Stay organized with collections
Save and categorize content based on your preferences.
This document provides information on Identity and Access Management (IAM) roles and permissions
for Route Optimization. IAM lets you grant granular access to specific Route Optimization
resources and helps prevent access to other resources. IAM lets you apply the security principle
of least privilege, which states that no one should have more permissions than they actually need.
When a principal (a user, group, or service account) calls a Google Cloud API, that principal must
have the appropriate IAM permissions to use the resource. To give a principal the required
permissions, you grant an IAM role to the principal.
To familiarize yourself with managing access in Google Cloud in general, see
IAM overview.
The predefined IAM roles to allow principals to access Route Optimization are:
Route Optimization Editor (roles/routeoptimization.editor): grants the user or
services account read and write access to Route Optimization resources in the project. This
includes the ability to call OptimizeTours and BatchOptimizeTours, as
well as to retrieve long running operations using GetOperation.
Route Optimization Viewer (roles/routeoptimization.viewer): grants read-only access
to Route Optimization resources in the project. This role enables the ability to call
OptimizeTours and access to Long Running Operations using
GetOperation.
You can assign a role by creating binding for a principal using the Cloud SDK:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-01-29 UTC."],[[["Route Optimization utilizes Identity and Access Management (IAM) to control access to its resources, enabling you to grant specific permissions to users, groups, or service accounts."],["IAM roles like `Route Optimization Editor` and `Route Optimization Viewer` provide predefined permission sets for managing and viewing Route Optimization resources."],["Users or service accounts need appropriate IAM permissions to interact with Google Cloud APIs and use Route Optimization features like `OptimizeTours` and `BatchOptimizeTours`."],["The principle of least privilege is enforced by IAM, ensuring that users have only the necessary permissions for their tasks."],["After role configuration, an OAuth token is required for authentication when using Route Optimization."]]],[]]
