roles/dataproc.serviceAgent 📋 Copy

Title: Dataproc Service Agent

Description: Gives Dataproc Service Account access to service accounts, compute resources, storage resources, and kubernetes resources. Includes access to service accounts.

Stage: GA

395 Assigned Permissions:

• backupdr.backupPlanAssociations.createForComputeInstance
• backupdr.backupPlanAssociations.deleteForComputeInstance
• backupdr.backupPlanAssociations.list
• backupdr.backupPlanAssociations.triggerBackupForComputeInstance
• backupdr.backupPlans.get
• backupdr.backupPlans.list
• backupdr.backupPlans.useForComputeInstance
• backupdr.backupVaults.get
• backupdr.backupVaults.list
• backupdr.locations.list
• backupdr.operations.get
• backupdr.operations.list
• backupdr.serviceConfig.initialize
• compute.acceleratorTypes.get
• compute.acceleratorTypes.list
• compute.addresses.createInternal
• compute.addresses.deleteInternal
• compute.addresses.get
• compute.addresses.list
• compute.addresses.listEffectiveTags
• compute.addresses.listTagBindings
• compute.addresses.use
• compute.addresses.useInternal
• compute.autoscalers.create
• compute.autoscalers.delete
• compute.autoscalers.get
• compute.autoscalers.list
• compute.autoscalers.update
• compute.diskTypes.get
• compute.diskTypes.list
• compute.disks.create
• compute.disks.createSnapshot
• compute.disks.createTagBinding
• compute.disks.delete
• compute.disks.get
• compute.disks.list
• compute.disks.resize
• compute.disks.setLabels
• compute.disks.startAsyncReplication
• compute.disks.stopAsyncReplication
• compute.disks.stopGroupAsyncReplication
• compute.disks.update
• compute.disks.use
• compute.disks.useReadOnly
• compute.firewalls.get
• compute.firewalls.list
• compute.globalAddresses.get
• compute.globalAddresses.list
• compute.globalAddresses.listEffectiveTags
• compute.globalAddresses.listTagBindings
• compute.globalAddresses.use
• compute.globalNetworkEndpointGroups.attachNetworkEndpoints
• compute.globalNetworkEndpointGroups.create
• compute.globalNetworkEndpointGroups.createTagBinding
• compute.globalNetworkEndpointGroups.delete
• compute.globalNetworkEndpointGroups.deleteTagBinding
• compute.globalNetworkEndpointGroups.detachNetworkEndpoints
• compute.globalNetworkEndpointGroups.get
• compute.globalNetworkEndpointGroups.list
• compute.globalNetworkEndpointGroups.listEffectiveTags
• compute.globalNetworkEndpointGroups.listTagBindings
• compute.globalNetworkEndpointGroups.use
• compute.globalOperations.get
• compute.globalOperations.list
• compute.images.get
• compute.images.getFromFamily
• compute.images.list
• compute.images.useReadOnly
• compute.instanceGroupManagers.create
• compute.instanceGroupManagers.createTagBinding
• compute.instanceGroupManagers.delete
• compute.instanceGroupManagers.deleteTagBinding
• compute.instanceGroupManagers.get
• compute.instanceGroupManagers.list
• compute.instanceGroupManagers.listEffectiveTags
• compute.instanceGroupManagers.listTagBindings
• compute.instanceGroupManagers.update
• compute.instanceGroupManagers.use
• compute.instanceGroups.create
• compute.instanceGroups.createTagBinding
• compute.instanceGroups.delete
• compute.instanceGroups.deleteTagBinding
• compute.instanceGroups.get
• compute.instanceGroups.list
• compute.instanceGroups.listEffectiveTags
• compute.instanceGroups.listTagBindings
• compute.instanceGroups.update
• compute.instanceGroups.use
• compute.instanceSettings.get
• compute.instanceTemplates.create
• compute.instanceTemplates.delete
• compute.instanceTemplates.get
• compute.instanceTemplates.getIamPolicy
• compute.instanceTemplates.list
• compute.instanceTemplates.setIamPolicy
• compute.instanceTemplates.useReadOnly
• compute.instances.addAccessConfig
• compute.instances.addResourcePolicies
• compute.instances.attachDisk
• compute.instances.create
• compute.instances.createTagBinding
• compute.instances.delete
• compute.instances.deleteAccessConfig
• compute.instances.deleteTagBinding
• compute.instances.detachDisk
• compute.instances.get
• compute.instances.getEffectiveFirewalls
• compute.instances.getGuestAttributes
• compute.instances.getIamPolicy
• compute.instances.getScreenshot
• compute.instances.getSerialPortOutput
• compute.instances.getShieldedInstanceIdentity
• compute.instances.getShieldedVmIdentity
• compute.instances.list
• compute.instances.listEffectiveTags
• compute.instances.listReferrers
• compute.instances.listTagBindings
• compute.instances.osAdminLogin
• compute.instances.osLogin
• compute.instances.pscInterfaceCreate
• compute.instances.removeResourcePolicies
• compute.instances.reset
• compute.instances.resume
• compute.instances.sendDiagnosticInterrupt
• compute.instances.setDeletionProtection
• compute.instances.setDiskAutoDelete
• compute.instances.setIamPolicy
• compute.instances.setLabels
• compute.instances.setMachineResources
• compute.instances.setMachineType
• compute.instances.setMetadata
• compute.instances.setMinCpuPlatform
• compute.instances.setName
• compute.instances.setScheduling
• compute.instances.setSecurityPolicy
• compute.instances.setServiceAccount
• compute.instances.setShieldedInstanceIntegrityPolicy
• compute.instances.setShieldedVmIntegrityPolicy
• compute.instances.setTags
• compute.instances.simulateMaintenanceEvent
• compute.instances.start
• compute.instances.startWithEncryptionKey
• compute.instances.stop
• compute.instances.suspend
• compute.instances.update
• compute.instances.updateAccessConfig
• compute.instances.updateDisplayDevice
• compute.instances.updateNetworkInterface
• compute.instances.updateSecurity
• compute.instances.updateShieldedInstanceConfig
• compute.instances.updateShieldedVmConfig
• compute.instances.use
• compute.instances.useReadOnly
• compute.licenses.get
• compute.licenses.list
• compute.machineImages.create
• compute.machineImages.delete
• compute.machineImages.get
• compute.machineImages.getIamPolicy
• compute.machineImages.list
• compute.machineImages.setIamPolicy
• compute.machineImages.useReadOnly
• compute.machineTypes.get
• compute.machineTypes.list
• compute.multiMig.create
• compute.multiMig.delete
• compute.multiMig.get
• compute.multiMig.list
• compute.networkEndpointGroups.attachNetworkEndpoints
• compute.networkEndpointGroups.create
• compute.networkEndpointGroups.createTagBinding
• compute.networkEndpointGroups.delete
• compute.networkEndpointGroups.deleteTagBinding
• compute.networkEndpointGroups.detachNetworkEndpoints
• compute.networkEndpointGroups.get
• compute.networkEndpointGroups.list
• compute.networkEndpointGroups.listEffectiveTags
• compute.networkEndpointGroups.listTagBindings
• compute.networkEndpointGroups.use
• compute.networks.get
• compute.networks.getEffectiveFirewalls
• compute.networks.list
• compute.networks.listEffectiveTags
• compute.networks.listTagBindings
• compute.networks.use
• compute.networks.useExternalIp
• compute.nodeGroups.get
• compute.nodeTypes.get
• compute.projects.get
• compute.regionNetworkEndpointGroups.attachNetworkEndpoints
• compute.regionNetworkEndpointGroups.create
• compute.regionNetworkEndpointGroups.createTagBinding
• compute.regionNetworkEndpointGroups.delete
• compute.regionNetworkEndpointGroups.deleteTagBinding
• compute.regionNetworkEndpointGroups.detachNetworkEndpoints
• compute.regionNetworkEndpointGroups.get
• compute.regionNetworkEndpointGroups.list
• compute.regionNetworkEndpointGroups.listEffectiveTags
• compute.regionNetworkEndpointGroups.listTagBindings
• compute.regionNetworkEndpointGroups.use
• compute.regionOperations.get
• compute.regionOperations.list
• compute.regions.get
• compute.regions.list
• compute.reservationBlocks.get
• compute.reservationBlocks.list
• compute.reservations.get
• compute.reservations.list
• compute.resourcePolicies.list
• compute.resourcePolicies.useReadOnly
• compute.storagePools.get
• compute.storagePools.list
• compute.storagePools.use
• compute.subnetworks.get
• compute.subnetworks.list
• compute.subnetworks.listEffectiveTags
• compute.subnetworks.listTagBindings
• compute.subnetworks.setPrivateIpGoogleAccess
• compute.subnetworks.use
• compute.subnetworks.useExternalIp
• compute.targetPools.get
• compute.targetPools.list
• compute.targetPools.listEffectiveTags
• compute.targetPools.listTagBindings
• compute.zoneOperations.get
• compute.zoneOperations.list
• compute.zones.get
• compute.zones.list
• container.clusterRoleBindings.create
• container.clusterRoleBindings.delete
• container.clusterRoleBindings.get
• container.clusterRoleBindings.list
• container.clusterRoleBindings.update
• container.clusterRoles.bind
• container.clusterRoles.create
• container.clusterRoles.delete
• container.clusterRoles.escalate
• container.clusterRoles.get
• container.clusterRoles.list
• container.clusterRoles.update
• container.clusters.get
• container.clusters.update
• container.customResourceDefinitions.create
• container.customResourceDefinitions.delete
• container.customResourceDefinitions.get
• container.customResourceDefinitions.list
• container.customResourceDefinitions.update
• container.namespaces.create
• container.namespaces.delete
• container.namespaces.get
• container.namespaces.list
• container.namespaces.update
• container.operations.get
• container.roleBindings.create
• container.roleBindings.delete
• container.roleBindings.get
• container.roleBindings.list
• container.roleBindings.update
• container.roles.bind
• container.roles.escalate
• dataproc.autoscalingPolicies.create
• dataproc.autoscalingPolicies.delete
• dataproc.autoscalingPolicies.get
• dataproc.autoscalingPolicies.getIamPolicy
• dataproc.autoscalingPolicies.list
• dataproc.autoscalingPolicies.update
• dataproc.autoscalingPolicies.use
• dataproc.clusters.create
• dataproc.clusters.delete
• dataproc.clusters.get
• dataproc.clusters.getIamPolicy
• dataproc.clusters.list
• dataproc.clusters.setIamPolicy
• dataproc.clusters.start
• dataproc.clusters.stop
• dataproc.clusters.update
• dataproc.clusters.use
• dataproc.jobs.cancel
• dataproc.jobs.create
• dataproc.jobs.delete
• dataproc.jobs.get
• dataproc.jobs.getIamPolicy
• dataproc.jobs.list
• dataproc.jobs.setIamPolicy
• dataproc.jobs.update
• dataproc.nodeGroups.create
• dataproc.nodeGroups.get
• dataproc.nodeGroups.update
• dataproc.operations.cancel
• dataproc.sessionTemplates.get
• dataproc.sessions.create
• dataproc.sessions.delete
• dataproc.sessions.get
• dataproc.sessions.list
• dataproc.sessions.sparkApplicationRead
• dataproc.sessions.sparkApplicationWrite
• dataproc.sessions.terminate
• dataprocrm.nodePools.create
• dataprocrm.nodePools.delete
• dataprocrm.nodePools.deleteNodes
• dataprocrm.nodePools.get
• dataprocrm.nodePools.list
• dataprocrm.nodePools.resize
• dataprocrm.nodes.get
• dataprocrm.nodes.heartbeat
• dataprocrm.nodes.list
• dataprocrm.nodes.mintOAuthToken
• dataprocrm.nodes.update
• dataprocrm.operations.cancel
• dataprocrm.operations.get
• dataprocrm.operations.list
• dataprocrm.workloads.cancel
• dataprocrm.workloads.create
• dataprocrm.workloads.delete
• dataprocrm.workloads.get
• dataprocrm.workloads.list
• firebase.projects.get
• iam.serviceAccounts.actAs
• iam.serviceAccounts.getAccessToken
• metastore.services.get
• orgpolicy.policy.get
• recommender.iamPolicyInsights.get
• recommender.iamPolicyInsights.list
• recommender.iamPolicyInsights.update
• recommender.iamPolicyRecommendations.get
• recommender.iamPolicyRecommendations.list
• recommender.iamPolicyRecommendations.update
• recommender.storageBucketSoftDeleteInsights.get
• recommender.storageBucketSoftDeleteInsights.list
• recommender.storageBucketSoftDeleteInsights.update
• recommender.storageBucketSoftDeleteRecommendations.get
• recommender.storageBucketSoftDeleteRecommendations.list
• recommender.storageBucketSoftDeleteRecommendations.update
• resourcemanager.hierarchyNodes.listEffectiveTags
• resourcemanager.projects.get
• resourcemanager.projects.list
• servicemanagement.services.bind
• serviceusage.quotas.get
• serviceusage.services.enable
• serviceusage.services.get
• serviceusage.services.list
• serviceusage.services.use
• storage.anywhereCaches.create
• storage.anywhereCaches.disable
• storage.anywhereCaches.get
• storage.anywhereCaches.list
• storage.anywhereCaches.pause
• storage.anywhereCaches.resume
• storage.anywhereCaches.update
• storage.bucketOperations.cancel
• storage.bucketOperations.get
• storage.bucketOperations.list
• storage.buckets.create
• storage.buckets.createTagBinding
• storage.buckets.delete
• storage.buckets.deleteTagBinding
• storage.buckets.enableObjectRetention
• storage.buckets.get
• storage.buckets.getIamPolicy
• storage.buckets.getIpFilter
• storage.buckets.getObjectInsights
• storage.buckets.list
• storage.buckets.listEffectiveTags
• storage.buckets.listTagBindings
• storage.buckets.restore
• storage.buckets.setIamPolicy
• storage.buckets.setIpFilter
• storage.buckets.update
• storage.folders.create
• storage.folders.delete
• storage.folders.get
• storage.folders.list
• storage.folders.rename
• storage.managedFolders.create
• storage.managedFolders.delete
• storage.managedFolders.get
• storage.managedFolders.getIamPolicy
• storage.managedFolders.list
• storage.managedFolders.setIamPolicy
• storage.managementHubs.get
• storage.managementHubs.update
• storage.multipartUploads.abort
• storage.multipartUploads.create
• storage.multipartUploads.list
• storage.multipartUploads.listParts
• storage.objects.create
• storage.objects.delete
• storage.objects.get
• storage.objects.getIamPolicy
• storage.objects.list
• storage.objects.overrideUnlockedRetention
• storage.objects.restore
• storage.objects.setIamPolicy
• storage.objects.setRetention
• storage.objects.update