IAM 角色和权限

本页面适用于 Apigee 和 Apigee Hybrid。

您可以使用 Google Cloud 项目中的 IAM 和管理 > IAM 页面上的权限面板查看和授予角色。

下表列出了创建和管理 API hub 资源所需的角色和相应的权限。

IAM 角色名称	说明	所需权限
Cloud API hub Viewer	此角色可以查看 API hub 中的所有资源	`apihub.googleapis.com/locations.searchResources` `apihub.googleapis.com/apis.list` `apihub.googleapis.com/apis.get` `apihub.googleapis.com/specs.list` `apihub.googleapis.com/specs.get` `apihub.googleapis.com/apiOperations.list` `apihub.googleapis.com/apiOperations.get` `apihub.googleapis.com/versions.list` `apihub.googleapis.com/versions.get` `apihub.googleapis.com/deployments.list` `apihub.googleapis.com/deployments.get` `apihub.googleapis.com/attributes.list` `apihub.googleapis.com/attributes.get` `apihub.googleapis.com/definitions.list` `apihub.googleapis.com/definitions.get` `apihub.googleapis.com/definitions.get` `apihub.googleapis.com/externalApis.get` `apihub.googleapis.com/externalApis.list` `apihub.googleapis.com/dependencies.get` `apihub.googleapis.com/dependencies.list` `apihub.googleapis.com/plugins.get` `apihub.googleapis.com/plugins.list` `apihub.googleapis.com/runTimeProjectAttachments.get` `apihub.googleapis.com/runTimeProjectAttachments.list` `apihub.googleapis.com/hostProjectRegistrations.list` `apihub.googleapis.com/hostProjectRegistrations.get` `apihub.googleapis.com/apiHubInstances.get` `apihub.googleapis.com/apiHubInstances.list` `apihub.googleapis.com/styleGuides.get` `cloudresourcemanager.googleapis.com/projects.get` `cloudresourcemanager.googleapis.com/projects.list`
Cloud API hub Plugins Admin	与插件相关的所有权限	`cloudresourcemanager.googleapis.com/projects.get` `cloudresourcemanager.googleapis.com/projects.list` `apihub.googleapis.com/plugins.get` `apihub.googleapis.com/plugins.list` `apihub.googleapis.com/plugins.enable` `apihub.googleapis.com/plugins.disable` `apihub.googleapis.com/specs.lint` `apihub.googleapis.com/styleGuides.get` `apihub.googleapis.com/styleGuides.update`
Cloud API hub Editor	资源的 Editor 角色	除了 `Cloud API hub viewer` 角色的权限之外，此角色还具有以下权限： `apihub.googleapis.com/apis.create` `apihub.googleapis.com/apis.update` `apihub.googleapis.com/apis.delete` `apihub.googleapis.com/versions.create` `apihub.googleapis.com/versions.update` `apihub.googleapis.com/versions.delete` `apihub.googleapis.com/specs.create` `apihub.googleapis.com/specs.update` `apihub.googleapis.com/specs.delete` `apihub.googleapis.com/deployments.create` `apihub.googleapis.com/deployments.update` `apihub.googleapis.com/deployments.delete` `apihub.googleapis.com/specs.lint`
Cloud API hub Provisioning Admin	与预配相关的所有权限	`cloudresourcemanager.googleapis.com/projects.get` `cloudresourcemanager.googleapis.com/projects.list` `apihub.googleapis.com/hostProjectRegistrations.list` `apihub.googleapis.com/hostProjectRegistrations.get` `apihub.googleapis.com/hostProjectRegistrations.create` `apihub.googleapis.com/hostProjectRegistrations.register` `apihub.googleapis.com/hostProjectRegistrations.delete` `apihub.googleapis.com/runTimeProjectAttachments.list` `apihub.googleapis.com/runTimeProjectAttachments.get` `apihub.googleapis.com/runTimeProjectAttachments.lookup` `apihub.googleapis.com/runTimeProjectAttachments.create` `apihub.googleapis.com/runTimeProjectAttachments.attach` `apihub.googleapis.com/runTimeProjectAttachments.delete` `apihub.googleapis.com/apiHubInstances.get` `apihub.googleapis.com/apiHubInstances.list` `apihub.googleapis.com/apiHubInstances.create` `apihub.googleapis.com/apiHubInstances.delete`
Cloud API hub Attributes Admin	与属性相关的所有权限	`cloudresourcemanager.googleapis.com/projects.get` `cloudresourcemanager.googleapis.com/projects.list` `apihub.googleapis.com/attributes.create` `apihub.googleapis.com/attributes.update` `apihub.googleapis.com/attributes.delete` `apihub.googleapis.com/attributes.list` `apihub.googleapis.com/attributes.get`
Cloud API hub Admin	所有权限	此角色具有以下角色的所有权限： Cloud API hub Editor Cloud API hub Attributes Admin Cloud API hub Provisioning Admin Cloud API hub Plugins Admin