[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-09-03。"],[[["\u003cp\u003eAPI Gateway uses Identity and Access Management (IAM) to control access to APIs, allowing you to grant access at both the project and service consumer levels.\u003c/p\u003e\n"],["\u003cp\u003eThe Service Consumer role permits users to view and enable an API within their own projects.\u003c/p\u003e\n"],["\u003cp\u003eThe API Gateway Viewer role provides read-only access to API gateways and their associated resources, while the API Gateway Admin role grants full access to manage these resources.\u003c/p\u003e\n"],["\u003cp\u003eCustom roles can be created via IAM for more granular control over API Gateway permissions, if the provided roles do not meet your specific needs.\u003c/p\u003e\n"]]],[],null,["# API Gateway API access overview\n===============================\n\nThis page describes the API access control options available to you in API Gateway.\n\nOverview\n--------\n\nAPI Gateway uses\n[Identity and Access Management (IAM)](/iam/docs)\nto control access to your API. You can grant access to your API at the project\nlevel and at the service consumer level. For example,\nyou can:\n\n- Grant access to your API users so they can enable your API in their own Google Cloud project.\n- Allow principals to view all API Gateway resources.\n- Allow principals to create, update, or delete API Gateway resources.\n\nRoles that control access to services and resources\n---------------------------------------------------\n\nYou can view and grant roles using the permissions panel on the **API Gateway** \\\u003e\n**APIs** or **Gateways** detail pages in the Google Cloud console. Roles can also be granted\nusing the API, or with the Google Cloud CLI.\n\n| **Note:** Although you can grant other roles at the service level, we recommend that you use the roles listed in the previous table to manage your API.\n\nAPI Gateway permissions and roles\n---------------------------------\n\nThe following table lists the project-level roles that grant access to API Gateway resources and their associated permissions:\n\n| **Note:** To view pages in the Google Cloud console, you must grant users the **API Gateway Viewer** role or a higher role at the project level.\n\nCustom roles\n------------\n\nIf basic or predefined roles do not meet your specific needs, API Gateway supports the use of custom roles. You can use IAM to create [custom roles](/iam/docs/creating-custom-roles) for API Gateway."]]
