Firestore roles and permissions

This page lists the IAM roles and permissions for Firestore. To search through all roles and permissions, see the role and permission index.

Firestore roles

Role Permissions

Cloud Datastore Backup Schedules Admin

(roles/datastore.backupSchedulesAdmin)

Manage backup schedules in Cloud Datastore.

datastore.backupSchedules.*

  • datastore.backupSchedules.create
  • datastore.backupSchedules.delete
  • datastore.backupSchedules.get
  • datastore.backupSchedules.list
  • datastore.backupSchedules.update

datastore.databases.getMetadata

datastore.databases.list

Cloud Datastore Backup Schedules Viewer

(roles/datastore.backupSchedulesViewer)

Read access to backup schedules in Cloud Datastore.

datastore.backupSchedules.get

datastore.backupSchedules.list

Cloud Datastore Backups Admin

(roles/datastore.backupsAdmin)

Read/Write access to metadata about backups in Cloud Datastore but restore is not allowed.

datastore.backups.delete

datastore.backups.get

datastore.backups.list

Cloud Datastore Backups Viewer

(roles/datastore.backupsViewer)

Read access to metadata about backups in Cloud Datastore.

datastore.backups.get

datastore.backups.list

Cloud Datastore Bulk Admin

(roles/datastore.bulkAdmin)

Full access to manage bulk operations.

datastore.databases.bulkDelete

datastore.databases.getMetadata

datastore.operations.cancel

datastore.operations.get

datastore.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Datastore Clone Admin

(roles/datastore.cloneAdmin)

Clone Cloud Datastore Databases.

datastore.databases.clone

datastore.databases.create

datastore.databases.getMetadata

datastore.databases.list

datastore.operations.get

datastore.operations.list

Cloud Datastore Import Export Admin

(roles/datastore.importExportAdmin)

Provides full access to manage imports and exports.

Lowest-level resources where you can grant this role:

  • Project

appengine.applications.get

datastore.databases.export

datastore.databases.getMetadata

datastore.databases.import

datastore.operations.cancel

datastore.operations.get

datastore.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Datastore Index Admin

(roles/datastore.indexAdmin)

Provides full access to manage index definitions.

Lowest-level resources where you can grant this role:

  • Project

appengine.applications.get

datastore.databases.getMetadata

datastore.indexes.*

  • datastore.indexes.create
  • datastore.indexes.delete
  • datastore.indexes.get
  • datastore.indexes.list
  • datastore.indexes.update

datastore.operations.get

datastore.operations.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Datastore Key Visualizer Viewer

(roles/datastore.keyVisualizerViewer)

Full access to Key Visualizer scans.

datastore.databases.getMetadata

datastore.keyVisualizerScans.*

  • datastore.keyVisualizerScans.get
  • datastore.keyVisualizerScans.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Datastore Owner

(roles/datastore.owner)

Provides full access to Datastore resources.

Lowest-level resources where you can grant this role:

  • Project

appengine.applications.get

databasesconsole.locations.*

  • databasesconsole.locations.get
  • databasesconsole.locations.list

databasesconsole.studioQueries.*

  • databasesconsole.studioQueries.create
  • databasesconsole.studioQueries.delete
  • databasesconsole.studioQueries.get
  • databasesconsole.studioQueries.list
  • databasesconsole.studioQueries.search
  • databasesconsole.studioQueries.update

datastore.*

  • datastore.backupSchedules.create
  • datastore.backupSchedules.delete
  • datastore.backupSchedules.get
  • datastore.backupSchedules.list
  • datastore.backupSchedules.update
  • datastore.backups.delete
  • datastore.backups.get
  • datastore.backups.list
  • datastore.backups.restoreDatabase
  • datastore.databases.bulkDelete
  • datastore.databases.clone
  • datastore.databases.create
  • datastore.databases.createTagBinding
  • datastore.databases.delete
  • datastore.databases.deleteTagBinding
  • datastore.databases.export
  • datastore.databases.get
  • datastore.databases.getMetadata
  • datastore.databases.import
  • datastore.databases.list
  • datastore.databases.listEffectiveTags
  • datastore.databases.listTagBindings
  • datastore.databases.update
  • datastore.entities.allocateIds
  • datastore.entities.create
  • datastore.entities.delete
  • datastore.entities.get
  • datastore.entities.list
  • datastore.entities.update
  • datastore.indexes.create
  • datastore.indexes.delete
  • datastore.indexes.get
  • datastore.indexes.list
  • datastore.indexes.update
  • datastore.insights.get
  • datastore.keyVisualizerScans.get
  • datastore.keyVisualizerScans.list
  • datastore.locations.get
  • datastore.locations.list
  • datastore.namespaces.get
  • datastore.namespaces.list
  • datastore.operations.cancel
  • datastore.operations.delete
  • datastore.operations.get
  • datastore.operations.list
  • datastore.statistics.get
  • datastore.statistics.list
  • datastore.userCreds.create
  • datastore.userCreds.delete
  • datastore.userCreds.get
  • datastore.userCreds.list
  • datastore.userCreds.update

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Datastore Restore Admin

(roles/datastore.restoreAdmin)

Restore into Cloud Datastore Databases from Cloud Datastore Backups.

datastore.backups.get

datastore.backups.list

datastore.backups.restoreDatabase

datastore.databases.create

datastore.databases.getMetadata

datastore.databases.list

datastore.operations.get

datastore.operations.list

Cloud Datastore User

(roles/datastore.user)

Provides read/write access to data in a Datastore database.

Lowest-level resources where you can grant this role:

  • Project

appengine.applications.get

databasesconsole.locations.*

  • databasesconsole.locations.get
  • databasesconsole.locations.list

databasesconsole.studioQueries.create

databasesconsole.studioQueries.delete

databasesconsole.studioQueries.search

databasesconsole.studioQueries.update

datastore.databases.get

datastore.databases.getMetadata

datastore.databases.list

datastore.entities.*

  • datastore.entities.allocateIds
  • datastore.entities.create
  • datastore.entities.delete
  • datastore.entities.get
  • datastore.entities.list
  • datastore.entities.update

datastore.indexes.list

datastore.namespaces.*

  • datastore.namespaces.get
  • datastore.namespaces.list

datastore.statistics.*

  • datastore.statistics.get
  • datastore.statistics.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Datastore User Creds Admin

(roles/datastore.userCredsAdmin)

Manage user creds in Cloud Datastore.

datastore.databases.getMetadata

datastore.databases.list

datastore.userCreds.*

  • datastore.userCreds.create
  • datastore.userCreds.delete
  • datastore.userCreds.get
  • datastore.userCreds.list
  • datastore.userCreds.update

Cloud Datastore User Creds Viewer

(roles/datastore.userCredsViewer)

Read access to user creds in Cloud Datastore.

datastore.userCreds.get

datastore.userCreds.list

Cloud Datastore Viewer

(roles/datastore.viewer)

Provides read access to Datastore resources.

Lowest-level resources where you can grant this role:

  • Project

appengine.applications.get

databasesconsole.locations.*

  • databasesconsole.locations.get
  • databasesconsole.locations.list

databasesconsole.studioQueries.search

datastore.databases.get

datastore.databases.getMetadata

datastore.databases.list

datastore.entities.get

datastore.entities.list

datastore.indexes.get

datastore.indexes.list

datastore.insights.get

datastore.namespaces.*

  • datastore.namespaces.get
  • datastore.namespaces.list

datastore.statistics.*

  • datastore.statistics.get
  • datastore.statistics.list

resourcemanager.projects.get

resourcemanager.projects.list

Firestore Service Agent

(roles/firestore.serviceAgent)

Gives Firestore service account access to managed resources.

storage.buckets.get

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

Firestore permissions

Permission Included in roles

datastore.backupSchedules.create

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.backupSchedules.delete

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.backupSchedules.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Backup Schedules Viewer (roles/datastore.backupSchedulesViewer)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

datastore.backupSchedules.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Backup Schedules Viewer (roles/datastore.backupSchedulesViewer)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

datastore.backupSchedules.update

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.backups.delete

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Backups Admin (roles/datastore.backupsAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.backups.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Backups Admin (roles/datastore.backupsAdmin)

Cloud Datastore Backups Viewer (roles/datastore.backupsViewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Viewer (roles/firebase.viewer)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

datastore.backups.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Backups Admin (roles/datastore.backupsAdmin)

Cloud Datastore Backups Viewer (roles/datastore.backupsViewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Viewer (roles/firebase.viewer)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

datastore.backups.restoreDatabase

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.databases.bulkDelete

Owner (roles/owner)

Cloud Datastore Bulk Admin (roles/datastore.bulkAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.databases.clone

Owner (roles/owner)

Cloud Datastore Clone Admin (roles/datastore.cloneAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

datastore.databases.create

Owner (roles/owner)

Cloud Datastore Clone Admin (roles/datastore.cloneAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

datastore.databases.createTagBinding

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Tag User (roles/resourcemanager.tagUser)

datastore.databases.delete

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

datastore.databases.deleteTagBinding

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Tag User (roles/resourcemanager.tagUser)

datastore.databases.export

Owner (roles/owner)

Cloud Datastore Import Export Admin (roles/datastore.importExportAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Service agent roles

datastore.databases.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Firebase Rules System (roles/firebaserules.system)

Data Scientist (roles/iam.dataScientist)

Support User (roles/iam.supportUser)

Service agent roles

datastore.databases.getMetadata

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Bulk Admin (roles/datastore.bulkAdmin)

Cloud Datastore Clone Admin (roles/datastore.cloneAdmin)

Cloud Datastore Import Export Admin (roles/datastore.importExportAdmin)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Key Visualizer Viewer (roles/datastore.keyVisualizerViewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

Service agent roles

datastore.databases.import

Owner (roles/owner)

Cloud Datastore Import Export Admin (roles/datastore.importExportAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.databases.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Backup Schedules Admin (roles/datastore.backupSchedulesAdmin)

Cloud Datastore Clone Admin (roles/datastore.cloneAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

datastore.databases.listEffectiveTags

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

datastore.databases.listTagBindings

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

DLP Organization Data Profiles Driver (roles/dlp.orgdriver)

DLP Project Data Profiles Driver (roles/dlp.projectdriver)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Security Auditor (roles/iam.securityAuditor)

Support User (roles/iam.supportUser)

Tag User (roles/resourcemanager.tagUser)

Tag Viewer (roles/resourcemanager.tagViewer)

datastore.databases.update

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Service agent roles

datastore.entities.allocateIds

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Rules System (roles/firebaserules.system)

Service agent roles

datastore.entities.create

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Rules System (roles/firebaserules.system)

Service agent roles

datastore.entities.delete

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Rules System (roles/firebaserules.system)

Service agent roles

datastore.entities.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Firebase Rules System (roles/firebaserules.system)

Data Scientist (roles/iam.dataScientist)

Support User (roles/iam.supportUser)

Service agent roles

datastore.entities.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Firebase Rules System (roles/firebaserules.system)

Data Scientist (roles/iam.dataScientist)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

datastore.entities.update

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Rules System (roles/firebaserules.system)

Service agent roles

datastore.indexes.create

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.indexes.delete

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.indexes.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

datastore.indexes.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

datastore.indexes.update

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.insights.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Data Scientist (roles/iam.dataScientist)

Support User (roles/iam.supportUser)

datastore.keyVisualizerScans.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Key Visualizer Viewer (roles/datastore.keyVisualizerViewer)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Support User (roles/iam.supportUser)

datastore.keyVisualizerScans.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Key Visualizer Viewer (roles/datastore.keyVisualizerViewer)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

datastore.locations.get

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Service agent roles

datastore.locations.list

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Service agent roles

datastore.namespaces.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Support User (roles/iam.supportUser)

Service agent roles

datastore.namespaces.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

datastore.operations.cancel

Owner (roles/owner)

Cloud Datastore Bulk Admin (roles/datastore.bulkAdmin)

Cloud Datastore Import Export Admin (roles/datastore.importExportAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.operations.delete

Owner (roles/owner)

Cloud Datastore Owner (roles/datastore.owner)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

datastore.operations.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Bulk Admin (roles/datastore.bulkAdmin)

Cloud Datastore Clone Admin (roles/datastore.cloneAdmin)

Cloud Datastore Import Export Admin (roles/datastore.importExportAdmin)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

Service agent roles

datastore.operations.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Bulk Admin (roles/datastore.bulkAdmin)

Cloud Datastore Clone Admin (roles/datastore.cloneAdmin)

Cloud Datastore Import Export Admin (roles/datastore.importExportAdmin)

Cloud Datastore Index Admin (roles/datastore.indexAdmin)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore Restore Admin (roles/datastore.restoreAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

datastore.statistics.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Support User (roles/iam.supportUser)

Service agent roles

datastore.statistics.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User (roles/datastore.user)

Cloud Datastore Viewer (roles/datastore.viewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Firebase Develop Viewer (roles/firebase.developViewer)

Firebase Admin SDK Administrator Service Agent (roles/firebase.sdkAdminServiceAgent)

Firebase Viewer (roles/firebase.viewer)

Data Scientist (roles/iam.dataScientist)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Service agent roles

datastore.userCreds.create

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.userCreds.delete

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

datastore.userCreds.get

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Cloud Datastore User Creds Viewer (roles/datastore.userCredsViewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Support User (roles/iam.supportUser)

datastore.userCreds.list

Owner (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Cloud Datastore User Creds Viewer (roles/datastore.userCredsViewer)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Security Admin (roles/iam.securityAdmin)

Security Auditor (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

datastore.userCreds.update

Owner (roles/owner)

Editor (roles/editor)

Cloud Datastore Owner (roles/datastore.owner)

Cloud Datastore User Creds Admin (roles/datastore.userCredsAdmin)

Firebase Admin (roles/firebase.admin)

Firebase Develop Admin (roles/firebase.developAdmin)

Databases Admin (roles/iam.databasesAdmin)

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月10日 UTC.