roles/anthosservicemesh.serviceAgent 📋 Copy

Title: Anthos Service Mesh Service Agent

Description: Gives the Anthos Service Mesh service agent access to Cloud Platform resources.

Stage: GA

220 Assigned Permissions:

• compute.backendServices.create
• compute.backendServices.delete
• compute.backendServices.get
• compute.backendServices.list
• compute.backendServices.update
• compute.backendServices.use
• compute.firewalls.create
• compute.firewalls.delete
• compute.firewalls.get
• compute.firewalls.update
• compute.globalNetworkEndpointGroups.attachNetworkEndpoints
• compute.globalNetworkEndpointGroups.create
• compute.globalNetworkEndpointGroups.delete
• compute.globalNetworkEndpointGroups.detachNetworkEndpoints
• compute.globalNetworkEndpointGroups.get
• compute.globalNetworkEndpointGroups.list
• compute.globalNetworkEndpointGroups.use
• compute.globalOperations.get
• compute.healthChecks.create
• compute.healthChecks.delete
• compute.healthChecks.get
• compute.healthChecks.list
• compute.healthChecks.update
• compute.healthChecks.use
• compute.healthChecks.useReadOnly
• compute.instances.use
• compute.networkEndpointGroups.attachNetworkEndpoints
• compute.networkEndpointGroups.create
• compute.networkEndpointGroups.delete
• compute.networkEndpointGroups.detachNetworkEndpoints
• compute.networkEndpointGroups.get
• compute.networkEndpointGroups.list
• compute.networkEndpointGroups.use
• compute.networks.updatePolicy
• compute.regionNetworkEndpointGroups.attachNetworkEndpoints
• compute.regionNetworkEndpointGroups.create
• compute.regionNetworkEndpointGroups.delete
• compute.regionNetworkEndpointGroups.detachNetworkEndpoints
• compute.regionNetworkEndpointGroups.get
• compute.regionNetworkEndpointGroups.list
• compute.regionNetworkEndpointGroups.use
• compute.regions.list
• compute.zones.list
• container.backendConfigs.create
• container.backendConfigs.delete
• container.backendConfigs.get
• container.backendConfigs.list
• container.backendConfigs.update
• container.clusterRoleBindings.create
• container.clusterRoleBindings.delete
• container.clusterRoleBindings.get
• container.clusterRoleBindings.list
• container.clusterRoleBindings.update
• container.clusterRoles.bind
• container.clusterRoles.create
• container.clusterRoles.delete
• container.clusterRoles.escalate
• container.clusterRoles.get
• container.clusterRoles.list
• container.clusterRoles.update
• container.clusters.get
• container.clusters.update
• container.configMaps.create
• container.configMaps.delete
• container.configMaps.get
• container.configMaps.list
• container.configMaps.update
• container.customResourceDefinitions.create
• container.customResourceDefinitions.get
• container.customResourceDefinitions.list
• container.customResourceDefinitions.update
• container.daemonSets.create
• container.daemonSets.delete
• container.daemonSets.get
• container.daemonSets.getStatus
• container.daemonSets.list
• container.daemonSets.update
• container.deployments.get
• container.deployments.list
• container.events.get
• container.events.list
• container.jobs.create
• container.jobs.delete
• container.jobs.get
• container.jobs.list
• container.jobs.update
• container.mutatingWebhookConfigurations.create
• container.mutatingWebhookConfigurations.get
• container.mutatingWebhookConfigurations.list
• container.mutatingWebhookConfigurations.update
• container.namespaces.create
• container.namespaces.get
• container.namespaces.list
• container.operations.get
• container.pods.get
• container.pods.list
• container.secrets.create
• container.secrets.delete
• container.secrets.get
• container.secrets.list
• container.secrets.update
• container.serviceAccounts.create
• container.serviceAccounts.delete
• container.serviceAccounts.get
• container.serviceAccounts.list
• container.serviceAccounts.update
• container.services.get
• container.services.list
• container.thirdPartyObjects.create
• container.thirdPartyObjects.get
• container.thirdPartyObjects.list
• container.thirdPartyObjects.update
• container.validatingWebhookConfigurations.create
• container.validatingWebhookConfigurations.delete
• container.validatingWebhookConfigurations.get
• container.validatingWebhookConfigurations.list
• container.validatingWebhookConfigurations.update
• gkehub.features.get
• gkehub.gateway.delete
• gkehub.gateway.generateCredentials
• gkehub.gateway.get
• gkehub.gateway.patch
• gkehub.gateway.post
• gkehub.gateway.put
• gkehub.locations.get
• gkehub.locations.list
• gkehub.memberships.get
• gkehub.memberships.list
• logging.logEntries.create
• meshconfig.projects.init
• monitoring.metricDescriptors.create
• monitoring.metricDescriptors.get
• monitoring.metricDescriptors.list
• monitoring.monitoredResourceDescriptors.get
• monitoring.monitoredResourceDescriptors.list
• monitoring.timeSeries.create
• networksecurity.authorizationPolicies.create
• networksecurity.authorizationPolicies.delete
• networksecurity.authorizationPolicies.get
• networksecurity.authorizationPolicies.list
• networksecurity.authorizationPolicies.update
• networksecurity.authorizationPolicies.use
• networksecurity.clientTlsPolicies.create
• networksecurity.clientTlsPolicies.delete
• networksecurity.clientTlsPolicies.get
• networksecurity.clientTlsPolicies.list
• networksecurity.clientTlsPolicies.update
• networksecurity.clientTlsPolicies.use
• networksecurity.operations.cancel
• networksecurity.operations.delete
• networksecurity.operations.get
• networksecurity.operations.list
• networksecurity.serverTlsPolicies.create
• networksecurity.serverTlsPolicies.delete
• networksecurity.serverTlsPolicies.get
• networksecurity.serverTlsPolicies.list
• networksecurity.serverTlsPolicies.update
• networksecurity.serverTlsPolicies.use
• networkservices.endpointPolicies.create
• networkservices.endpointPolicies.delete
• networkservices.endpointPolicies.get
• networkservices.endpointPolicies.list
• networkservices.endpointPolicies.update
• networkservices.gateways.create
• networkservices.gateways.delete
• networkservices.gateways.get
• networkservices.gateways.list
• networkservices.gateways.update
• networkservices.gateways.use
• networkservices.grpcRoutes.create
• networkservices.grpcRoutes.delete
• networkservices.grpcRoutes.get
• networkservices.grpcRoutes.list
• networkservices.grpcRoutes.update
• networkservices.httpFilters.create
• networkservices.httpFilters.delete
• networkservices.httpFilters.get
• networkservices.httpFilters.list
• networkservices.httpFilters.update
• networkservices.httpRoutes.create
• networkservices.httpRoutes.delete
• networkservices.httpRoutes.get
• networkservices.httpRoutes.list
• networkservices.httpRoutes.update
• networkservices.meshes.create
• networkservices.meshes.delete
• networkservices.meshes.get
• networkservices.meshes.list
• networkservices.meshes.update
• networkservices.meshes.use
• networkservices.operations.cancel
• networkservices.operations.delete
• networkservices.operations.get
• networkservices.operations.list
• networkservices.serviceLbPolicies.create
• networkservices.serviceLbPolicies.delete
• networkservices.serviceLbPolicies.get
• networkservices.serviceLbPolicies.list
• networkservices.serviceLbPolicies.update
• networkservices.tcpRoutes.create
• networkservices.tcpRoutes.delete
• networkservices.tcpRoutes.get
• networkservices.tcpRoutes.list
• networkservices.tcpRoutes.update
• networkservices.tlsRoutes.create
• networkservices.tlsRoutes.delete
• networkservices.tlsRoutes.get
• networkservices.tlsRoutes.list
• networkservices.tlsRoutes.update
• serviceusage.services.get
• serviceusage.services.use
• trafficdirector.networks.getConfigs
• trafficdirector.networks.reportMetrics
• workloadcertificate.locations.get
• workloadcertificate.locations.list
• workloadcertificate.operations.get
• workloadcertificate.workloadCertificateFeature.get
• workloadcertificate.workloadRegistrations.create
• workloadcertificate.workloadRegistrations.get
• workloadcertificate.workloadRegistrations.list