Policy Analyzer roles and permissions

This page lists the IAM roles and permissions for Policy Analyzer. To search through all roles and permissions, see the role and permission index.

Policy Analyzer roles

Role Permissions

(roles/policyanalyzer.activityAnalysisViewer)

Viewer user that can read all activity analysis.

policyanalyzer.*

  • policyanalyzer.resourceAuthorizationActivities.query
  • policyanalyzer.serviceAccountKeyLastAuthenticationActivities.query
  • policyanalyzer.serviceAccountLastAuthenticationActivities.query

Policy Analyzer permissions

Permission Included in roles

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Deny Admin (roles/iam.denyAdmin)

Activity Analysis Viewer (roles/policyanalyzer.activityAnalysisViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Activity Analysis Viewer (roles/policyanalyzer.activityAnalysisViewer)

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Activity Analysis Viewer (roles/policyanalyzer.activityAnalysisViewer)