IAM overview

This page describes the Oracle Database@Google Cloud Identity and Access Management (IAM) integration and how you can use IAM to manage access across your resources.

IAM lets you control user and group access to Oracle Database@Google Cloud resources for the Exadata Database and Autonomous Database services. Roles are defined at the Google Cloud project level. For example, giving a user viewer access in an Exadata Infrastructure instance would grant them viewer access to all Exadata Infrastructure instances and VM Clusters in that project.

Using access control with IAM, you can grant permissions to a user or a group without modifying each instance, cluster, or database individually. Oracle Database@Google Cloud provides a set of predefined roles to manage access. You can use predefined roles or specific permissions to grant access to users. For more information about how IAM works at Google Cloud, see IAM documentation.

Oracle Database@Google Cloud predefined roles

Predefined roles contain permissions that allow Google Cloud project members to perform specific actions on Oracle Database@Google Cloud resources. The role you grant to a project member controls what actions they can take in that project. Project members can be individuals, groups, or service accounts. You can grant multiple roles to the same project member, and can change the roles granted at any time.

Broader roles include the more narrowly defined roles. For example, the Cloud Exadata Infrastructure Admin role includes all permissions of the Cloud Exadata Infrastructure Viewer role, along with additional permissions of the Cloud Exadata Infrastructure Admin role.

Each IAM role for Oracle Database@Google Cloud contains permissions that give the principal access to specific resources as shown in the following table.

Role Permissions

Role	Permissions
Oracle Database@Google Cloud admin (`roles/oracledatabase.admin`) Grants full access to manage all Oracle Database resources.	`oracledatabase.autonomousDatabaseBackups.` `oracledatabase.autonomousDatabaseBackups.create` `oracledatabase.autonomousDatabaseBackups.delete` `oracledatabase.autonomousDatabaseBackups.get` `oracledatabase.autonomousDatabaseBackups.list` `oracledatabase.autonomousDatabaseCharacterSets.list` `oracledatabase.autonomousDatabases.` `oracledatabase.autonomousDatabases.create` `oracledatabase.autonomousDatabases.delete` `oracledatabase.autonomousDatabases.generateWallet` `oracledatabase.autonomousDatabases.get` `oracledatabase.autonomousDatabases.list` `oracledatabase.autonomousDatabases.restart` `oracledatabase.autonomousDatabases.restore` `oracledatabase.autonomousDatabases.start` `oracledatabase.autonomousDatabases.stop` `oracledatabase.autonomousDatabases.switchover` `oracledatabase.autonomousDatabases.update` `oracledatabase.autonomousDbVersions.list` `oracledatabase.cloudExadataInfrastructures.` `oracledatabase.cloudExadataInfrastructures.create` `oracledatabase.cloudExadataInfrastructures.delete` `oracledatabase.cloudExadataInfrastructures.get` `oracledatabase.cloudExadataInfrastructures.list` `oracledatabase.cloudExadataInfrastructures.update` `oracledatabase.cloudExadataInfrastructures.use` `oracledatabase.cloudVmClusters.` `oracledatabase.cloudVmClusters.create` `oracledatabase.cloudVmClusters.delete` `oracledatabase.cloudVmClusters.get` `oracledatabase.cloudVmClusters.list` `oracledatabase.cloudVmClusters.update` `oracledatabase.databaseCharacterSets.list` `oracledatabase.databases.` `oracledatabase.databases.get` `oracledatabase.databases.list` `oracledatabase.dbNodes.list` `oracledatabase.dbServers.list` `oracledatabase.dbSystemInitialStorageSizes.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.dbSystems.` `oracledatabase.dbSystems.create` `oracledatabase.dbSystems.delete` `oracledatabase.dbSystems.get` `oracledatabase.dbSystems.list` `oracledatabase.dbVersions.list` `oracledatabase.entitlements.list` `oracledatabase.exadbVmClusters.` `oracledatabase.exadbVmClusters.create` `oracledatabase.exadbVmClusters.delete` `oracledatabase.exadbVmClusters.get` `oracledatabase.exadbVmClusters.list` `oracledatabase.exadbVmClusters.update` `oracledatabase.exascaleDbStorageVaults.` `oracledatabase.exascaleDbStorageVaults.create` `oracledatabase.exascaleDbStorageVaults.delete` `oracledatabase.exascaleDbStorageVaults.get` `oracledatabase.exascaleDbStorageVaults.list` `oracledatabase.giVersions.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.minorVersions.list` `oracledatabase.odbNetworks.` `oracledatabase.odbNetworks.create` `oracledatabase.odbNetworks.delete` `oracledatabase.odbNetworks.get` `oracledatabase.odbNetworks.list` `oracledatabase.odbSubnets.` `oracledatabase.odbSubnets.create` `oracledatabase.odbSubnets.delete` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.odbSubnets.use` `oracledatabase.operations.` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `oracledatabase.systemVersions.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Autonomous Database Admin (`roles/oracledatabase.autonomousDatabaseAdmin`) Grants full access to manage all Autonomous Database resources.	`oracledatabase.autonomousDatabaseBackups.` `oracledatabase.autonomousDatabaseBackups.create` `oracledatabase.autonomousDatabaseBackups.delete` `oracledatabase.autonomousDatabaseBackups.get` `oracledatabase.autonomousDatabaseBackups.list` `oracledatabase.autonomousDatabaseCharacterSets.list` `oracledatabase.autonomousDatabases.` `oracledatabase.autonomousDatabases.create` `oracledatabase.autonomousDatabases.delete` `oracledatabase.autonomousDatabases.generateWallet` `oracledatabase.autonomousDatabases.get` `oracledatabase.autonomousDatabases.list` `oracledatabase.autonomousDatabases.restart` `oracledatabase.autonomousDatabases.restore` `oracledatabase.autonomousDatabases.start` `oracledatabase.autonomousDatabases.stop` `oracledatabase.autonomousDatabases.switchover` `oracledatabase.autonomousDatabases.update` `oracledatabase.autonomousDbVersions.list` `oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.odbSubnets.use` `oracledatabase.operations.` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Autonomous Database Viewer (`roles/oracledatabase.autonomousDatabaseViewer`) Grants read access to see all Autonomous Database resources.	`oracledatabase.autonomousDatabaseBackups.get` `oracledatabase.autonomousDatabaseBackups.list` `oracledatabase.autonomousDatabaseCharacterSets.list` `oracledatabase.autonomousDatabases.get` `oracledatabase.autonomousDatabases.list` `oracledatabase.autonomousDbVersions.list` `oracledatabase.entitlements.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Infrastructure Admin (`roles/oracledatabase.cloudExadataInfrastructureAdmin`) Grants full access to manage all Exadata Infrastructure resources.	`oracledatabase.cloudExadataInfrastructures.create` `oracledatabase.cloudExadataInfrastructures.delete` `oracledatabase.cloudExadataInfrastructures.get` `oracledatabase.cloudExadataInfrastructures.list` `oracledatabase.cloudExadataInfrastructures.update` `oracledatabase.dbServers.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.giVersions.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Infrastructure User (`roles/oracledatabase.cloudExadataInfrastructureUser`) Grants user access to use all Exadata Infrastructure resources.	`oracledatabase.cloudExadataInfrastructures.get` `oracledatabase.cloudExadataInfrastructures.list` `oracledatabase.cloudExadataInfrastructures.use` `oracledatabase.dbServers.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.giVersions.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Infrastructure Viewer (`roles/oracledatabase.cloudExadataInfrastructureViewer`) Grants read access to see all Exadata Infrastructure resources.	`oracledatabase.cloudExadataInfrastructures.get` `oracledatabase.cloudExadataInfrastructures.list` `oracledatabase.dbServers.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.giVersions.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud VM Cluster Admin (`roles/oracledatabase.cloudVmClusterAdmin`) Grants full access to manage all VM Cluster resources.	`oracledatabase.cloudExadataInfrastructures.list` `oracledatabase.cloudExadataInfrastructures.use` `oracledatabase.cloudVmClusters.` `oracledatabase.cloudVmClusters.create` `oracledatabase.cloudVmClusters.delete` `oracledatabase.cloudVmClusters.get` `oracledatabase.cloudVmClusters.list` `oracledatabase.cloudVmClusters.update` `oracledatabase.dbNodes.list` `oracledatabase.dbServers.list` `oracledatabase.entitlements.list` `oracledatabase.giVersions.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.odbSubnets.use` `oracledatabase.operations.*` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `oracledatabase.systemVersions.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud VM Cluster Viewer (`roles/oracledatabase.cloudVmClusterViewer`) Grants read access to see all VM Cluster resources.	`oracledatabase.cloudVmClusters.get` `oracledatabase.cloudVmClusters.list` `oracledatabase.dbNodes.list` `oracledatabase.entitlements.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Container Database Viewer (`roles/oracledatabase.databaseViewer`) Grants read access to see all Container Database resources.	`oracledatabase.databases.` `oracledatabase.databases.get` `oracledatabase.databases.list` `oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `oracledatabase.pluggableDatabases.*` `oracledatabase.pluggableDatabases.get` `oracledatabase.pluggableDatabases.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud DB System Admin (`roles/oracledatabase.dbSystemAdmin`) Grants full access to manage all DB System resources.	`oracledatabase.databaseCharacterSets.list` `oracledatabase.databases.` `oracledatabase.databases.get` `oracledatabase.databases.list` `oracledatabase.dbSystemInitialStorageSizes.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.dbSystems.` `oracledatabase.dbSystems.create` `oracledatabase.dbSystems.delete` `oracledatabase.dbSystems.get` `oracledatabase.dbSystems.list` `oracledatabase.dbVersions.list` `oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud DB System Viewer (`roles/oracledatabase.dbSystemViewer`) Grants read access to see all DB System resources.	`oracledatabase.databaseCharacterSets.list` `oracledatabase.databases.` `oracledatabase.databases.get` `oracledatabase.databases.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.dbSystems.get` `oracledatabase.dbSystems.list` `oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture VM Cluster Admin (`roles/oracledatabase.exadbVmClusterAdmin`) Grants full access to manage all Exadata Database Service on Exascale Infrastracture VM Cluster resources.	`oracledatabase.dbNodes.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.exadbVmClusters.` `oracledatabase.exadbVmClusters.create` `oracledatabase.exadbVmClusters.delete` `oracledatabase.exadbVmClusters.get` `oracledatabase.exadbVmClusters.list` `oracledatabase.exadbVmClusters.update` `oracledatabase.giVersions.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.minorVersions.list` `oracledatabase.operations.*` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture VM Cluster Viewer (`roles/oracledatabase.exadbVmClusterViewer`) Grants read access to see all Exadata Database Service on Exascale Infrastracture VM Cluster resources.	`oracledatabase.dbNodes.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.exadbVmClusters.get` `oracledatabase.exadbVmClusters.list` `oracledatabase.giVersions.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.minorVersions.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture Storage Vault Admin (`roles/oracledatabase.exascaleDbStorageVaultAdmin`) Grants full access to manage all Exadata Database Service on Exascale Infrastracture Storage Vault resources.	`oracledatabase.dbNodes.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.exascaleDbStorageVaults.` `oracledatabase.exascaleDbStorageVaults.create` `oracledatabase.exascaleDbStorageVaults.delete` `oracledatabase.exascaleDbStorageVaults.get` `oracledatabase.exascaleDbStorageVaults.list` `oracledatabase.giVersions.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.minorVersions.list` `oracledatabase.operations.*` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture Storage Vault Viewer (`roles/oracledatabase.exascaleDbStorageVaultViewer`) Grants read access to see all Exadata Database Service on Exascale Infrastracture Storage Vault resources.	`oracledatabase.dbNodes.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.entitlements.list` `oracledatabase.exascaleDbStorageVaults.get` `oracledatabase.exascaleDbStorageVaults.list` `oracledatabase.giVersions.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.minorVersions.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Network Admin (`roles/oracledatabase.networkAdmin`) Grants full access to manage all ODB Network and ODB Subnet resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbNetworks.` `oracledatabase.odbNetworks.create` `oracledatabase.odbNetworks.delete` `oracledatabase.odbNetworks.get` `oracledatabase.odbNetworks.list` `oracledatabase.odbSubnets.` `oracledatabase.odbSubnets.create` `oracledatabase.odbSubnets.delete` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.odbSubnets.use` `oracledatabase.operations.` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google ODB Network Admin (`roles/oracledatabase.odbNetworkAdmin`) Grants full access to manage all ODB Network resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbNetworks.` `oracledatabase.odbNetworks.create` `oracledatabase.odbNetworks.delete` `oracledatabase.odbNetworks.get` `oracledatabase.odbNetworks.list` `oracledatabase.operations.*` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google ODB Network Viewer (`roles/oracledatabase.odbNetworkViewer`) Grants read access to see all ODB Network resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbNetworks.get` `oracledatabase.odbNetworks.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google ODB Subnet Admin (`roles/oracledatabase.odbSubnetAdmin`) Grants full access to manage all ODB Subnet resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbSubnets.` `oracledatabase.odbSubnets.create` `oracledatabase.odbSubnets.delete` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.odbSubnets.use` `oracledatabase.operations.*` `oracledatabase.operations.cancel` `oracledatabase.operations.delete` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google ODB Subnet User (`roles/oracledatabase.odbSubnetUser`) Grants use access to ODB Subnet resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.odbSubnets.use` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google ODB Subnet Viewer (`roles/oracledatabase.odbSubnetViewer`) Grants read access to see all ODB Subnet resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.*` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud Pluggable Database Viewer (`roles/oracledatabase.pluggableDatabaseViewer`) Grants read access to see all Pluggable Database resources.	`oracledatabase.entitlements.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `oracledatabase.pluggableDatabases.` `oracledatabase.pluggableDatabases.get` `oracledatabase.pluggableDatabases.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Oracle Database@Google Cloud viewer (`roles/oracledatabase.viewer`) Grants view access to all Oracle Database resources.	`oracledatabase.autonomousDatabaseBackups.get` `oracledatabase.autonomousDatabaseBackups.list` `oracledatabase.autonomousDatabaseCharacterSets.list` `oracledatabase.autonomousDatabases.get` `oracledatabase.autonomousDatabases.list` `oracledatabase.autonomousDbVersions.list` `oracledatabase.cloudExadataInfrastructures.get` `oracledatabase.cloudExadataInfrastructures.list` `oracledatabase.cloudVmClusters.get` `oracledatabase.cloudVmClusters.list` `oracledatabase.databaseCharacterSets.list` `oracledatabase.databases.` `oracledatabase.databases.get` `oracledatabase.databases.list` `oracledatabase.dbNodes.list` `oracledatabase.dbServers.list` `oracledatabase.dbSystemShapes.list` `oracledatabase.dbSystems.get` `oracledatabase.dbSystems.list` `oracledatabase.entitlements.list` `oracledatabase.exadbVmClusters.get` `oracledatabase.exadbVmClusters.list` `oracledatabase.exascaleDbStorageVaults.get` `oracledatabase.exascaleDbStorageVaults.list` `oracledatabase.giVersions.list` `oracledatabase.locations.` `oracledatabase.locations.get` `oracledatabase.locations.list` `oracledatabase.minorVersions.list` `oracledatabase.odbNetworks.get` `oracledatabase.odbNetworks.list` `oracledatabase.odbSubnets.get` `oracledatabase.odbSubnets.list` `oracledatabase.operations.get` `oracledatabase.operations.list` `oracledatabase.pluggableDatabases.*` `oracledatabase.pluggableDatabases.get` `oracledatabase.pluggableDatabases.list` `resourcemanager.projects.get` `resourcemanager.projects.list`

Oracle Database@Google Cloud admin

(roles/oracledatabase.admin)

Grants full access to manage all Oracle Database resources.

oracledatabase.autonomousDatabaseBackups.*

oracledatabase.autonomousDatabaseBackups.create
oracledatabase.autonomousDatabaseBackups.delete
oracledatabase.autonomousDatabaseBackups.get
oracledatabase.autonomousDatabaseBackups.list

oracledatabase.autonomousDatabaseCharacterSets.list

oracledatabase.autonomousDatabases.*

oracledatabase.autonomousDatabases.create
oracledatabase.autonomousDatabases.delete
oracledatabase.autonomousDatabases.generateWallet
oracledatabase.autonomousDatabases.get
oracledatabase.autonomousDatabases.list
oracledatabase.autonomousDatabases.restart
oracledatabase.autonomousDatabases.restore
oracledatabase.autonomousDatabases.start
oracledatabase.autonomousDatabases.stop
oracledatabase.autonomousDatabases.switchover
oracledatabase.autonomousDatabases.update

oracledatabase.autonomousDbVersions.list

oracledatabase.cloudExadataInfrastructures.*

oracledatabase.cloudExadataInfrastructures.create
oracledatabase.cloudExadataInfrastructures.delete
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.cloudExadataInfrastructures.update
oracledatabase.cloudExadataInfrastructures.use

oracledatabase.cloudVmClusters.*

oracledatabase.cloudVmClusters.create
oracledatabase.cloudVmClusters.delete
oracledatabase.cloudVmClusters.get
oracledatabase.cloudVmClusters.list
oracledatabase.cloudVmClusters.update

oracledatabase.databaseCharacterSets.list

oracledatabase.databases.*

oracledatabase.databases.get
oracledatabase.databases.list

oracledatabase.dbNodes.list

oracledatabase.dbServers.list

oracledatabase.dbSystemInitialStorageSizes.list

oracledatabase.dbSystemShapes.list

oracledatabase.dbSystems.*

oracledatabase.dbSystems.create
oracledatabase.dbSystems.delete
oracledatabase.dbSystems.get
oracledatabase.dbSystems.list

oracledatabase.dbVersions.list

oracledatabase.entitlements.list

oracledatabase.exadbVmClusters.*

oracledatabase.exadbVmClusters.create
oracledatabase.exadbVmClusters.delete
oracledatabase.exadbVmClusters.get
oracledatabase.exadbVmClusters.list
oracledatabase.exadbVmClusters.update

oracledatabase.exascaleDbStorageVaults.*

oracledatabase.exascaleDbStorageVaults.create
oracledatabase.exascaleDbStorageVaults.delete
oracledatabase.exascaleDbStorageVaults.get
oracledatabase.exascaleDbStorageVaults.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.minorVersions.list

oracledatabase.odbNetworks.*

oracledatabase.odbNetworks.create
oracledatabase.odbNetworks.delete
oracledatabase.odbNetworks.get
oracledatabase.odbNetworks.list

oracledatabase.odbSubnets.*

oracledatabase.odbSubnets.create
oracledatabase.odbSubnets.delete
oracledatabase.odbSubnets.get
oracledatabase.odbSubnets.list
oracledatabase.odbSubnets.use

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

oracledatabase.systemVersions.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Autonomous Database Admin

(roles/oracledatabase.autonomousDatabaseAdmin)

Grants full access to manage all Autonomous Database resources.

oracledatabase.autonomousDatabaseBackups.*

oracledatabase.autonomousDatabaseBackups.create
oracledatabase.autonomousDatabaseBackups.delete
oracledatabase.autonomousDatabaseBackups.get
oracledatabase.autonomousDatabaseBackups.list

oracledatabase.autonomousDatabaseCharacterSets.list

oracledatabase.autonomousDatabases.*

oracledatabase.autonomousDatabases.create
oracledatabase.autonomousDatabases.delete
oracledatabase.autonomousDatabases.generateWallet
oracledatabase.autonomousDatabases.get
oracledatabase.autonomousDatabases.list
oracledatabase.autonomousDatabases.restart
oracledatabase.autonomousDatabases.restore
oracledatabase.autonomousDatabases.start
oracledatabase.autonomousDatabases.stop
oracledatabase.autonomousDatabases.switchover
oracledatabase.autonomousDatabases.update

oracledatabase.autonomousDbVersions.list

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbSubnets.get

oracledatabase.odbSubnets.list

oracledatabase.odbSubnets.use

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Autonomous Database Viewer

(roles/oracledatabase.autonomousDatabaseViewer)

Grants read access to see all Autonomous Database resources.

oracledatabase.autonomousDatabaseBackups.get

oracledatabase.autonomousDatabaseBackups.list

oracledatabase.autonomousDatabaseCharacterSets.list

oracledatabase.autonomousDatabases.get

oracledatabase.autonomousDatabases.list

oracledatabase.autonomousDbVersions.list

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Infrastructure Admin

(roles/oracledatabase.cloudExadataInfrastructureAdmin)

Grants full access to manage all Exadata Infrastructure resources.

oracledatabase.cloudExadataInfrastructures.create

oracledatabase.cloudExadataInfrastructures.delete

oracledatabase.cloudExadataInfrastructures.get

oracledatabase.cloudExadataInfrastructures.list

oracledatabase.cloudExadataInfrastructures.update

oracledatabase.dbServers.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Infrastructure User

(roles/oracledatabase.cloudExadataInfrastructureUser)

Grants user access to use all Exadata Infrastructure resources.

oracledatabase.cloudExadataInfrastructures.get

oracledatabase.cloudExadataInfrastructures.list

oracledatabase.cloudExadataInfrastructures.use

oracledatabase.dbServers.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Infrastructure Viewer

(roles/oracledatabase.cloudExadataInfrastructureViewer)

Grants read access to see all Exadata Infrastructure resources.

oracledatabase.cloudExadataInfrastructures.get

oracledatabase.cloudExadataInfrastructures.list

oracledatabase.dbServers.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud VM Cluster Admin

(roles/oracledatabase.cloudVmClusterAdmin)

Grants full access to manage all VM Cluster resources.

oracledatabase.cloudExadataInfrastructures.list

oracledatabase.cloudExadataInfrastructures.use

oracledatabase.cloudVmClusters.*

oracledatabase.cloudVmClusters.create
oracledatabase.cloudVmClusters.delete
oracledatabase.cloudVmClusters.get
oracledatabase.cloudVmClusters.list
oracledatabase.cloudVmClusters.update

oracledatabase.dbNodes.list

oracledatabase.dbServers.list

oracledatabase.entitlements.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbSubnets.get

oracledatabase.odbSubnets.list

oracledatabase.odbSubnets.use

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

oracledatabase.systemVersions.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud VM Cluster Viewer

(roles/oracledatabase.cloudVmClusterViewer)

Grants read access to see all VM Cluster resources.

oracledatabase.cloudVmClusters.get

oracledatabase.cloudVmClusters.list

oracledatabase.dbNodes.list

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Container Database Viewer

(roles/oracledatabase.databaseViewer)

Grants read access to see all Container Database resources.

oracledatabase.databases.*

oracledatabase.databases.get
oracledatabase.databases.list

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

oracledatabase.pluggableDatabases.*

oracledatabase.pluggableDatabases.get
oracledatabase.pluggableDatabases.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud DB System Admin

(roles/oracledatabase.dbSystemAdmin)

Grants full access to manage all DB System resources.

oracledatabase.databaseCharacterSets.list

oracledatabase.databases.*

oracledatabase.databases.get
oracledatabase.databases.list

oracledatabase.dbSystemInitialStorageSizes.list

oracledatabase.dbSystemShapes.list

oracledatabase.dbSystems.*

oracledatabase.dbSystems.create
oracledatabase.dbSystems.delete
oracledatabase.dbSystems.get
oracledatabase.dbSystems.list

oracledatabase.dbVersions.list

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud DB System Viewer

(roles/oracledatabase.dbSystemViewer)

Grants read access to see all DB System resources.

oracledatabase.databaseCharacterSets.list

oracledatabase.databases.*

oracledatabase.databases.get
oracledatabase.databases.list

oracledatabase.dbSystemShapes.list

oracledatabase.dbSystems.get

oracledatabase.dbSystems.list

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture VM Cluster Admin

(roles/oracledatabase.exadbVmClusterAdmin)

Grants full access to manage all Exadata Database Service on Exascale Infrastracture VM Cluster resources.

oracledatabase.dbNodes.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.exadbVmClusters.*

oracledatabase.exadbVmClusters.create
oracledatabase.exadbVmClusters.delete
oracledatabase.exadbVmClusters.get
oracledatabase.exadbVmClusters.list
oracledatabase.exadbVmClusters.update

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.minorVersions.list

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture VM Cluster Viewer

(roles/oracledatabase.exadbVmClusterViewer)

Grants read access to see all Exadata Database Service on Exascale Infrastracture VM Cluster resources.

oracledatabase.dbNodes.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.exadbVmClusters.get

oracledatabase.exadbVmClusters.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.minorVersions.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture Storage Vault Admin

(roles/oracledatabase.exascaleDbStorageVaultAdmin)

Grants full access to manage all Exadata Database Service on Exascale Infrastracture Storage Vault resources.

oracledatabase.dbNodes.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.exascaleDbStorageVaults.*

oracledatabase.exascaleDbStorageVaults.create
oracledatabase.exascaleDbStorageVaults.delete
oracledatabase.exascaleDbStorageVaults.get
oracledatabase.exascaleDbStorageVaults.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.minorVersions.list

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture Storage Vault Viewer

(roles/oracledatabase.exascaleDbStorageVaultViewer)

Grants read access to see all Exadata Database Service on Exascale Infrastracture Storage Vault resources.

oracledatabase.dbNodes.list

oracledatabase.dbSystemShapes.list

oracledatabase.entitlements.list

oracledatabase.exascaleDbStorageVaults.get

oracledatabase.exascaleDbStorageVaults.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.minorVersions.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Network Admin

(roles/oracledatabase.networkAdmin)

Grants full access to manage all ODB Network and ODB Subnet resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbNetworks.*

oracledatabase.odbNetworks.create
oracledatabase.odbNetworks.delete
oracledatabase.odbNetworks.get
oracledatabase.odbNetworks.list

oracledatabase.odbSubnets.*

oracledatabase.odbSubnets.create
oracledatabase.odbSubnets.delete
oracledatabase.odbSubnets.get
oracledatabase.odbSubnets.list
oracledatabase.odbSubnets.use

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google ODB Network Admin

(roles/oracledatabase.odbNetworkAdmin)

Grants full access to manage all ODB Network resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbNetworks.*

oracledatabase.odbNetworks.create
oracledatabase.odbNetworks.delete
oracledatabase.odbNetworks.get
oracledatabase.odbNetworks.list

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google ODB Network Viewer

(roles/oracledatabase.odbNetworkViewer)

Grants read access to see all ODB Network resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbNetworks.get

oracledatabase.odbNetworks.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google ODB Subnet Admin

(roles/oracledatabase.odbSubnetAdmin)

Grants full access to manage all ODB Subnet resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbSubnets.*

oracledatabase.odbSubnets.create
oracledatabase.odbSubnets.delete
oracledatabase.odbSubnets.get
oracledatabase.odbSubnets.list
oracledatabase.odbSubnets.use

oracledatabase.operations.*

oracledatabase.operations.cancel
oracledatabase.operations.delete
oracledatabase.operations.get
oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google ODB Subnet User

(roles/oracledatabase.odbSubnetUser)

Grants use access to ODB Subnet resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbSubnets.get

oracledatabase.odbSubnets.list

oracledatabase.odbSubnets.use

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google ODB Subnet Viewer

(roles/oracledatabase.odbSubnetViewer)

Grants read access to see all ODB Subnet resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.odbSubnets.get

oracledatabase.odbSubnets.list

oracledatabase.operations.get

oracledatabase.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud Pluggable Database Viewer

(roles/oracledatabase.pluggableDatabaseViewer)

Grants read access to see all Pluggable Database resources.

oracledatabase.entitlements.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.operations.get

oracledatabase.operations.list

oracledatabase.pluggableDatabases.*

oracledatabase.pluggableDatabases.get
oracledatabase.pluggableDatabases.list

resourcemanager.projects.get

resourcemanager.projects.list

Oracle Database@Google Cloud viewer

(roles/oracledatabase.viewer)

Grants view access to all Oracle Database resources.

oracledatabase.autonomousDatabaseBackups.get

oracledatabase.autonomousDatabaseBackups.list

oracledatabase.autonomousDatabaseCharacterSets.list

oracledatabase.autonomousDatabases.get

oracledatabase.autonomousDatabases.list

oracledatabase.autonomousDbVersions.list

oracledatabase.cloudExadataInfrastructures.get

oracledatabase.cloudExadataInfrastructures.list

oracledatabase.cloudVmClusters.get

oracledatabase.cloudVmClusters.list

oracledatabase.databaseCharacterSets.list

oracledatabase.databases.*

oracledatabase.databases.get
oracledatabase.databases.list

oracledatabase.dbNodes.list

oracledatabase.dbServers.list

oracledatabase.dbSystemShapes.list

oracledatabase.dbSystems.get

oracledatabase.dbSystems.list

oracledatabase.entitlements.list

oracledatabase.exadbVmClusters.get

oracledatabase.exadbVmClusters.list

oracledatabase.exascaleDbStorageVaults.get

oracledatabase.exascaleDbStorageVaults.list

oracledatabase.giVersions.list

oracledatabase.locations.*

oracledatabase.locations.get
oracledatabase.locations.list

oracledatabase.minorVersions.list

oracledatabase.odbNetworks.get

oracledatabase.odbNetworks.list

oracledatabase.odbSubnets.get

oracledatabase.odbSubnets.list

oracledatabase.operations.get

oracledatabase.operations.list

oracledatabase.pluggableDatabases.*

oracledatabase.pluggableDatabases.get
oracledatabase.pluggableDatabases.list

resourcemanager.projects.get

resourcemanager.projects.list

What's next

Learn more about how to grant access using IAM.
Learn more about Oracle Database@Google Cloud.

IAM overview Stay organized with collections Save and categorize content based on your preferences.

Oracle Database@Google Cloud predefined roles

Oracle Database@Google Cloud admin

Oracle Database@Google Cloud Autonomous Database Admin

Oracle Database@Google Cloud Autonomous Database Viewer

Oracle Database@Google Cloud Exadata Infrastructure Admin

Oracle Database@Google Cloud Exadata Infrastructure User

Oracle Database@Google Cloud Exadata Infrastructure Viewer

Oracle Database@Google Cloud VM Cluster Admin

Oracle Database@Google Cloud VM Cluster Viewer

Oracle Database@Google Cloud Container Database Viewer

Oracle Database@Google Cloud DB System Admin

Oracle Database@Google Cloud DB System Viewer

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture VM Cluster Admin

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture VM Cluster Viewer

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture Storage Vault Admin

Oracle Database@Google Cloud Exadata Database Service on Exascale Infrastracture Storage Vault Viewer

Oracle Database@Google Network Admin

Oracle Database@Google ODB Network Admin

Oracle Database@Google ODB Network Viewer

Oracle Database@Google ODB Subnet Admin

Oracle Database@Google ODB Subnet User

Oracle Database@Google ODB Subnet Viewer

Oracle Database@Google Cloud Pluggable Database Viewer

Oracle Database@Google Cloud viewer

What's next

IAM overview