Create IAM allow policies
Archived: 2026-04-05 17:22:03 UTC
autoscaling.sites.readRecommendations
autoscaling.sites.writeMetrics
autoscaling.sites.writeState
backupdr.backupPlanAssociations.createForComputeDisk
backupdr.backupPlanAssociations.createForComputeInstance
backupdr.backupPlanAssociations.createForFilestoreInstance
backupdr.backupPlanAssociations.deleteForComputeDisk
backupdr.backupPlanAssociations.deleteForComputeInstance
backupdr.backupPlanAssociations.deleteForFilestoreInstance
backupdr.backupPlanAssociations.fetchForComputeDisk
backupdr.backupPlanAssociations.fetchForFilestoreInstance
backupdr.backupPlanAssociations.getForComputeDisk
backupdr.backupPlanAssociations.getForFilestoreInstance
backupdr.backupPlanAssociations.list
backupdr.backupPlanAssociations.triggerBackupForComputeDisk
backupdr.backupPlanAssociations.triggerBackupForComputeInstance
backupdr.backupPlanAssociations.triggerBackupForFilestoreInstance
backupdr.backupPlanAssociations.updateForComputeDisk
backupdr.backupPlanAssociations.updateForComputeInstance
backupdr.backupPlanAssociations.updateForFilestoreInstance
backupdr.backupPlans.get
backupdr.backupPlans.list
backupdr.backupPlans.useForComputeDisk
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 1 of 57

backupdr.backupPlans.useForComputeInstance
backupdr.backupPlans.useForFilestoreInstance
backupdr.backupVaults.get
backupdr.backupVaults.list
backupdr.bvbackups.useReadOnlyForFilestoreInstance
backupdr.dataSourceReferences.fetchForFilestoreInstance
backupdr.dataSourceReferences.getForFilestoreInstance
backupdr.locations.list
backupdr.operations.get
backupdr.operations.list
backupdr.serviceConfig.initialize
bigquery.datasets.create
bigquery.datasets.get
bigquery.tables.create
bigquery.tables.get
bigquery.tables.update
bigquery.tables.updateData
binaryauthorization.policy.evaluatePolicy
certificatemanager.certissuanceconfigs.create
certificatemanager.certissuanceconfigs.delete
certificatemanager.certissuanceconfigs.get
certificatemanager.certissuanceconfigs.list
certificatemanager.certissuanceconfigs.listEffectiveTags
certificatemanager.certissuanceconfigs.listTagBindings
certificatemanager.certissuanceconfigs.update
certificatemanager.certissuanceconfigs.use
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 2 of 57

certificatemanager.certmapentries.create
certificatemanager.certmapentries.delete
certificatemanager.certmapentries.get
certificatemanager.certmapentries.list
certificatemanager.certmapentries.listEffectiveTags
certificatemanager.certmapentries.listTagBindings
certificatemanager.certmapentries.update
certificatemanager.certmaps.create
certificatemanager.certmaps.delete
certificatemanager.certmaps.get
certificatemanager.certmaps.list
certificatemanager.certmaps.listEffectiveTags
certificatemanager.certmaps.listTagBindings
certificatemanager.certmaps.update
certificatemanager.certmaps.use
certificatemanager.certs.create
certificatemanager.certs.delete
certificatemanager.certs.get
certificatemanager.certs.list
certificatemanager.certs.listEffectiveTags
certificatemanager.certs.listTagBindings
certificatemanager.certs.update
certificatemanager.certs.use
certificatemanager.dnsauthorizations.create
certificatemanager.dnsauthorizations.delete
certificatemanager.dnsauthorizations.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 3 of 57

certificatemanager.dnsauthorizations.list
certificatemanager.dnsauthorizations.listEffectiveTags
certificatemanager.dnsauthorizations.listTagBindings
certificatemanager.dnsauthorizations.update
certificatemanager.dnsauthorizations.use
certificatemanager.trustconfigs.create
certificatemanager.trustconfigs.delete
certificatemanager.trustconfigs.get
certificatemanager.trustconfigs.list
certificatemanager.trustconfigs.listEffectiveTags
certificatemanager.trustconfigs.listTagBindings
certificatemanager.trustconfigs.update
certificatemanager.trustconfigs.use
compute.acceleratorTypes.*
compute.acceleratorTypes.get
compute.acceleratorTypes.list
compute.addresses.*
compute.addresses.create
compute.addresses.createInternal
compute.addresses.createTagBinding
compute.addresses.delete
compute.addresses.deleteInternal
compute.addresses.deleteTagBinding
compute.addresses.get
compute.addresses.list
compute.addresses.listEffectiveTags
compute.addresses.listTagBindings
compute.addresses.setLabels
compute.addresses.use
compute.addresses.useInternal
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 4 of 57

compute.autoscalers.*
compute.autoscalers.create
compute.autoscalers.delete
compute.autoscalers.get
compute.autoscalers.list
compute.autoscalers.update
compute.backendBuckets.*
compute.backendBuckets.addSignedUrlKey
compute.backendBuckets.create
compute.backendBuckets.createTagBinding
compute.backendBuckets.delete
compute.backendBuckets.deleteSignedUrlKey
compute.backendBuckets.deleteTagBinding
compute.backendBuckets.get
compute.backendBuckets.getIamPolicy
compute.backendBuckets.list
compute.backendBuckets.listEffectiveTags
compute.backendBuckets.listTagBindings
compute.backendBuckets.setIamPolicy
compute.backendBuckets.setSecurityPolicy
compute.backendBuckets.update
compute.backendBuckets.use
compute.backendServices.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 5 of 57

compute.backendServices.addSignedUrlKey
compute.backendServices.create
compute.backendServices.createTagBinding
compute.backendServices.delete
compute.backendServices.deleteSignedUrlKey
compute.backendServices.deleteTagBinding
compute.backendServices.get
compute.backendServices.getIamPolicy
compute.backendServices.list
compute.backendServices.listEffectiveTags
compute.backendServices.listTagBindings
compute.backendServices.setIamPolicy
compute.backendServices.setSecurityPolicy
compute.backendServices.update
compute.backendServices.use
compute.crossSiteNetworks.*
compute.crossSiteNetworks.create
compute.crossSiteNetworks.delete
compute.crossSiteNetworks.get
compute.crossSiteNetworks.list
compute.crossSiteNetworks.update
compute.diskSettings.*
compute.diskSettings.get
compute.diskSettings.update
compute.diskTypes.*
compute.diskTypes.get
compute.diskTypes.list
compute.disks.*
compute.disks.addResourcePolicies
compute.disks.create
compute.disks.createSnapshot
compute.disks.createTagBinding
compute.disks.delete
compute.disks.deleteTagBinding
compute.disks.get
compute.disks.getIamPolicy
compute.disks.list
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 6 of 57

compute.disks.listEffectiveTags
compute.disks.listTagBindings
compute.disks.removeResourcePolicies
compute.disks.resize
compute.disks.setIamPolicy
compute.disks.setLabels
compute.disks.startAsyncReplication
compute.disks.stopAsyncReplication
compute.disks.stopGroupAsyncReplication
compute.disks.update
compute.disks.updateKmsKey
compute.disks.use
compute.disks.useReadOnly
compute.externalVpnGateways.*
compute.externalVpnGateways.create
compute.externalVpnGateways.createTagBinding
compute.externalVpnGateways.delete
compute.externalVpnGateways.deleteTagBinding
compute.externalVpnGateways.get
compute.externalVpnGateways.list
compute.externalVpnGateways.listEffectiveTags
compute.externalVpnGateways.listTagBindings
compute.externalVpnGateways.setLabels
compute.externalVpnGateways.use
compute.firewallPolicies.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 7 of 57

compute.firewallPolicies.cloneRules
compute.firewallPolicies.copyRules
compute.firewallPolicies.create
compute.firewallPolicies.createTagBinding
compute.firewallPolicies.delete
compute.firewallPolicies.deleteTagBinding
compute.firewallPolicies.get
compute.firewallPolicies.getIamPolicy
compute.firewallPolicies.list
compute.firewallPolicies.listEffectiveTags
compute.firewallPolicies.listTagBindings
compute.firewallPolicies.move
compute.firewallPolicies.setIamPolicy
compute.firewallPolicies.update
compute.firewallPolicies.use
compute.firewalls.*
compute.firewalls.create
compute.firewalls.createTagBinding
compute.firewalls.delete
compute.firewalls.deleteTagBinding
compute.firewalls.get
compute.firewalls.list
compute.firewalls.listEffectiveTags
compute.firewalls.listTagBindings
compute.firewalls.update
compute.forwardingRules.*
compute.forwardingRules.create
compute.forwardingRules.createTagBinding
compute.forwardingRules.delete
compute.forwardingRules.deleteTagBinding
compute.forwardingRules.get
compute.forwardingRules.list
compute.forwardingRules.listEffectiveTags
compute.forwardingRules.listTagBindings
compute.forwardingRules.pscCreate
compute.forwardingRules.pscDelete
compute.forwardingRules.pscSetLabels
compute.forwardingRules.pscUpdate
compute.forwardingRules.setLabels
compute.forwardingRules.setTarget
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 8 of 57

compute.forwardingRules.update
compute.forwardingRules.use
compute.futureReservations.list
compute.globalAddresses.*
compute.globalAddresses.create
compute.globalAddresses.createInternal
compute.globalAddresses.createTagBinding
compute.globalAddresses.delete
compute.globalAddresses.deleteInternal
compute.globalAddresses.deleteTagBinding
compute.globalAddresses.get
compute.globalAddresses.list
compute.globalAddresses.listEffectiveTags
compute.globalAddresses.listTagBindings
compute.globalAddresses.setLabels
compute.globalAddresses.use
compute.globalForwardingRules.*
compute.globalForwardingRules.create
compute.globalForwardingRules.createTagBinding
compute.globalForwardingRules.delete
compute.globalForwardingRules.deleteTagBinding
compute.globalForwardingRules.get
compute.globalForwardingRules.list
compute.globalForwardingRules.listEffectiveTags
compute.globalForwardingRules.listTagBindings
compute.globalForwardingRules.pscCreate
compute.globalForwardingRules.pscDelete
compute.globalForwardingRules.pscSetLabels
compute.globalForwardingRules.pscUpdate
compute.globalForwardingRules.setLabels
compute.globalForwardingRules.setTarget
compute.globalForwardingRules.update
compute.globalNetworkEndpointGroups.*
compute.globalNetworkEndpointGroups.attachNetworkEndpoints
compute.globalNetworkEndpointGroups.create
compute.globalNetworkEndpointGroups.createTagBinding
compute.globalNetworkEndpointGroups.delete
compute.globalNetworkEndpointGroups.deleteTagBinding
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 9 of 57

compute.globalNetworkEndpointGroups.detachNetworkEndpoints
compute.globalNetworkEndpointGroups.get
compute.globalNetworkEndpointGroups.list
compute.globalNetworkEndpointGroups.listEffectiveTags
compute.globalNetworkEndpointGroups.listTagBindings
compute.globalNetworkEndpointGroups.use
compute.globalOperations.get
compute.globalOperations.list
compute.globalPublicDelegatedPrefixes.delete
compute.globalPublicDelegatedPrefixes.get
compute.globalPublicDelegatedPrefixes.list
compute.globalPublicDelegatedPrefixes.updatePolicy
compute.healthChecks.*
compute.healthChecks.create
compute.healthChecks.createTagBinding
compute.healthChecks.delete
compute.healthChecks.deleteTagBinding
compute.healthChecks.get
compute.healthChecks.list
compute.healthChecks.listEffectiveTags
compute.healthChecks.listTagBindings
compute.healthChecks.update
compute.healthChecks.use
compute.healthChecks.useReadOnly
compute.httpHealthChecks.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 10 of 57

compute.httpHealthChecks.create
compute.httpHealthChecks.createTagBinding
compute.httpHealthChecks.delete
compute.httpHealthChecks.deleteTagBinding
compute.httpHealthChecks.get
compute.httpHealthChecks.list
compute.httpHealthChecks.listEffectiveTags
compute.httpHealthChecks.listTagBindings
compute.httpHealthChecks.update
compute.httpHealthChecks.use
compute.httpHealthChecks.useReadOnly
compute.httpsHealthChecks.*
compute.httpsHealthChecks.create
compute.httpsHealthChecks.createTagBinding
compute.httpsHealthChecks.delete
compute.httpsHealthChecks.deleteTagBinding
compute.httpsHealthChecks.get
compute.httpsHealthChecks.list
compute.httpsHealthChecks.listEffectiveTags
compute.httpsHealthChecks.listTagBindings
compute.httpsHealthChecks.update
compute.httpsHealthChecks.use
compute.httpsHealthChecks.useReadOnly
compute.images.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 11 of 57

compute.images.create
compute.images.createTagBinding
compute.images.delete
compute.images.deleteTagBinding
compute.images.deprecate
compute.images.get
compute.images.getFromFamily
compute.images.getIamPolicy
compute.images.list
compute.images.listEffectiveTags
compute.images.listTagBindings
compute.images.setIamPolicy
compute.images.setLabels
compute.images.update
compute.images.useReadOnly
compute.instanceGroupManagers.*
compute.instanceGroupManagers.create
compute.instanceGroupManagers.createTagBinding
compute.instanceGroupManagers.delete
compute.instanceGroupManagers.deleteTagBinding
compute.instanceGroupManagers.get
compute.instanceGroupManagers.list
compute.instanceGroupManagers.listEffectiveTags
compute.instanceGroupManagers.listTagBindings
compute.instanceGroupManagers.update
compute.instanceGroupManagers.use
compute.instanceGroups.*
compute.instanceGroups.create
compute.instanceGroups.createTagBinding
compute.instanceGroups.delete
compute.instanceGroups.deleteTagBinding
compute.instanceGroups.get
compute.instanceGroups.list
compute.instanceGroups.listEffectiveTags
compute.instanceGroups.listTagBindings
compute.instanceGroups.update
compute.instanceGroups.use
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 12 of 57

compute.instanceSettings.*
compute.instanceSettings.get
compute.instanceSettings.update
compute.instanceTemplates.*
compute.instanceTemplates.create
compute.instanceTemplates.delete
compute.instanceTemplates.get
compute.instanceTemplates.getIamPolicy
compute.instanceTemplates.list
compute.instanceTemplates.setIamPolicy
compute.instanceTemplates.useReadOnly
compute.instances.*
compute.instances.addAccessConfig
compute.instances.addNetworkInterface
compute.instances.addResourcePolicies
compute.instances.attachDisk
compute.instances.create
compute.instances.createTagBinding
compute.instances.delete
compute.instances.deleteAccessConfig
compute.instances.deleteNetworkInterface
compute.instances.deleteTagBinding
compute.instances.detachDisk
compute.instances.get
compute.instances.getEffectiveFirewalls
compute.instances.getGuestAttributes
compute.instances.getIamPolicy
compute.instances.getScreenshot
compute.instances.getSerialPortOutput
compute.instances.getShieldedInstanceIdentity
compute.instances.getShieldedVmIdentity
compute.instances.list
compute.instances.listEffectiveTags
compute.instances.listReferrers
compute.instances.listTagBindings
compute.instances.osAdminLogin
compute.instances.osLogin
compute.instances.pscInterfaceCreate
compute.instances.removeResourcePolicies
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 13 of 57

compute.instances.reset
compute.instances.resume
compute.instances.sendDiagnosticInterrupt
compute.instances.setDeletionProtection
compute.instances.setDiskAutoDelete
compute.instances.setIamPolicy
compute.instances.setLabels
compute.instances.setMachineResources
compute.instances.setMachineType
compute.instances.setMetadata
compute.instances.setMinCpuPlatform
compute.instances.setName
compute.instances.setScheduling
compute.instances.setSecurityPolicy
compute.instances.setServiceAccount
compute.instances.setShieldedInstanceIntegrityPolicy
compute.instances.setShieldedVmIntegrityPolicy
compute.instances.setTags
compute.instances.simulateMaintenanceEvent
compute.instances.start
compute.instances.startWithEncryptionKey
compute.instances.stop
compute.instances.suspend
compute.instances.update
compute.instances.updateAccessConfig
compute.instances.updateDisplayDevice
compute.instances.updateNetworkInterface
compute.instances.updateSecurity
compute.instances.updateShieldedInstanceConfig
compute.instances.updateShieldedVmConfig
compute.instances.use
compute.instances.useReadOnly
compute.instantSnapshotGroups.*
compute.instantSnapshotGroups.create
compute.instantSnapshotGroups.delete
compute.instantSnapshotGroups.get
compute.instantSnapshotGroups.getIamPolicy
compute.instantSnapshotGroups.list
compute.instantSnapshotGroups.setIamPolicy
compute.instantSnapshotGroups.useReadOnly
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 14 of 57

compute.instantSnapshots.create
compute.instantSnapshots.delete
compute.instantSnapshots.export
compute.instantSnapshots.get
compute.instantSnapshots.getIamPolicy
compute.instantSnapshots.list
compute.instantSnapshots.listEffectiveTags
compute.instantSnapshots.listTagBindings
compute.instantSnapshots.setIamPolicy
compute.instantSnapshots.setLabels
compute.instantSnapshots.useReadOnly
compute.interconnectAttachmentGroups.*
compute.interconnectAttachmentGroups.create
compute.interconnectAttachmentGroups.delete
compute.interconnectAttachmentGroups.get
compute.interconnectAttachmentGroups.list
compute.interconnectAttachmentGroups.patch
compute.interconnectAttachments.*
compute.interconnectAttachments.create
compute.interconnectAttachments.createTagBinding
compute.interconnectAttachments.delete
compute.interconnectAttachments.deleteTagBinding
compute.interconnectAttachments.get
compute.interconnectAttachments.list
compute.interconnectAttachments.listEffectiveTags
compute.interconnectAttachments.listTagBindings
compute.interconnectAttachments.setLabels
compute.interconnectAttachments.update
compute.interconnectAttachments.use
compute.interconnectGroups.*
compute.interconnectGroups.create
compute.interconnectGroups.delete
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 15 of 57

compute.interconnectGroups.get
compute.interconnectGroups.list
compute.interconnectGroups.patch
compute.interconnectLocations.*
compute.interconnectLocations.get
compute.interconnectLocations.list
compute.interconnectRemoteLocations.*
compute.interconnectRemoteLocations.get
compute.interconnectRemoteLocations.list
compute.interconnects.*
compute.interconnects.create
compute.interconnects.createTagBinding
compute.interconnects.delete
compute.interconnects.deleteTagBinding
compute.interconnects.get
compute.interconnects.getMacsecConfig
compute.interconnects.list
compute.interconnects.listEffectiveTags
compute.interconnects.listTagBindings
compute.interconnects.setLabels
compute.interconnects.update
compute.interconnects.use
compute.licenseCodes.*
compute.licenseCodes.get
compute.licenseCodes.getIamPolicy
compute.licenseCodes.list
compute.licenseCodes.setIamPolicy
compute.licenses.create
compute.licenses.delete
compute.licenses.get
compute.licenses.getIamPolicy
compute.licenses.list
compute.licenses.listEffectiveTags
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 16 of 57

compute.licenses.listTagBindings
compute.licenses.setIamPolicy
compute.licenses.update
compute.machineImages.create
compute.machineImages.delete
compute.machineImages.get
compute.machineImages.getIamPolicy
compute.machineImages.list
compute.machineImages.listEffectiveTags
compute.machineImages.listTagBindings
compute.machineImages.setIamPolicy
compute.machineImages.setLabels
compute.machineImages.useReadOnly
compute.machineTypes.*
compute.machineTypes.get
compute.machineTypes.list
compute.multiMig.*
compute.multiMig.create
compute.multiMig.delete
compute.multiMig.get
compute.multiMig.list
compute.multiMigMembers.*
compute.multiMigMembers.get
compute.multiMigMembers.list
compute.networkAttachments.*
compute.networkAttachments.create
compute.networkAttachments.createTagBinding
compute.networkAttachments.delete
compute.networkAttachments.deleteTagBinding
compute.networkAttachments.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 17 of 57

compute.networkAttachments.getIamPolicy
compute.networkAttachments.list
compute.networkAttachments.listEffectiveTags
compute.networkAttachments.listTagBindings
compute.networkAttachments.setIamPolicy
compute.networkAttachments.update
compute.networkAttachments.use
compute.networkEndpointGroups.*
compute.networkEndpointGroups.attachNetworkEndpoints
compute.networkEndpointGroups.create
compute.networkEndpointGroups.createTagBinding
compute.networkEndpointGroups.delete
compute.networkEndpointGroups.deleteTagBinding
compute.networkEndpointGroups.detachNetworkEndpoints
compute.networkEndpointGroups.get
compute.networkEndpointGroups.list
compute.networkEndpointGroups.listEffectiveTags
compute.networkEndpointGroups.listTagBindings
compute.networkEndpointGroups.use
compute.networkProfiles.*
compute.networkProfiles.get
compute.networkProfiles.list
compute.networks.*
compute.networks.access
compute.networks.addPeering
compute.networks.create
compute.networks.createTagBinding
compute.networks.delete
compute.networks.deleteTagBinding
compute.networks.get
compute.networks.getEffectiveFirewalls
compute.networks.getRegionEffectiveFirewalls
compute.networks.list
compute.networks.listEffectiveTags
compute.networks.listPeeringRoutes
compute.networks.listTagBindings
compute.networks.mirror
compute.networks.removePeering
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 18 of 57

compute.networks.setFirewallPolicy
compute.networks.setNetworkPolicy
compute.networks.switchToCustomMode
compute.networks.update
compute.networks.updatePeering
compute.networks.updatePolicy
compute.networks.use
compute.networks.useExternalIp
compute.nodeGroups.get
compute.packetMirrorings.*
compute.packetMirrorings.create
compute.packetMirrorings.createTagBinding
compute.packetMirrorings.delete
compute.packetMirrorings.deleteTagBinding
compute.packetMirrorings.get
compute.packetMirrorings.list
compute.packetMirrorings.listEffectiveTags
compute.packetMirrorings.listTagBindings
compute.packetMirrorings.update
compute.projects.get
compute.projects.setCommonInstanceMetadata
compute.publicDelegatedPrefixes.delete
compute.publicDelegatedPrefixes.get
compute.publicDelegatedPrefixes.list
compute.publicDelegatedPrefixes.listEffectiveTags
compute.publicDelegatedPrefixes.listTagBindings
compute.publicDelegatedPrefixes.update
compute.publicDelegatedPrefixes.updatePolicy
compute.regionBackendBuckets.*
compute.regionBackendBuckets.create
compute.regionBackendBuckets.createTagBinding
compute.regionBackendBuckets.delete
compute.regionBackendBuckets.deleteTagBinding
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 19 of 57

compute.regionBackendBuckets.get
compute.regionBackendBuckets.getIamPolicy
compute.regionBackendBuckets.list
compute.regionBackendBuckets.listEffectiveTags
compute.regionBackendBuckets.listTagBindings
compute.regionBackendBuckets.setIamPolicy
compute.regionBackendBuckets.update
compute.regionBackendBuckets.use
compute.regionBackendServices.*
compute.regionBackendServices.create
compute.regionBackendServices.createTagBinding
compute.regionBackendServices.delete
compute.regionBackendServices.deleteTagBinding
compute.regionBackendServices.get
compute.regionBackendServices.getIamPolicy
compute.regionBackendServices.list
compute.regionBackendServices.listEffectiveTags
compute.regionBackendServices.listTagBindings
compute.regionBackendServices.setIamPolicy
compute.regionBackendServices.setSecurityPolicy
compute.regionBackendServices.update
compute.regionBackendServices.use
compute.regionCompositeHealthChecks.*
compute.regionCompositeHealthChecks.create
compute.regionCompositeHealthChecks.delete
compute.regionCompositeHealthChecks.get
compute.regionCompositeHealthChecks.list
compute.regionCompositeHealthChecks.update
compute.regionFirewallPolicies.*
compute.regionFirewallPolicies.cloneRules
compute.regionFirewallPolicies.create
compute.regionFirewallPolicies.createTagBinding
compute.regionFirewallPolicies.delete
compute.regionFirewallPolicies.deleteTagBinding
compute.regionFirewallPolicies.get
compute.regionFirewallPolicies.getIamPolicy
compute.regionFirewallPolicies.list
compute.regionFirewallPolicies.listEffectiveTags
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 20 of 57

compute.regionFirewallPolicies.listTagBindings
compute.regionFirewallPolicies.setIamPolicy
compute.regionFirewallPolicies.update
compute.regionFirewallPolicies.use
compute.regionHealthAggregationPolicies.*
compute.regionHealthAggregationPolicies.create
compute.regionHealthAggregationPolicies.delete
compute.regionHealthAggregationPolicies.get
compute.regionHealthAggregationPolicies.list
compute.regionHealthAggregationPolicies.update
compute.regionHealthCheckServices.*
compute.regionHealthCheckServices.create
compute.regionHealthCheckServices.delete
compute.regionHealthCheckServices.get
compute.regionHealthCheckServices.list
compute.regionHealthCheckServices.update
compute.regionHealthCheckServices.use
compute.regionHealthChecks.*
compute.regionHealthChecks.create
compute.regionHealthChecks.createTagBinding
compute.regionHealthChecks.delete
compute.regionHealthChecks.deleteTagBinding
compute.regionHealthChecks.get
compute.regionHealthChecks.list
compute.regionHealthChecks.listEffectiveTags
compute.regionHealthChecks.listTagBindings
compute.regionHealthChecks.update
compute.regionHealthChecks.use
compute.regionHealthChecks.useReadOnly
compute.regionHealthSources.*
compute.regionHealthSources.create
compute.regionHealthSources.delete
compute.regionHealthSources.get
compute.regionHealthSources.list
compute.regionHealthSources.update
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 21 of 57

compute.regionNetworkEndpointGroups.*
compute.regionNetworkEndpointGroups.attachNetworkEndpoints
compute.regionNetworkEndpointGroups.create
compute.regionNetworkEndpointGroups.createTagBinding
compute.regionNetworkEndpointGroups.delete
compute.regionNetworkEndpointGroups.deleteTagBinding
compute.regionNetworkEndpointGroups.detachNetworkEndpoints
compute.regionNetworkEndpointGroups.get
compute.regionNetworkEndpointGroups.list
compute.regionNetworkEndpointGroups.listEffectiveTags
compute.regionNetworkEndpointGroups.listTagBindings
compute.regionNetworkEndpointGroups.use
compute.regionNetworkPolicies.*
compute.regionNetworkPolicies.create
compute.regionNetworkPolicies.delete
compute.regionNetworkPolicies.get
compute.regionNetworkPolicies.list
compute.regionNetworkPolicies.update
compute.regionNetworkPolicies.use
compute.regionNotificationEndpoints.*
compute.regionNotificationEndpoints.create
compute.regionNotificationEndpoints.delete
compute.regionNotificationEndpoints.get
compute.regionNotificationEndpoints.list
compute.regionNotificationEndpoints.update
compute.regionNotificationEndpoints.use
compute.regionOperations.get
compute.regionOperations.list
compute.regionSecurityPolicies.*
compute.regionSecurityPolicies.create
compute.regionSecurityPolicies.createTagBinding
compute.regionSecurityPolicies.delete
compute.regionSecurityPolicies.deleteTagBinding
compute.regionSecurityPolicies.get
compute.regionSecurityPolicies.list
compute.regionSecurityPolicies.listEffectiveTags
compute.regionSecurityPolicies.listTagBindings
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 22 of 57

compute.regionSecurityPolicies.update
compute.regionSecurityPolicies.use
compute.regionSslCertificates.*
compute.regionSslCertificates.create
compute.regionSslCertificates.createTagBinding
compute.regionSslCertificates.delete
compute.regionSslCertificates.deleteTagBinding
compute.regionSslCertificates.get
compute.regionSslCertificates.list
compute.regionSslCertificates.listEffectiveTags
compute.regionSslCertificates.listTagBindings
compute.regionSslPolicies.*
compute.regionSslPolicies.create
compute.regionSslPolicies.createTagBinding
compute.regionSslPolicies.delete
compute.regionSslPolicies.deleteTagBinding
compute.regionSslPolicies.get
compute.regionSslPolicies.list
compute.regionSslPolicies.listAvailableFeatures
compute.regionSslPolicies.listEffectiveTags
compute.regionSslPolicies.listTagBindings
compute.regionSslPolicies.update
compute.regionSslPolicies.use
compute.regionTargetHttpProxies.*
compute.regionTargetHttpProxies.create
compute.regionTargetHttpProxies.createTagBinding
compute.regionTargetHttpProxies.delete
compute.regionTargetHttpProxies.deleteTagBinding
compute.regionTargetHttpProxies.get
compute.regionTargetHttpProxies.list
compute.regionTargetHttpProxies.listEffectiveTags
compute.regionTargetHttpProxies.listTagBindings
compute.regionTargetHttpProxies.setUrlMap
compute.regionTargetHttpProxies.use
compute.regionTargetHttpsProxies.*
compute.regionTargetHttpsProxies.create
compute.regionTargetHttpsProxies.createTagBinding
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 23 of 57

compute.regionTargetHttpsProxies.delete
compute.regionTargetHttpsProxies.deleteTagBinding
compute.regionTargetHttpsProxies.get
compute.regionTargetHttpsProxies.list
compute.regionTargetHttpsProxies.listEffectiveTags
compute.regionTargetHttpsProxies.listTagBindings
compute.regionTargetHttpsProxies.setSslCertificates
compute.regionTargetHttpsProxies.setUrlMap
compute.regionTargetHttpsProxies.update
compute.regionTargetHttpsProxies.use
compute.regionTargetTcpProxies.*
compute.regionTargetTcpProxies.attach
compute.regionTargetTcpProxies.create
compute.regionTargetTcpProxies.createTagBinding
compute.regionTargetTcpProxies.delete
compute.regionTargetTcpProxies.deleteTagBinding
compute.regionTargetTcpProxies.get
compute.regionTargetTcpProxies.list
compute.regionTargetTcpProxies.listEffectiveTags
compute.regionTargetTcpProxies.listTagBindings
compute.regionTargetTcpProxies.use
compute.regionUrlMaps.*
compute.regionUrlMaps.create
compute.regionUrlMaps.createTagBinding
compute.regionUrlMaps.delete
compute.regionUrlMaps.deleteTagBinding
compute.regionUrlMaps.get
compute.regionUrlMaps.invalidateCache
compute.regionUrlMaps.list
compute.regionUrlMaps.listEffectiveTags
compute.regionUrlMaps.listTagBindings
compute.regionUrlMaps.update
compute.regionUrlMaps.use
compute.regionUrlMaps.validate
compute.regions.*
compute.regions.get
compute.regions.list
compute.reservationBlocks.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 24 of 57

compute.reservationBlocks.list
compute.reservationSubBlocks.*
compute.reservationSubBlocks.get
compute.reservationSubBlocks.list
compute.reservationSubBlocks.performMaintenance
compute.reservationSubBlocks.reportFaulty
compute.reservations.get
compute.reservations.list
compute.reservations.listEffectiveTags
compute.reservations.listTagBindings
compute.resourcePolicies.*
compute.resourcePolicies.create
compute.resourcePolicies.delete
compute.resourcePolicies.get
compute.resourcePolicies.getIamPolicy
compute.resourcePolicies.list
compute.resourcePolicies.setIamPolicy
compute.resourcePolicies.update
compute.resourcePolicies.use
compute.resourcePolicies.useReadOnly
compute.routers.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 25 of 57

compute.routers.create
compute.routers.createTagBinding
compute.routers.delete
compute.routers.deleteRoutePolicy
compute.routers.deleteTagBinding
compute.routers.get
compute.routers.getRoutePolicy
compute.routers.list
compute.routers.listBgpRoutes
compute.routers.listEffectiveTags
compute.routers.listRoutePolicies
compute.routers.listTagBindings
compute.routers.update
compute.routers.updateRoutePolicy
compute.routers.use
compute.routes.*
compute.routes.create
compute.routes.createTagBinding
compute.routes.delete
compute.routes.deleteTagBinding
compute.routes.get
compute.routes.list
compute.routes.listEffectiveTags
compute.routes.listTagBindings
compute.securityPolicies.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 26 of 57

compute.securityPolicies.addAssociation
compute.securityPolicies.copyRules
compute.securityPolicies.create
compute.securityPolicies.createTagBinding
compute.securityPolicies.delete
compute.securityPolicies.deleteTagBinding
compute.securityPolicies.get
compute.securityPolicies.list
compute.securityPolicies.listEffectiveTags
compute.securityPolicies.listTagBindings
compute.securityPolicies.move
compute.securityPolicies.removeAssociation
compute.securityPolicies.setLabels
compute.securityPolicies.update
compute.securityPolicies.use
compute.serviceAttachments.*
compute.serviceAttachments.create
compute.serviceAttachments.createTagBinding
compute.serviceAttachments.delete
compute.serviceAttachments.deleteTagBinding
compute.serviceAttachments.get
compute.serviceAttachments.getIamPolicy
compute.serviceAttachments.list
compute.serviceAttachments.listEffectiveTags
compute.serviceAttachments.listTagBindings
compute.serviceAttachments.setIamPolicy
compute.serviceAttachments.update
compute.serviceAttachments.use
compute.snapshotGroups.*
compute.snapshotGroups.create
compute.snapshotGroups.delete
compute.snapshotGroups.get
compute.snapshotGroups.getIamPolicy
compute.snapshotGroups.list
compute.snapshotGroups.setIamPolicy
compute.snapshotGroups.useReadOnly
compute.snapshots.*
compute.snapshots.create
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 27 of 57

compute.snapshots.createTagBinding
compute.snapshots.delete
compute.snapshots.deleteTagBinding
compute.snapshots.get
compute.snapshots.getIamPolicy
compute.snapshots.list
compute.snapshots.listEffectiveTags
compute.snapshots.listTagBindings
compute.snapshots.setIamPolicy
compute.snapshots.setLabels
compute.snapshots.updateKmsKey
compute.snapshots.useReadOnly
compute.spotAssistants.get
compute.sslCertificates.*
compute.sslCertificates.create
compute.sslCertificates.createTagBinding
compute.sslCertificates.delete
compute.sslCertificates.deleteTagBinding
compute.sslCertificates.get
compute.sslCertificates.list
compute.sslCertificates.listEffectiveTags
compute.sslCertificates.listTagBindings
compute.sslPolicies.*
compute.sslPolicies.create
compute.sslPolicies.createTagBinding
compute.sslPolicies.delete
compute.sslPolicies.deleteTagBinding
compute.sslPolicies.get
compute.sslPolicies.list
compute.sslPolicies.listAvailableFeatures
compute.sslPolicies.listEffectiveTags
compute.sslPolicies.listTagBindings
compute.sslPolicies.update
compute.sslPolicies.use
compute.storagePools.create
compute.storagePools.delete
compute.storagePools.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 28 of 57

compute.storagePools.getIamPolicy
compute.storagePools.list
compute.storagePools.listEffectiveTags
compute.storagePools.listTagBindings
compute.storagePools.setIamPolicy
compute.storagePools.update
compute.storagePools.use
compute.subnetworks.*
compute.subnetworks.create
compute.subnetworks.createTagBinding
compute.subnetworks.delete
compute.subnetworks.deleteTagBinding
compute.subnetworks.expandIpCidrRange
compute.subnetworks.get
compute.subnetworks.getIamPolicy
compute.subnetworks.list
compute.subnetworks.listEffectiveTags
compute.subnetworks.listTagBindings
compute.subnetworks.mirror
compute.subnetworks.setIamPolicy
compute.subnetworks.setPrivateIpGoogleAccess
compute.subnetworks.update
compute.subnetworks.use
compute.subnetworks.useExternalIp
compute.subnetworks.usePeerMigration
compute.targetGrpcProxies.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 29 of 57

compute.targetGrpcProxies.create
compute.targetGrpcProxies.createTagBinding
compute.targetGrpcProxies.delete
compute.targetGrpcProxies.deleteTagBinding
compute.targetGrpcProxies.get
compute.targetGrpcProxies.list
compute.targetGrpcProxies.listEffectiveTags
compute.targetGrpcProxies.listTagBindings
compute.targetGrpcProxies.update
compute.targetGrpcProxies.use
compute.targetHttpProxies.*
compute.targetHttpProxies.create
compute.targetHttpProxies.createTagBinding
compute.targetHttpProxies.delete
compute.targetHttpProxies.deleteTagBinding
compute.targetHttpProxies.get
compute.targetHttpProxies.list
compute.targetHttpProxies.listEffectiveTags
compute.targetHttpProxies.listTagBindings
compute.targetHttpProxies.setUrlMap
compute.targetHttpProxies.update
compute.targetHttpProxies.use
compute.targetHttpsProxies.*
compute.targetHttpsProxies.create
compute.targetHttpsProxies.createTagBinding
compute.targetHttpsProxies.delete
compute.targetHttpsProxies.deleteTagBinding
compute.targetHttpsProxies.get
compute.targetHttpsProxies.list
compute.targetHttpsProxies.listEffectiveTags
compute.targetHttpsProxies.listTagBindings
compute.targetHttpsProxies.setCertificateMap
compute.targetHttpsProxies.setQuicOverride
compute.targetHttpsProxies.setSslCertificates
compute.targetHttpsProxies.setSslPolicy
compute.targetHttpsProxies.setUrlMap
compute.targetHttpsProxies.update
compute.targetHttpsProxies.use
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 30 of 57

compute.targetInstances.*
compute.targetInstances.create
compute.targetInstances.createTagBinding
compute.targetInstances.delete
compute.targetInstances.deleteTagBinding
compute.targetInstances.get
compute.targetInstances.list
compute.targetInstances.listEffectiveTags
compute.targetInstances.listTagBindings
compute.targetInstances.setSecurityPolicy
compute.targetInstances.use
compute.targetPools.*
compute.targetPools.addHealthCheck
compute.targetPools.addInstance
compute.targetPools.create
compute.targetPools.createTagBinding
compute.targetPools.delete
compute.targetPools.deleteTagBinding
compute.targetPools.get
compute.targetPools.list
compute.targetPools.listEffectiveTags
compute.targetPools.listTagBindings
compute.targetPools.removeHealthCheck
compute.targetPools.removeInstance
compute.targetPools.setSecurityPolicy
compute.targetPools.update
compute.targetPools.use
compute.targetSslProxies.*
compute.targetSslProxies.create
compute.targetSslProxies.createTagBinding
compute.targetSslProxies.delete
compute.targetSslProxies.deleteTagBinding
compute.targetSslProxies.get
compute.targetSslProxies.list
compute.targetSslProxies.listEffectiveTags
compute.targetSslProxies.listTagBindings
compute.targetSslProxies.setBackendService
compute.targetSslProxies.setCertificateMap
compute.targetSslProxies.setProxyHeader
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 31 of 57

compute.targetSslProxies.setSslCertificates
compute.targetSslProxies.setSslPolicy
compute.targetSslProxies.update
compute.targetSslProxies.use
compute.targetTcpProxies.*
compute.targetTcpProxies.attach
compute.targetTcpProxies.create
compute.targetTcpProxies.createTagBinding
compute.targetTcpProxies.delete
compute.targetTcpProxies.deleteTagBinding
compute.targetTcpProxies.get
compute.targetTcpProxies.list
compute.targetTcpProxies.listEffectiveTags
compute.targetTcpProxies.listTagBindings
compute.targetTcpProxies.update
compute.targetTcpProxies.use
compute.targetVpnGateways.*
compute.targetVpnGateways.create
compute.targetVpnGateways.createTagBinding
compute.targetVpnGateways.delete
compute.targetVpnGateways.deleteTagBinding
compute.targetVpnGateways.get
compute.targetVpnGateways.list
compute.targetVpnGateways.listEffectiveTags
compute.targetVpnGateways.listTagBindings
compute.targetVpnGateways.setLabels
compute.targetVpnGateways.use
compute.urlMaps.*
compute.urlMaps.create
compute.urlMaps.createTagBinding
compute.urlMaps.delete
compute.urlMaps.deleteTagBinding
compute.urlMaps.get
compute.urlMaps.invalidateCache
compute.urlMaps.list
compute.urlMaps.listEffectiveTags
compute.urlMaps.listTagBindings
compute.urlMaps.update
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 32 of 57

compute.urlMaps.use
compute.urlMaps.validate
compute.vpnGateways.*
compute.vpnGateways.create
compute.vpnGateways.createTagBinding
compute.vpnGateways.delete
compute.vpnGateways.deleteTagBinding
compute.vpnGateways.get
compute.vpnGateways.list
compute.vpnGateways.listEffectiveTags
compute.vpnGateways.listTagBindings
compute.vpnGateways.setLabels
compute.vpnGateways.use
compute.vpnTunnels.*
compute.vpnTunnels.create
compute.vpnTunnels.createTagBinding
compute.vpnTunnels.delete
compute.vpnTunnels.deleteTagBinding
compute.vpnTunnels.get
compute.vpnTunnels.list
compute.vpnTunnels.listEffectiveTags
compute.vpnTunnels.listTagBindings
compute.vpnTunnels.setLabels
compute.wireGroups.*
compute.wireGroups.create
compute.wireGroups.delete
compute.wireGroups.get
compute.wireGroups.list
compute.wireGroups.update
compute.zoneOperations.get
compute.zoneOperations.list
compute.zones.*
compute.zones.get
compute.zones.list
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 33 of 57

container.*
container.apiServices.create
container.apiServices.delete
container.apiServices.get
container.apiServices.getStatus
container.apiServices.list
container.apiServices.update
container.apiServices.updateStatus
container.auditSinks.create
container.auditSinks.delete
container.auditSinks.get
container.auditSinks.list
container.auditSinks.update
container.backendConfigs.create
container.backendConfigs.delete
container.backendConfigs.get
container.backendConfigs.list
container.backendConfigs.update
container.bindings.create
container.bindings.delete
container.bindings.get
container.bindings.list
container.bindings.update
container.certificateSigningRequests.approve
container.certificateSigningRequests.create
container.certificateSigningRequests.delete
container.certificateSigningRequests.get
container.certificateSigningRequests.getStatus
container.certificateSigningRequests.list
container.certificateSigningRequests.update
container.certificateSigningRequests.updateStatus
container.clusterRoleBindings.create
container.clusterRoleBindings.delete
container.clusterRoleBindings.get
container.clusterRoleBindings.list
container.clusterRoleBindings.update
container.clusterRoles.bind
container.clusterRoles.create
container.clusterRoles.delete
container.clusterRoles.escalate
container.clusterRoles.get
container.clusterRoles.list
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 34 of 57

container.clusterRoles.update
container.clusters.connect
container.clusters.create
container.clusters.createTagBinding
container.clusters.delete
container.clusters.deleteTagBinding
container.clusters.get
container.clusters.getCredentials
container.clusters.impersonate
container.clusters.list
container.clusters.listEffectiveTags
container.clusters.listTagBindings
container.clusters.update
container.componentStatuses.get
container.componentStatuses.list
container.configMaps.create
container.configMaps.delete
container.configMaps.get
container.configMaps.list
container.configMaps.update
container.controllerRevisions.create
container.controllerRevisions.delete
container.controllerRevisions.get
container.controllerRevisions.list
container.controllerRevisions.update
container.cronJobs.create
container.cronJobs.delete
container.cronJobs.get
container.cronJobs.getStatus
container.cronJobs.list
container.cronJobs.update
container.cronJobs.updateStatus
container.csiDrivers.create
container.csiDrivers.delete
container.csiDrivers.get
container.csiDrivers.list
container.csiDrivers.update
container.csiNodeInfos.create
container.csiNodeInfos.delete
container.csiNodeInfos.get
container.csiNodeInfos.list
container.csiNodeInfos.update
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 35 of 57

container.csiNodes.create
container.csiNodes.delete
container.csiNodes.get
container.csiNodes.list
container.csiNodes.update
container.customResourceDefinitions.create
container.customResourceDefinitions.delete
container.customResourceDefinitions.get
container.customResourceDefinitions.getStatus
container.customResourceDefinitions.list
container.customResourceDefinitions.update
container.customResourceDefinitions.updateStatus
container.daemonSets.create
container.daemonSets.delete
container.daemonSets.get
container.daemonSets.getStatus
container.daemonSets.list
container.daemonSets.update
container.daemonSets.updateStatus
container.deployments.create
container.deployments.delete
container.deployments.get
container.deployments.getScale
container.deployments.getStatus
container.deployments.list
container.deployments.rollback
container.deployments.update
container.deployments.updateScale
container.deployments.updateStatus
container.endpointSlices.create
container.endpointSlices.delete
container.endpointSlices.get
container.endpointSlices.list
container.endpointSlices.update
container.endpoints.create
container.endpoints.delete
container.endpoints.get
container.endpoints.list
container.endpoints.update
container.events.create
container.events.delete
container.events.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 36 of 57

container.events.list
container.events.update
container.frontendConfigs.create
container.frontendConfigs.delete
container.frontendConfigs.get
container.frontendConfigs.list
container.frontendConfigs.update
container.horizontalPodAutoscalers.create
container.horizontalPodAutoscalers.delete
container.horizontalPodAutoscalers.get
container.horizontalPodAutoscalers.getStatus
container.horizontalPodAutoscalers.list
container.horizontalPodAutoscalers.update
container.horizontalPodAutoscalers.updateStatus
container.hostServiceAgent.use
container.ingresses.create
container.ingresses.delete
container.ingresses.get
container.ingresses.getStatus
container.ingresses.list
container.ingresses.update
container.ingresses.updateStatus
container.initializerConfigurations.create
container.initializerConfigurations.delete
container.initializerConfigurations.get
container.initializerConfigurations.list
container.initializerConfigurations.update
container.jobs.create
container.jobs.delete
container.jobs.get
container.jobs.getStatus
container.jobs.list
container.jobs.update
container.jobs.updateStatus
container.leases.create
container.leases.delete
container.leases.get
container.leases.list
container.leases.update
container.limitRanges.create
container.limitRanges.delete
container.limitRanges.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 37 of 57

container.limitRanges.list
container.limitRanges.update
container.localSubjectAccessReviews.create
container.localSubjectAccessReviews.list
container.managedCertificates.create
container.managedCertificates.delete
container.managedCertificates.get
container.managedCertificates.list
container.managedCertificates.update
container.mutatingWebhookConfigurations.create
container.mutatingWebhookConfigurations.delete
container.mutatingWebhookConfigurations.get
container.mutatingWebhookConfigurations.list
container.mutatingWebhookConfigurations.update
container.namespaces.create
container.namespaces.delete
container.namespaces.finalize
container.namespaces.get
container.namespaces.getStatus
container.namespaces.list
container.namespaces.update
container.namespaces.updateStatus
container.networkPolicies.create
container.networkPolicies.delete
container.networkPolicies.get
container.networkPolicies.list
container.networkPolicies.update
container.nodes.create
container.nodes.delete
container.nodes.get
container.nodes.getStatus
container.nodes.list
container.nodes.proxy
container.nodes.update
container.nodes.updateStatus
container.operations.get
container.operations.list
container.persistentVolumeClaims.create
container.persistentVolumeClaims.delete
container.persistentVolumeClaims.get
container.persistentVolumeClaims.getStatus
container.persistentVolumeClaims.list
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 38 of 57

container.persistentVolumeClaims.update
container.persistentVolumeClaims.updateStatus
container.persistentVolumes.create
container.persistentVolumes.delete
container.persistentVolumes.get
container.persistentVolumes.getStatus
container.persistentVolumes.list
container.persistentVolumes.update
container.persistentVolumes.updateStatus
container.petSets.create
container.petSets.delete
container.petSets.get
container.petSets.list
container.petSets.update
container.petSets.updateStatus
container.podDisruptionBudgets.create
container.podDisruptionBudgets.delete
container.podDisruptionBudgets.get
container.podDisruptionBudgets.getStatus
container.podDisruptionBudgets.list
container.podDisruptionBudgets.update
container.podDisruptionBudgets.updateStatus
container.podPresets.create
container.podPresets.delete
container.podPresets.get
container.podPresets.list
container.podPresets.update
container.podSecurityPolicies.create
container.podSecurityPolicies.delete
container.podSecurityPolicies.get
container.podSecurityPolicies.list
container.podSecurityPolicies.update
container.podSecurityPolicies.use
container.podTemplates.create
container.podTemplates.delete
container.podTemplates.get
container.podTemplates.list
container.podTemplates.update
container.pods.attach
container.pods.create
container.pods.delete
container.pods.evict
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 39 of 57

container.pods.exec
container.pods.get
container.pods.getLogs
container.pods.getStatus
container.pods.initialize
container.pods.list
container.pods.portForward
container.pods.proxy
container.pods.update
container.pods.updateStatus
container.priorityClasses.create
container.priorityClasses.delete
container.priorityClasses.get
container.priorityClasses.list
container.priorityClasses.update
container.replicaSets.create
container.replicaSets.delete
container.replicaSets.get
container.replicaSets.getScale
container.replicaSets.getStatus
container.replicaSets.list
container.replicaSets.update
container.replicaSets.updateScale
container.replicaSets.updateStatus
container.replicationControllers.create
container.replicationControllers.delete
container.replicationControllers.get
container.replicationControllers.getScale
container.replicationControllers.getStatus
container.replicationControllers.list
container.replicationControllers.update
container.replicationControllers.updateScale
container.replicationControllers.updateStatus
container.resourceQuotas.create
container.resourceQuotas.delete
container.resourceQuotas.get
container.resourceQuotas.getStatus
container.resourceQuotas.list
container.resourceQuotas.update
container.resourceQuotas.updateStatus
container.roleBindings.create
container.roleBindings.delete
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 40 of 57

container.roleBindings.get
container.roleBindings.list
container.roleBindings.update
container.roles.bind
container.roles.create
container.roles.delete
container.roles.escalate
container.roles.get
container.roles.list
container.roles.update
container.runtimeClasses.create
container.runtimeClasses.delete
container.runtimeClasses.get
container.runtimeClasses.list
container.runtimeClasses.update
container.scheduledJobs.create
container.scheduledJobs.delete
container.scheduledJobs.get
container.scheduledJobs.list
container.scheduledJobs.update
container.scheduledJobs.updateStatus
container.secrets.create
container.secrets.delete
container.secrets.get
container.secrets.list
container.secrets.update
container.selfSubjectAccessReviews.create
container.selfSubjectAccessReviews.list
container.selfSubjectRulesReviews.create
container.serviceAccounts.create
container.serviceAccounts.createToken
container.serviceAccounts.delete
container.serviceAccounts.get
container.serviceAccounts.list
container.serviceAccounts.update
container.services.create
container.services.delete
container.services.get
container.services.getStatus
container.services.list
container.services.proxy
container.services.update
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 41 of 57

container.services.updateStatus
container.statefulSets.create
container.statefulSets.delete
container.statefulSets.get
container.statefulSets.getScale
container.statefulSets.getStatus
container.statefulSets.list
container.statefulSets.update
container.statefulSets.updateScale
container.statefulSets.updateStatus
container.storageClasses.create
container.storageClasses.delete
container.storageClasses.get
container.storageClasses.list
container.storageClasses.update
container.storageStates.create
container.storageStates.delete
container.storageStates.get
container.storageStates.getStatus
container.storageStates.list
container.storageStates.update
container.storageStates.updateStatus
container.storageVersionMigrations.create
container.storageVersionMigrations.delete
container.storageVersionMigrations.get
container.storageVersionMigrations.getStatus
container.storageVersionMigrations.list
container.storageVersionMigrations.update
container.storageVersionMigrations.updateStatus
container.subjectAccessReviews.create
container.subjectAccessReviews.list
container.thirdPartyObjects.create
container.thirdPartyObjects.delete
container.thirdPartyObjects.get
container.thirdPartyObjects.list
container.thirdPartyObjects.update
container.thirdPartyResources.create
container.thirdPartyResources.delete
container.thirdPartyResources.get
container.thirdPartyResources.list
container.thirdPartyResources.update
container.tokenReviews.create
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 42 of 57

container.updateInfos.create
container.updateInfos.delete
container.updateInfos.get
container.updateInfos.list
container.updateInfos.update
container.validatingWebhookConfigurations.create
container.validatingWebhookConfigurations.delete
container.validatingWebhookConfigurations.get
container.validatingWebhookConfigurations.list
container.validatingWebhookConfigurations.update
container.volumeAttachments.create
container.volumeAttachments.delete
container.volumeAttachments.get
container.volumeAttachments.getStatus
container.volumeAttachments.list
container.volumeAttachments.update
container.volumeAttachments.updateStatus
container.volumeSnapshotClasses.create
container.volumeSnapshotClasses.delete
container.volumeSnapshotClasses.get
container.volumeSnapshotClasses.list
container.volumeSnapshotClasses.update
container.volumeSnapshotContents.create
container.volumeSnapshotContents.delete
container.volumeSnapshotContents.get
container.volumeSnapshotContents.getStatus
container.volumeSnapshotContents.list
container.volumeSnapshotContents.update
container.volumeSnapshotContents.updateStatus
container.volumeSnapshots.create
container.volumeSnapshots.delete
container.volumeSnapshots.get
container.volumeSnapshots.getStatus
container.volumeSnapshots.list
container.volumeSnapshots.update
container.volumeSnapshots.updateStatus
dns.changes.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 43 of 57

dns.changes.create
dns.changes.get
dns.changes.list
dns.dnsKeys.*
dns.dnsKeys.get
dns.dnsKeys.list
dns.gkeClusters.*
dns.gkeClusters.bindDNSResponsePolicy
dns.gkeClusters.bindPrivateDNSZone
dns.managedZoneOperations.*
dns.managedZoneOperations.get
dns.managedZoneOperations.list
dns.managedZones.create
dns.managedZones.delete
dns.managedZones.get
dns.managedZones.getIamPolicy
dns.managedZones.list
dns.managedZones.update
dns.networks.*
dns.networks.bindDNSResponsePolicy
dns.networks.bindPrivateDNSPolicy
dns.networks.bindPrivateDNSZone
dns.networks.targetWithPeeringZone
dns.networks.useHealthSignals
dns.policies.*
dns.policies.create
dns.policies.createTagBinding
dns.policies.delete
dns.policies.deleteTagBinding
dns.policies.get
dns.policies.list
dns.policies.listEffectiveTags
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 44 of 57

dns.policies.listTagBindings
dns.policies.update
dns.projects.get
dns.resourceRecordSets.*
dns.resourceRecordSets.create
dns.resourceRecordSets.delete
dns.resourceRecordSets.get
dns.resourceRecordSets.list
dns.resourceRecordSets.update
dns.responsePolicies.*
dns.responsePolicies.create
dns.responsePolicies.delete
dns.responsePolicies.get
dns.responsePolicies.list
dns.responsePolicies.update
dns.responsePolicyRules.*
dns.responsePolicyRules.create
dns.responsePolicyRules.delete
dns.responsePolicyRules.get
dns.responsePolicyRules.list
dns.responsePolicyRules.update
file.*
file.backups.create
file.backups.createTagBinding
file.backups.delete
file.backups.deleteTagBinding
file.backups.get
file.backups.list
file.backups.listEffectiveTags
file.backups.listTagBindings
file.backups.update
file.backups.useReadOnly
file.instances.create
file.instances.createCrossProjectBackup
file.instances.createTagBinding
file.instances.delete
file.instances.deleteTagBinding
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 45 of 57

file.instances.get
file.instances.list
file.instances.listEffectiveTags
file.instances.listTagBindings
file.instances.restore
file.instances.revert
file.instances.update
file.locations.get
file.locations.list
file.operations.cancel
file.operations.delete
file.operations.get
file.operations.list
file.snapshots.createTagBinding
file.snapshots.deleteTagBinding
file.snapshots.listEffectiveTags
file.snapshots.listTagBindings
iam.serviceAccounts.actAs
iam.serviceAccounts.get
logging.logEntries.create
lustre.instances.create
lustre.instances.delete
lustre.instances.get
lustre.instances.importData
lustre.instances.list
lustre.instances.update
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 46 of 57

lustre.locations.*
lustre.locations.get
lustre.locations.list
lustre.operations.*
lustre.operations.cancel
lustre.operations.delete
lustre.operations.get
lustre.operations.list
monitoring.metricDescriptors.create
monitoring.metricDescriptors.get
monitoring.metricDescriptors.list
monitoring.timeSeries.*
monitoring.timeSeries.create
monitoring.timeSeries.list
networkconnectivity.internalRanges.*
networkconnectivity.internalRanges.create
networkconnectivity.internalRanges.delete
networkconnectivity.internalRanges.get
networkconnectivity.internalRanges.getIamPolicy
networkconnectivity.internalRanges.list
networkconnectivity.internalRanges.setIamPolicy
networkconnectivity.internalRanges.update
networkconnectivity.locations.*
networkconnectivity.locations.get
networkconnectivity.locations.list
networkconnectivity.operations.*
networkconnectivity.operations.cancel
networkconnectivity.operations.delete
networkconnectivity.operations.get
networkconnectivity.operations.list
networkconnectivity.policyBasedRoutes.*
networkconnectivity.policyBasedRoutes.create
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 47 of 57

networkconnectivity.policyBasedRoutes.delete
networkconnectivity.policyBasedRoutes.get
networkconnectivity.policyBasedRoutes.getIamPolicy
networkconnectivity.policyBasedRoutes.list
networkconnectivity.policyBasedRoutes.setIamPolicy
networkconnectivity.regionalEndpoints.*
networkconnectivity.regionalEndpoints.create
networkconnectivity.regionalEndpoints.delete
networkconnectivity.regionalEndpoints.get
networkconnectivity.regionalEndpoints.list
networkconnectivity.serviceClasses.*
networkconnectivity.serviceClasses.create
networkconnectivity.serviceClasses.delete
networkconnectivity.serviceClasses.get
networkconnectivity.serviceClasses.list
networkconnectivity.serviceClasses.update
networkconnectivity.serviceClasses.use
networkconnectivity.serviceConnectionMaps.*
networkconnectivity.serviceConnectionMaps.create
networkconnectivity.serviceConnectionMaps.delete
networkconnectivity.serviceConnectionMaps.get
networkconnectivity.serviceConnectionMaps.list
networkconnectivity.serviceConnectionMaps.update
networkconnectivity.serviceConnectionPolicies.*
networkconnectivity.serviceConnectionPolicies.create
networkconnectivity.serviceConnectionPolicies.delete
networkconnectivity.serviceConnectionPolicies.get
networkconnectivity.serviceConnectionPolicies.list
networkconnectivity.serviceConnectionPolicies.update
networkmanagement.connectivitytests.get
networkmanagement.connectivitytests.list
networksecurity.addressGroups.*
networksecurity.addressGroups.create
networksecurity.addressGroups.delete
networksecurity.addressGroups.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 48 of 57

networksecurity.addressGroups.getIamPolicy
networksecurity.addressGroups.list
networksecurity.addressGroups.setIamPolicy
networksecurity.addressGroups.update
networksecurity.addressGroups.use
networksecurity.authorizationPolicies.*
networksecurity.authorizationPolicies.create
networksecurity.authorizationPolicies.delete
networksecurity.authorizationPolicies.get
networksecurity.authorizationPolicies.getIamPolicy
networksecurity.authorizationPolicies.list
networksecurity.authorizationPolicies.setIamPolicy
networksecurity.authorizationPolicies.update
networksecurity.authorizationPolicies.use
networksecurity.authzPolicies.*
networksecurity.authzPolicies.create
networksecurity.authzPolicies.delete
networksecurity.authzPolicies.get
networksecurity.authzPolicies.getIamPolicy
networksecurity.authzPolicies.list
networksecurity.authzPolicies.setIamPolicy
networksecurity.authzPolicies.update
networksecurity.backendAuthenticationConfigs.*
networksecurity.backendAuthenticationConfigs.create
networksecurity.backendAuthenticationConfigs.delete
networksecurity.backendAuthenticationConfigs.get
networksecurity.backendAuthenticationConfigs.list
networksecurity.backendAuthenticationConfigs.update
networksecurity.backendAuthenticationConfigs.use
networksecurity.clientTlsPolicies.*
networksecurity.clientTlsPolicies.create
networksecurity.clientTlsPolicies.delete
networksecurity.clientTlsPolicies.get
networksecurity.clientTlsPolicies.getIamPolicy
networksecurity.clientTlsPolicies.list
networksecurity.clientTlsPolicies.setIamPolicy
networksecurity.clientTlsPolicies.update
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 49 of 57

networksecurity.clientTlsPolicies.use
networksecurity.firewallEndpointAssociations.*
networksecurity.firewallEndpointAssociations.create
networksecurity.firewallEndpointAssociations.delete
networksecurity.firewallEndpointAssociations.get
networksecurity.firewallEndpointAssociations.list
networksecurity.firewallEndpointAssociations.update
networksecurity.firewallEndpoints.*
networksecurity.firewallEndpoints.create
networksecurity.firewallEndpoints.delete
networksecurity.firewallEndpoints.get
networksecurity.firewallEndpoints.list
networksecurity.firewallEndpoints.update
networksecurity.firewallEndpoints.use
networksecurity.gatewaySecurityPolicies.*
networksecurity.gatewaySecurityPolicies.create
networksecurity.gatewaySecurityPolicies.delete
networksecurity.gatewaySecurityPolicies.get
networksecurity.gatewaySecurityPolicies.list
networksecurity.gatewaySecurityPolicies.update
networksecurity.gatewaySecurityPolicies.use
networksecurity.gatewaySecurityPolicyRules.*
networksecurity.gatewaySecurityPolicyRules.create
networksecurity.gatewaySecurityPolicyRules.delete
networksecurity.gatewaySecurityPolicyRules.get
networksecurity.gatewaySecurityPolicyRules.list
networksecurity.gatewaySecurityPolicyRules.update
networksecurity.gatewaySecurityPolicyRules.use
networksecurity.locations.*
networksecurity.locations.get
networksecurity.locations.list
networksecurity.operations.*
networksecurity.operations.cancel
networksecurity.operations.delete
networksecurity.operations.get
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 50 of 57

networksecurity.operations.list
networksecurity.sacAttachments.*
networksecurity.sacAttachments.create
networksecurity.sacAttachments.delete
networksecurity.sacAttachments.get
networksecurity.sacAttachments.list
networksecurity.sacRealms.*
networksecurity.sacRealms.create
networksecurity.sacRealms.delete
networksecurity.sacRealms.get
networksecurity.sacRealms.list
networksecurity.securityProfileGroups.*
networksecurity.securityProfileGroups.create
networksecurity.securityProfileGroups.delete
networksecurity.securityProfileGroups.get
networksecurity.securityProfileGroups.list
networksecurity.securityProfileGroups.update
networksecurity.securityProfileGroups.use
networksecurity.securityProfiles.*
networksecurity.securityProfiles.create
networksecurity.securityProfiles.delete
networksecurity.securityProfiles.get
networksecurity.securityProfiles.list
networksecurity.securityProfiles.update
networksecurity.securityProfiles.use
networksecurity.serverTlsPolicies.*
networksecurity.serverTlsPolicies.create
networksecurity.serverTlsPolicies.delete
networksecurity.serverTlsPolicies.get
networksecurity.serverTlsPolicies.getIamPolicy
networksecurity.serverTlsPolicies.list
networksecurity.serverTlsPolicies.setIamPolicy
networksecurity.serverTlsPolicies.update
networksecurity.serverTlsPolicies.use
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 51 of 57

networksecurity.tlsInspectionPolicies.*
networksecurity.tlsInspectionPolicies.create
networksecurity.tlsInspectionPolicies.delete
networksecurity.tlsInspectionPolicies.get
networksecurity.tlsInspectionPolicies.list
networksecurity.tlsInspectionPolicies.update
networksecurity.tlsInspectionPolicies.use
networksecurity.urlLists.*
networksecurity.urlLists.create
networksecurity.urlLists.delete
networksecurity.urlLists.get
networksecurity.urlLists.list
networksecurity.urlLists.update
networksecurity.urlLists.use
networkservices.*
networkservices.authzExtensions.create
networkservices.authzExtensions.delete
networkservices.authzExtensions.get
networkservices.authzExtensions.list
networkservices.authzExtensions.update
networkservices.authzExtensions.use
networkservices.endpointPolicies.create
networkservices.endpointPolicies.delete
networkservices.endpointPolicies.get
networkservices.endpointPolicies.list
networkservices.endpointPolicies.update
networkservices.gateways.create
networkservices.gateways.delete
networkservices.gateways.get
networkservices.gateways.list
networkservices.gateways.update
networkservices.gateways.use
networkservices.grpcRoutes.create
networkservices.grpcRoutes.delete
networkservices.grpcRoutes.get
networkservices.grpcRoutes.list
networkservices.grpcRoutes.update
networkservices.httpFilters.create
networkservices.httpFilters.delete
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 52 of 57

networkservices.httpFilters.get
networkservices.httpFilters.list
networkservices.httpFilters.update
networkservices.httpRoutes.create
networkservices.httpRoutes.delete
networkservices.httpRoutes.get
networkservices.httpRoutes.list
networkservices.httpRoutes.update
networkservices.httpfilters.create
networkservices.httpfilters.delete
networkservices.httpfilters.get
networkservices.httpfilters.getIamPolicy
networkservices.httpfilters.list
networkservices.httpfilters.setIamPolicy
networkservices.httpfilters.update
networkservices.httpfilters.use
networkservices.lbEdgeExtensions.create
networkservices.lbEdgeExtensions.delete
networkservices.lbEdgeExtensions.get
networkservices.lbEdgeExtensions.list
networkservices.lbEdgeExtensions.update
networkservices.lbRouteExtensions.create
networkservices.lbRouteExtensions.delete
networkservices.lbRouteExtensions.get
networkservices.lbRouteExtensions.list
networkservices.lbRouteExtensions.update
networkservices.lbTcpExtensions.createForNetwork
networkservices.lbTcpExtensions.deleteForNetwork
networkservices.lbTcpExtensions.getForNetwork
networkservices.lbTcpExtensions.listForNetwork
networkservices.lbTcpExtensions.updateForNetwork
networkservices.lbTrafficExtensions.create
networkservices.lbTrafficExtensions.delete
networkservices.lbTrafficExtensions.get
networkservices.lbTrafficExtensions.list
networkservices.lbTrafficExtensions.update
networkservices.locations.get
networkservices.locations.list
networkservices.meshes.create
networkservices.meshes.delete
networkservices.meshes.get
networkservices.meshes.list
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 53 of 57

networkservices.meshes.update
networkservices.meshes.use
networkservices.operations.cancel
networkservices.operations.delete
networkservices.operations.get
networkservices.operations.list
networkservices.route_views.get
networkservices.route_views.list
networkservices.serviceBindings.create
networkservices.serviceBindings.delete
networkservices.serviceBindings.get
networkservices.serviceBindings.list
networkservices.serviceBindings.update
networkservices.serviceLbPolicies.create
networkservices.serviceLbPolicies.delete
networkservices.serviceLbPolicies.get
networkservices.serviceLbPolicies.list
networkservices.serviceLbPolicies.update
networkservices.swpSecurityExtensions.create
networkservices.swpSecurityExtensions.delete
networkservices.swpSecurityExtensions.get
networkservices.swpSecurityExtensions.list
networkservices.swpSecurityExtensions.update
networkservices.tcpRoutes.create
networkservices.tcpRoutes.delete
networkservices.tcpRoutes.get
networkservices.tcpRoutes.list
networkservices.tcpRoutes.update
networkservices.tlsRoutes.create
networkservices.tlsRoutes.delete
networkservices.tlsRoutes.get
networkservices.tlsRoutes.list
networkservices.tlsRoutes.update
networkservices.wasmPlugins.create
networkservices.wasmPlugins.delete
networkservices.wasmPlugins.get
networkservices.wasmPlugins.list
networkservices.wasmPlugins.update
networkservices.wasmPlugins.use
parallelstore.instances.create
parallelstore.instances.delete
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 54 of 57

parallelstore.instances.get
parallelstore.instances.importData
parallelstore.instances.list
parallelstore.instances.update
parallelstore.locations.*
parallelstore.locations.get
parallelstore.locations.list
parallelstore.operations.*
parallelstore.operations.cancel
parallelstore.operations.delete
parallelstore.operations.get
parallelstore.operations.list
pubsub.topics.create
pubsub.topics.get
pubsub.topics.publish
recommender.containerDiagnosisInsights.*
recommender.containerDiagnosisInsights.get
recommender.containerDiagnosisInsights.list
recommender.containerDiagnosisInsights.update
recommender.containerDiagnosisRecommendations.*
recommender.containerDiagnosisRecommendations.get
recommender.containerDiagnosisRecommendations.list
recommender.containerDiagnosisRecommendations.update
recommender.locations.*
recommender.locations.get
recommender.locations.list
recommender.networkAnalyzerGkeConnectivityInsights.*
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 55 of 57

recommender.networkAnalyzerGkeConnectivityInsights.get
recommender.networkAnalyzerGkeConnectivityInsights.list
recommender.networkAnalyzerGkeConnectivityInsights.update
recommender.networkAnalyzerGkeIpAddressInsights.*
recommender.networkAnalyzerGkeIpAddressInsights.get
recommender.networkAnalyzerGkeIpAddressInsights.list
recommender.networkAnalyzerGkeIpAddressInsights.update
resourcemanager.projects.get
resourcemanager.projects.list
resourcemanager.tagHolds.*
resourcemanager.tagHolds.create
resourcemanager.tagHolds.delete
resourcemanager.tagHolds.list
resourcemanager.tagValueBindings.create
servicedirectory.namespaces.create
servicedirectory.namespaces.delete
servicedirectory.services.create
servicedirectory.services.delete
servicenetworking.operations.get
servicenetworking.services.addPeering
servicenetworking.services.createPeeredDnsDomain
servicenetworking.services.deleteConnection
servicenetworking.services.deletePeeredDnsDomain
servicenetworking.services.disableVpcServiceControls
servicenetworking.services.enableVpcServiceControls
servicenetworking.services.get
servicenetworking.services.getVpcServiceControls
servicenetworking.services.listPeeredDnsDomains
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 56 of 57

serviceusage.consumerpolicy.analyze
serviceusage.consumerpolicy.get
serviceusage.effectivepolicy.get
serviceusage.groups.*
serviceusage.groups.list
serviceusage.groups.listExpandedMembers
serviceusage.groups.listMembers
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
serviceusage.services.use
serviceusage.values.test
tpu.locations.*
tpu.locations.get
tpu.locations.list
tpu.nodes.create
tpu.nodes.delete
tpu.nodes.get
tpu.nodes.list
tpu.operations.*
tpu.operations.get
tpu.operations.list
trafficdirector.*
trafficdirector.networks.getConfigs
trafficdirector.networks.reportMetrics
Source: https://cloud.google.com/kubernetes-engine/docs/how-to/iam
https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Page 57 of 57