Peran dan izin Pengontrol Konfigurasi
Halaman ini menjelaskan peran dan izin Identity and Access Management (IAM) untuk Pengontrol Konfigurasi. Untuk membantu Anda mengontrol akses,
Pengontrol Konfigurasi menggunakan peran dan izin IAM.
Dengan IAM, Anda dapat memberikan akses terperinci ke resource Google Cloud tertentu dan membantu mencegah akses ke resource lain.
Peran
Pengontrol Konfigurasi memiliki peran bawaan. Tabel berikut mencantumkan peran dan izin yang disertakan dalam peran tersebut:
Role |
Permissions |
Config Controller Admin
(roles/krmapihosting.admin )
Full access to all Config Controller resources.
|
krmapihosting.*
krmapihosting.krmApiHosts.create
krmapihosting.krmApiHosts.delete
krmapihosting.krmApiHosts.get
krmapihosting.krmApiHosts.getIamPolicy
krmapihosting.krmApiHosts.list
krmapihosting.krmApiHosts.setIamPolicy
krmapihosting.krmApiHosts.update
krmapihosting.locations.get
krmapihosting.locations.list
krmapihosting.operations.cancel
krmapihosting.operations.delete
krmapihosting.operations.get
krmapihosting.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Config Controller Viewer
(roles/krmapihosting.viewer )
Read-only access to all Config Controller resources.
|
krmapihosting.krmApiHosts.get
krmapihosting.krmApiHosts.getIamPolicy
krmapihosting.krmApiHosts.list
krmapihosting.locations.*
krmapihosting.locations.get
krmapihosting.locations.list
krmapihosting.operations.get
krmapihosting.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Untuk mengetahui informasi lebih lanjut mengenai cara menetapkan peran, baca artikel Memilih peran yang telah ditetapkan.
Atau, Anda dapat membuat peran khusus sendiri yang berisi persis izin yang Anda tentukan.
Izin
Izin yang diberikan berdasarkan peran
Tabel berikut mencantumkan izin yang harus dimiliki pemanggil untuk memanggil setiap metode Pengontrol Konfigurasi dan peran mana yang memberikan izin:
Izin |
Diberikan oleh peran |
krmapihosting.krmApiHosts.create
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
|
krmapihosting.krmApiHosts.delete
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
|
krmapihosting.krmApiHosts.get
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
krmapihosting.krmApiHosts.getIamPolicy
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- (
roles/iam.securityAdmin ) Security Admin
- Peninjau Keamanan (
roles/iam.securityReviewer )
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
krmapihosting.krmApiHosts.list
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- (
roles/iam.securityAdmin ) Security Admin
- Peninjau Keamanan (
roles/iam.securityReviewer )
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
krmapihosting.krmApiHosts.setIamPolicy
|
- (
roles/owner ) Pemilik
- (
roles/iam.securityAdmin ) Security Admin
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
|
krmapihosting.krmApiHosts.update
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
|
krmapihosting.locations.get
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Pengakses lihat-saja (
roles/viewer )
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
krmapihosting.locations.list
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Pengakses lihat-saja (
roles/viewer )
- (
roles/iam.securityAdmin ) Security Admin
- Peninjau Keamanan (
roles/iam.securityReviewer )
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
krmapihosting.operations.cancel
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
|
krmapihosting.operations.delete
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
|
krmapihosting.operations.get
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Pengakses lihat-saja (
roles/viewer )
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
krmapihosting.operations.list
|
- (
roles/owner ) Pemilik
- (
roles/editor ) Editor
- Pengakses lihat-saja (
roles/viewer )
- (
roles/iam.securityAdmin ) Security Admin
- Peninjau Keamanan (
roles/iam.securityReviewer )
- Admin Pengontrol Konfigurasi (
roles/krmapihosting.admin )
- Penampil Pengontrol Konfigurasi (
roles/krmapihosting.viewer )
|
Izin yang diperlukan untuk tindakan
Tabel berikut mencantumkan izin yang Anda perlukan untuk melakukan tindakan tertentu.
Izin yang diperlukan |
Metode |
krmapihosting.krmApiHosts.create |
projects.locations.krmApiHosts.create |
krmapihosting.krmApiHosts.delete |
projects.locations.krmApiHosts.delete |
krmapihosting.krmApiHosts.get |
projects.locations.krmApiHosts.get |
krmapihosting.krmApiHosts.list |
projects.locations.krmApiHosts.list |
krmapihosting.krmApiHosts.update |
projects.locations.krmApiHosts.update |
krmapihosting.operations.get |
projects.locations.operations.get |
krmapihosting.operations.list |
projects.locations.operations.list |
Langkah selanjutnya