	In Browser
	StumbleUpon
	del.icio.us
	Google
	Google Buzz
	reddit
	LinkedIn

	Facebook
	Twitter
	Linkedin
	E-Mail

Generative AI > Google Gemini API > ADK Role-Based Access Control

ADK Role-Based Access Control

Author: Venkata Sudhakar

Role-Based Access Control (RBAC) in ADK ensures that different users get different agent capabilities based on their assigned role. A ShopMax India store manager can view orders and trigger refunds, while a sales associate can only view orders. The agent enforces these boundaries at the tool layer ï¿½ roles are checked before any tool is executed.

The pattern uses a role guard decorator that wraps each tool function. The decorator reads the user role from session state (set during authenticated login) and raises an error if the role lacks the required permission. This keeps authorisation logic out of the agent instruction and makes it tamper-resistant.

The below example shows a ShopMax agent with three tools gated by role: viewer, manager, and admin.

from google.adk.agents import LlmAgent
from google.adk.tools import FunctionTool
from google.adk.sessions import InMemorySessionService, Session
from google.adk.runners import Runner

# Role permission map
PERMISSIONS = {
    "viewer":  {"view_orders"},
    "manager": {"view_orders", "process_refund"},
    "admin":   {"view_orders", "process_refund", "delete_order"},
}

def require_permission(permission: str):
    def decorator(fn):
        def wrapper(*args, tool_context=None, **kwargs):
            role = "viewer"
            if tool_context and tool_context.state:
                role = tool_context.state.get("user_role", "viewer")
            if permission not in PERMISSIONS.get(role, set()):
                return {"error": f"Role {role!r} lacks permission {permission!r}"}
            return fn(*args, **kwargs)
        wrapper.__doc__ = fn.__doc__
        wrapper.__name__ = fn.__name__
        return wrapper
    return decorator

@require_permission("view_orders")
def view_orders(limit: int = 5) -> dict:
    """List recent ShopMax orders."""
    return {"orders": ["ORD-101 Rs 3200", "ORD-102 Rs 8900", "ORD-103 Rs 450"]}

@require_permission("process_refund")
def process_refund(order_id: str, amount: float) -> dict:
    """Process a refund for an order."""
    return {"status": "refund_queued", "order_id": order_id, "amount": amount}

@require_permission("delete_order")
def delete_order(order_id: str) -> dict:
    """Delete a cancelled order from the system."""
    return {"status": "deleted", "order_id": order_id}

agent = LlmAgent(
    name="shopmax_rbac_agent",
    model="gemini-2.0-flash",
    instruction="You are a ShopMax operations assistant. Help with orders, refunds, and deletions as permitted by the user role.",
    tools=[FunctionTool(view_orders), FunctionTool(process_refund), FunctionTool(delete_order)],
)

session_service = InMemorySessionService()
runner = Runner(agent=agent, session_service=session_service)

def run_as(role: str, message: str):
    session = session_service.create_session(
        app_name="shopmax", user_id=role, session_id=f"sess_{role}",
        state={"user_role": role},
    )
    events = list(runner.run(
        user_id=role, session_id=f"sess_{role}",
        new_message={"role": "user", "parts": [{"text": message}]},
    ))
    return next((e.content.parts[0].text for e in events if e.is_final_response()), "")

print("Viewer:", run_as("viewer", "Process refund for ORD-101, Rs 3200"))
print("Manager:", run_as("manager", "Process refund for ORD-101, Rs 3200"))
print("Admin:", run_as("admin", "Delete order ORD-103"))

It gives the following output,

Viewer:   Sorry, you do not have permission to process refunds. Your role is "viewer".
Manager:  Refund of Rs 3,200 for ORD-101 has been queued successfully.
Admin:    Order ORD-103 has been deleted from the system.

In production, store role assignments in Firestore or Cloud Spanner and load them into session state during the authentication handshake. Combine RBAC with Cloud IAM so the service account backing each role only has BigQuery or Pub/Sub permissions matching that role. Audit all permission denials to Cloud Logging for compliance reporting.

Send your comments, suggestions or queries regarding this site to [email protected].