Stay organized with collections
Save and categorize content based on your preferences.
Access Control with IAM
Service Usage uses Identity and Access Management (IAM) to
control access to services. This page explains the IAM roles and
permissions related to Service Usage and how to use them to control
access.
Resource model
For Service Usage, there are three relevant resources:
The service you are using.
The project from which you are using the service.
The operation or long-running operation returned by certain methods.
Each Service Usage method requires a permission on one or more of these
resources.
IAM permissions
The following table shows the required permissions for each
Service Usage API method. You can also find this information in the
API reference.
On the project: serviceusage.quota.update
On the service: servicemanagement.services.bind
To use a project for quota and billing purposes. For more information,
see System parameters.
On the project: serviceusage.services.use
IAM roles
With IAM, you give users permission by granting them a role. The
following tables list IAM basic and predefined roles, and the
permissions related to Service Usage that those roles include.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Access Control with IAM\n=======================\n\nService Usage uses [Identity and Access Management (IAM)](/iam) to\ncontrol access to services. This page explains the IAM roles and\npermissions related to Service Usage and how to use them to control\naccess.\n\nResource model\n--------------\n\nFor Service Usage, there are three relevant resources:\n\n1. The service you are using.\n\n2. The project from which you are using the service.\n\n3. The operation or long-running operation returned by certain methods.\n\nEach Service Usage method requires a permission on one or more of these\nresources.\n\nIAM permissions\n---------------\n\nThe following table shows the required permissions for each\nService Usage API method. You can also find this information in the\n[API reference](/service-usage/docs/reference/rest).\n\nIAM roles\n---------\n\nWith IAM, you give users permission by granting them a role. The\nfollowing tables list IAM basic and predefined roles, and the\npermissions related to Service Usage that those roles include.\n\nFor more information about roles, see\n[Understanding roles](/iam/docs/understanding-roles).\n\n### Basic roles\n\n### Predefined roles"]]