Re: create custom roles for application integratio...

dareenhamdy · 03-05-2025 11:54 AM

I want to create a custom role with only required permissions, and that I don’t want to use wild roles like Connectors.admin or SQL admin for the following connectors Pub/sub , cloud sql , and Cloud storage.

what are the list of ONLY actually needed permissions not the generic full list as mentioned in the documentation ?

https://cloud.google.com/integration-connectors/docs/connectors/cloudstorage/configure
https://cloud.google.com/integration-connectors/docs/connectors/cloudsqlforsqlserver/configure
https://cloud.google.com/integration-connectors/docs/connectors/pubsub/configure

AldoMeneses86

Hello @dareenhamdy

You can create a custom role: https://cloud.google.com/integration-connectors/docs/connectors-access-permissions#iam-roles-for-int...

You can learn more in this excellent article from my colleague @kurtkanaskie. Is for apigee but can applies for Application Integration.

Best.

dareenhamdy

thank you for refencing to that but that still does not list the permissions specific list.
that's not my part , Devops team would like a specific roles list,

vpagar

Hello @dareenhamdy
Could you please provide clarity on which specific entities or actions you intend to use for these connectors
Pub/sub , cloud sql , and Cloud storage ?

create custom roles for application integration service accounts