- Virtana Docs
- Virtana Platform Administration Guide
- Configuring a GCP Integration
- Roles and Permissions Required for a GCP Account
Roles and Permissions Required for a GCP Account
Before integrating with Virtana Platform, you need to create a service account and an associated custom role with the required permissions. The tables below describe the roles and permissions you must assign to a custom role for the service account.
Following are lists of all roles required for the integration with Virtana Platform. Any permissions not in these lists can be removed from the Virtana role that you create in GCP.
BigQuery permissions
bigquery.bireservations.get | bigquery.reservations.get | |
bigquery.capacityCommitments.get | bigquery.reservations.list | |
bigquery.capacityCommitments.list | bigquery.routines.get | |
bigquery.config.get | bigquery.routines.list | |
bigquery.datasets.create | bigquery.rowAccessPolicies.getFilteredData | |
bigquery.datasets.get | bigquery.savedqueries.get | |
bigquery.datasets.getIamPolicy | bigquery.savedqueries.list | |
bigquery.jobs.create | bigquery.tables.createSnapshot | |
bigquery.jobs.list | bigquery.tables.export | |
bigquery.models.export | bigquery.tables.get | |
bigquery.models.getData | bigquery.tables.getData | |
bigquery.models.getMetadata | bigquery.tables.getIamPolicy | |
bigquery.models.list | bigquery.tables.list | |
bigquery.reservationAssignments.list | bigquery.transfers.get | |
bigquery.reservationAssignments.search | bigquerymigration.translation.translate |
Performance permissions
cloudnotifications.activities.list | monitoring.notificationChannelDescriptors.list | |
monitoring.alertPolicies.get | monitoring.notificationChannels.get | |
monitoring.alertPolicies.list | monitoring.notificationChannels.list | |
monitoring.dashboards.get | monitoring.publicWidgets.get | |
monitoring.dashboards.list | monitoring.publicWidgets.list | |
monitoring.groups.get | monitoring.services.get | |
monitoring.groups.list | monitoring.services.list | |
monitoring.metricDescriptors.create | monitoring.slos.get | |
monitoring.metricDescriptors.get | monitoring.slos.list | |
monitoring.metricDescriptors.list | monitoring.timeSeries.create | |
monitoring.monitoredResourceDescriptors.get | monitoring.timeSeries.list | |
monitoring.monitoredResourceDescriptors.list | monitoring.uptimeCheckConfigs.get | |
monitoring.notificationChannelDescriptors.get | monitoring.uptimeCheckConfigs.list |
API permissions
opsconfigmonitoring.resourceMetadata.list | servicemanagement.services.get | |
resourcemanager.projects.get | servicemanagement.services.quota | |
servicemanagement.services.bind | servicemanagement.services.report | |
servicemanagement.services.check | stackdriver.projects.get |