Fetch all roles

gcp_roles_cai.json

@@ -148,7 +148,7 @@
 {"description":"Full access to all autoscaling site features","etag":"AA==","includedPermissions":["autoscaling.sites.getIamPolicy","autoscaling.sites.readRecommendations","autoscaling.sites.setIamPolicy","autoscaling.sites.writeMetrics","autoscaling.sites.writeState","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/autoscaling.sitesAdmin","stage":"BETA","title":"Autoscaling Site Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Access to write state for autoscaling site","etag":"AA==","includedPermissions":["autoscaling.sites.writeState"],"name":"roles/autoscaling.stateWriter","stage":"BETA","title":"Autoscaling State Writer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Enable Access Transparency for Organization","etag":"AA==","includedPermissions":["axt.labels.get","axt.labels.set","resourcemanager.organizations.get","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/axt.admin","stage":"GA","title":"Access Transparency Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Provides full access to all Backup and DR resources. ","etag":"AA==","includedPermissions":["backupdr.backupPlanAssociations.create","backupdr.backupPlanAssociations.delete","backupdr.backupPlanAssociations.get","backupdr.backupPlanAssociations.list","backupdr.backupPlanAssociations.triggerBackup","backupdr.backupPlans.create","backupdr.backupPlans.delete","backupdr.backupPlans.get","backupdr.backupPlans.list","backupdr.backupPlans.useComputeInstanceOnly","backupdr.backupVaults.associate","backupdr.backupVaults.create","backupdr.backupVaults.delete","backupdr.backupVaults.get","backupdr.backupVaults.list","backupdr.backupVaults.update","backupdr.bvbackups.delete","backupdr.bvbackups.get","backupdr.bvbackups.list","backupdr.bvbackups.restore","backupdr.bvbackups.update","backupdr.bvdataSources.abandonBackup","backupdr.bvdataSources.fetchAccessToken","backupdr.bvdataSources.finalizeBackup","backupdr.bvdataSources.get","backupdr.bvdataSources.initiateBackup","backupdr.bvdataSources.list","backupdr.bvdataSources.remove","backupdr.bvdataSources.setInternalStatus","backupdr.bvdataSources.update","backupdr.compute.restoreFromBackupVault","backupdr.locations.get","backupdr.locations.list","backupdr.managementServers.access","backupdr.managementServers.accessSensitiveData","backupdr.managementServers.assignBackupPlans","backupdr.managementServers.backupAccess","backupdr.managementServers.create","backupdr.managementServers.createConnection","backupdr.managementServers.createDynamicProtection","backupdr.managementServers.delete","backupdr.managementServers.deleteDynamicProtection","backupdr.managementServers.get","backupdr.managementServers.getDynamicProtection","backupdr.managementServers.getIamPolicy","backupdr.managementServers.list","backupdr.managementServers.listDynamicProtection","backupdr.managementServers.manageApplications","backupdr.managementServers.manageBackupPlans","backupdr.managementServers.manageBackupServers","backupdr.managementServers.manageBackups","backupdr.managementServers.manageClones","backupdr.managementServers.manageExpiration","backupdr.managementServers.manageHosts","backupdr.managementServers.manageInternalACL","backupdr.managementServers.manageJobs","backupdr.managementServers.manageLiveClones","backupdr.managementServers.manageMigrations","backupdr.managementServers.manageMirroring","backupdr.managementServers.manageMounts","backupdr.managementServers.manageRestores","backupdr.managementServers.manageSensitiveData","backupdr.managementServers.manageStorage","backupdr.managementServers.manageSystem","backupdr.managementServers.manageWorkflows","backupdr.managementServers.refreshWorkflows","backupdr.managementServers.runWorkflows","backupdr.managementServers.setIamPolicy","backupdr.managementServers.testFailOvers","backupdr.managementServers.viewBackupPlans","backupdr.managementServers.viewBackupServers","backupdr.managementServers.viewReports","backupdr.managementServers.viewStorage","backupdr.managementServers.viewSystem","backupdr.managementServers.viewWorkflows","backupdr.operations.cancel","backupdr.operations.delete","backupdr.operations.get","backupdr.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/backupdr.admin","stage":"GA","title":"Backup and DR Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Provides full access to all Backup and DR resources. ","etag":"AA==","includedPermissions":["backupdr.backupPlanAssociations.createForComputeInstance","backupdr.backupPlanAssociations.deleteForComputeInstance","backupdr.backupPlanAssociations.get","backupdr.backupPlanAssociations.list","backupdr.backupPlanAssociations.triggerBackupForComputeInstance","backupdr.backupPlans.create","backupdr.backupPlans.delete","backupdr.backupPlans.get","backupdr.backupPlans.list","backupdr.backupPlans.useForComputeInstance","backupdr.backupVaults.associate","backupdr.backupVaults.create","backupdr.backupVaults.delete","backupdr.backupVaults.get","backupdr.backupVaults.list","backupdr.backupVaults.update","backupdr.bvbackups.delete","backupdr.bvbackups.get","backupdr.bvbackups.list","backupdr.bvbackups.restore","backupdr.bvbackups.update","backupdr.bvdataSources.abandonBackup","backupdr.bvdataSources.fetchAccessToken","backupdr.bvdataSources.finalizeBackup","backupdr.bvdataSources.get","backupdr.bvdataSources.initiateBackup","backupdr.bvdataSources.list","backupdr.bvdataSources.remove","backupdr.bvdataSources.setInternalStatus","backupdr.bvdataSources.update","backupdr.compute.restoreFromBackupVault","backupdr.locations.get","backupdr.locations.list","backupdr.managementServers.access","backupdr.managementServers.accessSensitiveData","backupdr.managementServers.assignBackupPlans","backupdr.managementServers.backupAccess","backupdr.managementServers.create","backupdr.managementServers.createConnection","backupdr.managementServers.createDynamicProtection","backupdr.managementServers.delete","backupdr.managementServers.deleteDynamicProtection","backupdr.managementServers.get","backupdr.managementServers.getDynamicProtection","backupdr.managementServers.getIamPolicy","backupdr.managementServers.list","backupdr.managementServers.listDynamicProtection","backupdr.managementServers.manageApplications","backupdr.managementServers.manageBackupPlans","backupdr.managementServers.manageBackupServers","backupdr.managementServers.manageBackups","backupdr.managementServers.manageClones","backupdr.managementServers.manageExpiration","backupdr.managementServers.manageHosts","backupdr.managementServers.manageInternalACL","backupdr.managementServers.manageJobs","backupdr.managementServers.manageLiveClones","backupdr.managementServers.manageMigrations","backupdr.managementServers.manageMirroring","backupdr.managementServers.manageMounts","backupdr.managementServers.manageRestores","backupdr.managementServers.manageSensitiveData","backupdr.managementServers.manageStorage","backupdr.managementServers.manageSystem","backupdr.managementServers.manageWorkflows","backupdr.managementServers.refreshWorkflows","backupdr.managementServers.runWorkflows","backupdr.managementServers.setIamPolicy","backupdr.managementServers.testFailOvers","backupdr.managementServers.viewBackupPlans","backupdr.managementServers.viewBackupServers","backupdr.managementServers.viewReports","backupdr.managementServers.viewStorage","backupdr.managementServers.viewSystem","backupdr.managementServers.viewWorkflows","backupdr.operations.cancel","backupdr.operations.delete","backupdr.operations.get","backupdr.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/backupdr.admin","stage":"GA","title":"Backup and DR Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Allows the user to apply existing backup plans. This role cannot create backup plans or restore from a backup.","etag":"AA==","includedPermissions":["backupdr.backupPlanAssociations.create","backupdr.backupPlanAssociations.delete","backupdr.backupPlanAssociations.get","backupdr.backupPlanAssociations.list","backupdr.backupPlanAssociations.triggerBackup","backupdr.backupPlans.get","backupdr.backupPlans.list","backupdr.backupPlans.useComputeInstanceOnly","backupdr.backupVaults.get","backupdr.backupVaults.list","backupdr.bvbackups.get","backupdr.bvbackups.list","backupdr.bvdataSources.get","backupdr.bvdataSources.list","backupdr.locations.get","backupdr.locations.list","backupdr.managementServers.access","backupdr.managementServers.assignBackupPlans","backupdr.managementServers.createDynamicProtection","backupdr.managementServers.deleteDynamicProtection","backupdr.managementServers.get","backupdr.managementServers.getDynamicProtection","backupdr.managementServers.list","backupdr.managementServers.listDynamicProtection","backupdr.managementServers.manageApplications","backupdr.managementServers.manageBackups","backupdr.managementServers.manageHosts","backupdr.managementServers.viewBackupPlans","backupdr.managementServers.viewReports","backupdr.managementServers.viewStorage","backupdr.managementServers.viewSystem","backupdr.operations.get","backupdr.operations.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/backupdr.backupUser","stage":"GA","title":"Backup and DR Backup User","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Allows the Backup Appliance permissions to create and manage backups in a backup vault.","etag":"AA==","includedPermissions":["backupdr.backupVaults.get","backupdr.backupVaults.list","backupdr.bvbackups.delete","backupdr.bvbackups.get","backupdr.bvbackups.list","backupdr.bvbackups.update","backupdr.bvdataSources.abandonBackup","backupdr.bvdataSources.fetchAccessToken","backupdr.bvdataSources.finalizeBackup","backupdr.bvdataSources.get","backupdr.bvdataSources.initiateBackup","backupdr.bvdataSources.list","backupdr.bvdataSources.remove","backupdr.bvdataSources.setInternalStatus","backupdr.bvdataSources.update","backupdr.operations.cancel","backupdr.operations.delete","backupdr.operations.get","backupdr.operations.list"],"name":"roles/backupdr.backupvaultAccessor","stage":"GA","title":"Backup and DR Backup Vault Accessor","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Allows the Backup Appliance full administrative control of backup vault resources.","etag":"AA==","includedPermissions":["backupdr.backupVaults.associate","backupdr.backupVaults.create","backupdr.backupVaults.delete","backupdr.backupVaults.get","backupdr.backupVaults.list","backupdr.backupVaults.update","backupdr.bvbackups.delete","backupdr.bvbackups.get","backupdr.bvbackups.list","backupdr.bvbackups.restore","backupdr.bvbackups.update","backupdr.bvdataSources.get","backupdr.bvdataSources.list","backupdr.bvdataSources.update","backupdr.compute.restoreFromBackupVault","backupdr.locations.get","backupdr.locations.list","backupdr.operations.cancel","backupdr.operations.delete","backupdr.operations.get","backupdr.operations.list"],"name":"roles/backupdr.backupvaultAdmin","stage":"GA","title":"Backup and DR Backup Vault Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
@@ -1178,7 +1178,7 @@
 {"description":"Gives Network Actions service account access to read required resources.","etag":"AA==","includedPermissions":["artifactregistry.repositories.downloadArtifacts"],"name":"roles/networkactions.serviceAgent","stage":"GA","title":"Network Actions Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Service Automation Consumer Network Admin is responsible for setting up ServiceConnectionPolicies.","etag":"AA==","includedPermissions":["networkconnectivity.serviceConnectionPolicies.create","networkconnectivity.serviceConnectionPolicies.delete","networkconnectivity.serviceConnectionPolicies.get","networkconnectivity.serviceConnectionPolicies.list","networkconnectivity.serviceConnectionPolicies.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/networkconnectivity.consumerNetworkAdmin","stage":"GA","title":"Service Automation Consumer Network Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Enables use access on group resources","etag":"AA==","includedPermissions":["networkconnectivity.groups.use"],"name":"roles/networkconnectivity.groupUser","stage":"GA","title":"Group User","asset_type":"iam.googleapis.com/ExportedIAMRole"}
-{"description":"Enables full access to hub and spoke resources","etag":"AA==","includedPermissions":["networkconnectivity.groups.acceptSpoke","networkconnectivity.groups.get","networkconnectivity.groups.getIamPolicy","networkconnectivity.groups.list","networkconnectivity.groups.rejectSpoke","networkconnectivity.groups.setIamPolicy","networkconnectivity.groups.use","networkconnectivity.hubRouteTables.get","networkconnectivity.hubRouteTables.getIamPolicy","networkconnectivity.hubRouteTables.list","networkconnectivity.hubRouteTables.setIamPolicy","networkconnectivity.hubRoutes.get","networkconnectivity.hubRoutes.getIamPolicy","networkconnectivity.hubRoutes.list","networkconnectivity.hubRoutes.setIamPolicy","networkconnectivity.hubs.create","networkconnectivity.hubs.delete","networkconnectivity.hubs.get","networkconnectivity.hubs.getIamPolicy","networkconnectivity.hubs.list","networkconnectivity.hubs.listSpokes","networkconnectivity.hubs.setIamPolicy","networkconnectivity.hubs.update","networkconnectivity.locations.get","networkconnectivity.locations.list","networkconnectivity.operations.cancel","networkconnectivity.operations.delete","networkconnectivity.operations.get","networkconnectivity.operations.list","networkconnectivity.spokes.create","networkconnectivity.spokes.delete","networkconnectivity.spokes.get","networkconnectivity.spokes.getIamPolicy","networkconnectivity.spokes.list","networkconnectivity.spokes.setIamPolicy","networkconnectivity.spokes.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/networkconnectivity.hubAdmin","stage":"GA","title":"Hub & Spoke Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
+{"description":"Enables full access to hub and spoke resources","etag":"AA==","includedPermissions":["networkconnectivity.groups.acceptSpoke","networkconnectivity.groups.get","networkconnectivity.groups.getIamPolicy","networkconnectivity.groups.list","networkconnectivity.groups.rejectSpoke","networkconnectivity.groups.setIamPolicy","networkconnectivity.groups.use","networkconnectivity.hubRouteTables.get","networkconnectivity.hubRouteTables.getIamPolicy","networkconnectivity.hubRouteTables.list","networkconnectivity.hubRouteTables.setIamPolicy","networkconnectivity.hubRoutes.get","networkconnectivity.hubRoutes.getIamPolicy","networkconnectivity.hubRoutes.list","networkconnectivity.hubRoutes.setIamPolicy","networkconnectivity.hubs.create","networkconnectivity.hubs.delete","networkconnectivity.hubs.get","networkconnectivity.hubs.getIamPolicy","networkconnectivity.hubs.list","networkconnectivity.hubs.listSpokes","networkconnectivity.hubs.queryStatus","networkconnectivity.hubs.setIamPolicy","networkconnectivity.hubs.update","networkconnectivity.locations.get","networkconnectivity.locations.list","networkconnectivity.operations.cancel","networkconnectivity.operations.delete","networkconnectivity.operations.get","networkconnectivity.operations.list","networkconnectivity.spokes.create","networkconnectivity.spokes.delete","networkconnectivity.spokes.get","networkconnectivity.spokes.getIamPolicy","networkconnectivity.spokes.list","networkconnectivity.spokes.setIamPolicy","networkconnectivity.spokes.update","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/networkconnectivity.hubAdmin","stage":"GA","title":"Hub & Spoke Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Enables read-only access to hub and spoke resources","etag":"AA==","includedPermissions":["networkconnectivity.groups.get","networkconnectivity.groups.getIamPolicy","networkconnectivity.groups.list","networkconnectivity.hubRouteTables.get","networkconnectivity.hubRouteTables.getIamPolicy","networkconnectivity.hubRouteTables.list","networkconnectivity.hubRoutes.get","networkconnectivity.hubRoutes.getIamPolicy","networkconnectivity.hubRoutes.list","networkconnectivity.hubs.get","networkconnectivity.hubs.getIamPolicy","networkconnectivity.hubs.list","networkconnectivity.hubs.listSpokes","networkconnectivity.locations.get","networkconnectivity.locations.list","networkconnectivity.spokes.get","networkconnectivity.spokes.getIamPolicy","networkconnectivity.spokes.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/networkconnectivity.hubViewer","stage":"GA","title":"Hub & Spoke Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Full access to all Regional Endpoint resources.","etag":"AA==","includedPermissions":["networkconnectivity.regionalEndpoints.create","networkconnectivity.regionalEndpoints.delete","networkconnectivity.regionalEndpoints.get","networkconnectivity.regionalEndpoints.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/networkconnectivity.regionalEndpointAdmin","stage":"GA","title":"Regional Endpoint Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
 {"description":"Read-only access to all Regional Endpoint resources.","etag":"AA==","includedPermissions":["networkconnectivity.regionalEndpoints.get","networkconnectivity.regionalEndpoints.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/networkconnectivity.regionalEndpointViewer","stage":"GA","title":"Regional Endpoint Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}

roles/backupdr.admin

@@ -2,16 +2,16 @@
   "description": "Provides full access to all Backup and DR resources. ",
   "etag": "AA==",
   "includedPermissions": [
-    "backupdr.backupPlanAssociations.create",
-    "backupdr.backupPlanAssociations.delete",
+    "backupdr.backupPlanAssociations.createForComputeInstance",
+    "backupdr.backupPlanAssociations.deleteForComputeInstance",
     "backupdr.backupPlanAssociations.get",
     "backupdr.backupPlanAssociations.list",
-    "backupdr.backupPlanAssociations.triggerBackup",
+    "backupdr.backupPlanAssociations.triggerBackupForComputeInstance",
     "backupdr.backupPlans.create",
     "backupdr.backupPlans.delete",
     "backupdr.backupPlans.get",
     "backupdr.backupPlans.list",
-    "backupdr.backupPlans.useComputeInstanceOnly",
+    "backupdr.backupPlans.useForComputeInstance",
     "backupdr.backupVaults.associate",
     "backupdr.backupVaults.create",
     "backupdr.backupVaults.delete",

roles/networkconnectivity.hubAdmin

@@ -23,6 +23,7 @@
     "networkconnectivity.hubs.getIamPolicy",
     "networkconnectivity.hubs.list",
     "networkconnectivity.hubs.listSpokes",
+    "networkconnectivity.hubs.queryStatus",
     "networkconnectivity.hubs.setIamPolicy",
     "networkconnectivity.hubs.update",
     "networkconnectivity.locations.get",