Page Comparison

• The following permissions are required in GCP for discovery and inbound cloud forwarding:

  • Folder Viewer (Role)

  • Compute Viewer (Role)

  • DNS Reader (Role)

• The following permissions are required in GCP for

...

• Folder Viewer (Role)

• Compute Viewer (Role)

• DNS Reader (Role)

• dns.managedZones.create (Permission)

• dns.managedZones.delete (Permission)

• dns.managedZones.update (Permission)

• dns.networks.bindPrivateDNSZone (Permission)Inbound Discovery:

  • dns.projects.get

  • compute.networks.get

  • compute.networks.list

  • dns.policies.get

  • dns.policies.list

• The following permissions are required in GCP for Outbound Discovery:

  • dns.projects.get

  • compute.networks.get

  • compute.networks.list

  • dns.managedZones.get

  • dns.managedZones.list

  • dns.resourceRecordSets.get

  • dns.resourceRecordSets.list

• The following permissions are required in GCP for Inbound Cloud Forwarding:

  • dns.projects.get

  • compute.networks.get

  • compute.networks.list

  • compute.addresses.list

  • dns.networks.bindPrivateDNSPolicy

  • dns.policies.get

  • dns.policies.list

  • dns.policies.create

  • dns.policies.update

  • dns.policies.delete

• The following permissions are required in GCP for Outbound Cloud Forwarding:

  • dns.projects.get

  • compute.networks.get

  • compute.networks.list

  • dns.managedZones.get

  • dns.managedZones.list

  • dns.networks.bindPrivateDNSZone

  • dns.managedZones.create

  • dns.managedZones.update

  • dns.managedZones.delete

  • dns.resourceRecordSets.get

  • dns.resourceRecordSets.list

  • dns.resourceRecordSets.create

  • dns.resourceRecordSets.update

  • dns.resourceRecordSets.delete

The following permissions are required in GCP for syncing Storage Tables. Create a Custom Role and add the following two permissions:

...

The following permissions are required in GCP to sync GCP metrics.

• monitoring.viewer