Some or all of the information on this page might not apply to Cloud de Confiance by S3NS. See Differences from Google Cloud for more details.

Mandiant roles and permissions

This page lists the IAM roles and permissions for Mandiant. To search through all roles and permissions, see the role and permission index.

Mandiant roles

Role Permissions

Role	Permissions
Mandiant Admin ^Beta (`roles/mandiant.admin`) Admin role for mandiant	`mandiant.*` `mandiant.genericAttackSurfaceManagements.create` `mandiant.genericAttackSurfaceManagements.delete` `mandiant.genericAttackSurfaceManagements.get` `mandiant.genericAttackSurfaceManagements.update` `mandiant.genericDigitalThreatMonitorings.create` `mandiant.genericDigitalThreatMonitorings.get` `mandiant.genericDigitalThreatMonitorings.update` `mandiant.genericExpertiseOnDemands.create` `mandiant.genericExpertiseOnDemands.delete` `mandiant.genericExpertiseOnDemands.get` `mandiant.genericExpertiseOnDemands.update` `mandiant.genericPlatforms.create` `mandiant.genericPlatforms.delete` `mandiant.genericPlatforms.get` `mandiant.genericPlatforms.update` `mandiant.genericThreatIntels.create` `mandiant.genericThreatIntels.delete` `mandiant.genericThreatIntels.get` `mandiant.genericThreatIntels.update` `mandiant.genericValidations.create` `mandiant.genericValidations.delete` `mandiant.genericValidations.get` `mandiant.genericValidations.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Viewer ^Beta (`roles/mandiant.viewer`) Viewer role for mandiant	`mandiant.genericAttackSurfaceManagements.get` `mandiant.genericDigitalThreatMonitorings.get` `mandiant.genericExpertiseOnDemands.get` `mandiant.genericPlatforms.get` `mandiant.genericThreatIntels.get` `mandiant.genericValidations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Attack Surface Management Editor ^Beta (`roles/mandiant.attackSurfaceManagementEditor`) Access to write Attack Surface Management	`mandiant.genericAttackSurfaceManagements.create` `mandiant.genericAttackSurfaceManagements.delete` `mandiant.genericAttackSurfaceManagements.update` `mandiant.genericPlatforms.create` `mandiant.genericPlatforms.delete` `mandiant.genericPlatforms.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Attack Surface Management Viewer ^Beta (`roles/mandiant.attackSurfaceManagementViewer`) Access to read Attack Surface Management	`mandiant.genericAttackSurfaceManagements.get` `mandiant.genericPlatforms.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Digital Threat Monitoring Editor ^Beta (`roles/mandiant.digitalThreatMonitoringEditor`) Access to write Digital Threat Monitoring	`mandiant.genericDigitalThreatMonitorings.create` `mandiant.genericDigitalThreatMonitorings.update` `mandiant.genericPlatforms.create` `mandiant.genericPlatforms.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Digital Threat Monitoring Viewer ^Beta (`roles/mandiant.digitalThreatMonitoringViewer`) Access to read Digital Threat Monitoring	`mandiant.genericDigitalThreatMonitorings.get` `mandiant.genericPlatforms.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Expertise On Demand Editor ^Beta (`roles/mandiant.expertiseOnDemandEditor`) Access to write Expertise On Demand	`mandiant.genericExpertiseOnDemands.create` `mandiant.genericExpertiseOnDemands.delete` `mandiant.genericExpertiseOnDemands.update` `mandiant.genericPlatforms.create` `mandiant.genericPlatforms.delete` `mandiant.genericPlatforms.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Expertise On Demand Viewer ^Beta (`roles/mandiant.expertiseOnDemandViewer`) Access to read Expertise On Demand	`mandiant.genericExpertiseOnDemands.get` `mandiant.genericPlatforms.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Threat Intel Editor ^Beta (`roles/mandiant.threatIntelEditor`) Access to write Threat Intel	`mandiant.genericPlatforms.create` `mandiant.genericPlatforms.delete` `mandiant.genericPlatforms.update` `mandiant.genericThreatIntels.create` `mandiant.genericThreatIntels.delete` `mandiant.genericThreatIntels.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Threat Intel Viewer ^Beta (`roles/mandiant.threatIntelViewer`) Access to read Threat Intel	`mandiant.genericPlatforms.get` `mandiant.genericThreatIntels.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Validation Editor ^Beta (`roles/mandiant.validationEditor`) Access to write Validation	`mandiant.genericPlatforms.create` `mandiant.genericPlatforms.delete` `mandiant.genericPlatforms.update` `mandiant.genericValidations.create` `mandiant.genericValidations.delete` `mandiant.genericValidations.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Mandiant Validation Viewer ^Beta (`roles/mandiant.validationViewer`) Access to read Validation	`mandiant.genericPlatforms.get` `mandiant.genericValidations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`

Mandiant Admin ^Beta

(roles/mandiant.admin)

Admin role for mandiant

mandiant.*

mandiant.genericAttackSurfaceManagements.create
mandiant.genericAttackSurfaceManagements.delete
mandiant.genericAttackSurfaceManagements.get
mandiant.genericAttackSurfaceManagements.update
mandiant.genericDigitalThreatMonitorings.create
mandiant.genericDigitalThreatMonitorings.get
mandiant.genericDigitalThreatMonitorings.update
mandiant.genericExpertiseOnDemands.create
mandiant.genericExpertiseOnDemands.delete
mandiant.genericExpertiseOnDemands.get
mandiant.genericExpertiseOnDemands.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.get
mandiant.genericPlatforms.update
mandiant.genericThreatIntels.create
mandiant.genericThreatIntels.delete
mandiant.genericThreatIntels.get
mandiant.genericThreatIntels.update
mandiant.genericValidations.create
mandiant.genericValidations.delete
mandiant.genericValidations.get
mandiant.genericValidations.update

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Viewer ^Beta

(roles/mandiant.viewer)

Viewer role for mandiant

mandiant.genericAttackSurfaceManagements.get

mandiant.genericDigitalThreatMonitorings.get

mandiant.genericExpertiseOnDemands.get

mandiant.genericPlatforms.get

mandiant.genericThreatIntels.get

mandiant.genericValidations.get

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Attack Surface Management Editor ^Beta

(roles/mandiant.attackSurfaceManagementEditor)

Access to write Attack Surface Management

mandiant.genericAttackSurfaceManagements.create

mandiant.genericAttackSurfaceManagements.delete

mandiant.genericAttackSurfaceManagements.update

mandiant.genericPlatforms.create

mandiant.genericPlatforms.delete

mandiant.genericPlatforms.update

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Attack Surface Management Viewer ^Beta

(roles/mandiant.attackSurfaceManagementViewer)

Access to read Attack Surface Management

mandiant.genericAttackSurfaceManagements.get

mandiant.genericPlatforms.get

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Digital Threat Monitoring Editor ^Beta

(roles/mandiant.digitalThreatMonitoringEditor)

Access to write Digital Threat Monitoring

mandiant.genericDigitalThreatMonitorings.create

mandiant.genericDigitalThreatMonitorings.update

mandiant.genericPlatforms.create

mandiant.genericPlatforms.update

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Digital Threat Monitoring Viewer ^Beta

(roles/mandiant.digitalThreatMonitoringViewer)

Access to read Digital Threat Monitoring

mandiant.genericDigitalThreatMonitorings.get

mandiant.genericPlatforms.get

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Expertise On Demand Editor ^Beta

(roles/mandiant.expertiseOnDemandEditor)

Access to write Expertise On Demand

mandiant.genericExpertiseOnDemands.create

mandiant.genericExpertiseOnDemands.delete

mandiant.genericExpertiseOnDemands.update

mandiant.genericPlatforms.create

mandiant.genericPlatforms.delete

mandiant.genericPlatforms.update

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Expertise On Demand Viewer ^Beta

(roles/mandiant.expertiseOnDemandViewer)

Access to read Expertise On Demand

mandiant.genericExpertiseOnDemands.get

mandiant.genericPlatforms.get

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Threat Intel Editor ^Beta

(roles/mandiant.threatIntelEditor)

Access to write Threat Intel

mandiant.genericPlatforms.create

mandiant.genericPlatforms.delete

mandiant.genericPlatforms.update

mandiant.genericThreatIntels.create

mandiant.genericThreatIntels.delete

mandiant.genericThreatIntels.update

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Threat Intel Viewer ^Beta

(roles/mandiant.threatIntelViewer)

Access to read Threat Intel

mandiant.genericPlatforms.get

mandiant.genericThreatIntels.get

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Validation Editor ^Beta

(roles/mandiant.validationEditor)

Access to write Validation

mandiant.genericPlatforms.create

mandiant.genericPlatforms.delete

mandiant.genericPlatforms.update

mandiant.genericValidations.create

mandiant.genericValidations.delete

mandiant.genericValidations.update

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant Validation Viewer ^Beta

(roles/mandiant.validationViewer)

Access to read Validation

mandiant.genericPlatforms.get

mandiant.genericValidations.get

resourcemanager.projects.get

resourcemanager.projects.list

Mandiant permissions

Permission	Included in roles
`mandiant.genericAttackSurfaceManagements.create`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Attack Surface Management Editor (`roles/mandiant.attackSurfaceManagementEditor`)
`mandiant.genericAttackSurfaceManagements.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Attack Surface Management Editor (`roles/mandiant.attackSurfaceManagementEditor`)
`mandiant.genericAttackSurfaceManagements.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Viewer (`roles/mandiant.viewer`) Support User (`roles/iam.supportUser`) Mandiant Attack Surface Management Viewer (`roles/mandiant.attackSurfaceManagementViewer`)
`mandiant.genericAttackSurfaceManagements.update`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Attack Surface Management Editor (`roles/mandiant.attackSurfaceManagementEditor`)
`mandiant.genericDigitalThreatMonitorings.create`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Digital Threat Monitoring Editor (`roles/mandiant.digitalThreatMonitoringEditor`)
`mandiant.genericDigitalThreatMonitorings.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Viewer (`roles/mandiant.viewer`) Support User (`roles/iam.supportUser`) Mandiant Digital Threat Monitoring Viewer (`roles/mandiant.digitalThreatMonitoringViewer`)
`mandiant.genericDigitalThreatMonitorings.update`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Digital Threat Monitoring Editor (`roles/mandiant.digitalThreatMonitoringEditor`)
`mandiant.genericExpertiseOnDemands.create`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Expertise On Demand Editor (`roles/mandiant.expertiseOnDemandEditor`)
`mandiant.genericExpertiseOnDemands.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Expertise On Demand Editor (`roles/mandiant.expertiseOnDemandEditor`)
`mandiant.genericExpertiseOnDemands.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Viewer (`roles/mandiant.viewer`) Support User (`roles/iam.supportUser`) Mandiant Expertise On Demand Viewer (`roles/mandiant.expertiseOnDemandViewer`)
`mandiant.genericExpertiseOnDemands.update`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Expertise On Demand Editor (`roles/mandiant.expertiseOnDemandEditor`)
`mandiant.genericPlatforms.create`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Attack Surface Management Editor (`roles/mandiant.attackSurfaceManagementEditor`) Mandiant Digital Threat Monitoring Editor (`roles/mandiant.digitalThreatMonitoringEditor`) Mandiant Expertise On Demand Editor (`roles/mandiant.expertiseOnDemandEditor`) Mandiant Threat Intel Editor (`roles/mandiant.threatIntelEditor`) Mandiant Validation Editor (`roles/mandiant.validationEditor`)
`mandiant.genericPlatforms.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Attack Surface Management Editor (`roles/mandiant.attackSurfaceManagementEditor`) Mandiant Expertise On Demand Editor (`roles/mandiant.expertiseOnDemandEditor`) Mandiant Threat Intel Editor (`roles/mandiant.threatIntelEditor`) Mandiant Validation Editor (`roles/mandiant.validationEditor`)
`mandiant.genericPlatforms.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Viewer (`roles/mandiant.viewer`) Support User (`roles/iam.supportUser`) Mandiant Attack Surface Management Viewer (`roles/mandiant.attackSurfaceManagementViewer`) Mandiant Digital Threat Monitoring Viewer (`roles/mandiant.digitalThreatMonitoringViewer`) Mandiant Expertise On Demand Viewer (`roles/mandiant.expertiseOnDemandViewer`) Mandiant Threat Intel Viewer (`roles/mandiant.threatIntelViewer`) Mandiant Validation Viewer (`roles/mandiant.validationViewer`)
`mandiant.genericPlatforms.update`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Attack Surface Management Editor (`roles/mandiant.attackSurfaceManagementEditor`) Mandiant Digital Threat Monitoring Editor (`roles/mandiant.digitalThreatMonitoringEditor`) Mandiant Expertise On Demand Editor (`roles/mandiant.expertiseOnDemandEditor`) Mandiant Threat Intel Editor (`roles/mandiant.threatIntelEditor`) Mandiant Validation Editor (`roles/mandiant.validationEditor`)
`mandiant.genericThreatIntels.create`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Threat Intel Editor (`roles/mandiant.threatIntelEditor`)
`mandiant.genericThreatIntels.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Threat Intel Editor (`roles/mandiant.threatIntelEditor`)
`mandiant.genericThreatIntels.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Viewer (`roles/mandiant.viewer`) Support User (`roles/iam.supportUser`) Mandiant Threat Intel Viewer (`roles/mandiant.threatIntelViewer`)
`mandiant.genericThreatIntels.update`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Threat Intel Editor (`roles/mandiant.threatIntelEditor`)
`mandiant.genericValidations.create`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Validation Editor (`roles/mandiant.validationEditor`)
`mandiant.genericValidations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Validation Editor (`roles/mandiant.validationEditor`)
`mandiant.genericValidations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Viewer (`roles/mandiant.viewer`) Support User (`roles/iam.supportUser`) Mandiant Validation Viewer (`roles/mandiant.validationViewer`)
`mandiant.genericValidations.update`	Owner (`roles/owner`) Editor (`roles/editor`) Mandiant Admin (`roles/mandiant.admin`) Mandiant Validation Editor (`roles/mandiant.validationEditor`)

Mandiant roles and permissions

Mandiant roles

Mandiant Admin ^Beta

Mandiant Viewer ^Beta

Mandiant Attack Surface Management Editor ^Beta

Mandiant Attack Surface Management Viewer ^Beta

Mandiant Digital Threat Monitoring Editor ^Beta

Mandiant Digital Threat Monitoring Viewer ^Beta

Mandiant Expertise On Demand Editor ^Beta

Mandiant Expertise On Demand Viewer ^Beta

Mandiant Threat Intel Editor ^Beta

Mandiant Threat Intel Viewer ^Beta

Mandiant Validation Editor ^Beta

Mandiant Validation Viewer ^Beta

Mandiant permissions

`mandiant.genericAttackSurfaceManagements.create`

`mandiant.genericAttackSurfaceManagements.delete`

`mandiant.genericAttackSurfaceManagements.get`

`mandiant.genericAttackSurfaceManagements.update`

`mandiant.genericDigitalThreatMonitorings.create`

`mandiant.genericDigitalThreatMonitorings.get`

`mandiant.genericDigitalThreatMonitorings.update`

`mandiant.genericExpertiseOnDemands.create`

`mandiant.genericExpertiseOnDemands.delete`

`mandiant.genericExpertiseOnDemands.get`

`mandiant.genericExpertiseOnDemands.update`

`mandiant.genericPlatforms.create`

`mandiant.genericPlatforms.delete`

`mandiant.genericPlatforms.get`

`mandiant.genericPlatforms.update`

`mandiant.genericThreatIntels.create`

`mandiant.genericThreatIntels.delete`

`mandiant.genericThreatIntels.get`

`mandiant.genericThreatIntels.update`

`mandiant.genericValidations.create`

`mandiant.genericValidations.delete`

`mandiant.genericValidations.get`

`mandiant.genericValidations.update`

Mandiant roles and permissions

Mandiant roles

Mandiant Admin Beta

Mandiant Viewer Beta

Mandiant Attack Surface Management Editor Beta

Mandiant Attack Surface Management Viewer Beta

Mandiant Digital Threat Monitoring Editor Beta

Mandiant Digital Threat Monitoring Viewer Beta

Mandiant Expertise On Demand Editor Beta

Mandiant Expertise On Demand Viewer Beta

Mandiant Threat Intel Editor Beta

Mandiant Threat Intel Viewer Beta

Mandiant Validation Editor Beta

Mandiant Validation Viewer Beta

Mandiant permissions

mandiant.genericAttackSurfaceManagements.create

mandiant.genericAttackSurfaceManagements.delete

mandiant.genericAttackSurfaceManagements.get

mandiant.genericAttackSurfaceManagements.update

mandiant.genericDigitalThreatMonitorings.create

mandiant.genericDigitalThreatMonitorings.get

mandiant.genericDigitalThreatMonitorings.update

mandiant.genericExpertiseOnDemands.create

mandiant.genericExpertiseOnDemands.delete

mandiant.genericExpertiseOnDemands.get

mandiant.genericExpertiseOnDemands.update

mandiant.genericPlatforms.create

mandiant.genericPlatforms.delete

mandiant.genericPlatforms.get

mandiant.genericPlatforms.update

mandiant.genericThreatIntels.create

mandiant.genericThreatIntels.delete

mandiant.genericThreatIntels.get

mandiant.genericThreatIntels.update

mandiant.genericValidations.create

mandiant.genericValidations.delete

mandiant.genericValidations.get

mandiant.genericValidations.update

Mandiant Admin ^Beta

Mandiant Viewer ^Beta

Mandiant Attack Surface Management Editor ^Beta

Mandiant Attack Surface Management Viewer ^Beta

Mandiant Digital Threat Monitoring Editor ^Beta

Mandiant Digital Threat Monitoring Viewer ^Beta

Mandiant Expertise On Demand Editor ^Beta

Mandiant Expertise On Demand Viewer ^Beta

Mandiant Threat Intel Editor ^Beta

Mandiant Threat Intel Viewer ^Beta

Mandiant Validation Editor ^Beta

Mandiant Validation Viewer ^Beta

`mandiant.genericAttackSurfaceManagements.create`

`mandiant.genericAttackSurfaceManagements.delete`

`mandiant.genericAttackSurfaceManagements.get`

`mandiant.genericAttackSurfaceManagements.update`

`mandiant.genericDigitalThreatMonitorings.create`

`mandiant.genericDigitalThreatMonitorings.get`

`mandiant.genericDigitalThreatMonitorings.update`

`mandiant.genericExpertiseOnDemands.create`

`mandiant.genericExpertiseOnDemands.delete`

`mandiant.genericExpertiseOnDemands.get`

`mandiant.genericExpertiseOnDemands.update`

`mandiant.genericPlatforms.create`

`mandiant.genericPlatforms.delete`

`mandiant.genericPlatforms.get`

`mandiant.genericPlatforms.update`

`mandiant.genericThreatIntels.create`

`mandiant.genericThreatIntels.delete`

`mandiant.genericThreatIntels.get`

`mandiant.genericThreatIntels.update`

`mandiant.genericValidations.create`

`mandiant.genericValidations.delete`

`mandiant.genericValidations.get`

`mandiant.genericValidations.update`