diff --git a/infra/config/config.star b/infra/config/config.star
index 99cff743d3..fd77183c7c 100755
--- a/infra/config/config.star
+++ b/infra/config/config.star
@@ -217,6 +217,10 @@ luci.realm(name = "pools/try-tests", bindings = [
     ),
 ])
 luci.realm(name = "try", bindings = [
+    luci.binding(
+        roles = "role/buildbucket.creator",
+        groups = "project-webrtc-led-users",
+    ),
     luci.binding(
         roles = "role/swarming.taskTriggerer",
         groups = "project-webrtc-led-users",
@@ -236,6 +240,10 @@ luci.realm(name = "pools/perf", bindings = [
     ),
 ])
 luci.realm(name = "perf", bindings = [
+    luci.binding(
+        roles = "role/buildbucket.creator",
+        groups = "project-webrtc-led-users",
+    ),
     luci.binding(
         roles = "role/swarming.taskTriggerer",
         groups = "project-webrtc-led-users",
@@ -248,6 +256,10 @@ luci.realm(name = "@root", bindings = [
         roles = "role/swarming.poolUser",
         groups = "project-webrtc-admins",
     ),
+    luci.binding(
+        roles = "role/buildbucket.creator",
+        groups = "project-webrtc-admins",
+    ),
     luci.binding(
         roles = "role/swarming.taskTriggerer",
         groups = "project-webrtc-admins",
diff --git a/infra/config/realms.cfg b/infra/config/realms.cfg
index 171667555f..409a7506c5 100644
--- a/infra/config/realms.cfg
+++ b/infra/config/realms.cfg
@@ -18,6 +18,10 @@ realms {
     role: "role/analysis.reader"
     principals: "group:all"
   }
+  bindings {
+    role: "role/buildbucket.creator"
+    principals: "group:project-webrtc-admins"
+  }
   bindings {
     role: "role/buildbucket.reader"
     principals: "group:all"
@@ -96,6 +100,10 @@ realms {
     role: "role/buildbucket.builderServiceAccount"
     principals: "user:webrtc-ci-builder@chops-service-accounts.iam.gserviceaccount.com"
   }
+  bindings {
+    role: "role/buildbucket.creator"
+    principals: "group:project-webrtc-led-users"
+  }
   bindings {
     role: "role/buildbucket.triggerer"
     principals: "group:service-account-chromeperf"
@@ -174,6 +182,10 @@ realms {
     role: "role/buildbucket.builderServiceAccount"
     principals: "user:webrtc-try-builder@chops-service-accounts.iam.gserviceaccount.com"
   }
+  bindings {
+    role: "role/buildbucket.creator"
+    principals: "group:project-webrtc-led-users"
+  }
   bindings {
     role: "role/buildbucket.triggerer"
     principals: "group:project-webrtc-tryjob-access"