Service Directory roles and permissions
Stay organized with collections Save and categorize content based on your preferences.

This page lists the IAM roles and permissions for Service Directory. To search through all roles and permissions, see the role and permission index.

Service Directory roles

Role Permissions

Role	Permissions
Service Directory Admin (`roles/servicedirectory.admin`) Full control of all Service Directory resources and permissions.	`resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.endpoints.` `servicedirectory.endpoints.create` `servicedirectory.endpoints.delete` `servicedirectory.endpoints.get` `servicedirectory.endpoints.getIamPolicy` `servicedirectory.endpoints.list` `servicedirectory.endpoints.setIamPolicy` `servicedirectory.endpoints.update` `servicedirectory.locations.` `servicedirectory.locations.get` `servicedirectory.locations.list` `servicedirectory.namespaces.` `servicedirectory.namespaces.associatePrivateZone` `servicedirectory.namespaces.create` `servicedirectory.namespaces.delete` `servicedirectory.namespaces.get` `servicedirectory.namespaces.getIamPolicy` `servicedirectory.namespaces.list` `servicedirectory.namespaces.setIamPolicy` `servicedirectory.namespaces.update` `servicedirectory.networks.attach` `servicedirectory.services.` `servicedirectory.services.bind` `servicedirectory.services.create` `servicedirectory.services.delete` `servicedirectory.services.get` `servicedirectory.services.getIamPolicy` `servicedirectory.services.list` `servicedirectory.services.resolve` `servicedirectory.services.setIamPolicy` `servicedirectory.services.update`
Service Directory Editor (`roles/servicedirectory.editor`) Edit Service Directory resources.	`resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.endpoints.create` `servicedirectory.endpoints.delete` `servicedirectory.endpoints.get` `servicedirectory.endpoints.getIamPolicy` `servicedirectory.endpoints.list` `servicedirectory.endpoints.update` `servicedirectory.locations.*` `servicedirectory.locations.get` `servicedirectory.locations.list` `servicedirectory.namespaces.associatePrivateZone` `servicedirectory.namespaces.create` `servicedirectory.namespaces.delete` `servicedirectory.namespaces.get` `servicedirectory.namespaces.getIamPolicy` `servicedirectory.namespaces.list` `servicedirectory.namespaces.update` `servicedirectory.networks.attach` `servicedirectory.services.bind` `servicedirectory.services.create` `servicedirectory.services.delete` `servicedirectory.services.get` `servicedirectory.services.getIamPolicy` `servicedirectory.services.list` `servicedirectory.services.resolve` `servicedirectory.services.update`
Service Directory Network Attacher (`roles/servicedirectory.networkAttacher`) Gives access to attach VPC Networks to Service Directory Endpoints	`resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.networks.attach`
Private Service Connect Authorized Service (`roles/servicedirectory.pscAuthorizedService`) Gives access to VPC Networks via Service Directory	`resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.networks.access`
Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Give the Service Directory service agent access to Cloud Platform resources. Warning: Do not grant service agent roles to any principals except service agents.	`container.clusters.get` `gkehub.features.get` `gkehub.gateway.delete` `gkehub.gateway.generateCredentials` `gkehub.gateway.get` `gkehub.gateway.patch` `gkehub.gateway.post` `gkehub.gateway.put` `gkehub.locations.` `gkehub.locations.get` `gkehub.locations.list` `gkehub.memberships.get` `gkehub.memberships.list` `resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.endpoints.create` `servicedirectory.endpoints.delete` `servicedirectory.endpoints.get` `servicedirectory.endpoints.getIamPolicy` `servicedirectory.endpoints.list` `servicedirectory.endpoints.update` `servicedirectory.locations.` `servicedirectory.locations.get` `servicedirectory.locations.list` `servicedirectory.namespaces.associatePrivateZone` `servicedirectory.namespaces.create` `servicedirectory.namespaces.delete` `servicedirectory.namespaces.get` `servicedirectory.namespaces.getIamPolicy` `servicedirectory.namespaces.list` `servicedirectory.namespaces.update` `servicedirectory.networks.attach` `servicedirectory.services.bind` `servicedirectory.services.create` `servicedirectory.services.delete` `servicedirectory.services.get` `servicedirectory.services.getIamPolicy` `servicedirectory.services.list` `servicedirectory.services.resolve` `servicedirectory.services.update`
Service Directory Viewer (`roles/servicedirectory.viewer`) View Service Directory resources.	`resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.endpoints.get` `servicedirectory.endpoints.getIamPolicy` `servicedirectory.endpoints.list` `servicedirectory.locations.*` `servicedirectory.locations.get` `servicedirectory.locations.list` `servicedirectory.namespaces.get` `servicedirectory.namespaces.getIamPolicy` `servicedirectory.namespaces.list` `servicedirectory.services.get` `servicedirectory.services.getIamPolicy` `servicedirectory.services.list` `servicedirectory.services.resolve`

Service Directory Admin

(roles/servicedirectory.admin)

Full control of all Service Directory resources and permissions.

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.endpoints.*

servicedirectory.endpoints.create
servicedirectory.endpoints.delete
servicedirectory.endpoints.get
servicedirectory.endpoints.getIamPolicy
servicedirectory.endpoints.list
servicedirectory.endpoints.setIamPolicy
servicedirectory.endpoints.update

servicedirectory.locations.*

servicedirectory.locations.get
servicedirectory.locations.list

servicedirectory.namespaces.*

servicedirectory.namespaces.associatePrivateZone
servicedirectory.namespaces.create
servicedirectory.namespaces.delete
servicedirectory.namespaces.get
servicedirectory.namespaces.getIamPolicy
servicedirectory.namespaces.list
servicedirectory.namespaces.setIamPolicy
servicedirectory.namespaces.update

servicedirectory.networks.attach

servicedirectory.services.*

servicedirectory.services.bind
servicedirectory.services.create
servicedirectory.services.delete
servicedirectory.services.get
servicedirectory.services.getIamPolicy
servicedirectory.services.list
servicedirectory.services.resolve
servicedirectory.services.setIamPolicy
servicedirectory.services.update

Service Directory Editor

(roles/servicedirectory.editor)

Edit Service Directory resources.

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.endpoints.create

servicedirectory.endpoints.delete

servicedirectory.endpoints.get

servicedirectory.endpoints.getIamPolicy

servicedirectory.endpoints.list

servicedirectory.endpoints.update

servicedirectory.locations.*

servicedirectory.locations.get
servicedirectory.locations.list

servicedirectory.namespaces.associatePrivateZone

servicedirectory.namespaces.create

servicedirectory.namespaces.delete

servicedirectory.namespaces.get

servicedirectory.namespaces.getIamPolicy

servicedirectory.namespaces.list

servicedirectory.namespaces.update

servicedirectory.networks.attach

servicedirectory.services.bind

servicedirectory.services.create

servicedirectory.services.delete

servicedirectory.services.get

servicedirectory.services.getIamPolicy

servicedirectory.services.list

servicedirectory.services.resolve

servicedirectory.services.update

Service Directory Network Attacher

(roles/servicedirectory.networkAttacher)

Gives access to attach VPC Networks to Service Directory Endpoints

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.networks.attach

Private Service Connect Authorized Service

(roles/servicedirectory.pscAuthorizedService)

Gives access to VPC Networks via Service Directory

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.networks.access

Service Directory Service Agent

(roles/servicedirectory.serviceAgent)

Give the Service Directory service agent access to Cloud Platform resources.

container.clusters.get

gkehub.features.get

gkehub.gateway.delete

gkehub.gateway.generateCredentials

gkehub.gateway.get

gkehub.gateway.patch

gkehub.gateway.post

gkehub.gateway.put

gkehub.locations.*

gkehub.locations.get
gkehub.locations.list

gkehub.memberships.get

gkehub.memberships.list

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.endpoints.create

servicedirectory.endpoints.delete

servicedirectory.endpoints.get

servicedirectory.endpoints.getIamPolicy

servicedirectory.endpoints.list

servicedirectory.endpoints.update

servicedirectory.locations.*

servicedirectory.locations.get
servicedirectory.locations.list

servicedirectory.namespaces.associatePrivateZone

servicedirectory.namespaces.create

servicedirectory.namespaces.delete

servicedirectory.namespaces.get

servicedirectory.namespaces.getIamPolicy

servicedirectory.namespaces.list

servicedirectory.namespaces.update

servicedirectory.networks.attach

servicedirectory.services.bind

servicedirectory.services.create

servicedirectory.services.delete

servicedirectory.services.get

servicedirectory.services.getIamPolicy

servicedirectory.services.list

servicedirectory.services.resolve

servicedirectory.services.update

Service Directory Viewer

(roles/servicedirectory.viewer)

View Service Directory resources.

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.endpoints.get

servicedirectory.endpoints.getIamPolicy

servicedirectory.endpoints.list

servicedirectory.locations.*

servicedirectory.locations.get
servicedirectory.locations.list

servicedirectory.namespaces.get

servicedirectory.namespaces.getIamPolicy

servicedirectory.namespaces.list

servicedirectory.services.get

servicedirectory.services.getIamPolicy

servicedirectory.services.list

servicedirectory.services.resolve

Service Directory permissions

Permission	Included in roles
`servicedirectory.endpoints.create`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)
`servicedirectory.endpoints.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)
`servicedirectory.endpoints.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.endpoints.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.endpoints.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.endpoints.setIamPolicy`	Owner (`roles/owner`) Security Admin (`roles/iam.securityAdmin`) Service Directory Admin (`roles/servicedirectory.admin`)
`servicedirectory.endpoints.update`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)
`servicedirectory.locations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.locations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.namespaces.associatePrivateZone`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Network Connectivity Service Agent (`roles/networkconnectivity.serviceAgent`) Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`servicedirectory.namespaces.create`	Owner (`roles/owner`) Editor (`roles/editor`) Compute Network Admin (`roles/compute.networkAdmin`) Compute Peer Subnet Migration Admin (`roles/compute.peerSubnetMigrationAdmin`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Cloud Workstations Network Admin (`roles/workstations.networkAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud TPU V2 API Service Agent (`roles/cloudtpu.serviceAgent`) Cloud Composer API Service Agent (`roles/composer.serviceAgent`) Kubernetes Engine Service Agent (`roles/container.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Managed Kafka Service Agent (`roles/managedkafka.serviceAgent`) Dataproc Metastore Service Agent (`roles/metastore.serviceAgent`) Network Connectivity Service Agent (`roles/networkconnectivity.serviceAgent`) Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Workstations Service Agent (`roles/workstations.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`servicedirectory.namespaces.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Compute Network Admin (`roles/compute.networkAdmin`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Cloud Workstations Network Admin (`roles/workstations.networkAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud TPU V2 API Service Agent (`roles/cloudtpu.serviceAgent`) Cloud Composer API Service Agent (`roles/composer.serviceAgent`) Kubernetes Engine Service Agent (`roles/container.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Dataproc Metastore Service Agent (`roles/metastore.serviceAgent`) Network Connectivity Service Agent (`roles/networkconnectivity.serviceAgent`) Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Workstations Service Agent (`roles/workstations.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`servicedirectory.namespaces.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.namespaces.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.namespaces.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.namespaces.setIamPolicy`	Owner (`roles/owner`) Security Admin (`roles/iam.securityAdmin`) Service Directory Admin (`roles/servicedirectory.admin`)
`servicedirectory.namespaces.update`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)
`servicedirectory.networks.access`	Private Service Connect Authorized Service (`roles/servicedirectory.pscAuthorizedService`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Monitoring Service Agent (`roles/monitoring.notificationServiceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.networks.attach`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Network Attacher (`roles/servicedirectory.networkAttacher`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)
`servicedirectory.services.bind`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)
`servicedirectory.services.create`	Owner (`roles/owner`) Editor (`roles/editor`) Compute Network Admin (`roles/compute.networkAdmin`) Compute Peer Subnet Migration Admin (`roles/compute.peerSubnetMigrationAdmin`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Cloud Workstations Network Admin (`roles/workstations.networkAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud TPU V2 API Service Agent (`roles/cloudtpu.serviceAgent`) Cloud Composer API Service Agent (`roles/composer.serviceAgent`) Kubernetes Engine Service Agent (`roles/container.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Managed Kafka Service Agent (`roles/managedkafka.serviceAgent`) Dataproc Metastore Service Agent (`roles/metastore.serviceAgent`) Network Connectivity Service Agent (`roles/networkconnectivity.serviceAgent`) Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Workstations Service Agent (`roles/workstations.serviceAgent`) Cloud Deployment Manager Service Agent (`roles/clouddeploymentmanager.serviceAgent`)
`servicedirectory.services.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Compute Network Admin (`roles/compute.networkAdmin`) Compute Peer Subnet Migration Admin (`roles/compute.peerSubnetMigrationAdmin`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Cloud Workstations Network Admin (`roles/workstations.networkAdmin`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Cloud Composer API Service Agent (`roles/composer.serviceAgent`) Kubernetes Engine Service Agent (`roles/container.serviceAgent`) Cloud Dataflow Service Agent (`roles/dataflow.serviceAgent`) Managed Kafka Service Agent (`roles/managedkafka.serviceAgent`) Dataproc Metastore Service Agent (`roles/metastore.serviceAgent`) Network Connectivity Service Agent (`roles/networkconnectivity.serviceAgent`) Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Workstations Service Agent (`roles/workstations.serviceAgent`) Cloud TPU V2 API Service Agent (`roles/cloudtpu.serviceAgent`)
`servicedirectory.services.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.services.getIamPolicy`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.services.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.services.resolve`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service Directory Viewer (`roles/servicedirectory.viewer`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Monitoring Service Agent (`roles/monitoring.notificationServiceAgent`) Service Directory Service Agent (`roles/servicedirectory.serviceAgent`) Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`)
`servicedirectory.services.setIamPolicy`	Owner (`roles/owner`) Security Admin (`roles/iam.securityAdmin`) Service Directory Admin (`roles/servicedirectory.admin`)
`servicedirectory.services.update`	Owner (`roles/owner`) Editor (`roles/editor`) Service Directory Admin (`roles/servicedirectory.admin`) Service Directory Editor (`roles/servicedirectory.editor`) Service agent roles Warning: Don't grant service agent roles to any principals except service agents. Service Directory Service Agent (`roles/servicedirectory.serviceAgent`)

Service Directory roles and permissions
Stay organized with collections Save and categorize content based on your preferences.