Identity IAM roles
The following table describes Identity and Access Management (IAM) roles that are associated with Identity, and lists the permissions that are contained in each role.
| Role | Description | Permissions |
|---|
| roles/identity.settingsAdmin | Administrator of user settings. | - identity.users.getSettings
- identity.users.updateSettings
|
| roles/identity.admin | Full access to users and groups. | - identity.users.get
- identity.users.list
- identity.users.create
- identity.users.update
- identity.users.delete
- identity.users.getIamPolicy
- identity.users.setIamPolicy
- identity.groups.get
- identity.groups.list
- identity.groups.create
- identity.groups.update
- identity.groups.delete
- identity.groups.getIamPolicy
- identity.groups.setIamPolicy
|
| roles/identity.editor | Edit access to users and groups. | - identity.users.get
- identity.users.list
- identity.users.create
- identity.users.update
- identity.users.getIamPolicy
- identity.groups.get
- identity.groups.list
- identity.groups.create
- identity.groups.update
- identity.groups.getIamPolicy
|
| roles/identity.viewer | View access to users and groups. | - identity.users.get
- identity.users.list
- identity.users.getIamPolicy
- identity.groups.get
- identity.groups.list
- identity.groups.getIamPolicy
|
For a reference describing the IAM permissions contained in each IAM role, refer to Identity IAM Permissions.