Cyber Insurance Hub roles and permissions

This page lists the IAM roles and permissions for Cyber Insurance Hub. To search through all roles and permissions, see the role and permission index.

Cyber Insurance Hub roles

Role Permissions

Role	Permissions
Risk Manager Admin ^Beta (`roles/riskmanager.admin`) Grants all Risk Manager permissions	`resourcemanager.projects.get` `resourcemanager.projects.list` `riskmanager.*` `riskmanager.controlScoreBreakdowns.get` `riskmanager.controlScoreBreakdowns.list` `riskmanager.operations.delete` `riskmanager.operations.get` `riskmanager.operations.list` `riskmanager.policies.get` `riskmanager.policies.list` `riskmanager.reports.create` `riskmanager.reports.delete` `riskmanager.reports.get` `riskmanager.reports.list` `riskmanager.reports.review` `riskmanager.reports.share` `riskmanager.serviceAccount.create` `riskmanager.settings.get` `riskmanager.settings.update`
Risk Manager Editor ^Beta (`roles/riskmanager.editor`) Access to edit Risk Manager resources	`resourcemanager.projects.get` `resourcemanager.projects.list` `riskmanager.controlScoreBreakdowns.` `riskmanager.controlScoreBreakdowns.get` `riskmanager.controlScoreBreakdowns.list` `riskmanager.operations.` `riskmanager.operations.delete` `riskmanager.operations.get` `riskmanager.operations.list` `riskmanager.policies.` `riskmanager.policies.get` `riskmanager.policies.list` `riskmanager.reports.create` `riskmanager.reports.delete` `riskmanager.reports.get` `riskmanager.reports.list` `riskmanager.serviceAccount.create` `riskmanager.settings.` `riskmanager.settings.get` `riskmanager.settings.update`
Risk Manager Report Reviewer ^Beta (`roles/riskmanager.reviewer`) Access to review Risk Manager reports	`resourcemanager.projects.get` `resourcemanager.projects.list` `riskmanager.controlScoreBreakdowns.*` `riskmanager.controlScoreBreakdowns.get` `riskmanager.controlScoreBreakdowns.list` `riskmanager.operations.get` `riskmanager.operations.list` `riskmanager.reports.get` `riskmanager.reports.list` `riskmanager.reports.review`
Risk Manager Service Agent (`roles/riskmanager.serviceAgent`) Service agent that grants Risk Manager service access to fetch findings for generating Reports Warning: Do not grant service agent roles to any principals except service agents.	`cloudasset.assets.` `cloudasset.assets.analyzeIamPolicy` `cloudasset.assets.analyzeMove` `cloudasset.assets.analyzeOrgPolicy` `cloudasset.assets.exportAccessLevel` `cloudasset.assets.exportAccessPolicy` `cloudasset.assets.exportAiplatformBatchPredictionJobs` `cloudasset.assets.exportAiplatformCustomJobs` `cloudasset.assets.exportAiplatformDataLabelingJobs` `cloudasset.assets.exportAiplatformDatasets` `cloudasset.assets.exportAiplatformEndpoints` `cloudasset.assets.exportAiplatformHyperparameterTuningJobs` `cloudasset.assets.exportAiplatformMetadataStores` `cloudasset.assets.exportAiplatformModelDeploymentMonitoringJobs` `cloudasset.assets.exportAiplatformModels` `cloudasset.assets.exportAiplatformPipelineJobs` `cloudasset.assets.exportAiplatformSpecialistPools` `cloudasset.assets.exportAiplatformTrainingPipelines` `cloudasset.assets.exportAllAccessPolicy` `cloudasset.assets.exportAnthosConnectedCluster` `cloudasset.assets.exportAnthosedgeCluster` `cloudasset.assets.exportApigatewayApi` `cloudasset.assets.exportApigatewayApiConfig` `cloudasset.assets.exportApigatewayGateway` `cloudasset.assets.exportApikeysKeys` `cloudasset.assets.exportAppengineApplications` `cloudasset.assets.exportAppengineServices` `cloudasset.assets.exportAppengineVersions` `cloudasset.assets.exportArtifactregistryDockerImages` `cloudasset.assets.exportArtifactregistryRepositories` `cloudasset.assets.exportAssuredWorkloadsWorkloads` `cloudasset.assets.exportBeyondCorpApiGateways` `cloudasset.assets.exportBeyondCorpAppConnections` `cloudasset.assets.exportBeyondCorpAppConnectors` `cloudasset.assets.exportBeyondCorpAppGateways` `cloudasset.assets.exportBeyondCorpClientConnectorServices` `cloudasset.assets.exportBeyondCorpClientGateways` `cloudasset.assets.exportBigqueryDatasets` `cloudasset.assets.exportBigqueryModels` `cloudasset.assets.exportBigqueryTables` `cloudasset.assets.exportBigtableAppProfile` `cloudasset.assets.exportBigtableBackup` `cloudasset.assets.exportBigtableCluster` `cloudasset.assets.exportBigtableInstance` `cloudasset.assets.exportBigtableTable` `cloudasset.assets.exportCloudAssetFeeds` `cloudasset.assets.exportCloudDeployDeliveryPipelines` `cloudasset.assets.exportCloudDeployReleases` `cloudasset.assets.exportCloudDeployRollouts` `cloudasset.assets.exportCloudDeployTargets` `cloudasset.assets.exportCloudDocumentAIEvaluation` `cloudasset.assets.exportCloudDocumentAIHumanReviewConfig` `cloudasset.assets.exportCloudDocumentAILabelerPool` `cloudasset.assets.exportCloudDocumentAIProcessor` `cloudasset.assets.exportCloudDocumentAIProcessorVersion` `cloudasset.assets.exportCloudbillingBillingAccounts` `cloudasset.assets.exportCloudbillingProjectBillingInfos` `cloudasset.assets.exportCloudfunctionsFunctions` `cloudasset.assets.exportCloudfunctionsGen2Functions` `cloudasset.assets.exportCloudkmsCryptoKeyVersions` `cloudasset.assets.exportCloudkmsCryptoKeys` `cloudasset.assets.exportCloudkmsEkmConnections` `cloudasset.assets.exportCloudkmsImportJobs` `cloudasset.assets.exportCloudkmsKeyRings` `cloudasset.assets.exportCloudmemcacheInstances` `cloudasset.assets.exportCloudresourcemanagerFolders` `cloudasset.assets.exportCloudresourcemanagerOrganizations` `cloudasset.assets.exportCloudresourcemanagerProjects` `cloudasset.assets.exportCloudresourcemanagerTagBindings` `cloudasset.assets.exportCloudresourcemanagerTagKeys` `cloudasset.assets.exportCloudresourcemanagerTagValues` `cloudasset.assets.exportComposerEnvironments` `cloudasset.assets.exportComputeAddress` `cloudasset.assets.exportComputeAutoscalers` `cloudasset.assets.exportComputeBackendBuckets` `cloudasset.assets.exportComputeBackendServices` `cloudasset.assets.exportComputeCommitments` `cloudasset.assets.exportComputeDisks` `cloudasset.assets.exportComputeExternalVpnGateways` `cloudasset.assets.exportComputeFirewallPolicies` `cloudasset.assets.exportComputeFirewalls` `cloudasset.assets.exportComputeForwardingRules` `cloudasset.assets.exportComputeGlobalAddress` `cloudasset.assets.exportComputeGlobalForwardingRules` `cloudasset.assets.exportComputeHealthChecks` `cloudasset.assets.exportComputeHttpHealthChecks` `cloudasset.assets.exportComputeHttpsHealthChecks` `cloudasset.assets.exportComputeImages` `cloudasset.assets.exportComputeInstanceGroupManagers` `cloudasset.assets.exportComputeInstanceGroups` `cloudasset.assets.exportComputeInstanceTemplates` `cloudasset.assets.exportComputeInstances` `cloudasset.assets.exportComputeInterconnect` `cloudasset.assets.exportComputeInterconnectAttachment` `cloudasset.assets.exportComputeLicenses` `cloudasset.assets.exportComputeNetworkEndpointGroups` `cloudasset.assets.exportComputeNetworks` `cloudasset.assets.exportComputeNodeGroups` `cloudasset.assets.exportComputeNodeTemplates` `cloudasset.assets.exportComputePacketMirrorings` `cloudasset.assets.exportComputeProjects` `cloudasset.assets.exportComputeRegionAutoscaler` `cloudasset.assets.exportComputeRegionBackendServices` `cloudasset.assets.exportComputeRegionDisk` `cloudasset.assets.exportComputeRegionInstanceGroup` `cloudasset.assets.exportComputeRegionInstanceGroupManager` `cloudasset.assets.exportComputeReservations` `cloudasset.assets.exportComputeResourcePolicies` `cloudasset.assets.exportComputeRouters` `cloudasset.assets.exportComputeRoutes` `cloudasset.assets.exportComputeSecurityPolicy` `cloudasset.assets.exportComputeServiceAttachments` `cloudasset.assets.exportComputeSnapshots` `cloudasset.assets.exportComputeSslCertificates` `cloudasset.assets.exportComputeSslPolicies` `cloudasset.assets.exportComputeSubnetworks` `cloudasset.assets.exportComputeTargetHttpProxies` `cloudasset.assets.exportComputeTargetHttpsProxies` `cloudasset.assets.exportComputeTargetInstances` `cloudasset.assets.exportComputeTargetPools` `cloudasset.assets.exportComputeTargetSslProxies` `cloudasset.assets.exportComputeTargetTcpProxies` `cloudasset.assets.exportComputeTargetVpnGateways` `cloudasset.assets.exportComputeUrlMaps` `cloudasset.assets.exportComputeVpnGateways` `cloudasset.assets.exportComputeVpnTunnels` `cloudasset.assets.exportConnectorsConnections` `cloudasset.assets.exportConnectorsConnectorVersions` `cloudasset.assets.exportConnectorsConnectors` `cloudasset.assets.exportConnectorsProviders` `cloudasset.assets.exportConnectorsRuntimeConfigs` `cloudasset.assets.exportContainerAppsDeployment` `cloudasset.assets.exportContainerAppsReplicaSets` `cloudasset.assets.exportContainerBatchJobs` `cloudasset.assets.exportContainerClusterrole` `cloudasset.assets.exportContainerClusterrolebinding` `cloudasset.assets.exportContainerClusters` `cloudasset.assets.exportContainerExtensionsIngresses` `cloudasset.assets.exportContainerJobs` `cloudasset.assets.exportContainerNamespace` `cloudasset.assets.exportContainerNetworkingIngresses` `cloudasset.assets.exportContainerNetworkingNetworkPolicies` `cloudasset.assets.exportContainerNode` `cloudasset.assets.exportContainerNodepool` `cloudasset.assets.exportContainerPod` `cloudasset.assets.exportContainerReplicaSets` `cloudasset.assets.exportContainerRole` `cloudasset.assets.exportContainerRolebinding` `cloudasset.assets.exportContainerServices` `cloudasset.assets.exportContainerregistryImage` `cloudasset.assets.exportDataMigrationConnectionProfiles` `cloudasset.assets.exportDataMigrationMigrationJobs` `cloudasset.assets.exportDataflowJobs` `cloudasset.assets.exportDatafusionInstance` `cloudasset.assets.exportDataplexAssets` `cloudasset.assets.exportDataplexLakes` `cloudasset.assets.exportDataplexTasks` `cloudasset.assets.exportDataplexZones` `cloudasset.assets.exportDataprocAutoscalingPolicies` `cloudasset.assets.exportDataprocBatches` `cloudasset.assets.exportDataprocClusters` `cloudasset.assets.exportDataprocJobs` `cloudasset.assets.exportDataprocSessions` `cloudasset.assets.exportDataprocWorkflowTemplates` `cloudasset.assets.exportDatastreamConnectionProfile` `cloudasset.assets.exportDatastreamPrivateConnection` `cloudasset.assets.exportDatastreamStream` `cloudasset.assets.exportDialogflowAgents` `cloudasset.assets.exportDialogflowConversationProfiles` `cloudasset.assets.exportDialogflowKnowledgeBases` `cloudasset.assets.exportDialogflowLocationSettings` `cloudasset.assets.exportDlpDeidentifyTemplates` `cloudasset.assets.exportDlpDlpJobs` `cloudasset.assets.exportDlpInspectTemplates` `cloudasset.assets.exportDlpJobTriggers` `cloudasset.assets.exportDlpStoredInfoTypes` `cloudasset.assets.exportDnsManagedZones` `cloudasset.assets.exportDnsPolicies` `cloudasset.assets.exportDomainsRegistrations` `cloudasset.assets.exportEventarcTriggers` `cloudasset.assets.exportFileBackups` `cloudasset.assets.exportFileInstances` `cloudasset.assets.exportFirebaseAppInfos` `cloudasset.assets.exportFirebaseProjects` `cloudasset.assets.exportFirestoreDatabases` `cloudasset.assets.exportGKEHubFeatures` `cloudasset.assets.exportGKEHubMemberships` `cloudasset.assets.exportGameservicesGameServerClusters` `cloudasset.assets.exportGameservicesGameServerConfigs` `cloudasset.assets.exportGameservicesGameServerDeployments` `cloudasset.assets.exportGameservicesRealms` `cloudasset.assets.exportGkeBackupBackupPlans` `cloudasset.assets.exportGkeBackupBackups` `cloudasset.assets.exportGkeBackupRestorePlans` `cloudasset.assets.exportGkeBackupRestores` `cloudasset.assets.exportGkeBackupVolumeBackups` `cloudasset.assets.exportGkeBackupVolumeRestores` `cloudasset.assets.exportHealthcareConsentStores` `cloudasset.assets.exportHealthcareDatasets` `cloudasset.assets.exportHealthcareDicomStores` `cloudasset.assets.exportHealthcareFhirStores` `cloudasset.assets.exportHealthcareHl7V2Stores` `cloudasset.assets.exportIamPolicy` `cloudasset.assets.exportIamRoles` `cloudasset.assets.exportIamServiceAccountKeys` `cloudasset.assets.exportIamServiceAccounts` `cloudasset.assets.exportIapTunnel` `cloudasset.assets.exportIapTunnelInstances` `cloudasset.assets.exportIapTunnelZones` `cloudasset.assets.exportIapWeb` `cloudasset.assets.exportIapWebServiceVersion` `cloudasset.assets.exportIapWebServices` `cloudasset.assets.exportIapWebType` `cloudasset.assets.exportIdsEndpoints` `cloudasset.assets.exportIntegrationsAuthConfigs` `cloudasset.assets.exportIntegrationsCertificates` `cloudasset.assets.exportIntegrationsExecutions` `cloudasset.assets.exportIntegrationsIntegrationVersions` `cloudasset.assets.exportIntegrationsIntegrations` `cloudasset.assets.exportIntegrationsSfdcChannels` `cloudasset.assets.exportIntegrationsSfdcInstances` `cloudasset.assets.exportIntegrationsSuspensions` `cloudasset.assets.exportLoggingLogMetrics` `cloudasset.assets.exportLoggingLogSinks` `cloudasset.assets.exportManagedidentitiesDomain` `cloudasset.assets.exportMetastoreBackups` `cloudasset.assets.exportMetastoreMetadataImports` `cloudasset.assets.exportMetastoreServices` `cloudasset.assets.exportMonitoringAlertPolicies` `cloudasset.assets.exportNetworkConnectivityHubs` `cloudasset.assets.exportNetworkConnectivitySpokes` `cloudasset.assets.exportNetworkManagementConnectivityTests` `cloudasset.assets.exportNetworkServicesEndpointPolicies` `cloudasset.assets.exportNetworkServicesGateways` `cloudasset.assets.exportNetworkServicesGrpcRoutes` `cloudasset.assets.exportNetworkServicesHttpRoutes` `cloudasset.assets.exportNetworkServicesMeshes` `cloudasset.assets.exportNetworkServicesServiceBindings` `cloudasset.assets.exportNetworkServicesTcpRoutes` `cloudasset.assets.exportNetworkServicesTlsRoutes` `cloudasset.assets.exportOSConfigOSPolicyAssignmentReports` `cloudasset.assets.exportOSConfigOSPolicyAssignments` `cloudasset.assets.exportOSConfigVulnerabilityReports` `cloudasset.assets.exportOSInventories` `cloudasset.assets.exportOrgPolicy` `cloudasset.assets.exportPatchDeployments` `cloudasset.assets.exportPubsubSnapshots` `cloudasset.assets.exportPubsubSubscriptions` `cloudasset.assets.exportPubsubTopics` `cloudasset.assets.exportRedisInstances` `cloudasset.assets.exportResource` `cloudasset.assets.exportSecretManagerSecretVersions` `cloudasset.assets.exportSecretManagerSecrets` `cloudasset.assets.exportServiceDirectoryNamespaces` `cloudasset.assets.exportServicePerimeter` `cloudasset.assets.exportServiceconsumermanagementConsumerProperty` `cloudasset.assets.exportServiceconsumermanagementConsumerQuotaLimits` `cloudasset.assets.exportServiceconsumermanagementConsumers` `cloudasset.assets.exportServiceconsumermanagementProducerOverrides` `cloudasset.assets.exportServiceconsumermanagementTenancyUnits` `cloudasset.assets.exportServiceconsumermanagementVisibility` `cloudasset.assets.exportServicemanagementServices` `cloudasset.assets.exportServiceusageAdminOverrides` `cloudasset.assets.exportServiceusageConsumerOverrides` `cloudasset.assets.exportServiceusageServices` `cloudasset.assets.exportSpannerBackups` `cloudasset.assets.exportSpannerDatabases` `cloudasset.assets.exportSpannerInstances` `cloudasset.assets.exportSpeakerIdPhrases` `cloudasset.assets.exportSpeakerIdSettings` `cloudasset.assets.exportSpeakerIdSpeakers` `cloudasset.assets.exportSpeechCustomClasses` `cloudasset.assets.exportSpeechPhraseSets` `cloudasset.assets.exportSqladminBackupRuns` `cloudasset.assets.exportSqladminInstances` `cloudasset.assets.exportStorageBuckets` `cloudasset.assets.exportTpuNodes` `cloudasset.assets.exportVpcaccessConnector` `cloudasset.assets.listAccessLevel` `cloudasset.assets.listAccessPolicy` `cloudasset.assets.listAiplatformBatchPredictionJobs` `cloudasset.assets.listAiplatformCustomJobs` `cloudasset.assets.listAiplatformDataLabelingJobs` `cloudasset.assets.listAiplatformDatasets` `cloudasset.assets.listAiplatformEndpoints` `cloudasset.assets.listAiplatformHyperparameterTuningJobs` `cloudasset.assets.listAiplatformMetadataStores` `cloudasset.assets.listAiplatformModelDeploymentMonitoringJobs` `cloudasset.assets.listAiplatformModels` `cloudasset.assets.listAiplatformPipelineJobs` `cloudasset.assets.listAiplatformSpecialistPools` `cloudasset.assets.listAiplatformTrainingPipelines` `cloudasset.assets.listAllAccessPolicy` `cloudasset.assets.listAnthosConnectedCluster` `cloudasset.assets.listAnthosedgeCluster` `cloudasset.assets.listApigatewayApi` `cloudasset.assets.listApigatewayApiConfig` `cloudasset.assets.listApigatewayGateway` `cloudasset.assets.listApikeysKeys` `cloudasset.assets.listAppengineApplications` `cloudasset.assets.listAppengineServices` `cloudasset.assets.listAppengineVersions` `cloudasset.assets.listArtifactregistryDockerImages` `cloudasset.assets.listArtifactregistryRepositories` `cloudasset.assets.listAssuredWorkloadsWorkloads` `cloudasset.assets.listBeyondCorpApiGateways` `cloudasset.assets.listBeyondCorpAppConnections` `cloudasset.assets.listBeyondCorpAppConnectors` `cloudasset.assets.listBeyondCorpAppGateways` `cloudasset.assets.listBeyondCorpClientConnectorServices` `cloudasset.assets.listBeyondCorpClientGateways` `cloudasset.assets.listBigqueryDatasets` `cloudasset.assets.listBigqueryModels` `cloudasset.assets.listBigqueryTables` `cloudasset.assets.listBigtableAppProfile` `cloudasset.assets.listBigtableBackup` `cloudasset.assets.listBigtableCluster` `cloudasset.assets.listBigtableInstance` `cloudasset.assets.listBigtableTable` `cloudasset.assets.listCloudAssetFeeds` `cloudasset.assets.listCloudDeployDeliveryPipelines` `cloudasset.assets.listCloudDeployReleases` `cloudasset.assets.listCloudDeployRollouts` `cloudasset.assets.listCloudDeployTargets` `cloudasset.assets.listCloudDocumentAIEvaluation` `cloudasset.assets.listCloudDocumentAIHumanReviewConfig` `cloudasset.assets.listCloudDocumentAILabelerPool` `cloudasset.assets.listCloudDocumentAIProcessor` `cloudasset.assets.listCloudDocumentAIProcessorVersion` `cloudasset.assets.listCloudbillingBillingAccounts` `cloudasset.assets.listCloudbillingProjectBillingInfos` `cloudasset.assets.listCloudfunctionsFunctions` `cloudasset.assets.listCloudfunctionsGen2Functions` `cloudasset.assets.listCloudkmsCryptoKeyVersions` `cloudasset.assets.listCloudkmsCryptoKeys` `cloudasset.assets.listCloudkmsEkmConnections` `cloudasset.assets.listCloudkmsImportJobs` `cloudasset.assets.listCloudkmsKeyRings` `cloudasset.assets.listCloudmemcacheInstances` `cloudasset.assets.listCloudresourcemanagerFolders` `cloudasset.assets.listCloudresourcemanagerOrganizations` `cloudasset.assets.listCloudresourcemanagerProjects` `cloudasset.assets.listCloudresourcemanagerTagBindings` `cloudasset.assets.listCloudresourcemanagerTagKeys` `cloudasset.assets.listCloudresourcemanagerTagValues` `cloudasset.assets.listComposerEnvironments` `cloudasset.assets.listComputeAddress` `cloudasset.assets.listComputeAutoscalers` `cloudasset.assets.listComputeBackendBuckets` `cloudasset.assets.listComputeBackendServices` `cloudasset.assets.listComputeCommitments` `cloudasset.assets.listComputeDisks` `cloudasset.assets.listComputeExternalVpnGateways` `cloudasset.assets.listComputeFirewallPolicies` `cloudasset.assets.listComputeFirewalls` `cloudasset.assets.listComputeForwardingRules` `cloudasset.assets.listComputeGlobalAddress` `cloudasset.assets.listComputeGlobalForwardingRules` `cloudasset.assets.listComputeHealthChecks` `cloudasset.assets.listComputeHttpHealthChecks` `cloudasset.assets.listComputeHttpsHealthChecks` `cloudasset.assets.listComputeImages` `cloudasset.assets.listComputeInstanceGroupManagers` `cloudasset.assets.listComputeInstanceGroups` `cloudasset.assets.listComputeInstanceTemplates` `cloudasset.assets.listComputeInstances` `cloudasset.assets.listComputeInterconnect` `cloudasset.assets.listComputeInterconnectAttachment` `cloudasset.assets.listComputeLicenses` `cloudasset.assets.listComputeNetworkEndpointGroups` `cloudasset.assets.listComputeNetworks` `cloudasset.assets.listComputeNodeGroups` `cloudasset.assets.listComputeNodeTemplates` `cloudasset.assets.listComputePacketMirrorings` `cloudasset.assets.listComputeProjects` `cloudasset.assets.listComputeRegionAutoscaler` `cloudasset.assets.listComputeRegionBackendServices` `cloudasset.assets.listComputeRegionDisk` `cloudasset.assets.listComputeRegionInstanceGroup` `cloudasset.assets.listComputeRegionInstanceGroupManager` `cloudasset.assets.listComputeReservations` `cloudasset.assets.listComputeResourcePolicies` `cloudasset.assets.listComputeRouters` `cloudasset.assets.listComputeRoutes` `cloudasset.assets.listComputeSecurityPolicy` `cloudasset.assets.listComputeServiceAttachments` `cloudasset.assets.listComputeSnapshots` `cloudasset.assets.listComputeSslCertificates` `cloudasset.assets.listComputeSslPolicies` `cloudasset.assets.listComputeSubnetworks` `cloudasset.assets.listComputeTargetHttpProxies` `cloudasset.assets.listComputeTargetHttpsProxies` `cloudasset.assets.listComputeTargetInstances` `cloudasset.assets.listComputeTargetPools` `cloudasset.assets.listComputeTargetSslProxies` `cloudasset.assets.listComputeTargetTcpProxies` `cloudasset.assets.listComputeTargetVpnGateways` `cloudasset.assets.listComputeUrlMaps` `cloudasset.assets.listComputeVpnGateways` `cloudasset.assets.listComputeVpnTunnels` `cloudasset.assets.listConnectorsConnections` `cloudasset.assets.listConnectorsConnectorVersions` `cloudasset.assets.listConnectorsConnectors` `cloudasset.assets.listConnectorsProviders` `cloudasset.assets.listConnectorsRuntimeConfigs` `cloudasset.assets.listContainerAppsDeployment` `cloudasset.assets.listContainerAppsReplicaSets` `cloudasset.assets.listContainerBatchJobs` `cloudasset.assets.listContainerClusterrole` `cloudasset.assets.listContainerClusterrolebinding` `cloudasset.assets.listContainerClusters` `cloudasset.assets.listContainerExtensionsIngresses` `cloudasset.assets.listContainerJobs` `cloudasset.assets.listContainerNamespace` `cloudasset.assets.listContainerNetworkingIngresses` `cloudasset.assets.listContainerNetworkingNetworkPolicies` `cloudasset.assets.listContainerNode` `cloudasset.assets.listContainerNodepool` `cloudasset.assets.listContainerPod` `cloudasset.assets.listContainerReplicaSets` `cloudasset.assets.listContainerRole` `cloudasset.assets.listContainerRolebinding` `cloudasset.assets.listContainerServices` `cloudasset.assets.listContainerregistryImage` `cloudasset.assets.listDataMigrationConnectionProfiles` `cloudasset.assets.listDataMigrationMigrationJobs` `cloudasset.assets.listDataflowJobs` `cloudasset.assets.listDatafusionInstance` `cloudasset.assets.listDataplexAssets` `cloudasset.assets.listDataplexLakes` `cloudasset.assets.listDataplexTasks` `cloudasset.assets.listDataplexZones` `cloudasset.assets.listDataprocAutoscalingPolicies` `cloudasset.assets.listDataprocBatches` `cloudasset.assets.listDataprocClusters` `cloudasset.assets.listDataprocJobs` `cloudasset.assets.listDataprocSessions` `cloudasset.assets.listDataprocWorkflowTemplates` `cloudasset.assets.listDatastreamConnectionProfile` `cloudasset.assets.listDatastreamPrivateConnection` `cloudasset.assets.listDatastreamStream` `cloudasset.assets.listDialogflowAgents` `cloudasset.assets.listDialogflowConversationProfiles` `cloudasset.assets.listDialogflowKnowledgeBases` `cloudasset.assets.listDialogflowLocationSettings` `cloudasset.assets.listDlpDeidentifyTemplates` `cloudasset.assets.listDlpDlpJobs` `cloudasset.assets.listDlpInspectTemplates` `cloudasset.assets.listDlpJobTriggers` `cloudasset.assets.listDlpStoredInfoTypes` `cloudasset.assets.listDnsManagedZones` `cloudasset.assets.listDnsPolicies` `cloudasset.assets.listDomainsRegistrations` `cloudasset.assets.listEventarcTriggers` `cloudasset.assets.listFileBackups` `cloudasset.assets.listFileInstances` `cloudasset.assets.listFirebaseAppInfos` `cloudasset.assets.listFirebaseProjects` `cloudasset.assets.listFirestoreDatabases` `cloudasset.assets.listGKEHubFeatures` `cloudasset.assets.listGKEHubMemberships` `cloudasset.assets.listGameservicesGameServerClusters` `cloudasset.assets.listGameservicesGameServerConfigs` `cloudasset.assets.listGameservicesGameServerDeployments` `cloudasset.assets.listGameservicesRealms` `cloudasset.assets.listGkeBackupBackupPlans` `cloudasset.assets.listGkeBackupBackups` `cloudasset.assets.listGkeBackupRestorePlans` `cloudasset.assets.listGkeBackupRestores` `cloudasset.assets.listGkeBackupVolumeBackups` `cloudasset.assets.listGkeBackupVolumeRestores` `cloudasset.assets.listHealthcareConsentStores` `cloudasset.assets.listHealthcareDatasets` `cloudasset.assets.listHealthcareDicomStores` `cloudasset.assets.listHealthcareFhirStores` `cloudasset.assets.listHealthcareHl7V2Stores` `cloudasset.assets.listIamPolicy` `cloudasset.assets.listIamRoles` `cloudasset.assets.listIamServiceAccountKeys` `cloudasset.assets.listIamServiceAccounts` `cloudasset.assets.listIapTunnel` `cloudasset.assets.listIapTunnelInstances` `cloudasset.assets.listIapTunnelZones` `cloudasset.assets.listIapWeb` `cloudasset.assets.listIapWebServiceVersion` `cloudasset.assets.listIapWebServices` `cloudasset.assets.listIapWebType` `cloudasset.assets.listIdsEndpoints` `cloudasset.assets.listIntegrationsAuthConfigs` `cloudasset.assets.listIntegrationsCertificates` `cloudasset.assets.listIntegrationsExecutions` `cloudasset.assets.listIntegrationsIntegrationVersions` `cloudasset.assets.listIntegrationsIntegrations` `cloudasset.assets.listIntegrationsSfdcChannels` `cloudasset.assets.listIntegrationsSfdcInstances` `cloudasset.assets.listIntegrationsSuspensions` `cloudasset.assets.listLoggingLogMetrics` `cloudasset.assets.listLoggingLogSinks` `cloudasset.assets.listManagedidentitiesDomain` `cloudasset.assets.listMetastoreBackups` `cloudasset.assets.listMetastoreMetadataImports` `cloudasset.assets.listMetastoreServices` `cloudasset.assets.listMonitoringAlertPolicies` `cloudasset.assets.listNetworkConnectivityHubs` `cloudasset.assets.listNetworkConnectivitySpokes` `cloudasset.assets.listNetworkManagementConnectivityTests` `cloudasset.assets.listNetworkServicesEndpointPolicies` `cloudasset.assets.listNetworkServicesGateways` `cloudasset.assets.listNetworkServicesGrpcRoutes` `cloudasset.assets.listNetworkServicesHttpRoutes` `cloudasset.assets.listNetworkServicesMeshes` `cloudasset.assets.listNetworkServicesServiceBindings` `cloudasset.assets.listNetworkServicesTcpRoutes` `cloudasset.assets.listNetworkServicesTlsRoutes` `cloudasset.assets.listOSConfigOSPolicyAssignmentReports` `cloudasset.assets.listOSConfigOSPolicyAssignments` `cloudasset.assets.listOSConfigVulnerabilityReports` `cloudasset.assets.listOSInventories` `cloudasset.assets.listOrgPolicy` `cloudasset.assets.listPatchDeployments` `cloudasset.assets.listPubsubSnapshots` `cloudasset.assets.listPubsubSubscriptions` `cloudasset.assets.listPubsubTopics` `cloudasset.assets.listRedisInstances` `cloudasset.assets.listResource` `cloudasset.assets.listRunDomainMapping` `cloudasset.assets.listRunRevision` `cloudasset.assets.listRunService` `cloudasset.assets.listSecretManagerSecretVersions` `cloudasset.assets.listSecretManagerSecrets` `cloudasset.assets.listServiceDirectoryNamespaces` `cloudasset.assets.listServicePerimeter` `cloudasset.assets.listServiceconsumermanagementConsumerProperty` `cloudasset.assets.listServiceconsumermanagementConsumerQuotaLimits` `cloudasset.assets.listServiceconsumermanagementConsumers` `cloudasset.assets.listServiceconsumermanagementProducerOverrides` `cloudasset.assets.listServiceconsumermanagementTenancyUnits` `cloudasset.assets.listServiceconsumermanagementVisibility` `cloudasset.assets.listServicemanagementServices` `cloudasset.assets.listServiceusageAdminOverrides` `cloudasset.assets.listServiceusageConsumerOverrides` `cloudasset.assets.listServiceusageServices` `cloudasset.assets.listSpannerBackups` `cloudasset.assets.listSpannerDatabases` `cloudasset.assets.listSpannerInstances` `cloudasset.assets.listSpeakerIdPhrases` `cloudasset.assets.listSpeakerIdSettings` `cloudasset.assets.listSpeakerIdSpeakers` `cloudasset.assets.listSpeechCustomClasses` `cloudasset.assets.listSpeechPhraseSets` `cloudasset.assets.listSqladminBackupRuns` `cloudasset.assets.listSqladminInstances` `cloudasset.assets.listStorageBuckets` `cloudasset.assets.listTpuNodes` `cloudasset.assets.listVpcaccessConnector` `cloudasset.assets.queryAccessPolicy` `cloudasset.assets.queryIamPolicy` `cloudasset.assets.queryOSInventories` `cloudasset.assets.queryResource` `cloudasset.assets.searchAllIamPolicies` `cloudasset.assets.searchAllResources` `cloudasset.assets.searchEnrichmentResourceOwners` `cloudasset.othercloudconnections.get` `cloudasset.othercloudconnections.list` `cloudasset.othercloudconnections.verify` `recommender.cloudAssetInsights.get` `recommender.cloudAssetInsights.list` `recommender.locations.` `recommender.locations.get` `recommender.locations.list` `resourcemanager.folders.get` `resourcemanager.folders.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `securitycenter.assets.group` `securitycenter.assets.list` `securitycenter.assets.listAssetPropertyNames` `securitycenter.bigQueryExports.get` `securitycenter.bigQueryExports.list` `securitycenter.complianceReports.aggregate` `securitycenter.compliancesnapshots.list` `securitycenter.containerthreatdetectionsettings.calculate` `securitycenter.containerthreatdetectionsettings.get` `securitycenter.effectivesecurityhealthanalyticscustommodules.` `securitycenter.effectivesecurityhealthanalyticscustommodules.get` `securitycenter.effectivesecurityhealthanalyticscustommodules.list` `securitycenter.eventthreatdetectionsettings.calculate` `securitycenter.eventthreatdetectionsettings.get` `securitycenter.findingexplanations.get` `securitycenter.findings.group` `securitycenter.findings.list` `securitycenter.findings.listFindingPropertyNames` `securitycenter.graphs.` `securitycenter.graphs.get` `securitycenter.graphs.query` `securitycenter.integratedvulnerabilityscannersettings.calculate` `securitycenter.integratedvulnerabilityscannersettings.get` `securitycenter.issues.get` `securitycenter.issues.group` `securitycenter.issues.list` `securitycenter.issues.listFilterValues` `securitycenter.muteconfigs.get` `securitycenter.muteconfigs.list` `securitycenter.notificationconfig.get` `securitycenter.notificationconfig.list` `securitycenter.organizationsettings.get` `securitycenter.rapidvulnerabilitydetectionsettings.calculate` `securitycenter.rapidvulnerabilitydetectionsettings.get` `securitycenter.securitycentersettings.get` `securitycenter.securityhealthanalyticscustommodules.get` `securitycenter.securityhealthanalyticscustommodules.list` `securitycenter.securityhealthanalyticssettings.calculate` `securitycenter.securityhealthanalyticssettings.get` `securitycenter.sources.get` `securitycenter.sources.list` `securitycenter.subscription.get` `securitycenter.userinterfacemetadata.get` `securitycenter.virtualmachinethreatdetectionsettings.calculate` `securitycenter.virtualmachinethreatdetectionsettings.get` `securitycenter.vulnerabilitysnapshots.list` `securitycenter.websecurityscannersettings.calculate` `securitycenter.websecurityscannersettings.get` `securitycentermanagement.billingMetadata.get` `securitycentermanagement.effectiveEventThreatDetectionCustomModules.` `securitycentermanagement.effectiveEventThreatDetectionCustomModules.get` `securitycentermanagement.effectiveEventThreatDetectionCustomModules.list` `securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.` `securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get` `securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list` `securitycentermanagement.eventThreatDetectionCustomModules.get` `securitycentermanagement.eventThreatDetectionCustomModules.list` `securitycentermanagement.eventThreatDetectionCustomModules.validate` `securitycentermanagement.locations.*` `securitycentermanagement.locations.get` `securitycentermanagement.locations.list` `securitycentermanagement.securityCenterServices.get` `securitycentermanagement.securityCenterServices.list` `securitycentermanagement.securityCommandCenter.checkActivationOperation` `securitycentermanagement.securityCommandCenter.checkOnboardingStatus` `securitycentermanagement.securityCommandCenter.get` `securitycentermanagement.securityHealthAnalyticsCustomModules.get` `securitycentermanagement.securityHealthAnalyticsCustomModules.list` `securitycentermanagement.securityHealthAnalyticsCustomModules.simulate` `securitycentermanagement.securityHealthAnalyticsCustomModules.test`
Risk Manager Viewer ^Beta (`roles/riskmanager.viewer`) Access to view Risk Manager resources	`resourcemanager.projects.get` `resourcemanager.projects.list` `riskmanager.controlScoreBreakdowns.` `riskmanager.controlScoreBreakdowns.get` `riskmanager.controlScoreBreakdowns.list` `riskmanager.operations.get` `riskmanager.operations.list` `riskmanager.policies.` `riskmanager.policies.get` `riskmanager.policies.list` `riskmanager.reports.get` `riskmanager.reports.list` `riskmanager.settings.get`

Risk Manager Admin ^Beta

(roles/riskmanager.admin)

Grants all Risk Manager permissions

resourcemanager.projects.get

resourcemanager.projects.list

riskmanager.*

riskmanager.controlScoreBreakdowns.get
riskmanager.controlScoreBreakdowns.list
riskmanager.operations.delete
riskmanager.operations.get
riskmanager.operations.list
riskmanager.policies.get
riskmanager.policies.list
riskmanager.reports.create
riskmanager.reports.delete
riskmanager.reports.get
riskmanager.reports.list
riskmanager.reports.review
riskmanager.reports.share
riskmanager.serviceAccount.create
riskmanager.settings.get
riskmanager.settings.update

Risk Manager Editor ^Beta

(roles/riskmanager.editor)

Access to edit Risk Manager resources

resourcemanager.projects.get

resourcemanager.projects.list

riskmanager.controlScoreBreakdowns.*

riskmanager.controlScoreBreakdowns.get
riskmanager.controlScoreBreakdowns.list

riskmanager.operations.*

riskmanager.operations.delete
riskmanager.operations.get
riskmanager.operations.list

riskmanager.policies.*

riskmanager.policies.get
riskmanager.policies.list

riskmanager.reports.create

riskmanager.reports.delete

riskmanager.reports.get

riskmanager.reports.list

riskmanager.serviceAccount.create

riskmanager.settings.*

riskmanager.settings.get
riskmanager.settings.update

Risk Manager Report Reviewer ^Beta

(roles/riskmanager.reviewer)

Access to review Risk Manager reports

resourcemanager.projects.get

resourcemanager.projects.list

riskmanager.controlScoreBreakdowns.*

riskmanager.controlScoreBreakdowns.get
riskmanager.controlScoreBreakdowns.list

riskmanager.operations.get

riskmanager.operations.list

riskmanager.reports.get

riskmanager.reports.list

riskmanager.reports.review

Risk Manager Service Agent

(roles/riskmanager.serviceAgent)

Service agent that grants Risk Manager service access to fetch findings for generating Reports

cloudasset.assets.*

cloudasset.assets.analyzeIamPolicy
cloudasset.assets.analyzeMove
cloudasset.assets.analyzeOrgPolicy
cloudasset.assets.exportAccessLevel
cloudasset.assets.exportAccessPolicy
cloudasset.assets.exportAiplatformBatchPredictionJobs
cloudasset.assets.exportAiplatformCustomJobs
cloudasset.assets.exportAiplatformDataLabelingJobs
cloudasset.assets.exportAiplatformDatasets
cloudasset.assets.exportAiplatformEndpoints
cloudasset.assets.exportAiplatformHyperparameterTuningJobs
cloudasset.assets.exportAiplatformMetadataStores
cloudasset.assets.exportAiplatformModelDeploymentMonitoringJobs
cloudasset.assets.exportAiplatformModels
cloudasset.assets.exportAiplatformPipelineJobs
cloudasset.assets.exportAiplatformSpecialistPools
cloudasset.assets.exportAiplatformTrainingPipelines
cloudasset.assets.exportAllAccessPolicy
cloudasset.assets.exportAnthosConnectedCluster
cloudasset.assets.exportAnthosedgeCluster
cloudasset.assets.exportApigatewayApi
cloudasset.assets.exportApigatewayApiConfig
cloudasset.assets.exportApigatewayGateway
cloudasset.assets.exportApikeysKeys
cloudasset.assets.exportAppengineApplications
cloudasset.assets.exportAppengineServices
cloudasset.assets.exportAppengineVersions
cloudasset.assets.exportArtifactregistryDockerImages
cloudasset.assets.exportArtifactregistryRepositories
cloudasset.assets.exportAssuredWorkloadsWorkloads
cloudasset.assets.exportBeyondCorpApiGateways
cloudasset.assets.exportBeyondCorpAppConnections
cloudasset.assets.exportBeyondCorpAppConnectors
cloudasset.assets.exportBeyondCorpAppGateways
cloudasset.assets.exportBeyondCorpClientConnectorServices
cloudasset.assets.exportBeyondCorpClientGateways
cloudasset.assets.exportBigqueryDatasets
cloudasset.assets.exportBigqueryModels
cloudasset.assets.exportBigqueryTables
cloudasset.assets.exportBigtableAppProfile
cloudasset.assets.exportBigtableBackup
cloudasset.assets.exportBigtableCluster
cloudasset.assets.exportBigtableInstance
cloudasset.assets.exportBigtableTable
cloudasset.assets.exportCloudAssetFeeds
cloudasset.assets.exportCloudDeployDeliveryPipelines
cloudasset.assets.exportCloudDeployReleases
cloudasset.assets.exportCloudDeployRollouts
cloudasset.assets.exportCloudDeployTargets
cloudasset.assets.exportCloudDocumentAIEvaluation
cloudasset.assets.exportCloudDocumentAIHumanReviewConfig
cloudasset.assets.exportCloudDocumentAILabelerPool
cloudasset.assets.exportCloudDocumentAIProcessor
cloudasset.assets.exportCloudDocumentAIProcessorVersion
cloudasset.assets.exportCloudbillingBillingAccounts
cloudasset.assets.exportCloudbillingProjectBillingInfos
cloudasset.assets.exportCloudfunctionsFunctions
cloudasset.assets.exportCloudfunctionsGen2Functions
cloudasset.assets.exportCloudkmsCryptoKeyVersions
cloudasset.assets.exportCloudkmsCryptoKeys
cloudasset.assets.exportCloudkmsEkmConnections
cloudasset.assets.exportCloudkmsImportJobs
cloudasset.assets.exportCloudkmsKeyRings
cloudasset.assets.exportCloudmemcacheInstances
cloudasset.assets.exportCloudresourcemanagerFolders
cloudasset.assets.exportCloudresourcemanagerOrganizations
cloudasset.assets.exportCloudresourcemanagerProjects
cloudasset.assets.exportCloudresourcemanagerTagBindings
cloudasset.assets.exportCloudresourcemanagerTagKeys
cloudasset.assets.exportCloudresourcemanagerTagValues
cloudasset.assets.exportComposerEnvironments
cloudasset.assets.exportComputeAddress
cloudasset.assets.exportComputeAutoscalers
cloudasset.assets.exportComputeBackendBuckets
cloudasset.assets.exportComputeBackendServices
cloudasset.assets.exportComputeCommitments
cloudasset.assets.exportComputeDisks
cloudasset.assets.exportComputeExternalVpnGateways
cloudasset.assets.exportComputeFirewallPolicies
cloudasset.assets.exportComputeFirewalls
cloudasset.assets.exportComputeForwardingRules
cloudasset.assets.exportComputeGlobalAddress
cloudasset.assets.exportComputeGlobalForwardingRules
cloudasset.assets.exportComputeHealthChecks
cloudasset.assets.exportComputeHttpHealthChecks
cloudasset.assets.exportComputeHttpsHealthChecks
cloudasset.assets.exportComputeImages
cloudasset.assets.exportComputeInstanceGroupManagers
cloudasset.assets.exportComputeInstanceGroups
cloudasset.assets.exportComputeInstanceTemplates
cloudasset.assets.exportComputeInstances
cloudasset.assets.exportComputeInterconnect
cloudasset.assets.exportComputeInterconnectAttachment
cloudasset.assets.exportComputeLicenses
cloudasset.assets.exportComputeNetworkEndpointGroups
cloudasset.assets.exportComputeNetworks
cloudasset.assets.exportComputeNodeGroups
cloudasset.assets.exportComputeNodeTemplates
cloudasset.assets.exportComputePacketMirrorings
cloudasset.assets.exportComputeProjects
cloudasset.assets.exportComputeRegionAutoscaler
cloudasset.assets.exportComputeRegionBackendServices
cloudasset.assets.exportComputeRegionDisk
cloudasset.assets.exportComputeRegionInstanceGroup
cloudasset.assets.exportComputeRegionInstanceGroupManager
cloudasset.assets.exportComputeReservations
cloudasset.assets.exportComputeResourcePolicies
cloudasset.assets.exportComputeRouters
cloudasset.assets.exportComputeRoutes
cloudasset.assets.exportComputeSecurityPolicy
cloudasset.assets.exportComputeServiceAttachments
cloudasset.assets.exportComputeSnapshots
cloudasset.assets.exportComputeSslCertificates
cloudasset.assets.exportComputeSslPolicies
cloudasset.assets.exportComputeSubnetworks
cloudasset.assets.exportComputeTargetHttpProxies
cloudasset.assets.exportComputeTargetHttpsProxies
cloudasset.assets.exportComputeTargetInstances
cloudasset.assets.exportComputeTargetPools
cloudasset.assets.exportComputeTargetSslProxies
cloudasset.assets.exportComputeTargetTcpProxies
cloudasset.assets.exportComputeTargetVpnGateways
cloudasset.assets.exportComputeUrlMaps
cloudasset.assets.exportComputeVpnGateways
cloudasset.assets.exportComputeVpnTunnels
cloudasset.assets.exportConnectorsConnections
cloudasset.assets.exportConnectorsConnectorVersions
cloudasset.assets.exportConnectorsConnectors
cloudasset.assets.exportConnectorsProviders
cloudasset.assets.exportConnectorsRuntimeConfigs
cloudasset.assets.exportContainerAppsDeployment
cloudasset.assets.exportContainerAppsReplicaSets
cloudasset.assets.exportContainerBatchJobs
cloudasset.assets.exportContainerClusterrole
cloudasset.assets.exportContainerClusterrolebinding
cloudasset.assets.exportContainerClusters
cloudasset.assets.exportContainerExtensionsIngresses
cloudasset.assets.exportContainerJobs
cloudasset.assets.exportContainerNamespace
cloudasset.assets.exportContainerNetworkingIngresses
cloudasset.assets.exportContainerNetworkingNetworkPolicies
cloudasset.assets.exportContainerNode
cloudasset.assets.exportContainerNodepool
cloudasset.assets.exportContainerPod
cloudasset.assets.exportContainerReplicaSets
cloudasset.assets.exportContainerRole
cloudasset.assets.exportContainerRolebinding
cloudasset.assets.exportContainerServices
cloudasset.assets.exportContainerregistryImage
cloudasset.assets.exportDataMigrationConnectionProfiles
cloudasset.assets.exportDataMigrationMigrationJobs
cloudasset.assets.exportDataflowJobs
cloudasset.assets.exportDatafusionInstance
cloudasset.assets.exportDataplexAssets
cloudasset.assets.exportDataplexLakes
cloudasset.assets.exportDataplexTasks
cloudasset.assets.exportDataplexZones
cloudasset.assets.exportDataprocAutoscalingPolicies
cloudasset.assets.exportDataprocBatches
cloudasset.assets.exportDataprocClusters
cloudasset.assets.exportDataprocJobs
cloudasset.assets.exportDataprocSessions
cloudasset.assets.exportDataprocWorkflowTemplates
cloudasset.assets.exportDatastreamConnectionProfile
cloudasset.assets.exportDatastreamPrivateConnection
cloudasset.assets.exportDatastreamStream
cloudasset.assets.exportDialogflowAgents
cloudasset.assets.exportDialogflowConversationProfiles
cloudasset.assets.exportDialogflowKnowledgeBases
cloudasset.assets.exportDialogflowLocationSettings
cloudasset.assets.exportDlpDeidentifyTemplates
cloudasset.assets.exportDlpDlpJobs
cloudasset.assets.exportDlpInspectTemplates
cloudasset.assets.exportDlpJobTriggers
cloudasset.assets.exportDlpStoredInfoTypes
cloudasset.assets.exportDnsManagedZones
cloudasset.assets.exportDnsPolicies
cloudasset.assets.exportDomainsRegistrations
cloudasset.assets.exportEventarcTriggers
cloudasset.assets.exportFileBackups
cloudasset.assets.exportFileInstances
cloudasset.assets.exportFirebaseAppInfos
cloudasset.assets.exportFirebaseProjects
cloudasset.assets.exportFirestoreDatabases
cloudasset.assets.exportGKEHubFeatures
cloudasset.assets.exportGKEHubMemberships
cloudasset.assets.exportGameservicesGameServerClusters
cloudasset.assets.exportGameservicesGameServerConfigs
cloudasset.assets.exportGameservicesGameServerDeployments
cloudasset.assets.exportGameservicesRealms
cloudasset.assets.exportGkeBackupBackupPlans
cloudasset.assets.exportGkeBackupBackups
cloudasset.assets.exportGkeBackupRestorePlans
cloudasset.assets.exportGkeBackupRestores
cloudasset.assets.exportGkeBackupVolumeBackups
cloudasset.assets.exportGkeBackupVolumeRestores
cloudasset.assets.exportHealthcareConsentStores
cloudasset.assets.exportHealthcareDatasets
cloudasset.assets.exportHealthcareDicomStores
cloudasset.assets.exportHealthcareFhirStores
cloudasset.assets.exportHealthcareHl7V2Stores
cloudasset.assets.exportIamPolicy
cloudasset.assets.exportIamRoles
cloudasset.assets.exportIamServiceAccountKeys
cloudasset.assets.exportIamServiceAccounts
cloudasset.assets.exportIapTunnel
cloudasset.assets.exportIapTunnelInstances
cloudasset.assets.exportIapTunnelZones
cloudasset.assets.exportIapWeb
cloudasset.assets.exportIapWebServiceVersion
cloudasset.assets.exportIapWebServices
cloudasset.assets.exportIapWebType
cloudasset.assets.exportIdsEndpoints
cloudasset.assets.exportIntegrationsAuthConfigs
cloudasset.assets.exportIntegrationsCertificates
cloudasset.assets.exportIntegrationsExecutions
cloudasset.assets.exportIntegrationsIntegrationVersions
cloudasset.assets.exportIntegrationsIntegrations
cloudasset.assets.exportIntegrationsSfdcChannels
cloudasset.assets.exportIntegrationsSfdcInstances
cloudasset.assets.exportIntegrationsSuspensions
cloudasset.assets.exportLoggingLogMetrics
cloudasset.assets.exportLoggingLogSinks
cloudasset.assets.exportManagedidentitiesDomain
cloudasset.assets.exportMetastoreBackups
cloudasset.assets.exportMetastoreMetadataImports
cloudasset.assets.exportMetastoreServices
cloudasset.assets.exportMonitoringAlertPolicies
cloudasset.assets.exportNetworkConnectivityHubs
cloudasset.assets.exportNetworkConnectivitySpokes
cloudasset.assets.exportNetworkManagementConnectivityTests
cloudasset.assets.exportNetworkServicesEndpointPolicies
cloudasset.assets.exportNetworkServicesGateways
cloudasset.assets.exportNetworkServicesGrpcRoutes
cloudasset.assets.exportNetworkServicesHttpRoutes
cloudasset.assets.exportNetworkServicesMeshes
cloudasset.assets.exportNetworkServicesServiceBindings
cloudasset.assets.exportNetworkServicesTcpRoutes
cloudasset.assets.exportNetworkServicesTlsRoutes
cloudasset.assets.exportOSConfigOSPolicyAssignmentReports
cloudasset.assets.exportOSConfigOSPolicyAssignments
cloudasset.assets.exportOSConfigVulnerabilityReports
cloudasset.assets.exportOSInventories
cloudasset.assets.exportOrgPolicy
cloudasset.assets.exportPatchDeployments
cloudasset.assets.exportPubsubSnapshots
cloudasset.assets.exportPubsubSubscriptions
cloudasset.assets.exportPubsubTopics
cloudasset.assets.exportRedisInstances
cloudasset.assets.exportResource
cloudasset.assets.exportSecretManagerSecretVersions
cloudasset.assets.exportSecretManagerSecrets
cloudasset.assets.exportServiceDirectoryNamespaces
cloudasset.assets.exportServicePerimeter
cloudasset.assets.exportServiceconsumermanagementConsumerProperty
cloudasset.assets.exportServiceconsumermanagementConsumerQuotaLimits
cloudasset.assets.exportServiceconsumermanagementConsumers
cloudasset.assets.exportServiceconsumermanagementProducerOverrides
cloudasset.assets.exportServiceconsumermanagementTenancyUnits
cloudasset.assets.exportServiceconsumermanagementVisibility
cloudasset.assets.exportServicemanagementServices
cloudasset.assets.exportServiceusageAdminOverrides
cloudasset.assets.exportServiceusageConsumerOverrides
cloudasset.assets.exportServiceusageServices
cloudasset.assets.exportSpannerBackups
cloudasset.assets.exportSpannerDatabases
cloudasset.assets.exportSpannerInstances
cloudasset.assets.exportSpeakerIdPhrases
cloudasset.assets.exportSpeakerIdSettings
cloudasset.assets.exportSpeakerIdSpeakers
cloudasset.assets.exportSpeechCustomClasses
cloudasset.assets.exportSpeechPhraseSets
cloudasset.assets.exportSqladminBackupRuns
cloudasset.assets.exportSqladminInstances
cloudasset.assets.exportStorageBuckets
cloudasset.assets.exportTpuNodes
cloudasset.assets.exportVpcaccessConnector
cloudasset.assets.listAccessLevel
cloudasset.assets.listAccessPolicy
cloudasset.assets.listAiplatformBatchPredictionJobs
cloudasset.assets.listAiplatformCustomJobs
cloudasset.assets.listAiplatformDataLabelingJobs
cloudasset.assets.listAiplatformDatasets
cloudasset.assets.listAiplatformEndpoints
cloudasset.assets.listAiplatformHyperparameterTuningJobs
cloudasset.assets.listAiplatformMetadataStores
cloudasset.assets.listAiplatformModelDeploymentMonitoringJobs
cloudasset.assets.listAiplatformModels
cloudasset.assets.listAiplatformPipelineJobs
cloudasset.assets.listAiplatformSpecialistPools
cloudasset.assets.listAiplatformTrainingPipelines
cloudasset.assets.listAllAccessPolicy
cloudasset.assets.listAnthosConnectedCluster
cloudasset.assets.listAnthosedgeCluster
cloudasset.assets.listApigatewayApi
cloudasset.assets.listApigatewayApiConfig
cloudasset.assets.listApigatewayGateway
cloudasset.assets.listApikeysKeys
cloudasset.assets.listAppengineApplications
cloudasset.assets.listAppengineServices
cloudasset.assets.listAppengineVersions
cloudasset.assets.listArtifactregistryDockerImages
cloudasset.assets.listArtifactregistryRepositories
cloudasset.assets.listAssuredWorkloadsWorkloads
cloudasset.assets.listBeyondCorpApiGateways
cloudasset.assets.listBeyondCorpAppConnections
cloudasset.assets.listBeyondCorpAppConnectors
cloudasset.assets.listBeyondCorpAppGateways
cloudasset.assets.listBeyondCorpClientConnectorServices
cloudasset.assets.listBeyondCorpClientGateways
cloudasset.assets.listBigqueryDatasets
cloudasset.assets.listBigqueryModels
cloudasset.assets.listBigqueryTables
cloudasset.assets.listBigtableAppProfile
cloudasset.assets.listBigtableBackup
cloudasset.assets.listBigtableCluster
cloudasset.assets.listBigtableInstance
cloudasset.assets.listBigtableTable
cloudasset.assets.listCloudAssetFeeds
cloudasset.assets.listCloudDeployDeliveryPipelines
cloudasset.assets.listCloudDeployReleases
cloudasset.assets.listCloudDeployRollouts
cloudasset.assets.listCloudDeployTargets
cloudasset.assets.listCloudDocumentAIEvaluation
cloudasset.assets.listCloudDocumentAIHumanReviewConfig
cloudasset.assets.listCloudDocumentAILabelerPool
cloudasset.assets.listCloudDocumentAIProcessor
cloudasset.assets.listCloudDocumentAIProcessorVersion
cloudasset.assets.listCloudbillingBillingAccounts
cloudasset.assets.listCloudbillingProjectBillingInfos
cloudasset.assets.listCloudfunctionsFunctions
cloudasset.assets.listCloudfunctionsGen2Functions
cloudasset.assets.listCloudkmsCryptoKeyVersions
cloudasset.assets.listCloudkmsCryptoKeys
cloudasset.assets.listCloudkmsEkmConnections
cloudasset.assets.listCloudkmsImportJobs
cloudasset.assets.listCloudkmsKeyRings
cloudasset.assets.listCloudmemcacheInstances
cloudasset.assets.listCloudresourcemanagerFolders
cloudasset.assets.listCloudresourcemanagerOrganizations
cloudasset.assets.listCloudresourcemanagerProjects
cloudasset.assets.listCloudresourcemanagerTagBindings
cloudasset.assets.listCloudresourcemanagerTagKeys
cloudasset.assets.listCloudresourcemanagerTagValues
cloudasset.assets.listComposerEnvironments
cloudasset.assets.listComputeAddress
cloudasset.assets.listComputeAutoscalers
cloudasset.assets.listComputeBackendBuckets
cloudasset.assets.listComputeBackendServices
cloudasset.assets.listComputeCommitments
cloudasset.assets.listComputeDisks
cloudasset.assets.listComputeExternalVpnGateways
cloudasset.assets.listComputeFirewallPolicies
cloudasset.assets.listComputeFirewalls
cloudasset.assets.listComputeForwardingRules
cloudasset.assets.listComputeGlobalAddress
cloudasset.assets.listComputeGlobalForwardingRules
cloudasset.assets.listComputeHealthChecks
cloudasset.assets.listComputeHttpHealthChecks
cloudasset.assets.listComputeHttpsHealthChecks
cloudasset.assets.listComputeImages
cloudasset.assets.listComputeInstanceGroupManagers
cloudasset.assets.listComputeInstanceGroups
cloudasset.assets.listComputeInstanceTemplates
cloudasset.assets.listComputeInstances
cloudasset.assets.listComputeInterconnect
cloudasset.assets.listComputeInterconnectAttachment
cloudasset.assets.listComputeLicenses
cloudasset.assets.listComputeNetworkEndpointGroups
cloudasset.assets.listComputeNetworks
cloudasset.assets.listComputeNodeGroups
cloudasset.assets.listComputeNodeTemplates
cloudasset.assets.listComputePacketMirrorings
cloudasset.assets.listComputeProjects
cloudasset.assets.listComputeRegionAutoscaler
cloudasset.assets.listComputeRegionBackendServices
cloudasset.assets.listComputeRegionDisk
cloudasset.assets.listComputeRegionInstanceGroup
cloudasset.assets.listComputeRegionInstanceGroupManager
cloudasset.assets.listComputeReservations
cloudasset.assets.listComputeResourcePolicies
cloudasset.assets.listComputeRouters
cloudasset.assets.listComputeRoutes
cloudasset.assets.listComputeSecurityPolicy
cloudasset.assets.listComputeServiceAttachments
cloudasset.assets.listComputeSnapshots
cloudasset.assets.listComputeSslCertificates
cloudasset.assets.listComputeSslPolicies
cloudasset.assets.listComputeSubnetworks
cloudasset.assets.listComputeTargetHttpProxies
cloudasset.assets.listComputeTargetHttpsProxies
cloudasset.assets.listComputeTargetInstances
cloudasset.assets.listComputeTargetPools
cloudasset.assets.listComputeTargetSslProxies
cloudasset.assets.listComputeTargetTcpProxies
cloudasset.assets.listComputeTargetVpnGateways
cloudasset.assets.listComputeUrlMaps
cloudasset.assets.listComputeVpnGateways
cloudasset.assets.listComputeVpnTunnels
cloudasset.assets.listConnectorsConnections
cloudasset.assets.listConnectorsConnectorVersions
cloudasset.assets.listConnectorsConnectors
cloudasset.assets.listConnectorsProviders
cloudasset.assets.listConnectorsRuntimeConfigs
cloudasset.assets.listContainerAppsDeployment
cloudasset.assets.listContainerAppsReplicaSets
cloudasset.assets.listContainerBatchJobs
cloudasset.assets.listContainerClusterrole
cloudasset.assets.listContainerClusterrolebinding
cloudasset.assets.listContainerClusters
cloudasset.assets.listContainerExtensionsIngresses
cloudasset.assets.listContainerJobs
cloudasset.assets.listContainerNamespace
cloudasset.assets.listContainerNetworkingIngresses
cloudasset.assets.listContainerNetworkingNetworkPolicies
cloudasset.assets.listContainerNode
cloudasset.assets.listContainerNodepool
cloudasset.assets.listContainerPod
cloudasset.assets.listContainerReplicaSets
cloudasset.assets.listContainerRole
cloudasset.assets.listContainerRolebinding
cloudasset.assets.listContainerServices
cloudasset.assets.listContainerregistryImage
cloudasset.assets.listDataMigrationConnectionProfiles
cloudasset.assets.listDataMigrationMigrationJobs
cloudasset.assets.listDataflowJobs
cloudasset.assets.listDatafusionInstance
cloudasset.assets.listDataplexAssets
cloudasset.assets.listDataplexLakes
cloudasset.assets.listDataplexTasks
cloudasset.assets.listDataplexZones
cloudasset.assets.listDataprocAutoscalingPolicies
cloudasset.assets.listDataprocBatches
cloudasset.assets.listDataprocClusters
cloudasset.assets.listDataprocJobs
cloudasset.assets.listDataprocSessions
cloudasset.assets.listDataprocWorkflowTemplates
cloudasset.assets.listDatastreamConnectionProfile
cloudasset.assets.listDatastreamPrivateConnection
cloudasset.assets.listDatastreamStream
cloudasset.assets.listDialogflowAgents
cloudasset.assets.listDialogflowConversationProfiles
cloudasset.assets.listDialogflowKnowledgeBases
cloudasset.assets.listDialogflowLocationSettings
cloudasset.assets.listDlpDeidentifyTemplates
cloudasset.assets.listDlpDlpJobs
cloudasset.assets.listDlpInspectTemplates
cloudasset.assets.listDlpJobTriggers
cloudasset.assets.listDlpStoredInfoTypes
cloudasset.assets.listDnsManagedZones
cloudasset.assets.listDnsPolicies
cloudasset.assets.listDomainsRegistrations
cloudasset.assets.listEventarcTriggers
cloudasset.assets.listFileBackups
cloudasset.assets.listFileInstances
cloudasset.assets.listFirebaseAppInfos
cloudasset.assets.listFirebaseProjects
cloudasset.assets.listFirestoreDatabases
cloudasset.assets.listGKEHubFeatures
cloudasset.assets.listGKEHubMemberships
cloudasset.assets.listGameservicesGameServerClusters
cloudasset.assets.listGameservicesGameServerConfigs
cloudasset.assets.listGameservicesGameServerDeployments
cloudasset.assets.listGameservicesRealms
cloudasset.assets.listGkeBackupBackupPlans
cloudasset.assets.listGkeBackupBackups
cloudasset.assets.listGkeBackupRestorePlans
cloudasset.assets.listGkeBackupRestores
cloudasset.assets.listGkeBackupVolumeBackups
cloudasset.assets.listGkeBackupVolumeRestores
cloudasset.assets.listHealthcareConsentStores
cloudasset.assets.listHealthcareDatasets
cloudasset.assets.listHealthcareDicomStores
cloudasset.assets.listHealthcareFhirStores
cloudasset.assets.listHealthcareHl7V2Stores
cloudasset.assets.listIamPolicy
cloudasset.assets.listIamRoles
cloudasset.assets.listIamServiceAccountKeys
cloudasset.assets.listIamServiceAccounts
cloudasset.assets.listIapTunnel
cloudasset.assets.listIapTunnelInstances
cloudasset.assets.listIapTunnelZones
cloudasset.assets.listIapWeb
cloudasset.assets.listIapWebServiceVersion
cloudasset.assets.listIapWebServices
cloudasset.assets.listIapWebType
cloudasset.assets.listIdsEndpoints
cloudasset.assets.listIntegrationsAuthConfigs
cloudasset.assets.listIntegrationsCertificates
cloudasset.assets.listIntegrationsExecutions
cloudasset.assets.listIntegrationsIntegrationVersions
cloudasset.assets.listIntegrationsIntegrations
cloudasset.assets.listIntegrationsSfdcChannels
cloudasset.assets.listIntegrationsSfdcInstances
cloudasset.assets.listIntegrationsSuspensions
cloudasset.assets.listLoggingLogMetrics
cloudasset.assets.listLoggingLogSinks
cloudasset.assets.listManagedidentitiesDomain
cloudasset.assets.listMetastoreBackups
cloudasset.assets.listMetastoreMetadataImports
cloudasset.assets.listMetastoreServices
cloudasset.assets.listMonitoringAlertPolicies
cloudasset.assets.listNetworkConnectivityHubs
cloudasset.assets.listNetworkConnectivitySpokes
cloudasset.assets.listNetworkManagementConnectivityTests
cloudasset.assets.listNetworkServicesEndpointPolicies
cloudasset.assets.listNetworkServicesGateways
cloudasset.assets.listNetworkServicesGrpcRoutes
cloudasset.assets.listNetworkServicesHttpRoutes
cloudasset.assets.listNetworkServicesMeshes
cloudasset.assets.listNetworkServicesServiceBindings
cloudasset.assets.listNetworkServicesTcpRoutes
cloudasset.assets.listNetworkServicesTlsRoutes
cloudasset.assets.listOSConfigOSPolicyAssignmentReports
cloudasset.assets.listOSConfigOSPolicyAssignments
cloudasset.assets.listOSConfigVulnerabilityReports
cloudasset.assets.listOSInventories
cloudasset.assets.listOrgPolicy
cloudasset.assets.listPatchDeployments
cloudasset.assets.listPubsubSnapshots
cloudasset.assets.listPubsubSubscriptions
cloudasset.assets.listPubsubTopics
cloudasset.assets.listRedisInstances
cloudasset.assets.listResource
cloudasset.assets.listRunDomainMapping
cloudasset.assets.listRunRevision
cloudasset.assets.listRunService
cloudasset.assets.listSecretManagerSecretVersions
cloudasset.assets.listSecretManagerSecrets
cloudasset.assets.listServiceDirectoryNamespaces
cloudasset.assets.listServicePerimeter
cloudasset.assets.listServiceconsumermanagementConsumerProperty
cloudasset.assets.listServiceconsumermanagementConsumerQuotaLimits
cloudasset.assets.listServiceconsumermanagementConsumers
cloudasset.assets.listServiceconsumermanagementProducerOverrides
cloudasset.assets.listServiceconsumermanagementTenancyUnits
cloudasset.assets.listServiceconsumermanagementVisibility
cloudasset.assets.listServicemanagementServices
cloudasset.assets.listServiceusageAdminOverrides
cloudasset.assets.listServiceusageConsumerOverrides
cloudasset.assets.listServiceusageServices
cloudasset.assets.listSpannerBackups
cloudasset.assets.listSpannerDatabases
cloudasset.assets.listSpannerInstances
cloudasset.assets.listSpeakerIdPhrases
cloudasset.assets.listSpeakerIdSettings
cloudasset.assets.listSpeakerIdSpeakers
cloudasset.assets.listSpeechCustomClasses
cloudasset.assets.listSpeechPhraseSets
cloudasset.assets.listSqladminBackupRuns
cloudasset.assets.listSqladminInstances
cloudasset.assets.listStorageBuckets
cloudasset.assets.listTpuNodes
cloudasset.assets.listVpcaccessConnector
cloudasset.assets.queryAccessPolicy
cloudasset.assets.queryIamPolicy
cloudasset.assets.queryOSInventories
cloudasset.assets.queryResource
cloudasset.assets.searchAllIamPolicies
cloudasset.assets.searchAllResources
cloudasset.assets.searchEnrichmentResourceOwners

cloudasset.othercloudconnections.get

cloudasset.othercloudconnections.list

cloudasset.othercloudconnections.verify

recommender.cloudAssetInsights.get

recommender.cloudAssetInsights.list

recommender.locations.*

recommender.locations.get
recommender.locations.list

resourcemanager.folders.get

resourcemanager.folders.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

securitycenter.assets.group

securitycenter.assets.list

securitycenter.assets.listAssetPropertyNames

securitycenter.bigQueryExports.get

securitycenter.bigQueryExports.list

securitycenter.complianceReports.aggregate

securitycenter.compliancesnapshots.list

securitycenter.containerthreatdetectionsettings.calculate

securitycenter.containerthreatdetectionsettings.get

securitycenter.effectivesecurityhealthanalyticscustommodules.*

securitycenter.effectivesecurityhealthanalyticscustommodules.get
securitycenter.effectivesecurityhealthanalyticscustommodules.list

securitycenter.eventthreatdetectionsettings.calculate

securitycenter.eventthreatdetectionsettings.get

securitycenter.findingexplanations.get

securitycenter.findings.group

securitycenter.findings.list

securitycenter.findings.listFindingPropertyNames

securitycenter.graphs.*

securitycenter.graphs.get
securitycenter.graphs.query

securitycenter.integratedvulnerabilityscannersettings.calculate

securitycenter.integratedvulnerabilityscannersettings.get

securitycenter.issues.get

securitycenter.issues.group

securitycenter.issues.list

securitycenter.issues.listFilterValues

securitycenter.muteconfigs.get

securitycenter.muteconfigs.list

securitycenter.notificationconfig.get

securitycenter.notificationconfig.list

securitycenter.organizationsettings.get

securitycenter.rapidvulnerabilitydetectionsettings.calculate

securitycenter.rapidvulnerabilitydetectionsettings.get

securitycenter.securitycentersettings.get

securitycenter.securityhealthanalyticscustommodules.get

securitycenter.securityhealthanalyticscustommodules.list

securitycenter.securityhealthanalyticssettings.calculate

securitycenter.securityhealthanalyticssettings.get

securitycenter.sources.get

securitycenter.sources.list

securitycenter.subscription.get

securitycenter.userinterfacemetadata.get

securitycenter.virtualmachinethreatdetectionsettings.calculate

securitycenter.virtualmachinethreatdetectionsettings.get

securitycenter.vulnerabilitysnapshots.list

securitycenter.websecurityscannersettings.calculate

securitycenter.websecurityscannersettings.get

securitycentermanagement.billingMetadata.get

securitycentermanagement.effectiveEventThreatDetectionCustomModules.*

securitycentermanagement.effectiveEventThreatDetectionCustomModules.get
securitycentermanagement.effectiveEventThreatDetectionCustomModules.list

securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*

securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.list

securitycentermanagement.eventThreatDetectionCustomModules.get

securitycentermanagement.eventThreatDetectionCustomModules.list

securitycentermanagement.eventThreatDetectionCustomModules.validate

securitycentermanagement.locations.*

securitycentermanagement.locations.get
securitycentermanagement.locations.list

securitycentermanagement.securityCenterServices.get

securitycentermanagement.securityCenterServices.list

securitycentermanagement.securityCommandCenter.checkActivationOperation

securitycentermanagement.securityCommandCenter.checkOnboardingStatus

securitycentermanagement.securityCommandCenter.get

securitycentermanagement.securityHealthAnalyticsCustomModules.get

securitycentermanagement.securityHealthAnalyticsCustomModules.list

securitycentermanagement.securityHealthAnalyticsCustomModules.simulate

securitycentermanagement.securityHealthAnalyticsCustomModules.test

Risk Manager Viewer ^Beta

(roles/riskmanager.viewer)

Access to view Risk Manager resources

resourcemanager.projects.get

resourcemanager.projects.list

riskmanager.controlScoreBreakdowns.*

riskmanager.controlScoreBreakdowns.get
riskmanager.controlScoreBreakdowns.list

riskmanager.operations.get

riskmanager.operations.list

riskmanager.policies.*

riskmanager.policies.get
riskmanager.policies.list

riskmanager.reports.get

riskmanager.reports.list

riskmanager.settings.get

Cyber Insurance Hub permissions

Permission	Included in roles
`riskmanager.controlScoreBreakdowns.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.controlScoreBreakdowns.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`)
`riskmanager.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.policies.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.policies.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.reports.create`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`)
`riskmanager.reports.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`)
`riskmanager.reports.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.reports.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Auditor (`roles/iam.securityAuditor`) Security Reviewer (`roles/iam.securityReviewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.reports.review`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Report Reviewer (`roles/riskmanager.reviewer`)
`riskmanager.reports.share`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`)
`riskmanager.serviceAccount.create`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`)
`riskmanager.settings.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Support User (`roles/iam.supportUser`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`) Risk Manager Viewer (`roles/riskmanager.viewer`)
`riskmanager.settings.update`	Owner (`roles/owner`) Editor (`roles/editor`) Risk Manager Admin (`roles/riskmanager.admin`) Risk Manager Editor (`roles/riskmanager.editor`)

Cyber Insurance Hub roles and permissions