Legend: + additive, • conditional.
| members | roles |
|---|---|
| gcp-data-analysts group |
roles/datacatalog.viewer |
| gcp-data-engineers group |
roles/dlp.estimatesAdmin roles/dlp.reader roles/dlp.user |
| gcp-data-security group |
roles/datacatalog.admin roles/dlp.admin |
| load-df-0 serviceAccount |
roles/datacatalog.viewer roles/dlp.user |
| trf-bq-0 serviceAccount |
roles/datacatalog.categoryFineGrainedReader roles/datacatalog.viewer |
| trf-df-0 serviceAccount |
roles/datacatalog.categoryFineGrainedReader roles/datacatalog.viewer roles/dlp.user |
| members | roles |
|---|---|
| gcp-data-engineers group |
roles/bigquery.dataEditor roles/bigquery.user |
| drp-bq-0 serviceAccount |
roles/bigquery.dataEditor |
| drp-cs-0 serviceAccount |
roles/storage.objectCreator |
| drp-ps-0 serviceAccount |
roles/pubsub.publisher |
| load-df-0 serviceAccount |
roles/bigquery.user roles/pubsub.subscriber roles/storage.objectAdmin |
| orc-cmp-0 serviceAccount |
roles/pubsub.subscriber roles/storage.objectViewer |
| members | roles |
|---|---|
| gcp-data-analysts group |
roles/bigquery.dataViewer roles/bigquery.jobUser roles/datacatalog.tagTemplateViewer roles/datacatalog.viewer roles/storage.objectViewer |
| gcp-data-engineers group |
roles/bigquery.dataViewer roles/bigquery.jobUser roles/datacatalog.tagTemplateViewer roles/datacatalog.viewer roles/storage.objectViewer |
| SERVICE_IDENTITY_service-networking serviceAccount |
roles/servicenetworking.serviceAgent + |
| trf-bq-0 serviceAccount |
roles/bigquery.dataOwner roles/bigquery.jobUser |
| trf-df-0 serviceAccount |
roles/bigquery.dataOwner roles/storage.objectAdmin |
| members | roles |
|---|---|
| gcp-data-analysts group |
roles/bigquery.dataViewer roles/bigquery.jobUser roles/datacatalog.tagTemplateViewer roles/datacatalog.viewer roles/storage.objectViewer |
| gcp-data-engineers group |
roles/bigquery.dataViewer roles/bigquery.jobUser roles/datacatalog.tagTemplateViewer roles/datacatalog.viewer roles/storage.objectViewer |
| SERVICE_IDENTITY_service-networking serviceAccount |
roles/servicenetworking.serviceAgent + |
| trf-bq-0 serviceAccount |
roles/bigquery.dataOwner roles/bigquery.jobUser |
| trf-df-0 serviceAccount |
roles/bigquery.dataOwner roles/storage.objectAdmin |
| members | roles |
|---|---|
| gcp-data-engineers group |
roles/bigquery.dataViewer roles/bigquery.jobUser roles/datacatalog.tagTemplateViewer roles/datacatalog.viewer roles/storage.objectViewer |
| SERVICE_IDENTITY_service-networking serviceAccount |
roles/servicenetworking.serviceAgent + |
| load-df-0 serviceAccount |
roles/bigquery.dataOwner roles/bigquery.jobUser roles/storage.objectCreator |
| trf-bq-0 serviceAccount |
roles/bigquery.dataViewer roles/datacatalog.categoryAdmin |
| trf-df-0 serviceAccount |
roles/bigquery.dataViewer |
| members | roles |
|---|---|
| gcp-data-engineers group |
roles/dataflow.admin roles/dataflow.developer |
| SERVICE_IDENTITY_dataflow-service-producer-prod serviceAccount |
roles/storage.objectAdmin |
| SERVICE_IDENTITY_service-networking serviceAccount |
roles/servicenetworking.serviceAgent + |
| load-df-0 serviceAccount |
roles/bigquery.jobUser roles/dataflow.admin roles/dataflow.worker roles/storage.objectAdmin |
| orc-cmp-0 serviceAccount |
roles/dataflow.admin |
| members | roles |
|---|---|
| gcp-data-engineers group |
roles/bigquery.jobUser roles/dataflow.admin |
| SERVICE_IDENTITY_dataflow-service-producer-prod serviceAccount |
roles/storage.objectAdmin |
| SERVICE_IDENTITY_service-networking serviceAccount |
roles/servicenetworking.serviceAgent + |
| orc-cmp-0 serviceAccount |
roles/dataflow.admin |
| trf-bq-0 serviceAccount |
roles/bigquery.jobUser |
| trf-df-0 serviceAccount |
roles/dataflow.worker roles/storage.objectAdmin |