The following permissions are required to back up and restore Google Cloud Storage buckets:
-
bigquery.datasets.create
-
bigquery.datasets.get
-
bigquery.jobs.create
-
bigquery.tables.create
-
bigquery.tables.export
-
bigquery.tables.get
-
bigquery.tables.getIamPolicy
-
bigquery.tables.setIamPolicy
-
bigtable.instances.get
-
bigtable.tables.readRows
-
iam.serviceAccounts.get
-
iam.serviceAccounts.list
-
pubsub.subscriptions.create
-
pubsub.subscriptions.get
-
pubsub.subscriptions.list
-
pubsub.topics.create
-
pubsub.topics.get
-
pubsub.topics.list
-
pubsub.topics.attachSubscription
-
pubsub.topics.getIamPolicy
-
pubsub.topics.setIamPolicy
-
resourcemanager.projects.get
-
resourcemanager.projects.setIamPolicy
-
serviceusage.services.enable
-
serviceusage.services.get
-
storage.buckets.create
-
storage.buckets.get
-
storage.buckets.getIamPolicy
-
storage.buckets.getObjectInsights
-
storage.buckets.list
-
storage.buckets.listEffectiveTags
-
storage.buckets.listTagBindings
-
storage.buckets.setIamPolicy
-
storage.buckets.update
-
storage.multipartUploads.abort
-
storage.multipartUploads.create
-
storage.objects.create
-
storage.objects.delete
-
storage.objects.get
-
storage.objects.getIamPolicy
-
storage.objects.list
-
storage.objects.setIamPolicy
-
storage.objects.update
-
storageinsights.reportConfigs.create
-
storageinsights.reportConfigs.get
-
storageinsights.reportConfigs.list
-
storageinsights.reportConfigs.update
-
monitoring.timeSeries.list