AlloyDB for PostgreSQL roles and permissions

`alloydb.backups.create`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.backups.createTagBinding`

Owner (roles/owner)

AlloyDB Admin (roles/alloydb.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Databases Admin (roles/iam.databasesAdmin)

Tag User (roles/resourcemanager.tagUser)

`alloydb.backups.delete`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.backups.deleteTagBinding`

Owner (roles/owner)

AlloyDB Admin (roles/alloydb.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Databases Admin (roles/iam.databasesAdmin)

Tag User (roles/resourcemanager.tagUser)

`alloydb.backups.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

`alloydb.backups.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

`alloydb.backups.listEffectiveTags`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

`alloydb.backups.listTagBindings`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

`alloydb.backups.update`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.clusters.create`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.clusters.createTagBinding`

Owner (roles/owner)

AlloyDB Admin (roles/alloydb.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Databases Admin (roles/iam.databasesAdmin)

Tag User (roles/resourcemanager.tagUser)

`alloydb.clusters.delete`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.clusters.deleteTagBinding`

Owner (roles/owner)

AlloyDB Admin (roles/alloydb.admin)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Databases Admin (roles/iam.databasesAdmin)

Tag User (roles/resourcemanager.tagUser)

`alloydb.clusters.export`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

Service agent roles

Discovery Engine Service Agent (roles/discoveryengine.serviceAgent)

`alloydb.clusters.generateClientCertificate`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Client (roles/alloydb.client)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.clusters.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Client (roles/alloydb.client)

AlloyDB Database User (roles/alloydb.databaseUser)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.clusters.import`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.clusters.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)
AlloyDB Service Agent (roles/alloydb.serviceAgent)

`alloydb.clusters.listEffectiveTags`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

`alloydb.clusters.listTagBindings`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

`alloydb.clusters.promote`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.clusters.switchover`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.clusters.update`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.clusters.upgrade`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.databases.create`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.databases.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

`alloydb.databases.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

Discovery Engine Service Agent (roles/discoveryengine.serviceAgent)

`alloydb.instances.connect`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Client (roles/alloydb.client)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.instances.create`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.instances.delete`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.instances.executeSql`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Database User (roles/alloydb.databaseUser)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.instances.failover`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.instances.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Client (roles/alloydb.client)

AlloyDB Database User (roles/alloydb.databaseUser)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

Service agent roles

Discovery Engine Service Agent (roles/discoveryengine.serviceAgent)
Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.instances.injectFault`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.instances.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.instances.restart`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.instances.update`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.locations.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

`alloydb.locations.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

`alloydb.operations.cancel`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.operations.delete`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.operations.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

Backup and DR AlloyDB Operator (roles/backupdr.alloydbOperator)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)
Discovery Engine Service Agent (roles/discoveryengine.serviceAgent)
Backup and DR Service Agent (roles/backupdr.serviceAgent)

`alloydb.operations.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.supportedDatabaseFlags.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

`alloydb.supportedDatabaseFlags.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

`alloydb.users.create`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.users.delete`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)

`alloydb.users.get`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

`alloydb.users.list`

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Viewer (roles/alloydb.viewer)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

`alloydb.users.login`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

AlloyDB Database User (roles/alloydb.databaseUser)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

Database Migration Service Agent (roles/datamigration.serviceAgent)

`alloydb.users.update`

Owner (roles/owner)

Editor (roles/editor)

AlloyDB Admin (roles/alloydb.admin)

Databases Admin (roles/iam.databasesAdmin)