其他角色 |
权限 |
Advisory Notifications Admin
(roles/advisorynotifications.admin)
授予对 Advisory Notifications 中的设置的写入权限
|
advisorynotifications.*
resourcemanager.organizations.get
resourcemanager.projects.get
|
Advisory Notifications Viewer
(roles/advisorynotifications.viewer)
授予在 Advisory Notifications 中查看消息的访问权限
|
advisorynotifications.notifications.*
advisorynotifications.settings.get
resourcemanager.organizations.get
resourcemanager.projects.get
|
Cloud API Hub Admin
Beta 版
(roles/apihub.admin)
拥有对所有 API Hub 资源的完整访问权限。
|
apihub.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Attributes Admin
Beta 版
(roles/apihub.attributeAdmin)
拥有对所有 Cloud API hub 属性资源的完整访问权限。
|
apihub.attributes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Editor
Beta 版
(roles/apihub.editor)
对大多数 Cloud API Hub 资源拥有修改权限。
|
apihub.apiHubInstances.get
apihub.apiHubInstances.list
apihub.apiOperations.*
apihub.apis.*
apihub.attributes.get
apihub.attributes.list
apihub.definitions.*
apihub.dependencies.*
apihub.deployments.*
apihub.externalApis.*
apihub.hostProjectRegistrations.get
apihub.hostProjectRegistrations.list
apihub.llmEnablements.*
apihub.locations.searchResources
apihub.operations.get
apihub.operations.list
apihub.plugins.get
apihub.plugins.list
apihub.runTimeProjectAttachments.get
apihub.runTimeProjectAttachments.list
apihub.specs.*
apihub.styleGuides.get
apihub.versions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Plugins Admin
Beta 版
(roles/apihub.pluginAdmin)
拥有对所有 Cloud API Hub 插件资源的完整访问权限。
|
apihub.plugins.*
apihub.specs.lint
apihub.styleGuides.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Provisioning Admin
Beta 版
(roles/apihub.provisioningAdmin)
拥有对 Cloud API hub 预配相关资源的完整访问权限。
|
apihub.apiHubInstances.*
apihub.hostProjectRegistrations.*
apihub.operations.*
apihub.runTimeProjectAttachments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Viewer
Beta 版
(roles/apihub.viewer)
拥有对所有 Cloud API hub 资源的查看权限。
|
apihub.apiHubInstances.get
apihub.apiHubInstances.list
apihub.apiOperations.get
apihub.apiOperations.list
apihub.apis.get
apihub.apis.list
apihub.attributes.get
apihub.attributes.list
apihub.definitions.get
apihub.definitions.list
apihub.dependencies.get
apihub.dependencies.list
apihub.deployments.get
apihub.deployments.list
apihub.externalApis.get
apihub.externalApis.list
apihub.hostProjectRegistrations.get
apihub.hostProjectRegistrations.list
apihub.llmEnablements.get
apihub.llmEnablements.list
apihub.locations.searchResources
apihub.operations.get
apihub.operations.list
apihub.plugins.get
apihub.plugins.list
apihub.runTimeProjectAttachments.get
apihub.runTimeProjectAttachments.list
apihub.specs.get
apihub.specs.list
apihub.styleGuides.get
apihub.versions.get
apihub.versions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
API Management Admin
Beta 版
(roles/apim.admin)
拥有对 API 管理资源的完整访问权限。
|
apim.*
resourcemanager.projects.get
resourcemanager.projects.list
|
API Management Viewer
Beta 版
(roles/apim.viewer)
拥有对 API 管理资源的只读权限。
|
apim.apiObservations.get
apim.apiObservations.list
apim.apiOperations.*
apim.locations.*
apim.observationJobs.get
apim.observationJobs.list
apim.observationSources.get
apim.observationSources.list
apim.operations.get
apim.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub Admin
(roles/apphub.admin)
拥有对 App Hub 资源的完整访问权限。
|
apphub.*
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub Editor
(roles/apphub.editor)
拥有对 App Hub 资源的编辑权限。
|
apphub.applications.create
apphub.applications.delete
apphub.applications.get
apphub.applications.list
apphub.applications.update
apphub.discoveredServices.*
apphub.discoveredWorkloads.*
apphub.locations.*
apphub.operations.*
apphub.serviceProjectAttachments.lookup
apphub.services.*
apphub.workloads.*
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub Viewer
(roles/apphub.viewer)
拥有对 App Hub 资源的查看权限。
|
apphub.applications.get
apphub.applications.list
apphub.discoveredServices.get
apphub.discoveredServices.list
apphub.discoveredWorkloads.get
apphub.discoveredWorkloads.list
apphub.locations.*
apphub.operations.get
apphub.operations.list
apphub.serviceProjectAttachments.lookup
apphub.services.get
apphub.services.list
apphub.workloads.get
apphub.workloads.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Appliance troubleshooting commands approver
Beta 版
(roles/applianceactivation.approver)
可授予用于批准要在设备上运行的命令的权限
|
applianceactivation.rttCommands.approve
applianceactivation.rttCommands.get
resourcemanager.projects.get
resourcemanager.projects.list
|
On-appliance troubleshooting client
Beta 版
(roles/applianceactivation.client)
可授予读取设备命令及发送其结果的权限。
|
applianceactivation.rttCommands.get
applianceactivation.rttCommands.sendResult
|
Appliance troubleshooter
Beta 版
(roles/applianceactivation.troubleshooter)
可授予用于发送要在设备上运行的新命令和查看输出的权限
|
applianceactivation.rttCommands.create
applianceactivation.rttCommands.get
applianceactivation.rttCommands.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Assured OSS Admin
(roles/assuredoss.admin)
拥有使用 Assured OSS 和管理配置的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.create
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.*
iam.serviceAccountKeys.create
iam.serviceAccounts.create
iam.serviceAccounts.get
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.create
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.subscriptions.update
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.enable
serviceusage.services.get
serviceusage.services.list
|
Assured OSS Project Admin
Beta 版
(roles/assuredoss.projectAdmin)
拥有使用 Assured OSS 和管理配置的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.create
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.*
iam.serviceAccounts.create
iam.serviceAccounts.get
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.enable
serviceusage.services.get
serviceusage.services.list
|
Assured OSS Reader
(roles/assuredoss.reader)
拥有使用 Assured OSS 和查看 Assured OSS 配置的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.config.get
assuredoss.locations.*
assuredoss.metadata.*
assuredoss.operations.get
assuredoss.operations.list
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Assured OSS User
(roles/assuredoss.user)
拥有使用 Assured OSS 的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.locations.*
assuredoss.metadata.*
assuredoss.operations.get
assuredoss.operations.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Audit Manager Admin
Beta 版
(roles/auditmanager.admin)
拥有对 Audit Manager 资源的完整访问权限。
|
auditmanager.auditReports.*
auditmanager.auditScopeReports.generate
auditmanager.billingSettings.get
auditmanager.controlReports.*
auditmanager.controls.list
auditmanager.findings.*
auditmanager.locations.*
auditmanager.operations.*
auditmanager.resourceEnrollmentStatuses.*
cloudasset.assets.searchAllResources
resourcemanager.folders.get
resourcemanager.folders.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Audit Manager Auditor
Beta 版
(roles/auditmanager.auditor)
允许创建和查看审核报告。
|
auditmanager.auditReports.*
auditmanager.auditScopeReports.generate
auditmanager.billingSettings.get
auditmanager.controlReports.*
auditmanager.controls.list
auditmanager.findings.*
auditmanager.locations.get
auditmanager.locations.list
auditmanager.operations.*
auditmanager.resourceEnrollmentStatuses.*
cloudasset.assets.searchAllResources
resourcemanager.folders.get
resourcemanager.folders.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Custom Compliance Framework Admin
Beta 版
(roles/auditmanager.ccfAdmin)
拥有对 Custom Compliance Framework 资源的完整访问权限。
|
auditmanager.billingSettings.get
auditmanager.customComplianceFrameworks.*
auditmanager.locations.get
auditmanager.locations.list
auditmanager.operations.*
resourcemanager.organizations.get
|
Custom Compliance Framework Viewer
Beta 版
(roles/auditmanager.ccfViewer)
允许查看 Custom Compliance Framework 资源。
|
auditmanager.billingSettings.get
auditmanager.customComplianceFrameworks.get
auditmanager.customComplianceFrameworks.list
auditmanager.locations.get
auditmanager.locations.list
auditmanager.operations.*
resourcemanager.organizations.get
|
Autoscaling Metrics Writer
Beta 版
(roles/autoscaling.metricsWriter)
能够写入针对自动扩缩站点的指标
|
autoscaling.sites.writeMetrics
|
Autoscaling Recommendations Reader
Beta 版
(roles/autoscaling.recommendationsReader)
拥有从自动扩缩网站读取推荐内容的权限
|
autoscaling.sites.readRecommendations
|
Autoscaling Site Admin
Beta 版
(roles/autoscaling.sitesAdmin)
具有对所有自动扩缩站点功能的完整访问权限
|
autoscaling.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Autoscaling State Writer
Beta 版
(roles/autoscaling.stateWriter)
拥有写入自动扩缩网站状态的权限
|
autoscaling.sites.writeState
|
Batch Administrator
(roles/batch.admin)
Batch 资源的管理员
|
batch.jobs.*
batch.locations.*
batch.operations.*
batch.resourceAllowances.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch Agent Reporter
(roles/batch.agentReporter)
Batch 代理状态的报告者。
|
batch.states.report
|
Batch Job Editor
(roles/batch.jobsEditor)
Batch 作业的编辑者
|
batch.jobs.*
batch.locations.*
batch.operations.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch Job Viewer
(roles/batch.jobsViewer)
可以查看批量作业、任务组和任务
|
batch.jobs.get
batch.jobs.list
batch.locations.*
batch.operations.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch ResourceAllowance Editor
(roles/batch.resourceAllowancesEditor)
Batch ResourceAllowances 的编辑者
|
batch.locations.*
batch.operations.*
batch.resourceAllowances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch ResourceAllowance Viewer
(roles/batch.resourceAllowancesViewer)
Batch ResourceAllowances 的查看者
|
batch.locations.*
batch.operations.*
batch.resourceAllowances.get
batch.resourceAllowances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
BigLake Admin
(roles/biglake.admin)
提供对所有 BigLake 资源的完整访问权限。
|
biglake.*
resourcemanager.projects.get
resourcemanager.projects.list
|
BigLake Viewer
(roles/biglake.viewer)
提供对所有 BigLake 资源的只读权限。
|
biglake.catalogs.get
biglake.catalogs.list
biglake.databases.get
biglake.databases.list
biglake.locks.list
biglake.tables.get
biglake.tables.list
resourcemanager.projects.get
resourcemanager.projects.list
|
MigrationWorkflow Editor
(roles/bigquerymigration.editor)
可以修改 EDW 迁移工作流。
|
bigquerymigration.subtasks.*
bigquerymigration.workflows.create
bigquerymigration.workflows.delete
bigquerymigration.workflows.enableAiOutputTypes
bigquerymigration.workflows.enableLineageOutputTypes
bigquerymigration.workflows.enableOutputTypePermissions
bigquerymigration.workflows.get
bigquerymigration.workflows.list
bigquerymigration.workflows.update
|
Task Orchestrator
(roles/bigquerymigration.orchestrator)
可以编排 EDW 迁移任务。
|
bigquerymigration.workflows.orchestrateTask
storage.objects.list
|
Migration Translation User
(roles/bigquerymigration.translationUser)
可以使用 EDW 迁移交互式 SQL 转换服务。
|
bigquerymigration.translation.translate
|
MigrationWorkflow Viewer
(roles/bigquerymigration.viewer)
可以查看 EDW 迁移 MigrationWorkflow。
|
bigquerymigration.subtasks.*
bigquerymigration.workflows.get
bigquerymigration.workflows.list
|
Task Worker
(roles/bigquerymigration.worker)
执行 EDW 迁移子任务的工作器。
|
storage.objects.create
storage.objects.get
storage.objects.list
|
Carbon Footprint Viewer
(roles/billing.carbonViewer)
|
billing.accounts.get
billing.accounts.getCarbonInformation
billing.accounts.list
|
Blockchain Node Engine Admin
(roles/blockchainnodeengine.admin)
拥有对 Blockchain Node Engine 资源的完整访问权限。
|
blockchainnodeengine.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Blockchain Node Engine Viewer
(roles/blockchainnodeengine.viewer)
拥有对 Blockchain Node Engine 资源的只读权限。
|
blockchainnodeengine.blockchainNodes.get
blockchainnodeengine.blockchainNodes.list
blockchainnodeengine.locations.*
blockchainnodeengine.operations.get
blockchainnodeengine.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Blockchain Validator Manager Admin
Beta 版
(roles/blockchainvalidatormanager.admin)
拥有对 Blockchain Validator Manager 资源的完整访问权限。
|
blockchainvalidatormanager.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Blockchain Validator Viewer
Beta 版
(roles/blockchainvalidatormanager.viewer)
拥有对 Blockchain Validator Manager 资源的只读权限。
|
blockchainvalidatormanager.blockchainValidatorConfigs.get
blockchainvalidatormanager.blockchainValidatorConfigs.list
blockchainvalidatormanager.locations.*
blockchainvalidatormanager.operations.get
blockchainvalidatormanager.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Capacity Planner Usage Viewer
Beta 版
(roles/capacityplanner.viewer)
拥有对容量规划工具使用情况资源的只读权限
|
capacityplanner.*
cloudquotas.quotas.get
compute.futureReservations.get
compute.futureReservations.list
compute.reservations.get
compute.reservations.list
monitoring.timeSeries.list
resourcemanager.folders.get
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
|
Care Studio Patients Viewer
(roles/carestudio.viewer)
此角色可以查看患者的所有属性。
|
carestudio.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Chronicle Service Admin
(roles/chroniclesm.admin)
Admin 可以查看和修改 Chronicle 服务详情。
|
chroniclesm.*
|
Chronicle Service Viewer
(roles/chroniclesm.viewer)
Viewer 可以查看 Chronicle 服务详情,但无法对其进行更改。
|
chroniclesm.gcpAssociations.get
chroniclesm.gcpAssociations.list
chroniclesm.gcpLogFlowFilters.get
chroniclesm.gcpSettings.get
|
Location reader
Beta 版
(roles/cloud.locationReader)
可以读取和枚举可用于创建资源的位置。
|
cloud.*
|
Code Repository Indexes Admin
Beta 版
(roles/cloudaicompanion.codeRepositoryIndexesAdmin)
授予对代码库索引资源的完整访问权限。
|
cloudaicompanion.codeRepositoryIndexes.*
cloudaicompanion.operations.*
cloudaicompanion.repositoryGroups.create
cloudaicompanion.repositoryGroups.delete
cloudaicompanion.repositoryGroups.get
cloudaicompanion.repositoryGroups.getIamPolicy
cloudaicompanion.repositoryGroups.list
cloudaicompanion.repositoryGroups.setIamPolicy
cloudaicompanion.repositoryGroups.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Code Repository Indexes Viewer
Beta 版
(roles/cloudaicompanion.codeRepositoryIndexesViewer)
授予对代码库索引资源的只读权限。
|
cloudaicompanion.codeRepositoryIndexes.get
cloudaicompanion.codeRepositoryIndexes.list
cloudaicompanion.operations.get
cloudaicompanion.operations.list
cloudaicompanion.repositoryGroups.get
cloudaicompanion.repositoryGroups.getIamPolicy
cloudaicompanion.repositoryGroups.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Repository Groups User
Beta 版
(roles/cloudaicompanion.repositoryGroupsUser)
授予对代码库索引代码库组的读取/使用权限。
|
cloudaicompanion.codeRepositoryIndexes.get
cloudaicompanion.repositoryGroups.get
cloudaicompanion.repositoryGroups.getIamPolicy
cloudaicompanion.repositoryGroups.use
|
Gemini for Google Cloud User
Beta 版
(roles/cloudaicompanion.user)
可以使用 Gemini for Google Cloud 的用户
|
cloudaicompanion.companions.*
cloudaicompanion.entitlements.get
cloudaicompanion.instances.*
cloudaicompanion.licenses.selfAssign
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud Controls Partner Admin
(roles/cloudcontrolspartner.admin)
拥有对 Cloud Controls 合作伙伴资源的完全访问权限。
|
cloudcontrolspartner.accessapprovalrequests.list
cloudcontrolspartner.customers.*
cloudcontrolspartner.ekmconnections.get
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.partnerpermissions.get
cloudcontrolspartner.partners.get
cloudcontrolspartner.platformcontrols.get
cloudcontrolspartner.violations.list
cloudcontrolspartner.workloads.list
|
Cloud Controls Partner Editor
(roles/cloudcontrolspartner.editor)
拥有对 Cloud Controls 合作伙伴资源的修改权限。
|
cloudcontrolspartner.*
|
Cloud Controls Partner Inspectability Reader
(roles/cloudcontrolspartner.inspectabilityReader)
拥有对 Cloud Controls 合作伙伴可检查性资源的只读权限。
|
cloudcontrolspartner.customers.get
cloudcontrolspartner.customers.list
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.platformcontrols.get
|
Cloud Controls Partner Monitoring Reader
(roles/cloudcontrolspartner.monitoringReader)
拥有对 Cloud Controls 合作伙伴监控资源的只读权限。
|
cloudcontrolspartner.customers.get
cloudcontrolspartner.customers.list
cloudcontrolspartner.violations.*
cloudcontrolspartner.workloads.*
|
Cloud Controls Partner Reader
(roles/cloudcontrolspartner.reader)
拥有对 Cloud Controls 合作伙伴资源的只读权限。
|
cloudcontrolspartner.accessapprovalrequests.list
cloudcontrolspartner.customers.get
cloudcontrolspartner.customers.list
cloudcontrolspartner.ekmconnections.get
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.partnerpermissions.get
cloudcontrolspartner.partners.get
cloudcontrolspartner.platformcontrols.get
cloudcontrolspartner.violations.*
cloudcontrolspartner.workloads.*
|
Cloud Optimization AI Admin
(roles/cloudoptimization.admin)
Cloud Optimization AI 资源的管理员
|
cloudoptimization.*
|
Cloud Optimization AI Editor
(roles/cloudoptimization.editor)
Cloud Optimization AI 资源的编辑者
|
cloudoptimization.*
|
Cloud Optimization AI Viewer
(roles/cloudoptimization.viewer)
Cloud Optimization AI 资源的查看者
|
cloudoptimization.operations.get
|
Cloud Quotas Admin
Beta 版
(roles/cloudquotas.admin)
拥有对 Cloud 配额资源的完整访问权限。
|
cloudquotas.*
monitoring.timeSeries.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud Quotas Viewer
Beta 版
(roles/cloudquotas.viewer)
拥有对 Cloud 配额资源的只读权限。
|
cloudquotas.quotas.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Commerce Agreement Publishing Admin
Beta 版
(roles/commerceagreementpublishing.admin)
可以管理 Commerce Agreement Publishing 服务
|
commerceagreementpublishing.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Commerce Agreement Publishing Viewer
Beta 版
(roles/commerceagreementpublishing.viewer)
可以查看 Commerce Agreement Publishing 服务
|
commerceagreementpublishing.agreements.get
commerceagreementpublishing.agreements.list
commerceagreementpublishing.documents.get
commerceagreementpublishing.documents.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Confidential Space Workload User
(roles/confidentialcomputing.workloadUser)
授予生成证明令牌并在虚拟机中运行工作负载的权限。适用于在 Confidential Space 虚拟机上运行的服务账号。
|
confidentialcomputing.*
logging.logEntries.create
|
ConfigDelivery Admin
Beta 版
(roles/configdelivery.configDeliveryAdmin)
授予对所有 Config Delivery 资源的完整访问权限。让用户能够创建、移除和管理舰队软件包及资源包。
|
configdelivery.*
resourcemanager.projects.get
resourcemanager.projects.list
|
ConfigDelivery Viewer
Beta 版
(roles/configdelivery.configDeliveryViewer)
授予对所有 Config Delivery 资源的读取权限。让用户能够查看现有的舰队软件包和资源包,但不能进行任何更改。
|
configdelivery.fleetPackages.get
configdelivery.fleetPackages.list
configdelivery.locations.*
configdelivery.operations.get
configdelivery.operations.list
configdelivery.releases.get
configdelivery.releases.list
configdelivery.resourceBundles.get
configdelivery.resourceBundles.list
configdelivery.rollouts.get
configdelivery.rollouts.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Config Delivery Resource Bundle Publisher
Beta 版
(roles/configdelivery.resourceBundlePublisher)
授予对 Config Delivery ResourceBundle 和 Release 的读取和写入权限。
|
configdelivery.locations.*
configdelivery.operations.get
configdelivery.operations.list
configdelivery.releases.create
configdelivery.releases.get
configdelivery.releases.list
configdelivery.releases.update
configdelivery.resourceBundles.create
configdelivery.resourceBundles.get
configdelivery.resourceBundles.list
configdelivery.resourceBundles.update
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenteraiplatform.admin)
拥有对 Contact Center AI Platform 资源的完整访问权限。
|
contactcenteraiplatform.*
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenteraiplatform.viewer)
拥有对 Contact Center AI Platform 资源的只读权限。
|
contactcenteraiplatform.contactCenters.get
contactcenteraiplatform.contactCenters.list
contactcenteraiplatform.locations.*
contactcenteraiplatform.operations.get
contactcenteraiplatform.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenterinsights.editor)
可授予所有 Contact Center AI Insights 资源的读写权限。
|
contactcenterinsights.*
|
|
(roles/contactcenterinsights.viewer)
授予对所有 Contact Center AI Insights 资源的读取访问权限。
|
contactcenterinsights.analyses.get
contactcenterinsights.analyses.list
contactcenterinsights.analysisRules.get
contactcenterinsights.analysisRules.list
contactcenterinsights.conversations.get
contactcenterinsights.conversations.list
contactcenterinsights.faqEntries.get
contactcenterinsights.faqEntries.list
contactcenterinsights.faqModels.get
contactcenterinsights.faqModels.list
contactcenterinsights.feedbackLabels.download
contactcenterinsights.feedbackLabels.get
contactcenterinsights.feedbackLabels.list
contactcenterinsights.issueModels.get
contactcenterinsights.issueModels.list
contactcenterinsights.issues.get
contactcenterinsights.issues.list
contactcenterinsights.operations.get
contactcenterinsights.operations.list
contactcenterinsights.phraseMatchers.get
contactcenterinsights.phraseMatchers.list
contactcenterinsights.qaQuestions.get
contactcenterinsights.qaQuestions.list
contactcenterinsights.qaScorecardRevisions.get
contactcenterinsights.qaScorecardRevisions.list
contactcenterinsights.qaScorecards.get
contactcenterinsights.qaScorecards.list
contactcenterinsights.settings.get
contactcenterinsights.views.get
contactcenterinsights.views.list
|
GKE Security Posture Viewer
Beta 版
(roles/containersecurity.viewer)
拥有对 GKE Security Posture 资源的只读权限。
|
container.clusters.list
containersecurity.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Admin
(roles/contentwarehouse.admin)
授予对 Content Warehouse 中所有资源的完整访问权限
|
contentwarehouse.corpora.*
contentwarehouse.dataExportJobs.*
contentwarehouse.documentSchemas.*
contentwarehouse.documents.*
contentwarehouse.locations.*
contentwarehouse.operations.get
contentwarehouse.rawDocuments.*
contentwarehouse.ruleSets.*
contentwarehouse.synonymSets.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Admin
(roles/contentwarehouse.documentAdmin)
授予对 Content Warehouse 中的文档资源的完整访问权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.create
contentwarehouse.documents.delete
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.setIamPolicy
contentwarehouse.documents.update
contentwarehouse.links.*
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Creator
(roles/contentwarehouse.documentCreator)
授予在 Content Warehouse 中创建文档的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.documents.create
contentwarehouse.locations.getStatus
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Editor
(roles/contentwarehouse.documentEditor)
授予对 Content Warehouse 中的文档资源的更新权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.update
contentwarehouse.links.*
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Schema Viewer
(roles/contentwarehouse.documentSchemaViewer)
授予在 Content Warehouse 中查看文档架构的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.locations.getStatus
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Viewer
(roles/contentwarehouse.documentViewer)
授予查看 Content Warehouse 中所有资源的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.links.get
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.download
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Center Viewer
Beta 版
(roles/databasecenter.viewer)
可查看数据库中心资源数据的查看者角色
|
cloudaicompanion.entitlements.get
databasecenter.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Events Service Viewer
Beta 版
(roles/databaseinsights.eventsViewer)
可以查看事件服务数据
|
databaseinsights.aggregatedEvents.query
databaseinsights.clusterEvents.query
databaseinsights.instanceEvents.query
|
Database Insights Monitoring Viewer
Beta 版
(roles/databaseinsights.monitoringViewer)
可以查看 Database Insights 监控数据
|
databaseinsights.activeQueries.fetch
databaseinsights.activitySummary.fetch
databaseinsights.aggregatedStats.query
databaseinsights.locations.*
databaseinsights.timeSeries.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Insights Performing Operations
Beta 版
(roles/databaseinsights.operationsAdmin)
可执行 Database Insights 操作的管理员角色
|
databaseinsights.activeQuery.terminate
|
Database Insights Recommendation Viewer
Beta 版
(roles/databaseinsights.recommendationViewer)
可以查看 Database Insights 建议数据
|
databaseinsights.locations.*
databaseinsights.recommendations.query
databaseinsights.resourceRecommendations.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Insights Viewer
Beta 版
(roles/databaseinsights.viewer)
可以查看 Database Insights 数据
|
databaseinsights.activeQueries.fetch
databaseinsights.activitySummary.fetch
databaseinsights.aggregatedStats.query
databaseinsights.locations.*
databaseinsights.recommendations.query
databaseinsights.resourceRecommendations.query
databaseinsights.timeSeries.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Administrator
(roles/datalineage.admin)
可授予对 Data Lineage API 中所有资源的完整访问权限
|
datalineage.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Editor
(roles/datalineage.editor)
可授予对 Data Lineage API 中所有资源的修改权限
|
datalineage.events.*
datalineage.locations.searchLinks
datalineage.operations.get
datalineage.processes.create
datalineage.processes.get
datalineage.processes.list
datalineage.processes.update
datalineage.runs.create
datalineage.runs.get
datalineage.runs.list
datalineage.runs.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Events Producer
(roles/datalineage.producer)
可授予在 Data Lineage API 中创建所有资源的权限
|
datalineage.events.create
datalineage.processes.create
datalineage.processes.get
datalineage.processes.update
datalineage.runs.create
datalineage.runs.get
datalineage.runs.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Viewer
(roles/datalineage.viewer)
可授予对 Data Lineage API 中所有资源的读取权限
|
datalineage.events.get
datalineage.events.list
datalineage.locations.searchLinks
datalineage.processes.get
datalineage.processes.list
datalineage.runs.get
datalineage.runs.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Processing Controls Resource Admin
(roles/dataprocessing.admin)
能够完全管理数据处理控制设置并查看所有数据源数据的 Data processing controls admin。
|
billing.accounts.get
billing.accounts.list
dataprocessing.*
|
Data Processing Controls Data Source Manager
(roles/dataprocessing.dataSourceManager)
可以获取、列出并更新底层数据的数据处理控制数据源管理员。
|
dataprocessing.datasources.list
dataprocessing.datasources.update
|
Dataproc Resource Manager Admin
Beta 版
(roles/dataprocrm.admin)
授予对所有 Dataproc Resource Manager 资源的完整访问权限。适用于需要创建和删除任何 Dataproc Resource Manager 资源的用户。
|
dataprocrm.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataproc Resource Manager Viewer
Beta 版
(roles/dataprocrm.viewer)
授予对所有 Dataproc Resource Manager 资源的读取权限。适用于需要对 Dataproc Resource Manager 资源进行只读访问的用户。
|
dataprocrm.locations.*
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodes.get
dataprocrm.nodes.list
dataprocrm.nodes.mintOAuthToken
dataprocrm.operations.get
dataprocrm.operations.list
dataprocrm.workloads.get
dataprocrm.workloads.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect Admin
Beta 版
(roles/developerconnect.admin)
拥有对 Developer Connect 资源的完整访问权限。
|
developerconnect.connections.*
developerconnect.gitRepositoryLinks.create
developerconnect.gitRepositoryLinks.delete
developerconnect.gitRepositoryLinks.fetchGitRefs
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect Read Token Accessor
Beta 版
(roles/developerconnect.readTokenAccessor)
授予对只读令牌(PAT 和短期有效的令牌)的访问权限。此外,还可以授予查看 Git 代码库链接的权限。
|
developerconnect.connections.get
developerconnect.gitRepositoryLinks.fetchReadToken
developerconnect.gitRepositoryLinks.get
|
Developer Connect Token Accessor
Beta 版
(roles/developerconnect.tokenAccessor)
授予对读写和只读令牌(PAT 和短期有效的令牌)的访问权限。此外,还可以授予查看 Git 代码库链接的权限。
|
developerconnect.connections.get
developerconnect.gitRepositoryLinks.fetchReadToken
developerconnect.gitRepositoryLinks.fetchReadWriteToken
developerconnect.gitRepositoryLinks.get
|
Developer Connect User
Beta 版
(roles/developerconnect.user)
授予查看连接和使用与实际代码库进行交互(例如,从代码库中读取内容)的功能的权限
|
developerconnect.connections.fetchGitHubInstallations
developerconnect.connections.fetchLinkableGitRepositories
developerconnect.connections.get
developerconnect.connections.list
developerconnect.gitRepositoryLinks.fetchGitRefs
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.get
developerconnect.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect Viewer
Beta 版
(roles/developerconnect.viewer)
拥有对 Developer Connect 资源的只读权限。
|
developerconnect.connections.get
developerconnect.connections.list
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.get
developerconnect.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine Admin
(roles/discoveryengine.admin)
授予对所有 Discovery Engine 资源的完整访问权限。
|
discoveryengine.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine Editor
(roles/discoveryengine.editor)
授予对所有 Discovery Engine 资源的读写权限。
|
discoveryengine.aclConfigs.get
discoveryengine.analytics.*
discoveryengine.answers.get
discoveryengine.branches.*
discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.collections.get
discoveryengine.collections.list
discoveryengine.completionConfigs.completeQuery
discoveryengine.completionConfigs.get
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.conversations.*
discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.documentProcessingConfigs.get
discoveryengine.documents.batchGetDocumentsMetadata
discoveryengine.documents.create
discoveryengine.documents.delete
discoveryengine.documents.get
discoveryengine.documents.import
discoveryengine.documents.list
discoveryengine.documents.update
discoveryengine.engines.get
discoveryengine.engines.list
discoveryengine.engines.pause
discoveryengine.engines.resume
discoveryengine.engines.tune
discoveryengine.evaluations.get
discoveryengine.evaluations.list
discoveryengine.groundingConfigs.check
discoveryengine.models.*
discoveryengine.operations.*
discoveryengine.projects.get
discoveryengine.rankingConfigs.rank
discoveryengine.sampleQueries.*
discoveryengine.sampleQuerySets.*
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.validate
discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.sessions.*
discoveryengine.siteSearchEngines.get
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.userEvents.create
discoveryengine.userEvents.fetchStats
discoveryengine.userEvents.import
discoveryengine.widgetConfigs.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud NotebookLM Notebook Editor
Beta 版
(roles/discoveryengine.notebookEditor)
授予对 Cloud NotebookLM Notebook 的读写权限。
|
|
Cloud NotebookLM Admin
Beta 版
(roles/discoveryengine.notebookLmOwner)
授予对 Cloud NotebookLM 资源的完整访问权限。
|
discoveryengine.aclConfigs.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud NotebookLM User
Beta 版
(roles/discoveryengine.notebookLmUser)
授予对 Cloud NotebookLM 资源的用户级访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud NotebookLM Notebook Owner
Beta 版
(roles/discoveryengine.notebookOwner)
授予对 Cloud NotebookLM Notebook 的完整访问权限。
|
|
Cloud NotebookLM Notebook Viewer
Beta 版
(roles/discoveryengine.notebookViewer)
授予对 Cloud NotebookLM Notebook 的只读权限。
|
|
Discovery Engine User
Beta 版
(roles/discoveryengine.user)
授予对 Discovery Engine 资源的用户级访问权限。
|
discoveryengine.answers.get
discoveryengine.completionConfigs.completeQuery
discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.search
discoveryengine.sessions.delete
discoveryengine.sessions.get
discoveryengine.sessions.list
discoveryengine.sessions.update
discoveryengine.widgetConfigs.get
|
Discovery Engine Viewer
(roles/discoveryengine.viewer)
授予对所有 Discovery Engine 资源的读取权限。
|
discoveryengine.aclConfigs.get
discoveryengine.analytics.*
discoveryengine.answers.get
discoveryengine.branches.*
discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.collections.get
discoveryengine.collections.list
discoveryengine.completionConfigs.completeQuery
discoveryengine.completionConfigs.get
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.conversations.converse
discoveryengine.conversations.get
discoveryengine.conversations.list
discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.documentProcessingConfigs.get
discoveryengine.documents.batchGetDocumentsMetadata
discoveryengine.documents.get
discoveryengine.documents.list
discoveryengine.engines.get
discoveryengine.engines.list
discoveryengine.evaluations.get
discoveryengine.evaluations.list
discoveryengine.groundingConfigs.check
discoveryengine.models.get
discoveryengine.models.list
discoveryengine.operations.*
discoveryengine.projects.get
discoveryengine.rankingConfigs.rank
discoveryengine.sampleQueries.get
discoveryengine.sampleQueries.list
discoveryengine.sampleQuerySets.get
discoveryengine.sampleQuerySets.list
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.validate
discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.sessions.get
discoveryengine.sessions.list
discoveryengine.siteSearchEngines.get
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.userEvents.fetchStats
discoveryengine.widgetConfigs.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Admin
Beta 版
(roles/enterprisepurchasing.admin)
拥有对 Enterprise Purchasing 资源的完整访问权限。
|
enterprisepurchasing.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Editor
Beta 版
(roles/enterprisepurchasing.editor)
拥有对 Enterprise Purchasing 资源的编辑权限。
|
enterprisepurchasing.gcveCuds.get
enterprisepurchasing.gcveCuds.list
enterprisepurchasing.gcveNodePricingInfo.list
enterprisepurchasing.locations.*
enterprisepurchasing.operations.get
enterprisepurchasing.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Viewer
Beta 版
(roles/enterprisepurchasing.viewer)
拥有对 Enterprise Purchasing 资源的只读权限。
|
enterprisepurchasing.gcveCuds.get
enterprisepurchasing.gcveCuds.list
enterprisepurchasing.gcveNodePricingInfo.list
enterprisepurchasing.locations.*
enterprisepurchasing.operations.get
enterprisepurchasing.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/essentialcontacts.admin)
能够全面访问所有重要联系人
|
essentialcontacts.*
|
|
(roles/essentialcontacts.viewer)
能查看所有重要联系人
|
essentialcontacts.contacts.get
essentialcontacts.contacts.list
|
Firebase Cloud Messaging API Admin
Beta 版
(roles/firebasecloudmessaging.admin)
拥有对 Firebase Cloud Messaging API 资源的完整读写权限。
|
cloudmessaging.messages.create
fcmdata.deliverydata.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Firebase Crash Symbol Uploader
(roles/firebasecrash.symbolMappingsAdmin)
拥有 Firebase 崩溃报告符号映射文件资源的完全读写权限。
|
firebase.clients.get
firebase.clients.list
resourcemanager.projects.get
|
Firebase Data Connect API Admin
Beta 版
(roles/firebasedataconnect.admin)
拥有对 Firebase Data Connect API 资源(包括数据)的完整访问权限。
|
firebasedataconnect.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Firebase Data Connect API Data Admin
Beta 版
(roles/firebasedataconnect.dataAdmin)
拥有对数据源的完整访问权限。
|
firebasedataconnect.services.executeGraphql
firebasedataconnect.services.executeGraphqlRead
|
Firebase Data Connect API Data Viewer
Beta 版
(roles/firebasedataconnect.dataViewer)
拥有对数据源的只读权限。
|
firebasedataconnect.services.executeGraphqlRead
|
Firebase Data Connect API Viewer
Beta 版
(roles/firebasedataconnect.viewer)
拥有对 Firebase Data Connect API 资源的只读权限。角色不授予对数据的访问权限。
|
firebasedataconnect.connectorRevisions.get
firebasedataconnect.connectorRevisions.list
firebasedataconnect.connectors.get
firebasedataconnect.connectors.list
firebasedataconnect.locations.*
firebasedataconnect.operations.get
firebasedataconnect.operations.list
firebasedataconnect.schemaRevisions.get
firebasedataconnect.schemaRevisions.list
firebasedataconnect.schemas.get
firebasedataconnect.schemas.list
firebasedataconnect.services.get
firebasedataconnect.services.list
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Admin
Beta 版
(roles/gdchardwaremanagement.admin)
拥有对 GDC Hardware Management 资源的完整访问权限。
|
gdchardwaremanagement.*
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Operator
Beta 版
(roles/gdchardwaremanagement.operator)
可以创建、读取和更新支持此类操作的 GDC Hardware Management 资源。还会授予对 HardwareGroup 资源的删除权限。
|
gdchardwaremanagement.changeLogEntries.*
gdchardwaremanagement.comments.*
gdchardwaremanagement.hardware.*
gdchardwaremanagement.hardwareGroups.*
gdchardwaremanagement.locations.*
gdchardwaremanagement.operations.get
gdchardwaremanagement.operations.list
gdchardwaremanagement.orders.create
gdchardwaremanagement.orders.get
gdchardwaremanagement.orders.list
gdchardwaremanagement.orders.update
gdchardwaremanagement.sites.*
gdchardwaremanagement.skus.*
gdchardwaremanagement.zones.*
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Reader
Beta 版
(roles/gdchardwaremanagement.reader)
拥有对 GDC Hardware Management 资源的只读权限。
|
gdchardwaremanagement.changeLogEntries.*
gdchardwaremanagement.comments.get
gdchardwaremanagement.comments.list
gdchardwaremanagement.hardware.get
gdchardwaremanagement.hardware.list
gdchardwaremanagement.hardwareGroups.get
gdchardwaremanagement.hardwareGroups.list
gdchardwaremanagement.locations.*
gdchardwaremanagement.operations.get
gdchardwaremanagement.operations.list
gdchardwaremanagement.orders.get
gdchardwaremanagement.orders.list
gdchardwaremanagement.sites.get
gdchardwaremanagement.sites.list
gdchardwaremanagement.skus.*
gdchardwaremanagement.zones.get
gdchardwaremanagement.zones.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/identityplatform.admin)
拥有对 Identity Platform 资源的完全访问权限。
|
firebaseauth.*
identitytoolkit.*
|
|
(roles/identityplatform.viewer)
拥有对 Identity Platform 资源的读取权限。
|
firebaseauth.configs.get
firebaseauth.users.get
identitytoolkit.tenants.get
identitytoolkit.tenants.getIamPolicy
identitytoolkit.tenants.list
|
|
(roles/identitytoolkit.admin)
拥有对 Identity Toolkit 资源的完整访问权限。
|
firebaseauth.*
identitytoolkit.*
|
|
(roles/identitytoolkit.viewer)
拥有对 Identity Toolkit 资源的读取权限。
|
firebaseauth.configs.get
firebaseauth.users.get
identitytoolkit.tenants.get
identitytoolkit.tenants.getIamPolicy
identitytoolkit.tenants.list
|
Apigee Integration Admin
(roles/integrations.apigeeIntegrationAdminRole)
拥有对所有 Apigee 集成的完整访问权限的用户。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeAuthConfigs.*
integrations.apigeeCertificates.*
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.*
integrations.apigeeSfdcInstances.*
integrations.apigeeSuspensions.*
integrations.authConfigs.*
integrations.certificates.*
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.delete
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Deployer
(roles/integrations.apigeeIntegrationDeployerRole)
可在集成运行时中部署/取消部署 Apigee 集成的开发者。
|
integrations.apigeeIntegrationVers.deploy
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Editor
(roles/integrations.apigeeIntegrationEditorRole)
可以列出、创建和更新 Apigee 集成的开发者。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeAuthConfigs.create
integrations.apigeeAuthConfigs.get
integrations.apigeeAuthConfigs.list
integrations.apigeeAuthConfigs.update
integrations.apigeeCertificates.create
integrations.apigeeCertificates.get
integrations.apigeeCertificates.list
integrations.apigeeCertificates.update
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.create
integrations.apigeeSfdcChannels.get
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcChannels.update
integrations.apigeeSfdcInstances.create
integrations.apigeeSfdcInstances.get
integrations.apigeeSfdcInstances.list
integrations.apigeeSfdcInstances.update
integrations.authConfigs.create
integrations.authConfigs.get
integrations.authConfigs.list
integrations.authConfigs.update
integrations.certificates.get
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Invoker
(roles/integrations.apigeeIntegrationInvokerRole)
可以调用 Apigee 集成的角色。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.*
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.get
integrations.integrationVersions.invoke
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Viewer
(roles/integrations.apigeeIntegrationsViewer)
可以列出和查看 Apigee 集成的开发者。
|
integrations.apigeeAuthConfigs.list
integrations.apigeeCertificates.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcInstances.list
integrations.authConfigs.get
integrations.authConfigs.list
integrations.certificates.get
integrations.certificates.list
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.list
integrations.sfdcChannels.list
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Approver
(roles/integrations.apigeeSuspensionResolver)
可以批准/拒绝包含暂停/等待任务的 Apigee 集成的角色。
|
integrations.apigeeSuspensions.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Certificate Viewer
(roles/integrations.certificateViewer)
可以列出和查看证书的开发者。
|
integrations.certificates.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Admin
(roles/integrations.integrationAdmin)
拥有对所有集成的完整访问权限 (CRUD) 的用户。
|
integrations.apigeeAuthConfigs.*
integrations.apigeeCertificates.*
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.*
integrations.apigeeSfdcInstances.*
integrations.apigeeSuspensions.*
integrations.authConfigs.*
integrations.certificates.*
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.*
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.suspensions.*
integrations.testCases.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Deployer
(roles/integrations.integrationDeployer)
可在集成运行时中部署/取消部署集成的开发者。
|
integrations.apigeeIntegrationVers.deploy
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Editor
(roles/integrations.integrationEditor)
可以列出、创建和更新集成的开发者。
|
integrations.apigeeAuthConfigs.create
integrations.apigeeAuthConfigs.get
integrations.apigeeAuthConfigs.list
integrations.apigeeAuthConfigs.update
integrations.apigeeCertificates.create
integrations.apigeeCertificates.get
integrations.apigeeCertificates.list
integrations.apigeeCertificates.update
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.create
integrations.apigeeSfdcChannels.get
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcChannels.update
integrations.apigeeSfdcInstances.create
integrations.apigeeSfdcInstances.get
integrations.apigeeSfdcInstances.list
integrations.apigeeSfdcInstances.update
integrations.authConfigs.create
integrations.authConfigs.get
integrations.authConfigs.list
integrations.authConfigs.update
integrations.certificates.get
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.generateOpenApiSpec
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.testCases.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Invoker
(roles/integrations.integrationInvoker)
可以调用集成的角色。
|
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.*
integrations.executions.*
integrations.integrationVersions.get
integrations.integrationVersions.invoke
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.testCases.get
integrations.testCases.invoke
integrations.testCases.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Viewer
(roles/integrations.integrationViewer)
可以列出和查看集成的开发者。
|
integrations.apigeeAuthConfigs.list
integrations.apigeeCertificates.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcInstances.list
integrations.authConfigs.get
integrations.authConfigs.list
integrations.certificates.get
integrations.certificates.list
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.generateOpenApiSpec
integrations.integrations.get
integrations.integrations.list
integrations.sfdcChannels.list
integrations.sfdcInstances.list
integrations.testCases.get
integrations.testCases.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Security Integration Admin
Beta 版
(roles/integrations.securityIntegrationAdmin)
拥有对所有安全集成的完整访问权限的用户。
|
integrations.securityAuthConfigs.*
integrations.securityExecutions.*
integrations.securityIntegTempVers.*
integrations.securityIntegrationVers.*
integrations.securityIntegrations.*
|
Application Integration SFDC Instance Admin
(roles/integrations.sfdcInstanceAdmin)
拥有对所有 SFDC 实例的完整访问权限 (CRUD) 的用户。
|
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration SFDC Instance Editor
(roles/integrations.sfdcInstanceEditor)
可以列出、创建和更新集成的开发者。
|
integrations.sfdcChannels.create
integrations.sfdcChannels.get
integrations.sfdcChannels.list
integrations.sfdcChannels.update
integrations.sfdcInstances.create
integrations.sfdcInstances.get
integrations.sfdcInstances.list
integrations.sfdcInstances.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration SFDC Instance Viewer
(roles/integrations.sfdcInstanceViewer)
可以列出和查看 SFDC 实例的开发者。
|
integrations.sfdcChannels.get
integrations.sfdcChannels.list
integrations.sfdcInstances.get
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Approver
(roles/integrations.suspensionResolver)
此角色可以解决已暂停的集成的相关问题。
|
integrations.apigeeSuspensions.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Admin
Beta 版
(roles/issuerswitch.accountManagerAdmin)
此角色可以执行所有与账号管理员相关的操作
|
issuerswitch.accountManagerTransactions.*
issuerswitch.managedAccounts.*
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Transactions Admin
Beta 版
(roles/issuerswitch.accountManagerTransactionsAdmin)
此角色可以执行所有与账号管理员事务相关的操作
|
issuerswitch.accountManagerTransactions.*
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Transactions Viewer
Beta 版
(roles/issuerswitch.accountManagerTransactionsViewer)
此角色可以查看所有账号管理员事务
|
issuerswitch.accountManagerTransactions.list
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Admin
Beta 版
(roles/issuerswitch.admin)
拥有对所有颁发机构切换角色的权限
|
issuerswitch.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Participants Admin
Beta 版
(roles/issuerswitch.issuerParticipantsAdmin)
拥有对 Issuerswitch 参与者的完整访问权限
|
issuerswitch.issuerParticipants.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Resolutions Admin
Beta 版
(roles/issuerswitch.resolutionsAdmin)
拥有对颁发机构切换解决方案的完整访问权限
|
issuerswitch.complaintTransactions.list
issuerswitch.complaints.*
issuerswitch.disputes.*
issuerswitch.operations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Rules Admin
Beta 版
(roles/issuerswitch.rulesAdmin)
拥有对颁发机构切换规则的完整访问权限
|
issuerswitch.ruleMetadata.list
issuerswitch.ruleMetadataValues.*
issuerswitch.rules.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Rules Viewer
Beta 版
(roles/issuerswitch.rulesViewer)
此角色可以查看规则和相关元数据。
|
issuerswitch.ruleMetadata.list
issuerswitch.ruleMetadataValues.list
issuerswitch.rules.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Transactions Viewer
Beta 版
(roles/issuerswitch.transactionsViewer)
此角色可以查看所有事务
|
issuerswitch.complaintTransactions.list
issuerswitch.financialTransactions.list
issuerswitch.mandateTransactions.list
issuerswitch.metadataTransactions.list
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/kubernetesmetadata.publisher)
Kubernetes 集群元数据的发布方
|
kubernetesmetadata.*
|
Cloud License Manager Admin
(roles/licensemanager.admin)
拥有对 Cloud License Manager 资源的完整访问权限。
|
licensemanager.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud License Manager Viewer
(roles/licensemanager.viewer)
拥有对 Cloud License Manager 资源的只读权限。
|
licensemanager.configurations.get
licensemanager.configurations.list
licensemanager.instances.*
licensemanager.locations.*
licensemanager.operations.get
licensemanager.operations.list
licensemanager.products.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Managed Flink Admin
Beta 版
(roles/managedflink.admin)
拥有对托管式 Flink 资源的完整访问权限。
|
managedflink.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Managed Flink Developer
Beta 版
(roles/managedflink.developer)
拥有对托管式 Flink 作业和会话的完整访问权限以及对部署的读取权限。
|
managedflink.deployments.get
managedflink.deployments.list
managedflink.jobs.*
managedflink.locations.*
managedflink.operations.get
managedflink.operations.list
managedflink.sessions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Managed Flink Viewer
Beta 版
(roles/managedflink.viewer)
拥有对托管式 Flink 资源的只读权限。
|
managedflink.deployments.get
managedflink.deployments.list
managedflink.jobs.get
managedflink.jobs.list
managedflink.locations.*
managedflink.operations.get
managedflink.operations.list
managedflink.sessions.get
managedflink.sessions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Managed Kafka Admin
Beta 版
(roles/managedkafka.admin)
拥有对托管 Kafka 资源的完整访问权限。
|
cloudasset.assets.searchAllResources
managedkafka.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Client
Beta 版
(roles/managedkafka.client)
提供连接集群中 Kafka 服务器的权限,例如提供 Kafka 数据平面访问权限。适用于一些用户,如提供方和使用方。
|
cloudasset.assets.searchAllResources
managedkafka.clusters.connect
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.*
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Cluster Editor
Beta 版
(roles/managedkafka.clusterEditor)
提供对 Kafka 集群的读写权限。适用于一些用户,例如,需要预配 Kafka 集群,但不需要能够读取或者修改主题或使用方群组的 IT 部门。
|
cloudasset.assets.searchAllResources
managedkafka.clusters.create
managedkafka.clusters.delete
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.clusters.update
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.get
managedkafka.topics.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Consumer Group Editor
Beta 版
(roles/managedkafka.consumerGroupEditor)
提供对使用方群组元数据的读写权限。适用于配置使用方群组的开发者等用户。
|
cloudasset.assets.searchAllResources
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.*
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.get
managedkafka.topics.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Topic Editor
Beta 版
(roles/managedkafka.topicEditor)
提供对主题元数据的读写权限。适用于配置主题的开发者等用户。
|
cloudasset.assets.searchAllResources
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Viewer
Beta 版
(roles/managedkafka.viewer)
拥有对 Managed Kafka 资源的只读权限。
|
cloudasset.assets.searchAllResources
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.get
managedkafka.topics.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Mandiant Attack Surface Management Editor
Beta 版
(roles/mandiant.attackSurfaceManagementEditor)
拥有对 Attack Surface Management 的写入权限
|
mandiant.genericAttackSurfaceManagements.create
mandiant.genericAttackSurfaceManagements.delete
mandiant.genericAttackSurfaceManagements.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Attack Surface Management Viewer
Beta 版
(roles/mandiant.attackSurfaceManagementViewer)
拥有对 Attack Surface Management 的读取权限
|
mandiant.genericAttackSurfaceManagements.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Digital Threat Monitoring Editor
Beta 版
(roles/mandiant.digitalThreatMonitoringEditor)
拥有对 Digital Threat Monitoring 的写入权限
|
mandiant.genericDigitalThreatMonitorings.create
mandiant.genericDigitalThreatMonitorings.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Digital Threat Monitoring Viewer
Beta 版
(roles/mandiant.digitalThreatMonitoringViewer)
拥有对 Digital Threat Monitoring 的读取权限
|
mandiant.genericDigitalThreatMonitorings.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Expertise On Demand Editor
Beta 版
(roles/mandiant.expertiseOnDemandEditor)
拥有对 Expertise On Demand 的写入权限
|
mandiant.genericExpertiseOnDemands.create
mandiant.genericExpertiseOnDemands.delete
mandiant.genericExpertiseOnDemands.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Expertise On Demand Viewer
Beta 版
(roles/mandiant.expertiseOnDemandViewer)
拥有对 Expertise On Demand 的读取权限
|
mandiant.genericExpertiseOnDemands.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Threat Intel Editor
Beta 版
(roles/mandiant.threatIntelEditor)
拥有对 Threat Intel 的写入权限
|
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
mandiant.genericThreatIntels.create
mandiant.genericThreatIntels.delete
mandiant.genericThreatIntels.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Threat Intel Viewer
Beta 版
(roles/mandiant.threatIntelViewer)
拥有对 Threat Intel 的读取权限
|
mandiant.genericPlatforms.get
mandiant.genericThreatIntels.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Validation Editor
Beta 版
(roles/mandiant.validationEditor)
拥有对 Validation 的写入权限
|
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
mandiant.genericValidations.create
mandiant.genericValidations.delete
mandiant.genericValidations.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Validation Viewer
Beta 版
(roles/mandiant.validationViewer)
拥有对 Validation 的读取权限
|
mandiant.genericPlatforms.get
mandiant.genericValidations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mobility Solutions Overages Viewer
Beta 版
(roles/mapsanalytics.mobilitySolutionsOverageViewer)
授予对移动解决方案超额用量指标数据的只读权限。
|
mapsanalytics.metricData.queryMobilitySolutionsOverageData
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.list
|
Maps Analytics Viewer
Beta 版
(roles/mapsanalytics.viewer)
可授予对所有 Maps Analytics 资源的只读权限。
|
mapsanalytics.metricData.query
mapsanalytics.metricMetadata.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.list
|
|
(roles/mapsplatformdatasets.admin)
授予对所有 Maps Platform Datasets API 资源的读写权限
|
mapsadmin.clientStyles.*
mapsplatformdatasets.*
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/mapsplatformdatasets.viewer)
授予对所有 Maps Platform Datasets API 资源的只读权限
|
mapsadmin.clientStyles.get
mapsadmin.clientStyles.list
mapsplatformdatasets.datasets.export
mapsplatformdatasets.datasets.get
mapsplatformdatasets.datasets.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Admin
Beta 版
(roles/marketplacesolutions.admin)
拥有对 Marketplace 解决方案资源的完整访问权限。
|
marketplacesolutions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Editor
Beta 版
(roles/marketplacesolutions.editor)
拥有对 Marketplace 解决方案资源的修改权限。
|
marketplacesolutions.locations.*
marketplacesolutions.operations.get
marketplacesolutions.operations.list
marketplacesolutions.powerImages.*
marketplacesolutions.powerInstances.get
marketplacesolutions.powerInstances.list
marketplacesolutions.powerInstances.update
marketplacesolutions.powerNetworks.*
marketplacesolutions.powerSshKeys.*
marketplacesolutions.powerVolumes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Viewer
Beta 版
(roles/marketplacesolutions.viewer)
拥有对 Marketplace 解决方案资源的只读权限。
|
marketplacesolutions.locations.*
marketplacesolutions.operations.get
marketplacesolutions.operations.list
marketplacesolutions.powerImages.*
marketplacesolutions.powerInstances.get
marketplacesolutions.powerInstances.list
marketplacesolutions.powerNetworks.*
marketplacesolutions.powerSshKeys.*
marketplacesolutions.powerVolumes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Memorystore Admin
(roles/memorystore.admin)
拥有对 Memorystore 资源的完整访问权限。
|
memorystore.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Memorystore DB Connector User
(roles/memorystore.dbConnectionUser)
连接到 Memorystore Server 数据库的权限。
|
memorystore.instances.connect
|
Memorystore Viewer
(roles/memorystore.viewer)
拥有对 Memorystore 资源的只读权限。
|
memorystore.instances.get
memorystore.instances.list
memorystore.locations.*
memorystore.operations.get
memorystore.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Admin
(roles/nestconsole.homeDeveloperAdmin)
拥有对 Google Home 开发者控制台资源的管理员权限
|
nestconsole.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Editor
(roles/nestconsole.homeDeveloperEditor)
拥有对 Google Home 开发者控制台资源的读写权限
|
nestconsole.smarthomePreviews.update
nestconsole.smarthomeProjects.get
nestconsole.smarthomeProjects.update
nestconsole.smarthomeVersions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Reader
(roles/nestconsole.homeDeveloperViewer)
拥有对 Google Home 开发者控制台资源的只读权限
|
nestconsole.smarthomeProjects.get
nestconsole.smarthomeVersions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Cloud NetApp Volumes Admin
Beta 版
(roles/netapp.admin)
拥有对 Google Cloud NetApp Volumes 资源的完整访问权限。
|
netapp.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Cloud NetApp Volumes Viewer
Beta 版
(roles/netapp.viewer)
拥有对 Google Cloud NetApp Volumes 资源的只读权限。
|
netapp.activeDirectories.get
netapp.activeDirectories.list
netapp.backupPolicies.get
netapp.backupPolicies.list
netapp.backupVaults.get
netapp.backupVaults.list
netapp.backups.get
netapp.backups.list
netapp.kmsConfigs.get
netapp.kmsConfigs.list
netapp.locations.*
netapp.operations.get
netapp.operations.list
netapp.quotaRules.get
netapp.quotaRules.list
netapp.replications.get
netapp.replications.list
netapp.snapshots.get
netapp.snapshots.list
netapp.storagePools.get
netapp.storagePools.list
netapp.volumes.get
netapp.volumes.list
resourcemanager.projects.get
resourcemanager.projects.list
|
OAuth Config Editor
Beta 版
(roles/oauthconfig.editor)
拥有对 OAuth 配置资源的读写权限
|
clientauthconfig.*
firebase.clients.create
firebase.clients.get
firebase.clients.list
firebase.clients.update
firebaseappcheck.resourcePolicies.*
oauthconfig.*
|
OAuth Config Viewer
Beta 版
(roles/oauthconfig.viewer)
拥有对 OAuth 配置资源的只读权限
|
clientauthconfig.brands.get
clientauthconfig.brands.list
clientauthconfig.clients.get
clientauthconfig.clients.list
firebase.clients.get
firebase.clients.list
firebaseappcheck.resourcePolicies.get
oauthconfig.clientpolicy.get
oauthconfig.testusers.get
oauthconfig.verification.get
|
Oracle Database@Google Cloud admin
(roles/oracledatabase.admin)
授予对 Oracle 数据库所有资源的完整管理权限。
|
oracledatabase.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Autonomous Database Admin
(roles/oracledatabase.autonomousDatabaseAdmin)
授予对自治数据库所有资源的完整管理权限。
|
oracledatabase.autonomousDatabaseBackups.*
oracledatabase.autonomousDatabaseCharacterSets.list
oracledatabase.autonomousDatabases.*
oracledatabase.autonomousDbVersions.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Autonomous Database Viewer
(roles/oracledatabase.autonomousDatabaseViewer)
授予查看自治数据库所有资源的读取权限。
|
oracledatabase.autonomousDatabaseBackups.get
oracledatabase.autonomousDatabaseBackups.list
oracledatabase.autonomousDatabaseCharacterSets.list
oracledatabase.autonomousDatabases.get
oracledatabase.autonomousDatabases.list
oracledatabase.autonomousDbVersions.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Exadata Infrastructure Admin
(roles/oracledatabase.cloudExadataInfrastructureAdmin)
授予管理所有 Exadata Infrastructure 资源的完整权限。
|
oracledatabase.cloudExadataInfrastructures.create
oracledatabase.cloudExadataInfrastructures.delete
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.cloudExadataInfrastructures.update
oracledatabase.dbServers.list
oracledatabase.dbSystemShapes.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Exadata Infrastructure Viewer
(roles/oracledatabase.cloudExadataInfrastructureViewer)
授予查看所有 Exadata Infrastructure 资源的读取权限。
|
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.dbServers.list
oracledatabase.dbSystemShapes.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud VM Cluster Admin
(roles/oracledatabase.cloudVmClusterAdmin)
授予管理所有虚拟机集群资源的完整权限。
|
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.cloudExadataInfrastructures.use
oracledatabase.cloudVmClusters.*
oracledatabase.dbNodes.list
oracledatabase.dbServers.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud VM Cluster Viewer
(roles/oracledatabase.cloudVmClusterViewer)
授予查看所有虚拟机集群资源的读取权限。
|
oracledatabase.cloudVmClusters.get
oracledatabase.cloudVmClusters.list
oracledatabase.dbNodes.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud viewer
(roles/oracledatabase.viewer)
授予对所有 Oracle 数据库资源的查看权限。
|
oracledatabase.autonomousDatabaseBackups.get
oracledatabase.autonomousDatabaseBackups.list
oracledatabase.autonomousDatabaseCharacterSets.list
oracledatabase.autonomousDatabases.get
oracledatabase.autonomousDatabases.list
oracledatabase.autonomousDbVersions.list
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.cloudVmClusters.get
oracledatabase.cloudVmClusters.list
oracledatabase.dbNodes.list
oracledatabase.dbServers.list
oracledatabase.dbSystemShapes.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Parallelstore Admin
(roles/parallelstore.admin)
拥有对 Parallelstore 资源的完整访问权限。
|
parallelstore.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Parallelstore Viewer
(roles/parallelstore.viewer)
拥有对 Parallelstore 资源的只读权限。
|
parallelstore.instances.get
parallelstore.instances.list
parallelstore.locations.*
parallelstore.operations.get
parallelstore.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Parameter Manager Admin
Beta 版
(roles/parametermanager.admin)
授予对于所有 Parameter Manager 资源的完整访问权限。适合需要执行所有管理任务的项目管理员和所有者。
|
parametermanager.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Parameter Manager Parameter Accessor
Beta 版
(roles/parametermanager.parameterAccessor)
授予对于 ParameterManager ParameterVersion 资源的读取权限。适合仅需要在 ParameterVersion 上执行读取操作的用户和应用。
|
parametermanager.locations.*
parametermanager.parameterVersions.render
resourcemanager.projects.get
resourcemanager.projects.list
|
Parameter Manager Parameter Version Adder
Beta 版
(roles/parametermanager.parameterVersionAdder)
授予对于 Parameter Manager ParameterVersion 资源的创建权限。适合仅需要在 ParameterVersions 上执行创建操作的用户和应用。
|
parametermanager.locations.*
parametermanager.parameterVersions.create
parametermanager.parameters.get
parametermanager.parameters.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Parameter Manager Parameter Version Manager
Beta 版
(roles/parametermanager.parameterVersionManager)
授予对于所有 Parameter Manager ParameterVersion 资源的读写权限。适合仅需要查看 Parameters 以及在 ParameterVersions 上执行创建/读取/更新/删除/列出操作的用户和应用。
|
parametermanager.locations.*
parametermanager.parameterVersions.create
parametermanager.parameterVersions.delete
parametermanager.parameterVersions.get
parametermanager.parameterVersions.list
parametermanager.parameterVersions.update
parametermanager.parameters.get
parametermanager.parameters.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Parameter Manager Parameter Viewer
Beta 版
(roles/parametermanager.parameterViewer)
授予对于 Parameter Manager Parameter 和 ParameterVersion 资源的读取权限。适合仅需要在 Parameters 和 ParameterVersions 上执行读取/列出操作的用户和应用。
|
parametermanager.locations.*
parametermanager.parameterVersions.get
parametermanager.parameterVersions.list
parametermanager.parameters.get
parametermanager.parameters.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Admin
Beta 版
(roles/paymentsresellersubscription.partnerAdmin)
拥有对所有 Payments Reseller 资源(包括订阅、产品和促销活动)的完全访问权限
|
paymentsresellersubscription.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Viewer
Beta 版
(roles/paymentsresellersubscription.partnerViewer)
拥有对所有 Payments Reseller 资源(包括订阅、产品和促销活动)的读取权限
|
paymentsresellersubscription.products.list
paymentsresellersubscription.promotions.list
paymentsresellersubscription.subscriptions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Products Viewer
Beta 版
(roles/paymentsresellersubscription.productViewer)
拥有对 Payments Reseller 产品资源的读取权限
|
paymentsresellersubscription.products.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/paymentsresellersubscription.promotionViewer)
拥有对 Payments Reseller 促销活动资源的读取权限
|
paymentsresellersubscription.promotions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Subscriptions Editor
Beta 版
(roles/paymentsresellersubscription.subscriptionEditor)
拥有对 Payments Reseller 订阅资源的写入权限
|
paymentsresellersubscription.subscriptions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Subscriptions Viewer
Beta 版
(roles/paymentsresellersubscription.subscriptionViewer)
拥有对 Payments Reseller 订阅资源的读取权限
|
paymentsresellersubscription.subscriptions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Partner UserSessions Editor
Beta 版
(roles/paymentsresellersubscription.userSessionEditor)
付款合作伙伴的 UserSessions 的编辑者
|
paymentsresellersubscription.userSessions.generate
|
Activity Analysis Viewer
Beta 版
(roles/policyanalyzer.activityAnalysisViewer)
可以读取所有活动分析数据的 Viewer 用户。
|
policyanalyzer.*
|
|
(roles/policyremediatormanager.policyRemediatorAdmin)
授予启用和停用组织 Policy Remediator 的权限
|
policyremediatormanager.*
|
|
(roles/policyremediatormanager.policyRemediatorReader)
授予读取/查看组织 Policy Remediator 状态的权限
|
policyremediatormanager.locations.*
policyremediatormanager.operations.get
policyremediatormanager.operations.list
policyremediatormanager.remediatorServices.get
|
Simulator Admin
Beta 版
(roles/policysimulator.admin)
可以运行和访问重放的管理员用户。
|
policysimulator.accessPolicySimulationResults.list
policysimulator.accessPolicySimulations.*
policysimulator.replayResults.list
policysimulator.replays.*
|
OrgPolicy Simulator Admin
Beta 版
(roles/policysimulator.orgPolicyAdmin)
可以运行和访问模拟的组织政策管理员。
|
cloudasset.assets.analyzeOrgPolicy
cloudasset.assets.exportResource
cloudasset.assets.listResource
cloudasset.assets.searchAllResources
orgpolicy.customConstraints.get
orgpolicy.customConstraints.list
orgpolicy.policies.list
orgpolicy.policy.get
policysimulator.orgPolicyViolations.list
policysimulator.orgPolicyViolationsPreviews.*
resourcemanager.organizations.get
|
External Account Key Creator
Beta 版
(roles/publicca.externalAccountKeyCreator)
此角色可以创建新的 externalAccountKey 资源。
|
publicca.externalAccountKeys.create
resourcemanager.projects.get
resourcemanager.projects.list
|
Subscription Linking Admin
(roles/readerrevenuesubscriptionlinking.admin)
拥有对出版物读者资源的完整访问权限
|
readerrevenuesubscriptionlinking.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Subscription Linking Entitlements Viewer
(roles/readerrevenuesubscriptionlinking.entitlementsViewer)
此角色可以查看所有出版物读者权益
|
readerrevenuesubscriptionlinking.readerEntitlements.get
|
Subscription Linking Viewer
(roles/readerrevenuesubscriptionlinking.viewer)
此角色可以查看所有出版物读者资源
|
readerrevenuesubscriptionlinking.readerEntitlements.get
readerrevenuesubscriptionlinking.readers.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Recommendations Exporter
(roles/recommender.exporter)
建议的导出方
|
recommender.resources.export
|
Remote Build Execution Action Cache Writer
测试版
(roles/remotebuildexecution.actionCacheWriter)
Remote Build Execution 操作缓存写入者
|
remotebuildexecution.actions.set
remotebuildexecution.blobs.create
|
Remote Build Execution Artifact Admin
测试版
(roles/remotebuildexecution.artifactAdmin)
Remote Build Execution 工件管理员
|
remotebuildexecution.actions.create
remotebuildexecution.actions.delete
remotebuildexecution.actions.get
remotebuildexecution.blobs.*
remotebuildexecution.logstreams.*
|
Remote Build Execution Artifact Creator
测试版
(roles/remotebuildexecution.artifactCreator)
Remote Build Execution 工件创建者
|
remotebuildexecution.actions.create
remotebuildexecution.actions.get
remotebuildexecution.blobs.*
remotebuildexecution.logstreams.*
|
Remote Build Execution Artifact Viewer
测试版
(roles/remotebuildexecution.artifactViewer)
Remote Build Execution 工件查看者
|
remotebuildexecution.actions.get
remotebuildexecution.blobs.get
remotebuildexecution.logstreams.get
|
Remote Build Execution Configuration Admin
测试版
(roles/remotebuildexecution.configurationAdmin)
Remote Build Execution 配置管理员
|
remotebuildexecution.instances.*
remotebuildexecution.workerpools.*
|
Remote Build Execution Configuration Viewer
测试版
(roles/remotebuildexecution.configurationViewer)
Remote Build Execution 配置查看者
|
remotebuildexecution.instances.get
remotebuildexecution.instances.list
remotebuildexecution.workerpools.get
remotebuildexecution.workerpools.list
|
Remote Build Execution Logstream Writer
测试版
(roles/remotebuildexecution.logstreamWriter)
Remote Build Execution 日志流写入者
|
remotebuildexecution.logstreams.create
remotebuildexecution.logstreams.update
|
Remote Build Execution Reservation Admin
Beta 版
(roles/remotebuildexecution.reservationAdmin)
Remote Build Execution Reservation Admin
|
remotebuildexecution.actions.create
remotebuildexecution.actions.delete
remotebuildexecution.actions.get
|
Remote Build Execution Worker
测试版
(roles/remotebuildexecution.worker)
Remote Build Execution 工作处理者
|
remotebuildexecution.actions.update
remotebuildexecution.blobs.*
remotebuildexecution.botsessions.*
remotebuildexecution.logstreams.create
remotebuildexecution.logstreams.update
|
Retail Admin
(roles/retail.admin)
拥有对 Retail API 资源的完整访问权限。
|
automlrecommendations.apiKeys.create
automlrecommendations.apiKeys.delete
automlrecommendations.catalogItems.*
automlrecommendations.catalogs.*
automlrecommendations.eventStores.getStats
automlrecommendations.events.create
automlrecommendations.events.list
automlrecommendations.events.purge
automlrecommendations.events.rejoin
automlrecommendations.placements.*
automlrecommendations.recommendations.*
retail.alertConfigs.*
retail.attributesConfigs.*
retail.branches.*
retail.catalogs.*
retail.controls.*
retail.experiments.*
retail.models.*
retail.operations.*
retail.placements.*
retail.products.*
retail.retailProjects.*
retail.servingConfigs.*
retail.userEvents.*
|
Retail Editor
(roles/retail.editor)
拥有对 Retail API 资源的完整访问权限,但不具备完全清除、重新加入和 setSponsorship 权限。
|
automlrecommendations.apiKeys.create
automlrecommendations.apiKeys.delete
automlrecommendations.catalogItems.*
automlrecommendations.catalogs.*
automlrecommendations.eventStores.getStats
automlrecommendations.events.create
automlrecommendations.events.list
automlrecommendations.placements.*
automlrecommendations.recommendations.*
retail.alertConfigs.*
retail.attributesConfigs.addCatalogAttribute
retail.attributesConfigs.exportCatalogAttributes
retail.attributesConfigs.get
retail.attributesConfigs.importCatalogAttributes
retail.attributesConfigs.replaceCatalogAttribute
retail.attributesConfigs.update
retail.branches.*
retail.catalogs.*
retail.controls.*
retail.experiments.*
retail.models.*
retail.operations.*
retail.placements.*
retail.products.create
retail.products.delete
retail.products.export
retail.products.get
retail.products.import
retail.products.list
retail.products.update
retail.retailProjects.get
retail.servingConfigs.*
retail.userEvents.create
retail.userEvents.import
|
Retail Merchant Approver
Beta 版
(roles/retail.merchantApprover)
授予对商家控制台中 MerchantControls 的访问权限和批准权限。
|
retail.merchantControls.*
|
Retail Merchant Creator
Beta 版
(roles/retail.merchantCreator)
授予对商家控制台中 MerchantControls 的所有权。
|
retail.merchantControls.creatorCreate
retail.merchantControls.creatorDelete
retail.merchantControls.creatorGet
retail.merchantControls.creatorList
retail.merchantControls.creatorSubmit
retail.merchantControls.creatorUpdate
|
Retail Viewer
(roles/retail.viewer)
授予读取 Retail 中所有资源的权限。
|
automlrecommendations.catalogItems.get
automlrecommendations.catalogItems.list
automlrecommendations.catalogs.getStats
automlrecommendations.catalogs.list
automlrecommendations.eventStores.getStats
automlrecommendations.events.list
automlrecommendations.placements.getStats
automlrecommendations.placements.list
automlrecommendations.recommendations.list
retail.alertConfigs.get
retail.attributesConfigs.exportCatalogAttributes
retail.attributesConfigs.get
retail.branches.*
retail.catalogs.completeQuery
retail.catalogs.exportAnalyticsMetrics
retail.catalogs.get
retail.catalogs.list
retail.controls.export
retail.controls.get
retail.controls.list
retail.experiments.get
retail.experiments.list
retail.experiments.loadExperimentLookerDashboard
retail.experiments.queryTrafficMetrics
retail.models.get
retail.models.list
retail.operations.*
retail.placements.*
retail.products.export
retail.products.get
retail.products.list
retail.retailProjects.get
retail.servingConfigs.get
retail.servingConfigs.list
retail.servingConfigs.predict
retail.servingConfigs.search
|
RISC Configuration Admin
Beta 版
(roles/riscconfigs.admin)
拥有对 RISC 配置资源的读写权限。
|
clientauthconfig.clients.list
riscconfigurationservice.*
|
RISC Configuration Viewer
Beta 版
(roles/riscconfigs.viewer)
拥有对 RISC 配置资源的只读权限。
|
clientauthconfig.clients.list
riscconfigurationservice.riscconfigs.get
|
Route Optimization Editor
(roles/routeoptimization.editor)
此角色可以通过 BatchOptimizeTours 创建长时间运行的操作。
|
resourcemanager.projects.get
resourcemanager.projects.list
routeoptimization.*
|
Route Optimization Viewer
(roles/routeoptimization.viewer)
此角色可以查看任何长时间运行的操作。
|
resourcemanager.projects.get
resourcemanager.projects.list
routeoptimization.operations.get
|
Serverless Integrations Developer
Beta 版
(roles/runapps.developer)
拥有创建和更改无服务器集成及其配置的权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.*
runapps.deployments.get
runapps.deployments.list
runapps.locations.*
runapps.operations.*
|
Serverless Integrations Operator
Beta 版
(roles/runapps.operator)
拥有部署无服务器集成的权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.get
runapps.applications.getStatus
runapps.applications.list
runapps.deployments.*
runapps.locations.*
runapps.operations.*
|
Serverless Integrations Viewer
Beta 版
(roles/runapps.viewer)
拥有对无服务器集成资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.get
runapps.applications.getStatus
runapps.applications.list
runapps.deployments.get
runapps.deployments.list
runapps.locations.*
runapps.operations.get
runapps.operations.list
|
Cloud RuntimeConfig Admin
(roles/runtimeconfig.admin)
拥有 RuntimeConfig 资源的完整访问权限。
|
runtimeconfig.*
|
|
(roles/securedlandingzone.bqdwOrgRemediator)
拥有在组织级修改(修复)SLZ BQDW Blueprint 中的资源的权限。
|
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.update
|
|
(roles/securedlandingzone.bqdwProjectRemediator)
拥有在项目级修改(修复)SLZ BQDW Blueprint 中的资源的权限。
|
bigquery.datasets.get
bigquery.datasets.getIamPolicy
bigquery.datasets.setIamPolicy
bigquery.datasets.update
cloudkms.cryptoKeys.get
cloudkms.cryptoKeys.getIamPolicy
cloudkms.cryptoKeys.list
cloudkms.cryptoKeys.setIamPolicy
cloudkms.cryptoKeys.update
cloudkms.keyRings.getIamPolicy
cloudkms.keyRings.setIamPolicy
pubsub.topics.get
pubsub.topics.getIamPolicy
pubsub.topics.list
pubsub.topics.setIamPolicy
pubsub.topics.update
resourcemanager.projects.update
serviceusage.services.use
storage.buckets.get
storage.buckets.getIamPolicy
storage.buckets.list
storage.buckets.setIamPolicy
storage.buckets.update
|
Overwatch Activator
Beta 版
(roles/securedlandingzone.overwatchActivator)
此角色可以启动或暂停 Overwatch
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.overwatches.activate
securedlandingzone.overwatches.suspend
|
Overwatch Admin
Beta 版
(roles/securedlandingzone.overwatchAdmin)
拥有对 Overwatch 的完全访问权限
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.*
|
Overwatch Viewer
Beta 版
(roles/securedlandingzone.overwatchViewer)
此角色可以查看 Overwatch 的所有属性
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.operations.get
securedlandingzone.overwatches.get
securedlandingzone.overwatches.list
|
Security Posture Admin
(roles/securityposture.admin)
拥有对 Security Posture 服务 API 的完整访问权限。
|
orgpolicy.*
resourcemanager.organizations.get
securitycenter.securityhealthanalyticssettings.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.securityHealthAnalyticsCustomModules.create
securitycentermanagement.securityHealthAnalyticsCustomModules.delete
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.update
securityposture.*
|
Security Posture Deployer
(roles/securityposture.postureDeployer)
拥有对 Posture Deployment 资源的更改和读取权限。
|
orgpolicy.*
resourcemanager.organizations.get
securitycenter.securityhealthanalyticssettings.*
securitycentermanagement.securityHealthAnalyticsCustomModules.create
securitycentermanagement.securityHealthAnalyticsCustomModules.delete
securitycentermanagement.securityHealthAnalyticsCustomModules.update
securityposture.operations.get
securityposture.postureDeployments.*
|
Security Posture Deployment Viewer
(roles/securityposture.postureDeploymentsViewer)
拥有对 Posture Deployment 资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postureDeployments.get
securityposture.postureDeployments.list
|
Security Posture Resource Editor
(roles/securityposture.postureEditor)
拥有对 Posture 资源的更改和读取权限。
|
securityposture.operations.get
securityposture.postures.*
|
Security Posture Resource Viewer
(roles/securityposture.postureViewer)
拥有对 Posture 资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postures.get
securityposture.postures.list
|
Security Posture Shift-Left Validator
(roles/securityposture.reportCreator)
拥有创建 IaC 验证报告等报告的权限。
|
securityposture.operations.get
securityposture.reports.*
|
Security Posture Viewer
(roles/securityposture.viewer)
拥有对所有 SecurityPosture 服务资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postureDeployments.get
securityposture.postureDeployments.list
securityposture.postureTemplates.*
securityposture.postures.get
securityposture.postures.list
|
Personalized Service Health Viewer
(roles/servicehealth.viewer)
拥有对 Personalized Service Health 资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
servicehealth.*
|
Security Insights Viewer
Beta 版
(roles/servicesecurityinsights.securityInsightsViewer)
拥有对 Security Insights 资源的只读权限
|
servicesecurityinsights.*
|
Speaker ID Admin
(roles/speakerid.admin)
授予对所有 Speaker ID 资源(包括项目设置)的完整访问权限。
|
speakerid.*
|
Speaker ID Editor
(roles/speakerid.editor)
授予读写所有 Speaker ID 资源的权限。
|
speakerid.phrases.*
speakerid.speakers.*
|
Speaker ID Verifier
(roles/speakerid.verifier)
授予对所有 Speaker ID 资源的读取权限,并允许验证。
|
speakerid.phrases.get
speakerid.phrases.list
speakerid.speakers.get
speakerid.speakers.list
speakerid.speakers.verify
|
Speaker ID Viewer
(roles/speakerid.viewer)
授予对所有 Speaker ID 资源的读取权限。
|
speakerid.phrases.get
speakerid.phrases.list
speakerid.speakers.get
speakerid.speakers.list
|
Cloud Speech Administrator
(roles/speech.admin)
授予对 Speech-to-text 中的所有资源的完全访问权限
|
speech.*
|
Cloud Speech Client
(roles/speech.client)
授予对识别 API 的访问权限。
|
speech.adaptations.execute
speech.customClasses.get
speech.customClasses.list
speech.locations.*
speech.operations.get
speech.operations.list
speech.operations.wait
speech.phraseSets.get
speech.phraseSets.list
speech.recognizers.get
speech.recognizers.list
speech.recognizers.recognize
|
Cloud Speech Editor
(roles/speech.editor)
授予修改 Speech-to-text 中的资源的权限
|
speech.adaptations.execute
speech.customClasses.*
speech.locations.*
speech.operations.*
speech.phraseSets.*
speech.recognizers.*
|
Storage Insights Admin
(roles/storageinsights.admin)
拥有对存储空间分析资源的完整访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.*
|
Storage Insights Analyst
(roles/storageinsights.analyst)
拥有对存储空间分析的数据访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.datasetConfigs.get
storageinsights.datasetConfigs.linkDataset
storageinsights.datasetConfigs.list
storageinsights.datasetConfigs.unlinkDataset
storageinsights.locations.*
storageinsights.operations.get
storageinsights.operations.list
storageinsights.reportConfigs.get
storageinsights.reportConfigs.list
storageinsights.reportDetails.*
|
Storage Insights Viewer
(roles/storageinsights.viewer)
拥有对存储空间分析资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.datasetConfigs.get
storageinsights.datasetConfigs.list
storageinsights.locations.*
storageinsights.operations.get
storageinsights.operations.list
storageinsights.reportConfigs.get
storageinsights.reportConfigs.list
storageinsights.reportDetails.*
|
Subscribe with Google Developer
测试版
(roles/subscribewithgoogledeveloper.developer)
可以访问通过 Google 订阅的开发者工具。
|
resourcemanager.projects.get
resourcemanager.projects.list
subscribewithgoogledeveloper.tools.get
|
Telco Automation Admin
Beta 版
(roles/telcoautomation.admin)
拥有对 Telco Automation 资源的完整访问权限。
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logScopes.get
logging.logScopes.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.getShared
logging.queries.listShared
logging.queries.usePrivate
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
monitoring.timeSeries.list
observability.scopes.get
resourcemanager.projects.get
serviceusage.quotas.*
serviceusage.services.*
source.repos.get
source.repos.list
telcoautomation.*
|
Telco Automation Blueprint Designer
Beta 版
(roles/telcoautomation.blueprintDesigner)
能够管理蓝图
|
telcoautomation.blueprints.create
telcoautomation.blueprints.delete
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.blueprints.propose
telcoautomation.blueprints.update
telcoautomation.deployments.computeStatus
telcoautomation.deployments.get
telcoautomation.deployments.list
telcoautomation.hydratedDeployments.get
telcoautomation.hydratedDeployments.list
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
telcoautomation.publicBlueprints.*
|
Telco Automation Deployment Admin
Beta 版
(roles/telcoautomation.deploymentAdmin)
能够管理部署
|
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Tier 1 Operations Admin
Beta 版
(roles/telcoautomation.opsAdminTier1)
能够获取部署状态
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logScopes.get
logging.logScopes.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.getShared
logging.queries.listShared
logging.queries.usePrivate
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
observability.scopes.get
resourcemanager.projects.get
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.computeStatus
telcoautomation.deployments.get
telcoautomation.deployments.list
telcoautomation.hydratedDeployments.get
telcoautomation.hydratedDeployments.list
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Tier 4 Operations Admin
Beta 版
(roles/telcoautomation.opsAdminTier4)
能够管理部署及其状态
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logScopes.get
logging.logScopes.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.getShared
logging.queries.listShared
logging.queries.usePrivate
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
observability.scopes.get
resourcemanager.projects.get
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Service Orchestrator
Beta 版
(roles/telcoautomation.serviceOrchestrator)
能够管理部署
|
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Timeseries Insights DataSet Editor
Beta 版
(roles/timeseriesinsights.datasetsEditor)
拥有对数据集的修改权限。
|
timeseriesinsights.*
|
Timeseries Insights DataSet Owner
Beta 版
(roles/timeseriesinsights.datasetsOwner)
拥有数据集的完整访问权限。
|
timeseriesinsights.*
|
Timeseries Insights DataSet Viewer
Beta 版
(roles/timeseriesinsights.datasetsViewer)
拥有对数据集的只读权限(列出和查询)。
|
timeseriesinsights.datasets.evaluate
timeseriesinsights.datasets.list
timeseriesinsights.datasets.query
timeseriesinsights.locations.*
|
Traffic Director Client
Beta 版
(roles/trafficdirector.client)
提取服务配置和报告指标。
|
trafficdirector.*
|
Translation Hub Admin
Beta 版
(roles/translationhub.admin)
Translation Hub 的管理员
|
automl.models.get
automl.models.list
automl.models.predict
cloudtranslate.customModels.get
cloudtranslate.customModels.list
cloudtranslate.customModels.predict
cloudtranslate.glossaries.create
cloudtranslate.glossaries.delete
cloudtranslate.glossaries.get
cloudtranslate.glossaries.list
cloudtranslate.glossaries.predict
resourcemanager.projects.get
resourcemanager.projects.list
translationhub.*
|
Translation Hub Portal User
Beta 版
(roles/translationhub.portalUser)
Translation Hub 的门户用户
|
automl.models.get
automl.models.list
automl.models.predict
cloudtranslate.customModels.get
cloudtranslate.customModels.list
cloudtranslate.customModels.predict
cloudtranslate.glossaries.get
cloudtranslate.glossaries.list
cloudtranslate.glossaries.predict
resourcemanager.projects.get
resourcemanager.projects.list
translationhub.portals.get
translationhub.portals.list
|
Visual Inspection AI Solution Editor
(roles/visualinspection.editor)
拥有对所有 Visual Inspection AI 资源(visualinspection.locations.reportUsageMetrics 除外)的读写权限
|
visualinspection.annotationSets.*
visualinspection.annotationSpecs.*
visualinspection.annotations.*
visualinspection.datasets.*
visualinspection.images.*
visualinspection.locations.get
visualinspection.locations.list
visualinspection.modelEvaluations.*
visualinspection.models.*
visualinspection.modules.*
visualinspection.operations.*
visualinspection.solutionArtifacts.*
visualinspection.solutions.*
|
Visual Inspection AI Usage Metrics Reporter
(roles/visualinspection.usageMetricsReporter)
拥有对视觉检测 AI 服务的 ReportUsageMetric 访问权限
|
visualinspection.locations.reportUsageMetrics
|
Visual Inspection AI Viewer
(roles/visualinspection.viewer)
对 Visual Inspection AI 资源的读取权限
|
visualinspection.annotationSets.get
visualinspection.annotationSets.list
visualinspection.annotationSpecs.get
visualinspection.annotationSpecs.list
visualinspection.annotations.get
visualinspection.annotations.list
visualinspection.datasets.export
visualinspection.datasets.get
visualinspection.datasets.list
visualinspection.images.get
visualinspection.images.list
visualinspection.locations.get
visualinspection.locations.list
visualinspection.modelEvaluations.*
visualinspection.models.get
visualinspection.models.list
visualinspection.modules.get
visualinspection.modules.list
visualinspection.operations.*
visualinspection.solutionArtifacts.get
visualinspection.solutionArtifacts.list
visualinspection.solutionArtifacts.predict
visualinspection.solutions.get
visualinspection.solutions.list
|
