent (`roles/composer.serviceAgent`)
`observability.scopes.update`	Owner (`roles/owner`) Editor (`roles/editor`) Observability Admin (`roles/observability.admin`) Observability Editor (`roles/observability.editor`)

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-05-16 UTC.