其他角色 |
权限 |
Advisory Notifications Admin
(roles/advisorynotifications.admin)
授予对 Advisory Notifications 中的设置的写入权限
|
advisorynotifications.*
resourcemanager.organizations.get
resourcemanager.projects.get
|
Advisory Notifications Viewer
(roles/advisorynotifications.viewer)
授予在 Advisory Notifications 中查看消息的访问权限
|
advisorynotifications.notifications.*
advisorynotifications.settings.get
resourcemanager.organizations.get
resourcemanager.projects.get
|
Cloud API Hub Admin
Beta 版
(roles/apihub.admin)
拥有对所有 API Hub 资源的完整访问权限。
|
apihub.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Attributes Admin
Beta 版
(roles/apihub.attributeAdmin)
拥有对所有 Cloud API Hub 属性资源的完整访问权限。
|
apihub.attributes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Editor
Beta 版
(roles/apihub.editor)
拥有对大多数 Cloud API Hub 资源的修改权限。
|
apihub.apiHubInstances.get
apihub.apiHubInstances.list
apihub.apiOperations.*
apihub.apis.*
apihub.attributes.get
apihub.attributes.list
apihub.definitions.*
apihub.dependencies.*
apihub.deployments.*
apihub.externalApis.*
apihub.hostProjectRegistrations.get
apihub.hostProjectRegistrations.list
apihub.llmEnablements.*
apihub.locations.searchResources
apihub.operations.get
apihub.operations.list
apihub.plugins.get
apihub.plugins.list
apihub.runTimeProjectAttachments.get
apihub.runTimeProjectAttachments.list
apihub.specs.*
apihub.styleGuides.get
apihub.versions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API hub Plugins Admin
Beta 版
(roles/apihub.pluginAdmin)
拥有对所有 Cloud API Hub 插件资源的完整访问权限。
|
apihub.plugins.*
apihub.specs.lint
apihub.styleGuides.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Provisioning Admin
Beta 版
(roles/apihub.provisioningAdmin)
拥有对 Cloud API Hub 预配相关资源的完整访问权限。
|
apihub.apiHubInstances.*
apihub.hostProjectRegistrations.*
apihub.operations.*
apihub.runTimeProjectAttachments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Viewer
Beta 版
(roles/apihub.viewer)
拥有对所有 Cloud API Hub 资源的查看权限。
|
apihub.apiHubInstances.get
apihub.apiHubInstances.list
apihub.apiOperations.get
apihub.apiOperations.list
apihub.apis.get
apihub.apis.list
apihub.attributes.get
apihub.attributes.list
apihub.definitions.get
apihub.definitions.list
apihub.dependencies.get
apihub.dependencies.list
apihub.deployments.get
apihub.deployments.list
apihub.externalApis.get
apihub.externalApis.list
apihub.hostProjectRegistrations.get
apihub.hostProjectRegistrations.list
apihub.llmEnablements.get
apihub.llmEnablements.list
apihub.locations.searchResources
apihub.operations.get
apihub.operations.list
apihub.plugins.get
apihub.plugins.list
apihub.runTimeProjectAttachments.get
apihub.runTimeProjectAttachments.list
apihub.specs.get
apihub.specs.list
apihub.styleGuides.get
apihub.versions.get
apihub.versions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
API Management Admin
Beta 版
(roles/apim.admin)
拥有对 API 管理资源的完整访问权限。
|
apim.*
resourcemanager.projects.get
resourcemanager.projects.list
|
API Management Viewer
Beta 版
(roles/apim.viewer)
拥有对 API 管理资源的只读权限。
|
apim.apiObservations.*
apim.apiOperations.*
apim.locations.*
apim.observationJobs.get
apim.observationJobs.list
apim.observationSources.get
apim.observationSources.list
apim.operations.get
apim.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub 管理员
(roles/apphub.admin)
拥有对 App Hub 资源的完整访问权限。
|
apphub.*
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub 编辑器
(roles/apphub.editor)
拥有对 App Hub 资源的修改权限。
|
apphub.applications.create
apphub.applications.delete
apphub.applications.get
apphub.applications.list
apphub.applications.update
apphub.discoveredServices.*
apphub.discoveredWorkloads.*
apphub.locations.*
apphub.operations.*
apphub.serviceProjectAttachments.lookup
apphub.services.*
apphub.workloads.*
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub 查看器
(roles/apphub.viewer)
拥有对 App Hub 资源的查看权限。
|
apphub.applications.get
apphub.applications.list
apphub.discoveredServices.get
apphub.discoveredServices.list
apphub.discoveredWorkloads.get
apphub.discoveredWorkloads.list
apphub.locations.*
apphub.operations.get
apphub.operations.list
apphub.serviceProjectAttachments.lookup
apphub.services.get
apphub.services.list
apphub.workloads.get
apphub.workloads.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Appliance troubleshooting commands approver
Beta 版
(roles/applianceactivation.approver)
可授予用于批准要在设备上运行的命令的权限
|
applianceactivation.rttCommands.approve
applianceactivation.rttCommands.get
resourcemanager.projects.get
resourcemanager.projects.list
|
On-appliance troubleshooting client
Beta 版
(roles/applianceactivation.client)
可授予读取设备命令及发送其结果的权限。
|
applianceactivation.rttCommands.get
applianceactivation.rttCommands.sendResult
|
Appliance troubleshooter
Beta 版
(roles/applianceactivation.troubleshooter)
可授予用于发送要在设备上运行的新命令和查看输出的权限
|
applianceactivation.rttCommands.create
applianceactivation.rttCommands.get
applianceactivation.rttCommands.list
resourcemanager.projects.get
resourcemanager.projects.list
|
安心 OSS 管理员
(roles/assuredoss.admin)
有权使用 Assured OSS 以及管理配置。
|
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.create
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.*
iam.serviceAccountKeys.create
iam.serviceAccounts.create
iam.serviceAccounts.get
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.create
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.subscriptions.update
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.enable
serviceusage.services.get
serviceusage.services.list
|
Assured OSS Project Admin
Beta 版
(roles/assuredoss.projectAdmin)
有权使用 Assured OSS 以及管理配置。
|
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.create
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.*
iam.serviceAccounts.create
iam.serviceAccounts.get
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.enable
serviceusage.services.get
serviceusage.services.list
|
Assured OSS Reader
(roles/assuredoss.reader)
有权使用 Assured OSS 以及查看 Assured OSS 配置。
|
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.config.get
assuredoss.locations.*
assuredoss.metadata.*
assuredoss.operations.get
assuredoss.operations.list
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
安心的 OSS 用户
(roles/assuredoss.user)
可以使用 Assured OSS。
|
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.locations.*
assuredoss.metadata.*
assuredoss.operations.get
assuredoss.operations.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Audit Manager Admin
Beta 版
(roles/auditmanager.admin)
拥有对 Audit Manager 资源的完整访问权限。
|
auditmanager.*
cloudasset.assets.searchAllResources
resourcemanager.folders.get
resourcemanager.folders.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Audit Manager Auditor
Beta 版
(roles/auditmanager.auditor)
允许创建和查看审核报告。
|
auditmanager.auditReports.generate
auditmanager.auditScopeReports.generate
auditmanager.locations.get
auditmanager.locations.list
auditmanager.operations.*
cloudasset.assets.searchAllResources
resourcemanager.folders.get
resourcemanager.folders.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Autoscaling Metrics Writer
Beta 版
(roles/autoscaling.metricsWriter)
能够写入针对自动扩缩站点的指标
|
autoscaling.sites.writeMetrics
|
Autoscaling Recommendations Reader
Beta 版
(roles/autoscaling.recommendationsReader)
拥有从自动扩缩网站读取推荐内容的权限
|
autoscaling.sites.readRecommendations
|
Autoscaling Site Admin
Beta 版
(roles/autoscaling.sitesAdmin)
具有对所有自动扩缩站点功能的完整访问权限
|
autoscaling.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Autoscaling State Writer
Beta 版
(roles/autoscaling.stateWriter)
拥有写入自动扩缩网站状态的权限
|
autoscaling.sites.writeState
|
Batch Agent Reporter
Beta 版
(roles/batch.agentReporter)
可以报告 Batch 代理状态。
|
batch.states.report
|
Batch Job Editor
Beta 版
(roles/batch.jobsEditor)
可以修改批量作业
|
batch.jobs.*
batch.locations.*
batch.operations.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch Job Viewer
Beta 版
(roles/batch.jobsViewer)
可以查看批量作业、任务组和任务
|
batch.jobs.get
batch.jobs.list
batch.locations.*
batch.operations.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
BigLake Admin
(roles/biglake.admin)
提供对所有 BigLake 资源的完整访问权限。
|
biglake.*
resourcemanager.projects.get
resourcemanager.projects.list
|
BigLake Viewer
(roles/biglake.viewer)
提供对所有 BigLake 资源的只读权限。
|
biglake.catalogs.get
biglake.catalogs.list
biglake.databases.get
biglake.databases.list
biglake.locks.list
biglake.tables.get
biglake.tables.list
resourcemanager.projects.get
resourcemanager.projects.list
|
MigrationWorkflow Editor
(roles/bigquerymigration.editor)
可以修改 EDW 迁移工作流。
|
bigquerymigration.locations.*
bigquerymigration.subtasks.get
bigquerymigration.subtasks.list
bigquerymigration.workflows.create
bigquerymigration.workflows.delete
bigquerymigration.workflows.get
bigquerymigration.workflows.list
bigquerymigration.workflows.update
|
Task Orchestrator
(roles/bigquerymigration.orchestrator)
可以编排 EDW 迁移任务。
|
bigquerymigration.subtasks.create
bigquerymigration.taskTypes.orchestrateTask
bigquerymigration.workflows.orchestrateTask
storage.objects.list
|
Migration Translation User
(roles/bigquerymigration.translationUser)
可以使用 EDW 迁移交互式 SQL 转换服务。
|
bigquerymigration.translation.translate
|
MigrationWorkflow Viewer
(roles/bigquerymigration.viewer)
可以查看 EDW 迁移 MigrationWorkflow。
|
bigquerymigration.locations.*
bigquerymigration.subtasks.get
bigquerymigration.subtasks.list
bigquerymigration.workflows.get
bigquerymigration.workflows.list
|
Task Worker
(roles/bigquerymigration.worker)
执行 EDW 迁移子任务的工作器。
|
bigquerymigration.subtaskTypes.executeTask
bigquerymigration.subtasks.executeTask
storage.objects.create
storage.objects.get
storage.objects.list
|
Carbon Footprint Viewer
(roles/billing.carbonViewer)
|
billing.accounts.get
billing.accounts.getCarbonInformation
billing.accounts.list
|
Blockchain Node Engine Admin
(roles/blockchainnodeengine.admin)
拥有对 Blockchain Node Engine 资源的完整访问权限。
|
blockchainnodeengine.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Blockchain Node Engine Viewer
(roles/blockchainnodeengine.viewer)
拥有对 Blockchain Node Engine 资源的只读权限。
|
blockchainnodeengine.blockchainNodes.get
blockchainnodeengine.blockchainNodes.list
blockchainnodeengine.locations.*
blockchainnodeengine.operations.get
blockchainnodeengine.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Capacity Planner Usage Viewer
Beta 版
(roles/capacityplanner.viewer)
拥有对容量规划工具用量资源的只读权限
|
capacityplanner.*
cloudquotas.quotas.get
monitoring.timeSeries.list
resourcemanager.folders.get
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
|
Care Studio Patients Viewer
(roles/carestudio.viewer)
此角色可以查看患者的所有属性。
|
carestudio.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Chronicle Service Admin
(roles/chroniclesm.admin)
Admin 可以查看和修改 Chronicle 服务详情。
|
chroniclesm.*
|
Chronicle Service Viewer
(roles/chroniclesm.viewer)
Viewer 可以查看 Chronicle 服务详情,但无法对其进行更改。
|
chroniclesm.gcpAssociations.get
chroniclesm.gcpSettings.get
|
Location reader
Beta 版
(roles/cloud.locationReader)
可以读取和枚举可用于创建资源的位置。
|
cloud.*
|
Cloud AI Companion User
Beta 版
(roles/cloudaicompanion.user)
可以获得 Cloud AI Companion 协助的用户
|
cloudaicompanion.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud Controls 合作伙伴管理员
(roles/cloudcontrolspartner.admin)
拥有对 Cloud Controls 合作伙伴资源的完全访问权限。
|
cloudcontrolspartner.accessapprovalrequests.list
cloudcontrolspartner.customers.list
cloudcontrolspartner.ekmconnections.get
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.partnerpermissions.get
cloudcontrolspartner.partners.get
cloudcontrolspartner.platformcontrols.get
cloudcontrolspartner.violations.list
cloudcontrolspartner.workloads.list
|
Cloud Controls 合作伙伴编辑者
(roles/cloudcontrolspartner.editor)
拥有对 Cloud Controls 合作伙伴资源的修改权限。
|
cloudcontrolspartner.*
|
Cloud Controls Partner Inspectability Reader
(roles/cloudcontrolspartner.inspectabilityReader)
拥有对 Cloud Controls 合作伙伴可检查性资源的只读权限。
|
cloudcontrolspartner.customers.*
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.platformcontrols.get
|
Cloud Controls Partner Monitoring Reader
(roles/cloudcontrolspartner.monitoringReader)
拥有对 Cloud Controls 合作伙伴监控资源的只读权限。
|
cloudcontrolspartner.customers.*
cloudcontrolspartner.violations.*
cloudcontrolspartner.workloads.*
|
Cloud Controls Partner Reader
(roles/cloudcontrolspartner.reader)
拥有对 Cloud Controls 合作伙伴资源的只读权限。
|
cloudcontrolspartner.*
|
Cloud Optimization AI Admin
(roles/cloudoptimization.admin)
Cloud Optimization AI 资源的管理员
|
cloudoptimization.*
|
Cloud Optimization AI Editor
(roles/cloudoptimization.editor)
Cloud Optimization AI 资源的编辑者
|
cloudoptimization.*
|
Cloud Optimization AI Viewer
(roles/cloudoptimization.viewer)
Cloud Optimization AI 资源的查看者
|
cloudoptimization.operations.get
|
Cloud 配额 Admin
Beta 版
(roles/cloudquotas.admin)
拥有对 Cloud 配额资源的完整访问权限。
|
cloudquotas.*
monitoring.timeSeries.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud 配额 Viewer
Beta 版
(roles/cloudquotas.viewer)
拥有对 Cloud 配额资源的只读权限。
|
cloudquotas.quotas.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Commerce agreement Publishing Admin
Beta 版
(roles/commerceagreementpublishing.admin)
可以管理商业协议发布服务
|
commerceagreementpublishing.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Commerce Protocol Publishing Viewer
Beta 版
(roles/commerceagreementpublishing.viewer)
Viewer《商业协议发布服务》
|
commerceagreementpublishing.agreements.get
commerceagreementpublishing.agreements.list
commerceagreementpublishing.documents.get
commerceagreementpublishing.documents.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Confidential Space Workload User
(roles/confidentialcomputing.workloadUser)
授予生成证明令牌并在虚拟机中运行工作负载的权限。适用于在 Confidential Space 虚拟机上运行的服务账号。
|
confidentialcomputing.*
logging.logEntries.create
|
|
(roles/contactcenteraiplatform.admin)
拥有对 Contact Center AI Platform 资源的完整访问权限。
|
contactcenteraiplatform.*
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenteraiplatform.viewer)
拥有对 Contact Center AI Platform 资源的只读权限。
|
contactcenteraiplatform.contactCenters.get
contactcenteraiplatform.contactCenters.list
contactcenteraiplatform.locations.*
contactcenteraiplatform.operations.get
contactcenteraiplatform.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenterinsights.editor)
授予对所有联络中心 AI 数据洞察资源的读写权限。
|
contactcenterinsights.*
|
|
(roles/contactcenterinsights.viewer)
授予对所有联络中心 AI 数据洞察资源的读取访问权限。
|
contactcenterinsights.analyses.get
contactcenterinsights.analyses.list
contactcenterinsights.conversations.get
contactcenterinsights.conversations.list
contactcenterinsights.faqEntries.get
contactcenterinsights.faqEntries.list
contactcenterinsights.faqModels.get
contactcenterinsights.faqModels.list
contactcenterinsights.feedbackLabels.get
contactcenterinsights.feedbackLabels.list
contactcenterinsights.issueModels.get
contactcenterinsights.issueModels.list
contactcenterinsights.issues.get
contactcenterinsights.issues.list
contactcenterinsights.operations.*
contactcenterinsights.phraseMatchers.get
contactcenterinsights.phraseMatchers.list
contactcenterinsights.qaQuestions.*
contactcenterinsights.qaScorecardRevisions.get
contactcenterinsights.qaScorecards.*
contactcenterinsights.settings.get
contactcenterinsights.views.get
contactcenterinsights.views.list
|
GKE Security Posture Viewer
Beta 版
(roles/containersecurity.viewer)
拥有对 GKE Security Posture 资源的只读权限。
|
container.clusters.list
containersecurity.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Admin
(roles/contentwarehouse.admin)
授予对 Content Warehouse 中所有资源的完整访问权限
|
contentwarehouse.corpora.*
contentwarehouse.dataExportJobs.*
contentwarehouse.documentSchemas.*
contentwarehouse.documents.*
contentwarehouse.locations.*
contentwarehouse.operations.get
contentwarehouse.rawDocuments.*
contentwarehouse.ruleSets.*
contentwarehouse.synonymSets.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Admin
(roles/contentwarehouse.documentAdmin)
授予对 Content Warehouse 中的文档资源的完整访问权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.create
contentwarehouse.documents.delete
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.setIamPolicy
contentwarehouse.documents.update
contentwarehouse.links.*
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Creator
(roles/contentwarehouse.documentCreator)
授予在 Content Warehouse 中创建文档的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.documents.create
contentwarehouse.locations.getStatus
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Editor
(roles/contentwarehouse.documentEditor)
授予对 Content Warehouse 中的文档资源的更新权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.update
contentwarehouse.links.*
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Schema Viewer
(roles/contentwarehouse.documentSchemaViewer)
授予在 Content Warehouse 中查看文档架构的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.locations.getStatus
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Viewer
(roles/contentwarehouse.documentViewer)
授予查看 Content Warehouse 中所有资源的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.links.get
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.download
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Center Viewer
Beta 版
(roles/databasecenter.viewer)
可以查看 Database Center 资源数据
|
cloudaicompanion.entitlements.get
databasecenter.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Events Service Viewer
Beta 版
(roles/databaseinsights.eventsViewer)
可以查看事件服务数据
|
databaseinsights.aggregatedEvents.query
databaseinsights.clusterEvents.query
databaseinsights.instanceEvents.query
|
Database Insights Monitoring Viewer
Beta 版
(roles/databaseinsights.monitoringViewer)
可以查看 Database Insights 监控数据
|
databaseinsights.activeQueries.fetch
databaseinsights.activitySummary.fetch
databaseinsights.aggregatedStats.query
databaseinsights.locations.*
databaseinsights.timeSeries.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Insights 执行操作
Beta 版
(roles/databaseinsights.operationsAdmin)
用于执行 Database Insights 操作的 Admin 角色
|
databaseinsights.activeQuery.terminate
|
Database Insights Recommendation Viewer
Beta 版
(roles/databaseinsights.recommendationViewer)
可以查看 Database Insights 建议数据
|
databaseinsights.locations.*
databaseinsights.recommendations.query
databaseinsights.resourceRecommendations.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Insights Viewer
Beta 版
(roles/databaseinsights.viewer)
可以查看 Database Insights 数据
|
databaseinsights.activeQueries.fetch
databaseinsights.activitySummary.fetch
databaseinsights.aggregatedStats.query
databaseinsights.locations.*
databaseinsights.recommendations.query
databaseinsights.resourceRecommendations.query
databaseinsights.timeSeries.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Administrator
(roles/datalineage.admin)
可授予对 Data Lineage API 中所有资源的完整访问权限
|
datalineage.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Editor
(roles/datalineage.editor)
可授予对 Data Lineage API 中所有资源的修改权限
|
datalineage.events.*
datalineage.locations.searchLinks
datalineage.operations.get
datalineage.processes.create
datalineage.processes.get
datalineage.processes.list
datalineage.processes.update
datalineage.runs.create
datalineage.runs.get
datalineage.runs.list
datalineage.runs.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Events Producer
(roles/datalineage.producer)
可授予在 Data Lineage API 中创建所有资源的权限
|
datalineage.events.create
datalineage.processes.create
datalineage.processes.get
datalineage.processes.update
datalineage.runs.create
datalineage.runs.get
datalineage.runs.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Viewer
(roles/datalineage.viewer)
可授予对 Data Lineage API 中所有资源的读取权限
|
datalineage.events.get
datalineage.events.list
datalineage.locations.searchLinks
datalineage.processes.get
datalineage.processes.list
datalineage.runs.get
datalineage.runs.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Processing Controls Resource Admin
(roles/dataprocessing.admin)
能够完全管理数据处理控制设置并查看所有数据源数据的 Data processing controls admin。
|
billing.accounts.get
billing.accounts.list
dataprocessing.*
|
Data Processing Controls Data Source Manager
(roles/dataprocessing.dataSourceManager)
可以获取、列出并更新底层数据的数据处理控制数据源管理员。
|
dataprocessing.datasources.list
dataprocessing.datasources.update
|
Developer Connect Admin
Beta 版
(roles/developerconnect.admin)
拥有对 Developer Connect 资源的完整访问权限。
|
developerconnect.connections.*
developerconnect.gitRepositoryLinks.create
developerconnect.gitRepositoryLinks.delete
developerconnect.gitRepositoryLinks.fetchGitRefs
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect Read Token Accessor
Beta 版
(roles/developerconnect.readTokenAccessor)
授予对只读令牌(PAT 和短期有效的令牌)的访问权限。还会授予查看 Git 代码库链接的权限。
|
developerconnect.connections.get
developerconnect.gitRepositoryLinks.fetchReadToken
developerconnect.gitRepositoryLinks.get
|
Developer Connect Token Accessor
Beta 版
(roles/developerconnect.tokenAccessor)
授予对读写和只读令牌(PAT 和短期有效的令牌)的访问权限。还会授予查看 Git 代码库链接的权限。
|
developerconnect.connections.get
developerconnect.gitRepositoryLinks.fetchReadToken
developerconnect.gitRepositoryLinks.fetchReadWriteToken
developerconnect.gitRepositoryLinks.get
|
Developer Connect User
Beta 版
(roles/developerconnect.user)
可授予查看连接以及与实际代码库交互的功能(例如从代码库读取内容)的权限
|
developerconnect.connections.fetchGitHubInstallations
developerconnect.connections.fetchLinkableGitRepositories
developerconnect.connections.get
developerconnect.connections.list
developerconnect.gitRepositoryLinks.fetchGitRefs
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.get
developerconnect.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect Viewer
Beta 版
(roles/developerconnect.viewer)
拥有对 Developer Connect 资源的只读权限。
|
developerconnect.connections.get
developerconnect.connections.list
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.get
developerconnect.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine 管理员
(roles/discoveryengine.admin)
授予对所有 Discovery Engine 资源的完整访问权限。
|
discoveryengine.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine 编辑器
(roles/discoveryengine.editor)
授予对所有 Discovery Engine 资源的读写权限。
|
discoveryengine.analytics.*
discoveryengine.branches.*
discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.collections.get
discoveryengine.collections.list
discoveryengine.completionConfigs.get
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.conversations.*
discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.documentProcessingConfigs.get
discoveryengine.documents.create
discoveryengine.documents.delete
discoveryengine.documents.get
discoveryengine.documents.import
discoveryengine.documents.list
discoveryengine.documents.update
discoveryengine.engines.get
discoveryengine.engines.list
discoveryengine.engines.pause
discoveryengine.engines.resume
discoveryengine.engines.tune
discoveryengine.models.*
discoveryengine.operations.*
discoveryengine.projects.get
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.validate
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.siteSearchEngines.get
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.userEvents.create
discoveryengine.userEvents.fetchStats
discoveryengine.userEvents.import
discoveryengine.widgetConfigs.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine 查看者
(roles/discoveryengine.viewer)
授予对所有 Discovery Engine 资源的读取权限。
|
discoveryengine.analytics.*
discoveryengine.branches.*
discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.collections.get
discoveryengine.collections.list
discoveryengine.completionConfigs.get
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.conversations.converse
discoveryengine.conversations.get
discoveryengine.conversations.list
discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.documentProcessingConfigs.get
discoveryengine.documents.get
discoveryengine.documents.list
discoveryengine.engines.get
discoveryengine.engines.list
discoveryengine.models.get
discoveryengine.models.list
discoveryengine.operations.*
discoveryengine.projects.get
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.validate
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.siteSearchEngines.get
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.userEvents.fetchStats
discoveryengine.widgetConfigs.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Admin
Beta 版
(roles/enterprisepurchasing.admin)
拥有对 Enterprise Purchasing 资源的完整访问权限。
|
enterprisepurchasing.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Editor
Beta 版
(roles/enterprisepurchasing.editor)
拥有对 Enterprise Purchasing 资源的修改权限。
|
enterprisepurchasing.gcveCuds.get
enterprisepurchasing.gcveCuds.list
enterprisepurchasing.gcveNodePricingInfo.list
enterprisepurchasing.locations.*
enterprisepurchasing.operations.get
enterprisepurchasing.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Viewer
Beta 版
(roles/enterprisepurchasing.viewer)
拥有对 Enterprise Purchasing 资源的只读权限。
|
enterprisepurchasing.gcveCuds.get
enterprisepurchasing.gcveCuds.list
enterprisepurchasing.gcveNodePricingInfo.list
enterprisepurchasing.locations.*
enterprisepurchasing.operations.get
enterprisepurchasing.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/essentialcontacts.admin)
拥有对所有重要联系人的完整访问权限
|
essentialcontacts.*
|
|
(roles/essentialcontacts.viewer)
Viewer 所有重要联系人
|
essentialcontacts.contacts.get
essentialcontacts.contacts.list
|
Firebase Cloud Messaging API Admin
Beta 版
(roles/firebasecloudmessaging.admin)
拥有对 Firebase Cloud Messaging API 资源的完整读写权限。
|
cloudmessaging.messages.create
fcmdata.deliverydata.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Firebase Crash Symbol Uploader
(roles/firebasecrash.symbolMappingsAdmin)
拥有对 Firebase 崩溃报告的符号映射文件资源的完全读写权限。
|
firebase.clients.get
firebase.clients.list
resourcemanager.projects.get
|
GDC Hardware Management Admin
Beta 版
(roles/gdchardwaremanagement.admin)
拥有对 GDC Hardware Management 资源的完整访问权限。
|
gdchardwaremanagement.*
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Operator
Beta 版
(roles/gdchardwaremanagement.operator)
可以创建、读取和更新支持此类操作的 GDC Hardware Management 资源。还会授予对 HardwareGroup 资源的删除权限。
|
gdchardwaremanagement.changeLogEntries.*
gdchardwaremanagement.comments.*
gdchardwaremanagement.hardware.*
gdchardwaremanagement.hardwareGroups.*
gdchardwaremanagement.locations.*
gdchardwaremanagement.operations.get
gdchardwaremanagement.operations.list
gdchardwaremanagement.orders.create
gdchardwaremanagement.orders.get
gdchardwaremanagement.orders.list
gdchardwaremanagement.orders.update
gdchardwaremanagement.sites.*
gdchardwaremanagement.skus.*
gdchardwaremanagement.zones.*
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Reader
Beta 版
(roles/gdchardwaremanagement.reader)
拥有对 GDC Hardware Management 资源的只读权限。
|
gdchardwaremanagement.changeLogEntries.*
gdchardwaremanagement.comments.get
gdchardwaremanagement.comments.list
gdchardwaremanagement.hardware.get
gdchardwaremanagement.hardware.list
gdchardwaremanagement.hardwareGroups.get
gdchardwaremanagement.hardwareGroups.list
gdchardwaremanagement.locations.*
gdchardwaremanagement.operations.get
gdchardwaremanagement.operations.list
gdchardwaremanagement.orders.get
gdchardwaremanagement.orders.list
gdchardwaremanagement.sites.get
gdchardwaremanagement.sites.list
gdchardwaremanagement.skus.*
gdchardwaremanagement.zones.get
gdchardwaremanagement.zones.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/identityplatform.admin)
拥有对 Identity Platform 资源的完整访问权限。
|
firebaseauth.*
identitytoolkit.*
|
|
(roles/identityplatform.viewer)
拥有对 Identity Platform 资源的读取权限。
|
firebaseauth.configs.get
firebaseauth.users.get
identitytoolkit.tenants.get
identitytoolkit.tenants.getIamPolicy
identitytoolkit.tenants.list
|
|
(roles/identitytoolkit.admin)
拥有对 Identity Toolkit 资源的完整访问权限。
|
firebaseauth.*
identitytoolkit.*
|
|
(roles/identitytoolkit.viewer)
拥有对 Identity Toolkit 资源的读取权限。
|
firebaseauth.configs.get
firebaseauth.users.get
identitytoolkit.tenants.get
identitytoolkit.tenants.getIamPolicy
identitytoolkit.tenants.list
|
Apigee Integration Admin
(roles/integrations.apigeeIntegrationAdminRole)
拥有对所有 Apigee 集成的完整访问权限的用户。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeAuthConfigs.*
integrations.apigeeCertificates.*
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.*
integrations.apigeeSfdcInstances.*
integrations.apigeeSuspensions.*
integrations.authConfigs.*
integrations.certificates.*
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.*
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Deployer
(roles/integrations.apigeeIntegrationDeployerRole)
可在集成运行时中部署/取消部署 Apigee 集成的开发者。
|
integrations.apigeeIntegrationVers.deploy
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Editor
(roles/integrations.apigeeIntegrationEditorRole)
可以列出、创建和更新 Apigee 集成的开发者。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeAuthConfigs.create
integrations.apigeeAuthConfigs.get
integrations.apigeeAuthConfigs.list
integrations.apigeeAuthConfigs.update
integrations.apigeeCertificates.create
integrations.apigeeCertificates.get
integrations.apigeeCertificates.list
integrations.apigeeCertificates.update
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.create
integrations.apigeeSfdcChannels.get
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcChannels.update
integrations.apigeeSfdcInstances.create
integrations.apigeeSfdcInstances.get
integrations.apigeeSfdcInstances.list
integrations.apigeeSfdcInstances.update
integrations.authConfigs.create
integrations.authConfigs.get
integrations.authConfigs.list
integrations.authConfigs.update
integrations.certificates.get
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Invoker
(roles/integrations.apigeeIntegrationInvokerRole)
可以调用 Apigee 集成的角色。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.*
integrations.executions.*
integrations.integrationVersions.get
integrations.integrationVersions.invoke
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Viewer
(roles/integrations.apigeeIntegrationsViewer)
可以列出和查看 Apigee 集成的开发者。
|
integrations.apigeeAuthConfigs.list
integrations.apigeeCertificates.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcInstances.list
integrations.authConfigs.get
integrations.authConfigs.list
integrations.certificates.get
integrations.certificates.list
integrations.executions.*
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.list
integrations.sfdcChannels.list
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Approver
(roles/integrations.apigeeSuspensionResolver)
可以批准/拒绝包含暂停/等待任务的 Apigee 集成的角色。
|
integrations.apigeeSuspensions.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Certificate Viewer
(roles/integrations.certificateViewer)
可以列出和查看证书的开发者。
|
integrations.certificates.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Admin
(roles/integrations.integrationAdmin)
拥有对所有集成的完整访问权限 (CRUD) 的用户。
|
integrations.apigeeAuthConfigs.*
integrations.apigeeCertificates.*
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.*
integrations.apigeeSfdcInstances.*
integrations.apigeeSuspensions.*
integrations.authConfigs.*
integrations.certificates.*
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.*
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Deployer
(roles/integrations.integrationDeployer)
可在集成运行时中部署/取消部署集成的开发者。
|
integrations.apigeeIntegrationVers.deploy
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Editor
(roles/integrations.integrationEditor)
可以列出、创建和更新集成的开发者。
|
integrations.apigeeAuthConfigs.create
integrations.apigeeAuthConfigs.get
integrations.apigeeAuthConfigs.list
integrations.apigeeAuthConfigs.update
integrations.apigeeCertificates.create
integrations.apigeeCertificates.get
integrations.apigeeCertificates.list
integrations.apigeeCertificates.update
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.create
integrations.apigeeSfdcChannels.get
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcChannels.update
integrations.apigeeSfdcInstances.create
integrations.apigeeSfdcInstances.get
integrations.apigeeSfdcInstances.list
integrations.apigeeSfdcInstances.update
integrations.authConfigs.create
integrations.authConfigs.get
integrations.authConfigs.list
integrations.authConfigs.update
integrations.certificates.get
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Invoker
(roles/integrations.integrationInvoker)
可以调用集成的角色。
|
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.*
integrations.executions.*
integrations.integrationVersions.get
integrations.integrationVersions.invoke
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Viewer
(roles/integrations.integrationViewer)
可以列出和查看集成的开发者。
|
integrations.apigeeAuthConfigs.list
integrations.apigeeCertificates.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcInstances.list
integrations.authConfigs.get
integrations.authConfigs.list
integrations.certificates.get
integrations.certificates.list
integrations.executions.*
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.list
integrations.sfdcChannels.list
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Security Integration Admin
Beta 版
(roles/integrations.securityIntegrationAdmin)
拥有对所有安全集成的完整访问权限的用户。
|
integrations.securityAuthConfigs.*
integrations.securityExecutions.*
integrations.securityIntegTempVers.*
integrations.securityIntegrationVers.*
integrations.securityIntegrations.*
|
Application Integration SFDC Instance Admin
(roles/integrations.sfdcInstanceAdmin)
拥有对所有 SFDC 实例的完整访问权限 (CRUD) 的用户。
|
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration SFDC Instance Editor
(roles/integrations.sfdcInstanceEditor)
可以列出、创建和更新集成的开发者。
|
integrations.sfdcChannels.create
integrations.sfdcChannels.get
integrations.sfdcChannels.list
integrations.sfdcChannels.update
integrations.sfdcInstances.create
integrations.sfdcInstances.get
integrations.sfdcInstances.list
integrations.sfdcInstances.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration SFDC Instance Viewer
(roles/integrations.sfdcInstanceViewer)
可以列出和查看 SFDC 实例的开发者。
|
integrations.sfdcChannels.get
integrations.sfdcChannels.list
integrations.sfdcInstances.get
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Approver
(roles/integrations.suspensionResolver)
此角色可以解决已暂停的集成的相关问题。
|
integrations.apigeeSuspensions.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Admin
Beta 版
(roles/issuerswitch.accountManagerAdmin)
此角色可以执行所有与客户经理相关的操作
|
issuerswitch.accountManagerTransactions.*
issuerswitch.managedAccounts.*
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Transaction Admin
Beta 版
(roles/issuerswitch.accountManagerTransactionsAdmin)
此角色可以执行所有与账号管理员事务相关的操作
|
issuerswitch.accountManagerTransactions.*
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Transaction Viewer
Beta 版
(roles/issuerswitch.accountManagerTransactionsViewer)
此角色可以查看所有账号管理员事务
|
issuerswitch.accountManagerTransactions.list
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Admin
Beta 版
(roles/issuerswitch.admin)
拥有对所有颁发机构切换角色的权限
|
issuerswitch.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch PARTICIPANTs Admin
Beta 版
(roles/issuerswitch.issuerParticipantsAdmin)
拥有对 Issuerswitch 参与者的完整访问权限
|
issuerswitch.issuerParticipants.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Resolutions Admin
Beta 版
(roles/issuerswitch.resolutionsAdmin)
拥有对颁发机构切换解决方案的完整访问权限
|
issuerswitch.complaintTransactions.list
issuerswitch.complaints.*
issuerswitch.disputes.*
issuerswitch.operations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Rules Admin
Beta 版
(roles/issuerswitch.rulesAdmin)
拥有对颁发机构切换规则的完整访问权限
|
issuerswitch.ruleMetadata.list
issuerswitch.ruleMetadataValues.*
issuerswitch.rules.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Rules Viewer
Beta 版
(roles/issuerswitch.rulesViewer)
此角色可以查看规则和相关元数据。
|
issuerswitch.ruleMetadata.list
issuerswitch.ruleMetadataValues.list
issuerswitch.rules.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Transactions Viewer
Beta 版
(roles/issuerswitch.transactionsViewer)
此角色可以查看所有事务
|
issuerswitch.complaintTransactions.list
issuerswitch.financialTransactions.list
issuerswitch.mandateTransactions.list
issuerswitch.metadataTransactions.list
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/kubernetesmetadata.publisher)
Kubernetes 集群元数据的发布方
|
kubernetesmetadata.*
|
Mandiant Attack Surface Management Editor
Beta 版
(roles/mandiant.attackSurfaceManagementEditor)
拥有对 Attack Surface Management 的写入权限
|
mandiant.genericAttackSurfaceManagements.create
mandiant.genericAttackSurfaceManagements.delete
mandiant.genericAttackSurfaceManagements.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Attack Surface Management Viewer
Beta 版
(roles/mandiant.attackSurfaceManagementViewer)
拥有对 Attack Surface Management 的读取权限
|
mandiant.genericAttackSurfaceManagements.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Digital Threat Monitoring Editor
Beta 版
(roles/mandiant.digitalThreatMonitoringEditor)
拥有对 Digital Threat Monitoring 的写入权限
|
mandiant.genericDigitalThreatMonitorings.create
mandiant.genericDigitalThreatMonitorings.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Digital Threat Monitoring Viewer
Beta 版
(roles/mandiant.digitalThreatMonitoringViewer)
拥有对 Digital Threat Monitoring 的读取权限
|
mandiant.genericDigitalThreatMonitorings.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Expertise On Demand Editor
Beta 版
(roles/mandiant.expertiseOnDemandEditor)
拥有对 Expertise On Demand 的写入权限
|
mandiant.genericExpertiseOnDemands.create
mandiant.genericExpertiseOnDemands.delete
mandiant.genericExpertiseOnDemands.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Expertise On Demand Viewer
Beta 版
(roles/mandiant.expertiseOnDemandViewer)
拥有对 Expertise On Demand 的读取权限
|
mandiant.genericExpertiseOnDemands.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Threat Intel Editor
Beta 版
(roles/mandiant.threatIntelEditor)
拥有对 Threat Intel 的写入权限
|
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
mandiant.genericThreatIntels.create
mandiant.genericThreatIntels.delete
mandiant.genericThreatIntels.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Threat Intel Viewer
Beta 版
(roles/mandiant.threatIntelViewer)
拥有对 Threat Intel 的读取权限
|
mandiant.genericPlatforms.get
mandiant.genericThreatIntels.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Validation Editor
Beta 版
(roles/mandiant.validationEditor)
拥有对 Validation 的写入权限
|
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
mandiant.genericValidations.create
mandiant.genericValidations.delete
mandiant.genericValidations.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Validation Viewer
Beta 版
(roles/mandiant.validationViewer)
拥有对 Validation 的读取权限
|
mandiant.genericPlatforms.get
mandiant.genericValidations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Maps Analytics Viewer
Beta 版
(roles/mapsanalytics.viewer)
授予对所有 Maps Analytics 资源的只读权限。
|
mapsanalytics.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.list
|
|
(roles/mapsplatformdatasets.admin)
授予对所有 Maps Platform Datasets API 资源的读写权限
|
mapsadmin.clientStyles.*
mapsplatformdatasets.*
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/mapsplatformdatasets.viewer)
授予对所有 Maps Platform Datasets API 资源的只读权限
|
mapsadmin.clientStyles.get
mapsadmin.clientStyles.list
mapsplatformdatasets.datasets.export
mapsplatformdatasets.datasets.get
mapsplatformdatasets.datasets.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Admin
Beta 版
(roles/marketplacesolutions.admin)
拥有对 Marketplace 解决方案资源的完整访问权限。
|
marketplacesolutions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Editor
Beta 版
(roles/marketplacesolutions.editor)
拥有对 Marketplace 解决方案资源的修改权限。
|
marketplacesolutions.locations.*
marketplacesolutions.operations.get
marketplacesolutions.operations.list
marketplacesolutions.powerImages.*
marketplacesolutions.powerInstances.get
marketplacesolutions.powerInstances.list
marketplacesolutions.powerInstances.update
marketplacesolutions.powerNetworks.*
marketplacesolutions.powerSshKeys.*
marketplacesolutions.powerVolumes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Viewer
Beta 版
(roles/marketplacesolutions.viewer)
拥有对 Marketplace 解决方案资源的只读权限。
|
marketplacesolutions.locations.*
marketplacesolutions.operations.get
marketplacesolutions.operations.list
marketplacesolutions.powerImages.*
marketplacesolutions.powerInstances.get
marketplacesolutions.powerInstances.list
marketplacesolutions.powerNetworks.*
marketplacesolutions.powerSshKeys.*
marketplacesolutions.powerVolumes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Admin
(roles/nestconsole.homeDeveloperAdmin)
拥有对 Google Home 开发者控制台资源的管理员访问权限
|
nestconsole.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Editor
(roles/nestconsole.homeDeveloperEditor)
拥有对 Google Home 开发者控制台资源的读写权限
|
nestconsole.smarthomePreviews.update
nestconsole.smarthomeProjects.get
nestconsole.smarthomeProjects.update
nestconsole.smarthomeVersions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Reader
(roles/nestconsole.homeDeveloperViewer)
拥有对 Google Home 开发者控制台资源的只读权限
|
nestconsole.smarthomeProjects.get
nestconsole.smarthomeVersions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Cloud NetApp Volumes Admin
Beta 版
(roles/netapp.admin)
拥有对 Google Cloud NetApp Volumes 资源的完整访问权限。
|
netapp.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Cloud NetApp Volumes Viewer
Beta 版
(roles/netapp.viewer)
拥有对 Google Cloud NetApp Volumes 资源的只读权限。
|
netapp.activeDirectories.get
netapp.activeDirectories.list
netapp.backupPolicies.get
netapp.backupPolicies.list
netapp.backupVaults.get
netapp.backupVaults.list
netapp.backups.get
netapp.backups.list
netapp.kmsConfigs.get
netapp.kmsConfigs.list
netapp.replications.get
netapp.replications.list
netapp.snapshots.get
netapp.snapshots.list
netapp.storagePools.get
netapp.storagePools.list
netapp.volumes.get
netapp.volumes.list
resourcemanager.projects.get
resourcemanager.projects.list
|
OAuth Config Editor
Beta 版
(roles/oauthconfig.editor)
拥有对 OAuth 配置资源的读写权限
|
clientauthconfig.*
oauthconfig.*
|
OAuth Config Viewer
Beta 版
(roles/oauthconfig.viewer)
拥有对 OAuth 配置资源的只读权限
|
clientauthconfig.brands.get
clientauthconfig.brands.list
clientauthconfig.clients.get
clientauthconfig.clients.list
oauthconfig.clientpolicy.get
oauthconfig.testusers.get
oauthconfig.verification.get
|
Payments Reseller Admin
Beta 版
(roles/paymentsresellersubscription.partnerAdmin)
拥有对所有 Payments Reseller 资源(包括订阅、产品和促销活动)的完全访问权限
|
paymentsresellersubscription.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Viewer
Beta 版
(roles/paymentsresellersubscription.partnerViewer)
拥有对所有 Payments Reseller 资源(包括订阅、产品和促销活动)的读取权限
|
paymentsresellersubscription.products.list
paymentsresellersubscription.promotions.list
paymentsresellersubscription.subscriptions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Products Viewer
Beta 版
(roles/paymentsresellersubscription.productViewer)
拥有对 Payments Reseller 产品资源的读取权限
|
paymentsresellersubscription.products.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/paymentsresellersubscription.promotionViewer)
拥有对 Payments Reseller 促销活动资源的读取权限
|
paymentsresellersubscription.promotions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Subscriptions Editor
Beta 版
(roles/paymentsresellersubscription.subscriptionEditor)
拥有对 Payments Reseller 订阅资源的写入权限
|
paymentsresellersubscription.subscriptions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Subscriptions Viewer
Beta 版
(roles/paymentsresellersubscription.subscriptionViewer)
拥有对 Payments Reseller 订阅资源的读取权限
|
paymentsresellersubscription.subscriptions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Activity Analysis Viewer
Beta 版
(roles/policyanalyzer.activityAnalysisViewer)
可以读取所有活动分析数据的 Viewer 用户。
|
policyanalyzer.*
|
|
(roles/policyremediatormanager.policyRemediatorAdmin)
授予启用和停用组织 Policy Remediator 的权限
|
policyremediatormanager.*
|
|
(roles/policyremediatormanager.policyRemediatorReader)
授予读取/查看组织 Policy Remediator 状态的权限
|
policyremediatormanager.locations.*
policyremediatormanager.operations.get
policyremediatormanager.operations.list
policyremediatormanager.remediatorServices.get
|
Simulator Admin
Beta 版
(roles/policysimulator.admin)
可以运行和访问重放的管理员用户。
|
policysimulator.replayResults.list
policysimulator.replays.*
|
OrgPolicy Simulator Admin
Beta 版
(roles/policysimulator.orgPolicyAdmin)
可以运行和访问模拟的组织政策管理员。
|
cloudasset.assets.analyzeOrgPolicy
cloudasset.assets.exportResource
cloudasset.assets.listResource
cloudasset.assets.searchAllResources
orgpolicy.customConstraints.get
orgpolicy.customConstraints.list
orgpolicy.policies.list
orgpolicy.policy.get
policysimulator.orgPolicyViolations.list
policysimulator.orgPolicyViolationsPreviews.*
resourcemanager.organizations.get
|
External Account Key Creator
Beta 版
(roles/publicca.externalAccountKeyCreator)
此角色可以创建新的 externalAccountKey 资源。
|
publicca.externalAccountKeys.create
resourcemanager.projects.get
resourcemanager.projects.list
|
订阅关联管理员
(roles/readerrevenuesubscriptionlinking.admin)
拥有对发布内容读者资源的完整访问权限
|
readerrevenuesubscriptionlinking.*
resourcemanager.projects.get
resourcemanager.projects.list
|
订阅关联使用权查看者
(roles/readerrevenuesubscriptionlinking.entitlementsViewer)
此角色可以查看所有发布内容读者使用权
|
readerrevenuesubscriptionlinking.readerEntitlements.get
|
订阅关联查看者
(roles/readerrevenuesubscriptionlinking.viewer)
此角色可以查看所有发布内容读取者资源
|
readerrevenuesubscriptionlinking.readerEntitlements.get
readerrevenuesubscriptionlinking.readers.get
resourcemanager.projects.get
resourcemanager.projects.list
|
建议导出器
(roles/recommender.exporter)
建议的导出方
|
recommender.resources.export
|
Remote Build Execution Action Cache Writer
测试版
(roles/remotebuildexecution.actionCacheWriter)
Remote Build Execution Action Cache Writer
|
remotebuildexecution.actions.set
remotebuildexecution.blobs.create
|
Remote Build Execution Artifact Admin
测试版
(roles/remotebuildexecution.artifactAdmin)
Remote Build Execution 工件管理员
|
remotebuildexecution.actions.create
remotebuildexecution.actions.delete
remotebuildexecution.actions.get
remotebuildexecution.blobs.*
remotebuildexecution.logstreams.*
|
Remote Build Execution Artifact Creator
测试版
(roles/remotebuildexecution.artifactCreator)
Remote Build Execution 工件创建者
|
remotebuildexecution.actions.create
remotebuildexecution.actions.get
remotebuildexecution.blobs.*
remotebuildexecution.logstreams.*
|
Remote Build Execution Artifact Viewer
测试版
(roles/remotebuildexecution.artifactViewer)
Remote Build Execution 工件查看者
|
remotebuildexecution.actions.get
remotebuildexecution.blobs.get
remotebuildexecution.logstreams.get
|
Remote Build Execution Configuration Admin
测试版
(roles/remotebuildexecution.configurationAdmin)
Remote Build Execution 配置管理员
|
remotebuildexecution.instances.*
remotebuildexecution.workerpools.*
|
Remote Build Execution Configuration Viewer
测试版
(roles/remotebuildexecution.configurationViewer)
Remote Build Execution 配置查看者
|
remotebuildexecution.instances.get
remotebuildexecution.instances.list
remotebuildexecution.workerpools.get
remotebuildexecution.workerpools.list
|
Remote Build Execution Logstream Writer
测试版
(roles/remotebuildexecution.logstreamWriter)
Remote Build Execution Logstream 写入者
|
remotebuildexecution.logstreams.create
remotebuildexecution.logstreams.update
|
Remote Build Execution Reservation Admin
Beta 版
(roles/remotebuildexecution.reservationAdmin)
Remote Build Execution 预留管理员
|
remotebuildexecution.actions.create
remotebuildexecution.actions.delete
remotebuildexecution.actions.get
|
Remote Build Execution Worker
测试版
(roles/remotebuildexecution.worker)
Remote Build Execution 工作器
|
remotebuildexecution.actions.update
remotebuildexecution.blobs.*
remotebuildexecution.botsessions.*
remotebuildexecution.logstreams.create
remotebuildexecution.logstreams.update
|
Retail Admin
(roles/retail.admin)
拥有对 Retail API 资源的完整访问权限。
|
automlrecommendations.apiKeys.create
automlrecommendations.apiKeys.delete
automlrecommendations.catalogItems.*
automlrecommendations.catalogs.*
automlrecommendations.eventStores.getStats
automlrecommendations.events.create
automlrecommendations.events.list
automlrecommendations.events.purge
automlrecommendations.events.rejoin
automlrecommendations.placements.*
automlrecommendations.recommendations.*
retail.*
|
Retail Editor
(roles/retail.editor)
拥有对 Retail API 资源的完整访问权限,但不具备完全清除、重新加入和 setSponsorship 权限。
|
automlrecommendations.apiKeys.create
automlrecommendations.apiKeys.delete
automlrecommendations.catalogItems.*
automlrecommendations.catalogs.*
automlrecommendations.eventStores.getStats
automlrecommendations.events.create
automlrecommendations.events.list
automlrecommendations.placements.*
automlrecommendations.recommendations.*
retail.attributesConfigs.addCatalogAttribute
retail.attributesConfigs.exportCatalogAttributes
retail.attributesConfigs.get
retail.attributesConfigs.importCatalogAttributes
retail.attributesConfigs.replaceCatalogAttribute
retail.attributesConfigs.update
retail.catalogs.*
retail.controls.*
retail.experiments.*
retail.models.*
retail.operations.*
retail.placements.*
retail.products.create
retail.products.delete
retail.products.export
retail.products.get
retail.products.import
retail.products.list
retail.products.update
retail.retailProjects.get
retail.servingConfigs.*
retail.userEvents.create
retail.userEvents.import
|
Retail Viewer
(roles/retail.viewer)
授予读取 Retail 中所有资源的权限。
|
automlrecommendations.catalogItems.get
automlrecommendations.catalogItems.list
automlrecommendations.catalogs.getStats
automlrecommendations.catalogs.list
automlrecommendations.eventStores.getStats
automlrecommendations.events.list
automlrecommendations.placements.getStats
automlrecommendations.placements.list
automlrecommendations.recommendations.list
retail.attributesConfigs.exportCatalogAttributes
retail.attributesConfigs.get
retail.catalogs.completeQuery
retail.catalogs.exportAnalyticsMetrics
retail.catalogs.list
retail.controls.export
retail.controls.get
retail.controls.list
retail.experiments.get
retail.experiments.list
retail.experiments.loadExperimentLookerDashboard
retail.experiments.queryTrafficMetrics
retail.models.get
retail.models.list
retail.operations.*
retail.placements.*
retail.products.export
retail.products.get
retail.products.list
retail.retailProjects.get
retail.servingConfigs.get
retail.servingConfigs.list
retail.servingConfigs.predict
retail.servingConfigs.search
|
RISC Configuration Admin
Beta 版
(roles/riscconfigs.admin)
拥有对 RISC 配置资源的读写权限。
|
clientauthconfig.clients.list
riscconfigurationservice.*
|
RISC Configuration Viewer
Beta 版
(roles/riscconfigs.viewer)
拥有对 RISC 配置资源的只读权限。
|
clientauthconfig.clients.list
riscconfigurationservice.riscconfigs.get
|
Serverless Integrations Developer
Beta 版
(roles/runapps.developer)
拥有创建和更改无服务器集成及其配置的权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.*
runapps.deployments.get
runapps.deployments.list
runapps.locations.*
runapps.operations.*
|
Serverless Integrations Operator
Beta 版
(roles/runapps.operator)
拥有部署无服务器集成的权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.get
runapps.applications.getStatus
runapps.applications.list
runapps.deployments.*
runapps.locations.*
runapps.operations.*
|
Serverless Integrations Viewer
Beta 版
(roles/runapps.viewer)
拥有对无服务器集成资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.get
runapps.applications.getStatus
runapps.applications.list
runapps.deployments.get
runapps.deployments.list
runapps.locations.*
runapps.operations.get
runapps.operations.list
|
Cloud RuntimeConfig Admin
(roles/runtimeconfig.admin)
拥有对 RuntimeConfig 资源的完整访问权限。
|
runtimeconfig.*
|
|
(roles/securedlandingzone.bqdwOrgRemediator)
拥有在组织级修改(修复)SLZ BQDW Blueprint 中的资源的权限。
|
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.update
|
|
(roles/securedlandingzone.bqdwProjectRemediator)
拥有在项目级修改(修复)SLZ BQDW Blueprint 中的资源的权限。
|
bigquery.datasets.get
bigquery.datasets.getIamPolicy
bigquery.datasets.setIamPolicy
bigquery.datasets.update
cloudkms.cryptoKeys.get
cloudkms.cryptoKeys.getIamPolicy
cloudkms.cryptoKeys.list
cloudkms.cryptoKeys.setIamPolicy
cloudkms.cryptoKeys.update
cloudkms.keyRings.getIamPolicy
cloudkms.keyRings.setIamPolicy
pubsub.topics.get
pubsub.topics.getIamPolicy
pubsub.topics.list
pubsub.topics.setIamPolicy
pubsub.topics.update
resourcemanager.projects.update
serviceusage.services.use
storage.buckets.get
storage.buckets.getIamPolicy
storage.buckets.list
storage.buckets.setIamPolicy
storage.buckets.update
|
Overwatch Activator
Beta 版
(roles/securedlandingzone.overwatchActivator)
此角色可以启动或暂停 Overwatch
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.overwatches.activate
securedlandingzone.overwatches.suspend
|
Overwatch Admin
Beta 版
(roles/securedlandingzone.overwatchAdmin)
拥有对 Overwatch 的完全访问权限
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.*
|
Overwatch Viewer
Beta 版
(roles/securedlandingzone.overwatchViewer)
此角色可以查看 Overwatch 的所有属性
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.operations.get
securedlandingzone.overwatches.get
securedlandingzone.overwatches.list
|
安全中心管理管理员
(roles/securitycentermanagement.admin)
拥有对 Cloud Security Command Center 服务和自定义模块配置的完整访问权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycenter.organizationsettings.*
securitycenter.securitycentersettings.*
securitycentermanagement.*
|
安全中心管理自定义模块编辑器
(roles/securitycentermanagement.customModulesEditor)
拥有对 Cloud Security Command Center 自定义模块的完整访问权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycentermanagement.effectiveEventThreatDetectionCustomModules.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.eventThreatDetectionCustomModules.*
securitycentermanagement.locations.*
securitycentermanagement.securityHealthAnalyticsCustomModules.*
|
Security Center Management Custom Modules Viewer
(roles/securitycentermanagement.customModulesViewer)
拥有对 Cloud Security Command Center 自定义模块的只读权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycentermanagement.effectiveEventThreatDetectionCustomModules.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.eventThreatDetectionCustomModules.get
securitycentermanagement.eventThreatDetectionCustomModules.list
securitycentermanagement.eventThreatDetectionCustomModules.validate
securitycentermanagement.locations.*
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.simulate
securitycentermanagement.securityHealthAnalyticsCustomModules.test
|
安全中心管理自定义 ETD 模块编辑器
(roles/securitycentermanagement.etdCustomModulesEditor)
拥有对 Cloud Security Command Center ETD 自定义模块的完整访问权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycentermanagement.effectiveEventThreatDetectionCustomModules.*
securitycentermanagement.eventThreatDetectionCustomModules.*
securitycentermanagement.locations.*
|
Security Center Management ETD Custom Modules Viewer
(roles/securitycentermanagement.etdCustomModulesViewer)
拥有对 Cloud Security Command Center ETD 自定义模块的只读权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycentermanagement.effectiveEventThreatDetectionCustomModules.*
securitycentermanagement.eventThreatDetectionCustomModules.get
securitycentermanagement.eventThreatDetectionCustomModules.list
securitycentermanagement.eventThreatDetectionCustomModules.validate
securitycentermanagement.locations.*
|
安全中心管理设置编辑者
(roles/securitycentermanagement.settingsEditor)
拥有管理 Cloud Security Command Center 设置的完整访问权限
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycenter.organizationsettings.*
securitycenter.securitycentersettings.*
securitycentermanagement.*
|
安全中心管理设置查看者
(roles/securitycentermanagement.settingsViewer)
拥有对 Cloud Security Command Center 设置的只读权限
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycenter.organizationsettings.get
securitycenter.securitycentersettings.get
securitycentermanagement.effectiveEventThreatDetectionCustomModules.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.eventThreatDetectionCustomModules.get
securitycentermanagement.eventThreatDetectionCustomModules.list
securitycentermanagement.eventThreatDetectionCustomModules.validate
securitycentermanagement.locations.*
securitycentermanagement.securityCommandCenter.get
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.simulate
securitycentermanagement.securityHealthAnalyticsCustomModules.test
|
安全中心管理 SHA 自定义模块编辑器
(roles/securitycentermanagement.shaCustomModulesEditor)
拥有对 Cloud Security Command Center SHA 自定义模块的完整访问权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.locations.*
securitycentermanagement.securityHealthAnalyticsCustomModules.*
|
Security Center Management SHA Custom Modules Viewer
(roles/securitycentermanagement.shaCustomModulesViewer)
拥有对 Cloud Security Command Center SHA 自定义模块的只读权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.locations.*
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.simulate
securitycentermanagement.securityHealthAnalyticsCustomModules.test
|
Security Center Management Viewer
(roles/securitycentermanagement.viewer)
拥有对 Cloud Security Command Center 服务和自定义模块配置的只读权限。
|
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
securitycenter.organizationsettings.get
securitycenter.securitycentersettings.get
securitycentermanagement.effectiveEventThreatDetectionCustomModules.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.eventThreatDetectionCustomModules.get
securitycentermanagement.eventThreatDetectionCustomModules.list
securitycentermanagement.eventThreatDetectionCustomModules.validate
securitycentermanagement.locations.*
securitycentermanagement.securityCommandCenter.get
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.simulate
securitycentermanagement.securityHealthAnalyticsCustomModules.test
|
Security Posture 管理员
(roles/securityposture.admin)
拥有对 Security Posture 服务 API 的完整访问权限。
|
orgpolicy.*
resourcemanager.organizations.get
securitycenter.securityhealthanalyticssettings.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.securityHealthAnalyticsCustomModules.create
securitycentermanagement.securityHealthAnalyticsCustomModules.delete
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.update
securityposture.*
|
Security Posture 部署者
(roles/securityposture.postureDeployer)
拥有对 Posture Deployment 资源的更改和读取权限。
|
orgpolicy.*
resourcemanager.organizations.get
securitycenter.securityhealthanalyticssettings.*
securitycentermanagement.securityHealthAnalyticsCustomModules.create
securitycentermanagement.securityHealthAnalyticsCustomModules.delete
securitycentermanagement.securityHealthAnalyticsCustomModules.update
securityposture.operations.get
securityposture.postureDeployments.*
|
Security Posture Deployment Viewer
(roles/securityposture.postureDeploymentsViewer)
拥有对 Posture Deployment 资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postureDeployments.get
securityposture.postureDeployments.list
|
Security Posture 资源编辑者
(roles/securityposture.postureEditor)
拥有对 Posture 资源的更改和读取权限。
|
securityposture.operations.get
securityposture.postures.*
|
Security Posture 资源查看者
(roles/securityposture.postureViewer)
拥有对 Posture 资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postures.get
securityposture.postures.list
|
安全状况左移验证器
(roles/securityposture.reportCreator)
创建报告访问权限,例如 IaC 验证报告。
|
securityposture.operations.get
securityposture.reports.*
|
Security Posture Viewer
(roles/securityposture.viewer)
拥有对所有 SecurityPosture 服务资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postureDeployments.get
securityposture.postureDeployments.list
securityposture.postureTemplates.*
securityposture.postures.get
securityposture.postures.list
|
Personalized Service Health Viewer
Beta 版
(roles/servicehealth.viewer)
拥有对 Personalized Service Health 资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
servicehealth.*
|
Security Insights Viewer
Beta 版
(roles/servicesecurityinsights.securityInsightsViewer)
拥有对 Security Insights 资源的只读权限
|
servicesecurityinsights.*
|
Speaker ID Admin
(roles/speakerid.admin)
授予对所有 Speaker ID 资源(包括项目设置)的完整访问权限。
|
speakerid.*
|
Speaker ID Editor
(roles/speakerid.editor)
授予读写所有 Speaker ID 资源的权限。
|
speakerid.phrases.*
speakerid.speakers.*
|
Speaker ID Verifier
(roles/speakerid.verifier)
授予对所有 Speaker ID 资源的读取权限,并允许验证。
|
speakerid.phrases.get
speakerid.phrases.list
speakerid.speakers.get
speakerid.speakers.list
speakerid.speakers.verify
|
Speaker ID Viewer
(roles/speakerid.viewer)
授予对所有 Speaker ID 资源的读取权限。
|
speakerid.phrases.get
speakerid.phrases.list
speakerid.speakers.get
speakerid.speakers.list
|
Cloud Speech Administrator
(roles/speech.admin)
授予对 Speech-to-text 中的所有资源的完全访问权限
|
speech.*
|
Cloud Speech Client
(roles/speech.client)
授予对识别 API 的访问权限。
|
speech.adaptations.execute
speech.customClasses.get
speech.customClasses.list
speech.locations.*
speech.operations.get
speech.operations.list
speech.operations.wait
speech.phraseSets.get
speech.phraseSets.list
speech.recognizers.get
speech.recognizers.list
speech.recognizers.recognize
|
Cloud Speech Editor
(roles/speech.editor)
授予修改 Speech-to-text 中的资源的权限
|
speech.adaptations.execute
speech.customClasses.*
speech.locations.*
speech.operations.*
speech.phraseSets.*
speech.recognizers.*
|
Storage Insights Admin
(roles/storageinsights.admin)
拥有对存储空间分析资源的完整访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.*
|
Storage Insights Analyst
(roles/storageinsights.analyst)
拥有对存储空间分析的数据访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.datasetConfigs.get
storageinsights.datasetConfigs.linkDataset
storageinsights.datasetConfigs.list
storageinsights.datasetConfigs.unlinkDataset
storageinsights.locations.*
storageinsights.operations.get
storageinsights.operations.list
storageinsights.reportConfigs.get
storageinsights.reportConfigs.list
storageinsights.reportDetails.*
|
Storage Insights Viewer
(roles/storageinsights.viewer)
拥有对存储空间分析资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.datasetConfigs.get
storageinsights.datasetConfigs.list
storageinsights.locations.*
storageinsights.operations.get
storageinsights.operations.list
storageinsights.reportConfigs.get
storageinsights.reportConfigs.list
storageinsights.reportDetails.*
|
Subscribe with Google Developer
测试版
(roles/subscribewithgoogledeveloper.developer)
可以访问通过 Google 订阅的开发者工具。
|
resourcemanager.projects.get
resourcemanager.projects.list
subscribewithgoogledeveloper.tools.get
|
Telco Automation Admin
Beta 版
(roles/telcoautomation.admin)
拥有对 Telco Automation 资源的完整访问权限。
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.create
logging.queries.delete
logging.queries.get
logging.queries.list
logging.queries.listShared
logging.queries.update
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
monitoring.timeSeries.list
resourcemanager.projects.get
serviceusage.quotas.*
serviceusage.services.*
source.repos.get
source.repos.list
telcoautomation.*
|
电信自动化蓝图设计师
Beta 版
(roles/telcoautomation.blueprintDesigner)
能够管理蓝图
|
telcoautomation.blueprints.create
telcoautomation.blueprints.delete
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.blueprints.propose
telcoautomation.blueprints.update
telcoautomation.deployments.computeStatus
telcoautomation.deployments.get
telcoautomation.deployments.list
telcoautomation.hydratedDeployments.get
telcoautomation.hydratedDeployments.list
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
telcoautomation.publicBlueprints.*
|
Telco Automation Deployment Admin
Beta 版
(roles/telcoautomation.deploymentAdmin)
能够管理部署
|
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Tier 1 Operations Admin
Beta 版
(roles/telcoautomation.opsAdminTier1)
能够获取部署状态
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.create
logging.queries.delete
logging.queries.get
logging.queries.list
logging.queries.listShared
logging.queries.update
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
resourcemanager.projects.get
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.computeStatus
telcoautomation.deployments.get
telcoautomation.deployments.list
telcoautomation.hydratedDeployments.get
telcoautomation.hydratedDeployments.list
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Tier 4 Operations Admin
Beta 版
(roles/telcoautomation.opsAdminTier4)
能够管理部署及其状态
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.create
logging.queries.delete
logging.queries.get
logging.queries.list
logging.queries.listShared
logging.queries.update
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
resourcemanager.projects.get
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Service Orchestrator
Beta 版
(roles/telcoautomation.serviceOrchestrator)
能够管理部署
|
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Timeseries Insights DataSet Editor
Beta 版
(roles/timeseriesinsights.datasetsEditor)
拥有对数据集的修改权限。
|
timeseriesinsights.*
|
Timeseries Insights DataSet Owner
Beta 版
(roles/timeseriesinsights.datasetsOwner)
拥有数据集的完整访问权限。
|
timeseriesinsights.*
|
Timeseries Insights DataSet Viewer
Beta 版
(roles/timeseriesinsights.datasetsViewer)
拥有对数据集的只读权限(列出和查询)。
|
timeseriesinsights.datasets.evaluate
timeseriesinsights.datasets.list
timeseriesinsights.datasets.query
timeseriesinsights.locations.*
|
Traffic Director Client
Beta 版
(roles/trafficdirector.client)
提取服务配置和报告指标。
|
trafficdirector.*
|
Translation Hub Admin
Beta 版
(roles/translationhub.admin)
可以管理 Translation Hub
|
automl.models.get
automl.models.list
automl.models.predict
cloudtranslate.customModels.get
cloudtranslate.customModels.list
cloudtranslate.customModels.predict
cloudtranslate.glossaries.create
cloudtranslate.glossaries.delete
cloudtranslate.glossaries.get
cloudtranslate.glossaries.list
cloudtranslate.glossaries.predict
resourcemanager.projects.get
resourcemanager.projects.list
translationhub.*
|
Translation Hub Portal User
Beta 版
(roles/translationhub.portalUser)
Translation Hub 的门户用户
|
automl.models.get
automl.models.list
automl.models.predict
cloudtranslate.customModels.get
cloudtranslate.customModels.list
cloudtranslate.customModels.predict
cloudtranslate.glossaries.get
cloudtranslate.glossaries.list
cloudtranslate.glossaries.predict
resourcemanager.projects.get
resourcemanager.projects.list
translationhub.portals.get
translationhub.portals.list
|
Visual Inspection AI Solution Editor
(roles/visualinspection.editor)
拥有对所有 Visual Inspection AI 资源(visualinspection.locations.reportUsageMetrics 除外)的读写权限
|
visualinspection.annotationSets.*
visualinspection.annotationSpecs.*
visualinspection.annotations.*
visualinspection.datasets.*
visualinspection.images.*
visualinspection.locations.get
visualinspection.locations.list
visualinspection.modelEvaluations.*
visualinspection.models.*
visualinspection.modules.*
visualinspection.operations.*
visualinspection.solutionArtifacts.*
visualinspection.solutions.*
|
Visual Inspection AI Usage Metrics Reporter
(roles/visualinspection.usageMetricsReporter)
拥有对视觉检测 AI 服务的 ReportUsageMetric 访问权限
|
visualinspection.locations.reportUsageMetrics
|
Visual Inspection AI Viewer
(roles/visualinspection.viewer)
对 Visual Inspection AI 资源的读取权限
|
visualinspection.annotationSets.get
visualinspection.annotationSets.list
visualinspection.annotationSpecs.get
visualinspection.annotationSpecs.list
visualinspection.annotations.get
visualinspection.annotations.list
visualinspection.datasets.export
visualinspection.datasets.get
visualinspection.datasets.list
visualinspection.images.get
visualinspection.images.list
visualinspection.locations.get
visualinspection.locations.list
visualinspection.modelEvaluations.*
visualinspection.models.get
visualinspection.models.list
visualinspection.modules.get
visualinspection.modules.list
visualinspection.operations.*
visualinspection.solutionArtifacts.get
visualinspection.solutionArtifacts.list
visualinspection.solutionArtifacts.predict
visualinspection.solutions.get
visualinspection.solutions.list
|
