List of resources that you can assign roles for
Yandex Cloud has various resources for which you can assign, view, and revoke roles. The list of such resources depends on the Yandex Cloud interface you use to assign a role.
If you need to grant access to a resource that is not on the list, assign the role for the parent resource it inherits permissions from. For example, Yandex Managed Service for PostgreSQL clusters inherit access permissions from their folder.
Resources for which you can assign roles in the management console
Container Registry
Compute Cloud
- VM instance
- Instance group
- Dedicated host group
- VM placement group
- Non-replicated disk placement group
- VM disk
- GPU cluster
- Image
- Snapshot schedule
- Disk snapshot
- File storage
Identity and Access Management
Key Management Service
Managed Service for YDB
Yandex MetaData Hub
- Connection to managed databases in Yandex Connection Manager
Object Storage
Resource Manager
Yandex Lockbox
Resources for which you can assign roles via the YC CLI and Yandex Cloud API
API Gateway
Audit Trails
Certificate Manager
Cloud Desktop
Cloud DNS
Cloud Functions
Cloud Logging
Cloud Organization
Container Registry
Compute Cloud
- VM instance
- Instance group
- Dedicated host group
- VM placement group
- Non-replicated disk placement group
- VM disk
- GPU cluster
- Image
- Snapshot schedule
- Disk snapshot
- File storage
Identity and Access Management
Key Management Service
Managed Service for YDB
- YDB DBMS
- YDB DBMS backup
Resource Manager
Serverless Containers
Yandex Lockbox
Resources for which you can assign roles using Terraform
Container Registry
DataSphere
Cloud DNS
Cloud Functions
Compute Cloud
- VM instance
- VM placement group
- Non-replicated disk placement group
- VM disk
- GPU cluster
- Image
- Snapshot schedule
- Disk snapshot
- File storage
Identity and Access Management
Key Management Service
Yandex Lockbox
Resource Manager
Serverless Containers
Managed Service for YDB
Cloud Organization