其他角色 |
权限 |
Advisory Notifications Admin
(roles/advisorynotifications.admin)
授予对 Advisory Notifications 中的设置的写入权限
|
advisorynotifications.*
resourcemanager.organizations.get
resourcemanager.projects.get
|
Advisory Notifications Viewer
(roles/advisorynotifications.viewer)
授予在 Advisory Notifications 中查看消息的访问权限
|
advisorynotifications.notifications.*
advisorynotifications.settings.get
resourcemanager.organizations.get
resourcemanager.projects.get
|
Cloud API Hub 管理员
Beta 版
(roles/apihub.admin)
拥有对所有 API Hub 资源的完整访问权限。
|
apihub.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API hub 属性管理员
Beta 版
(roles/apihub.attributeAdmin)
拥有对所有 Cloud API hub 属性资源的完整访问权限。
|
apihub.attributes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Editor
Beta 版
(roles/apihub.editor)
对大多数 Cloud API Hub 资源拥有修改权限。
|
apihub.apiHubInstances.get
apihub.apiHubInstances.list
apihub.apiOperations.*
apihub.apis.*
apihub.attributes.get
apihub.attributes.list
apihub.definitions.*
apihub.dependencies.*
apihub.deployments.*
apihub.externalApis.*
apihub.hostProjectRegistrations.get
apihub.hostProjectRegistrations.list
apihub.llmEnablements.*
apihub.locations.searchResources
apihub.operations.get
apihub.operations.list
apihub.plugins.get
apihub.plugins.list
apihub.runTimeProjectAttachments.get
apihub.runTimeProjectAttachments.list
apihub.specs.*
apihub.styleGuides.get
apihub.versions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub 插件管理员
Beta 版
(roles/apihub.pluginAdmin)
拥有对所有 Cloud API Hub 插件资源的完整访问权限。
|
apihub.plugins.*
apihub.specs.lint
apihub.styleGuides.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API hub 预配管理员
Beta 版
(roles/apihub.provisioningAdmin)
拥有对 Cloud API Hub 预配相关资源的完整访问权限。
|
apihub.apiHubInstances.*
apihub.hostProjectRegistrations.*
apihub.operations.*
apihub.runTimeProjectAttachments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud API Hub Viewer
Beta 版
(roles/apihub.viewer)
拥有对所有 Cloud API hub 资源的查看权限。
|
apihub.apiHubInstances.get
apihub.apiHubInstances.list
apihub.apiOperations.get
apihub.apiOperations.list
apihub.apis.get
apihub.apis.list
apihub.attributes.get
apihub.attributes.list
apihub.definitions.get
apihub.definitions.list
apihub.dependencies.get
apihub.dependencies.list
apihub.deployments.get
apihub.deployments.list
apihub.externalApis.get
apihub.externalApis.list
apihub.hostProjectRegistrations.get
apihub.hostProjectRegistrations.list
apihub.llmEnablements.get
apihub.llmEnablements.list
apihub.locations.searchResources
apihub.operations.get
apihub.operations.list
apihub.plugins.get
apihub.plugins.list
apihub.runTimeProjectAttachments.get
apihub.runTimeProjectAttachments.list
apihub.specs.get
apihub.specs.list
apihub.styleGuides.get
apihub.versions.get
apihub.versions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
API 管理管理员
Beta 版
(roles/apim.admin)
拥有对 API 管理资源的完整访问权限。
|
apim.*
resourcemanager.projects.get
resourcemanager.projects.list
|
API Management Viewer
Beta 版
(roles/apim.viewer)
拥有对 API 管理资源的只读权限。
|
apim.apiObservations.get
apim.apiObservations.list
apim.apiOperations.*
apim.locations.*
apim.observationJobs.get
apim.observationJobs.list
apim.observationSources.get
apim.observationSources.list
apim.operations.get
apim.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub 管理员
(roles/apphub.admin)
拥有对 App Hub 资源的完整访问权限。
|
apphub.*
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub Editor
(roles/apphub.editor)
拥有对 App Hub 资源的修改权限。
|
apphub.applications.create
apphub.applications.delete
apphub.applications.get
apphub.applications.list
apphub.applications.update
apphub.discoveredServices.*
apphub.discoveredWorkloads.*
apphub.locations.*
apphub.operations.*
apphub.serviceProjectAttachments.lookup
apphub.services.*
apphub.workloads.*
resourcemanager.projects.get
resourcemanager.projects.list
|
App Hub 查看者
(roles/apphub.viewer)
拥有对 App Hub 资源的查看权限。
|
apphub.applications.get
apphub.applications.list
apphub.discoveredServices.get
apphub.discoveredServices.list
apphub.discoveredWorkloads.get
apphub.discoveredWorkloads.list
apphub.locations.*
apphub.operations.get
apphub.operations.list
apphub.serviceProjectAttachments.lookup
apphub.services.get
apphub.services.list
apphub.workloads.get
apphub.workloads.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Appliance troubleshooting commands approver
Beta 版
(roles/applianceactivation.approver)
可授予用于批准要在设备上运行的命令的权限
|
applianceactivation.rttCommands.approve
applianceactivation.rttCommands.get
resourcemanager.projects.get
resourcemanager.projects.list
|
On-appliance troubleshooting client
Beta 版
(roles/applianceactivation.client)
可授予读取设备命令及发送其结果的权限。
|
applianceactivation.rttCommands.get
applianceactivation.rttCommands.sendResult
|
Appliance troubleshooter
Beta 版
(roles/applianceactivation.troubleshooter)
可授予用于发送要在设备上运行的新命令和查看输出的权限
|
applianceactivation.rttCommands.create
applianceactivation.rttCommands.get
applianceactivation.rttCommands.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Assured OSS Admin
(roles/assuredoss.admin)
拥有使用 Assured OSS 和管理配置的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.create
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.*
iam.serviceAccountKeys.create
iam.serviceAccounts.create
iam.serviceAccounts.get
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.create
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.subscriptions.update
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.enable
serviceusage.services.get
serviceusage.services.list
|
Assured OSS 项目管理员
Beta 版
(roles/assuredoss.projectAdmin)
拥有使用 Assured OSS 和管理配置的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.create
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.*
iam.serviceAccounts.create
iam.serviceAccounts.get
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.enable
serviceusage.services.get
serviceusage.services.list
|
Assured OSS Reader
(roles/assuredoss.reader)
拥有使用 Assured OSS 和查看 Assured OSS 配置的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.config.get
assuredoss.locations.*
assuredoss.metadata.*
assuredoss.operations.get
assuredoss.operations.list
pubsub.schemas.get
pubsub.schemas.list
pubsub.schemas.listRevisions
pubsub.schemas.validate
pubsub.snapshots.get
pubsub.snapshots.list
pubsub.subscriptions.get
pubsub.subscriptions.list
pubsub.topics.get
pubsub.topics.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Assured OSS User
(roles/assuredoss.user)
拥有使用 Assured OSS 的权限。
|
artifactregistry.attachments.get
artifactregistry.attachments.list
artifactregistry.dockerimages.*
artifactregistry.files.download
artifactregistry.files.get
artifactregistry.files.list
artifactregistry.locations.*
artifactregistry.mavenartifacts.*
artifactregistry.npmpackages.*
artifactregistry.packages.get
artifactregistry.packages.list
artifactregistry.projectsettings.get
artifactregistry.pythonpackages.*
artifactregistry.repositories.downloadArtifacts
artifactregistry.repositories.get
artifactregistry.repositories.list
artifactregistry.repositories.listEffectiveTags
artifactregistry.repositories.listTagBindings
artifactregistry.repositories.readViaVirtualRepository
artifactregistry.rules.get
artifactregistry.rules.list
artifactregistry.tags.get
artifactregistry.tags.list
artifactregistry.versions.get
artifactregistry.versions.list
assuredoss.locations.*
assuredoss.metadata.*
assuredoss.operations.get
assuredoss.operations.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Audit Manager Admin
Beta 版
(roles/auditmanager.admin)
拥有对 Audit Manager 资源的完整访问权限。
|
auditmanager.*
cloudasset.assets.searchAllResources
resourcemanager.folders.get
resourcemanager.folders.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Audit Manager Auditor
Beta 版
(roles/auditmanager.auditor)
允许创建和查看审核报告。
|
auditmanager.auditReports.*
auditmanager.auditScopeReports.generate
auditmanager.controlReports.*
auditmanager.controls.list
auditmanager.findings.*
auditmanager.locations.get
auditmanager.locations.list
auditmanager.operations.*
auditmanager.resourceEnrollmentStatuses.*
cloudasset.assets.searchAllResources
resourcemanager.folders.get
resourcemanager.folders.list
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Autoscaling Metrics Writer
Beta 版
(roles/autoscaling.metricsWriter)
能够写入针对自动扩缩站点的指标
|
autoscaling.sites.writeMetrics
|
Autoscaling Recommendations Reader
Beta 版
(roles/autoscaling.recommendationsReader)
拥有从自动扩缩网站读取推荐内容的权限
|
autoscaling.sites.readRecommendations
|
Autoscaling Site Admin
Beta 版
(roles/autoscaling.sitesAdmin)
具有对所有自动扩缩站点功能的完整访问权限
|
autoscaling.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Autoscaling State Writer
Beta 版
(roles/autoscaling.stateWriter)
拥有写入自动扩缩网站状态的权限
|
autoscaling.sites.writeState
|
Batch Administrator
(roles/batch.admin)
Batch 资源的管理员
|
batch.jobs.*
batch.locations.*
batch.operations.*
batch.resourceAllowances.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch Agent Reporter
(roles/batch.agentReporter)
Batch 代理状态的报告者。
|
batch.states.report
|
Batch Job Editor
(roles/batch.jobsEditor)
Batch 作业的编辑者
|
batch.jobs.*
batch.locations.*
batch.operations.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch Job Viewer
(roles/batch.jobsViewer)
可以查看批量作业、任务组和任务
|
batch.jobs.get
batch.jobs.list
batch.locations.*
batch.operations.*
batch.tasks.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Batch ResourceAllowance Editor
(roles/batch.resourceAllowancesEditor)
Batch ResourceAllowances 的编辑者
|
batch.locations.*
batch.operations.*
batch.resourceAllowances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
批量 ResourceAllowance Viewer
(roles/batch.resourceAllowancesViewer)
Batch ResourceAllowances 的 Viewer
|
batch.locations.*
batch.operations.*
batch.resourceAllowances.get
batch.resourceAllowances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
BigLake Admin
(roles/biglake.admin)
提供对所有 BigLake 资源的完整访问权限。
|
biglake.*
resourcemanager.projects.get
resourcemanager.projects.list
|
BigLake Viewer
(roles/biglake.viewer)
提供对所有 BigLake 资源的只读权限。
|
biglake.catalogs.get
biglake.catalogs.list
biglake.databases.get
biglake.databases.list
biglake.locks.list
biglake.tables.get
biglake.tables.list
resourcemanager.projects.get
resourcemanager.projects.list
|
MigrationWorkflow Editor
(roles/bigquerymigration.editor)
可以修改 EDW 迁移工作流。
|
bigquerymigration.locations.*
bigquerymigration.subtasks.get
bigquerymigration.subtasks.list
bigquerymigration.workflows.create
bigquerymigration.workflows.delete
bigquerymigration.workflows.get
bigquerymigration.workflows.list
bigquerymigration.workflows.update
|
Task Orchestrator
(roles/bigquerymigration.orchestrator)
可以编排 EDW 迁移任务。
|
bigquerymigration.subtasks.create
bigquerymigration.taskTypes.*
bigquerymigration.workflows.orchestrateTask
storage.objects.list
|
Migration Translation User
(roles/bigquerymigration.translationUser)
可以使用 EDW 迁移交互式 SQL 转换服务。
|
bigquerymigration.translation.translate
|
MigrationWorkflow Viewer
(roles/bigquerymigration.viewer)
可以查看 EDW 迁移 MigrationWorkflow。
|
bigquerymigration.locations.*
bigquerymigration.subtasks.get
bigquerymigration.subtasks.list
bigquerymigration.workflows.get
bigquerymigration.workflows.list
|
Task Worker
(roles/bigquerymigration.worker)
执行 EDW 迁移子任务的工作器。
|
bigquerymigration.subtaskTypes.executeTask
bigquerymigration.subtasks.executeTask
storage.objects.create
storage.objects.get
storage.objects.list
|
Carbon Footprint Viewer
(roles/billing.carbonViewer)
|
billing.accounts.get
billing.accounts.getCarbonInformation
billing.accounts.list
|
Blockchain Node Engine Admin
(roles/blockchainnodeengine.admin)
拥有对 Blockchain Node Engine 资源的完整访问权限。
|
blockchainnodeengine.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Blockchain Node Engine Viewer
(roles/blockchainnodeengine.viewer)
拥有对 Blockchain Node Engine 资源的只读权限。
|
blockchainnodeengine.blockchainNodes.get
blockchainnodeengine.blockchainNodes.list
blockchainnodeengine.locations.*
blockchainnodeengine.operations.get
blockchainnodeengine.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
容量规划工具用量查看者
Beta 版
(roles/capacityplanner.viewer)
拥有对容量规划工具用量资源的只读权限
|
capacityplanner.*
cloudquotas.quotas.get
compute.futureReservations.get
compute.futureReservations.list
compute.reservations.get
compute.reservations.list
monitoring.timeSeries.list
resourcemanager.folders.get
resourcemanager.organizations.get
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
|
Care Studio Patients Viewer
(roles/carestudio.viewer)
此角色可以查看患者的所有属性。
|
carestudio.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Chronicle Service Admin
(roles/chroniclesm.admin)
Admin 可以查看和修改 Chronicle 服务详情。
|
chroniclesm.*
|
Chronicle Service Viewer
(roles/chroniclesm.viewer)
Viewer 可以查看 Chronicle 服务详情,但无法对其进行更改。
|
chroniclesm.gcpAssociations.get
chroniclesm.gcpLogFlowFilters.get
chroniclesm.gcpSettings.get
|
Location reader
Beta 版
(roles/cloud.locationReader)
可以读取和枚举可用于创建资源的位置。
|
cloud.*
|
Code Repository Indexes Admin
Beta 版
(roles/cloudaicompanion.codeRepositoryIndexesAdmin)
授予对代码库索引资源的完整访问权限。
|
cloudaicompanion.codeRepositoryIndexes.*
cloudaicompanion.operations.*
cloudaicompanion.repositoryGroups.create
cloudaicompanion.repositoryGroups.delete
cloudaicompanion.repositoryGroups.get
cloudaicompanion.repositoryGroups.getIamPolicy
cloudaicompanion.repositoryGroups.list
cloudaicompanion.repositoryGroups.setIamPolicy
cloudaicompanion.repositoryGroups.update
resourcemanager.projects.get
resourcemanager.projects.list
|
代码库索引查看者
Beta 版
(roles/cloudaicompanion.codeRepositoryIndexesViewer)
授予对 Code Repository Indexes 资源的只读权限。
|
cloudaicompanion.codeRepositoryIndexes.get
cloudaicompanion.codeRepositoryIndexes.list
cloudaicompanion.operations.get
cloudaicompanion.operations.list
cloudaicompanion.repositoryGroups.get
cloudaicompanion.repositoryGroups.getIamPolicy
cloudaicompanion.repositoryGroups.list
resourcemanager.projects.get
resourcemanager.projects.list
|
代码库组用户
Beta 版
(roles/cloudaicompanion.repositoryGroupsUser)
授予对代码库索引代码库组的读取/使用权限。
|
cloudaicompanion.codeRepositoryIndexes.get
cloudaicompanion.repositoryGroups.get
cloudaicompanion.repositoryGroups.getIamPolicy
cloudaicompanion.repositoryGroups.use
|
Gemini for Google Cloud 用户
Beta 版
(roles/cloudaicompanion.user)
可以使用 Gemini for Google Cloud 的用户
|
cloudaicompanion.companions.*
cloudaicompanion.entitlements.get
cloudaicompanion.instances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud Controls 合作伙伴管理员
(roles/cloudcontrolspartner.admin)
拥有对 Cloud Controls 合作伙伴资源的完全访问权限。
|
cloudcontrolspartner.accessapprovalrequests.list
cloudcontrolspartner.customers.*
cloudcontrolspartner.ekmconnections.get
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.partnerpermissions.get
cloudcontrolspartner.partners.get
cloudcontrolspartner.platformcontrols.get
cloudcontrolspartner.violations.list
cloudcontrolspartner.workloads.list
|
Cloud Controls Partner Editor
(roles/cloudcontrolspartner.editor)
拥有对 Cloud Controls 合作伙伴资源的修改权限。
|
cloudcontrolspartner.*
|
Cloud Controls 合作伙伴可检查性读取者
(roles/cloudcontrolspartner.inspectabilityReader)
拥有对 Cloud Controls 合作伙伴可检查性资源的只读权限。
|
cloudcontrolspartner.customers.*
cloudcontrolspartner.inspectabilityevents.get
cloudcontrolspartner.platformcontrols.get
|
Cloud Controls Partner Monitoring Reader
(roles/cloudcontrolspartner.monitoringReader)
拥有对 Cloud Controls 合作伙伴监控资源的只读权限。
|
cloudcontrolspartner.customers.*
cloudcontrolspartner.violations.*
cloudcontrolspartner.workloads.*
|
Cloud Controls 合作伙伴读取者
(roles/cloudcontrolspartner.reader)
拥有对 Cloud Controls 合作伙伴资源的只读权限。
|
cloudcontrolspartner.*
|
Cloud Optimization AI Admin
(roles/cloudoptimization.admin)
Cloud Optimization AI 资源的管理员
|
cloudoptimization.*
|
Cloud Optimization AI Editor
(roles/cloudoptimization.editor)
Cloud Optimization AI 资源的编辑者
|
cloudoptimization.*
|
Cloud Optimization AI Viewer
(roles/cloudoptimization.viewer)
Cloud Optimization AI 资源的查看者
|
cloudoptimization.operations.get
|
Cloud Quotas Admin
Beta 版
(roles/cloudquotas.admin)
拥有对 Cloud 配额资源的完整访问权限。
|
cloudquotas.*
monitoring.timeSeries.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Cloud 配额查看者
Beta 版
(roles/cloudquotas.viewer)
拥有对 Cloud 配额资源的只读权限。
|
cloudquotas.quotas.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Commerce 协议发布管理员
Beta 版
(roles/commerceagreementpublishing.admin)
可以管理 Commerce Agreement Publishing 服务
|
commerceagreementpublishing.*
resourcemanager.projects.get
resourcemanager.projects.list
|
商业协议发布查看者
Beta 版
(roles/commerceagreementpublishing.viewer)
可以查看 Commerce Agreement Publishing 服务
|
commerceagreementpublishing.agreements.get
commerceagreementpublishing.agreements.list
commerceagreementpublishing.documents.get
commerceagreementpublishing.documents.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Confidential Space Workload User
(roles/confidentialcomputing.workloadUser)
授予生成证明令牌并在虚拟机中运行工作负载的权限。适用于在 Confidential Space 虚拟机上运行的服务账号。
|
confidentialcomputing.*
logging.logEntries.create
|
ConfigDelivery 管理员
Beta 版
(roles/configdelivery.configDeliveryAdmin)
授予对所有 Config Delivery 资源的完整访问权限。让用户能够创建、移除和管理舰队软件包及资源包。
|
configdelivery.*
resourcemanager.projects.get
resourcemanager.projects.list
|
ConfigDelivery 查看者
Beta 版
(roles/configdelivery.configDeliveryViewer)
授予对所有 Config Delivery 资源的读取权限。让用户能够查看现有的舰队软件包和资源包,但不能进行任何更改。
|
configdelivery.fleetPackages.get
configdelivery.fleetPackages.list
configdelivery.locations.*
configdelivery.operations.get
configdelivery.operations.list
configdelivery.releases.get
configdelivery.releases.list
configdelivery.resourceBundles.get
configdelivery.resourceBundles.list
configdelivery.rollouts.get
configdelivery.rollouts.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Config Delivery 资源包发布者
Beta 版
(roles/configdelivery.resourceBundlePublisher)
授予对 Config Delivery ResourceBundle 和 Release 的读取和写入权限。
|
configdelivery.locations.*
configdelivery.operations.get
configdelivery.operations.list
configdelivery.releases.create
configdelivery.releases.get
configdelivery.releases.list
configdelivery.releases.update
configdelivery.resourceBundles.create
configdelivery.resourceBundles.get
configdelivery.resourceBundles.list
configdelivery.resourceBundles.update
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenteraiplatform.admin)
拥有对 Contact Center AI Platform 资源的完整访问权限。
|
contactcenteraiplatform.*
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenteraiplatform.viewer)
拥有对 Contact Center AI Platform 资源的只读权限。
|
contactcenteraiplatform.contactCenters.get
contactcenteraiplatform.contactCenters.list
contactcenteraiplatform.locations.*
contactcenteraiplatform.operations.get
contactcenteraiplatform.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/contactcenterinsights.editor)
可授予所有 Contact Center AI Insights 资源的读写权限。
|
contactcenterinsights.*
|
|
(roles/contactcenterinsights.viewer)
授予对所有 Contact Center AI Insights 资源的读取访问权限。
|
contactcenterinsights.analyses.get
contactcenterinsights.analyses.list
contactcenterinsights.analysisRules.get
contactcenterinsights.analysisRules.list
contactcenterinsights.conversations.get
contactcenterinsights.conversations.list
contactcenterinsights.faqEntries.get
contactcenterinsights.faqEntries.list
contactcenterinsights.faqModels.get
contactcenterinsights.faqModels.list
contactcenterinsights.feedbackLabels.get
contactcenterinsights.feedbackLabels.list
contactcenterinsights.issueModels.get
contactcenterinsights.issueModels.list
contactcenterinsights.issues.get
contactcenterinsights.issues.list
contactcenterinsights.operations.get
contactcenterinsights.operations.list
contactcenterinsights.phraseMatchers.get
contactcenterinsights.phraseMatchers.list
contactcenterinsights.qaQuestions.get
contactcenterinsights.qaQuestions.list
contactcenterinsights.qaScorecardRevisions.get
contactcenterinsights.qaScorecardRevisions.list
contactcenterinsights.qaScorecards.get
contactcenterinsights.qaScorecards.list
contactcenterinsights.settings.get
contactcenterinsights.views.get
contactcenterinsights.views.list
|
GKE Security Posture Viewer
Beta 版
(roles/containersecurity.viewer)
拥有对 GKE Security Posture 资源的只读权限。
|
container.clusters.list
containersecurity.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Admin
(roles/contentwarehouse.admin)
授予对 Content Warehouse 中所有资源的完整访问权限
|
contentwarehouse.corpora.*
contentwarehouse.dataExportJobs.*
contentwarehouse.documentSchemas.*
contentwarehouse.documents.*
contentwarehouse.locations.*
contentwarehouse.operations.get
contentwarehouse.rawDocuments.*
contentwarehouse.ruleSets.*
contentwarehouse.synonymSets.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Admin
(roles/contentwarehouse.documentAdmin)
授予对 Content Warehouse 中的文档资源的完整访问权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.create
contentwarehouse.documents.delete
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.setIamPolicy
contentwarehouse.documents.update
contentwarehouse.links.*
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Creator
(roles/contentwarehouse.documentCreator)
授予在 Content Warehouse 中创建文档的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.documents.create
contentwarehouse.locations.getStatus
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Editor
(roles/contentwarehouse.documentEditor)
授予对 Content Warehouse 中的文档资源的更新权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.documents.update
contentwarehouse.links.*
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Document Schema Viewer
(roles/contentwarehouse.documentSchemaViewer)
授予在 Content Warehouse 中查看文档架构的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documentSchemas.list
contentwarehouse.locations.getStatus
resourcemanager.projects.get
resourcemanager.projects.list
|
Content Warehouse Viewer
(roles/contentwarehouse.documentViewer)
授予查看 Content Warehouse 中所有资源的权限
|
contentwarehouse.documentSchemas.get
contentwarehouse.documents.get
contentwarehouse.documents.getIamPolicy
contentwarehouse.links.get
contentwarehouse.locations.getStatus
contentwarehouse.rawDocuments.download
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Center Viewer
Beta 版
(roles/databasecenter.viewer)
可以查看数据库中心资源数据的 Viewer 角色
|
cloudaicompanion.entitlements.get
databasecenter.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Events Service Viewer
Beta 版
(roles/databaseinsights.eventsViewer)
可以查看事件服务数据的查看者角色
|
databaseinsights.aggregatedEvents.query
databaseinsights.clusterEvents.query
databaseinsights.instanceEvents.query
|
Database Insights Monitoring Viewer
Beta 版
(roles/databaseinsights.monitoringViewer)
可以查看 Database Insights 监控数据
|
databaseinsights.activeQueries.fetch
databaseinsights.activitySummary.fetch
databaseinsights.aggregatedStats.query
databaseinsights.locations.*
databaseinsights.timeSeries.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
执行 Database Insights 操作的角色
Beta 版
(roles/databaseinsights.operationsAdmin)
可执行 Database Insights 操作的管理员角色
|
databaseinsights.activeQuery.terminate
|
Database Insights Recommendation Viewer
Beta 版
(roles/databaseinsights.recommendationViewer)
可以查看 Database Insights 建议数据
|
databaseinsights.locations.*
databaseinsights.recommendations.query
databaseinsights.resourceRecommendations.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Database Insights Viewer
Beta 版
(roles/databaseinsights.viewer)
可以查看 Database Insights 数据
|
databaseinsights.activeQueries.fetch
databaseinsights.activitySummary.fetch
databaseinsights.aggregatedStats.query
databaseinsights.locations.*
databaseinsights.recommendations.query
databaseinsights.resourceRecommendations.query
databaseinsights.timeSeries.query
databaseinsights.workloadRecommendations.fetch
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Administrator
(roles/datalineage.admin)
可授予对 Data Lineage API 中所有资源的完整访问权限
|
datalineage.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Editor
(roles/datalineage.editor)
可授予对 Data Lineage API 中所有资源的修改权限
|
datalineage.events.*
datalineage.locations.searchLinks
datalineage.operations.get
datalineage.processes.create
datalineage.processes.get
datalineage.processes.list
datalineage.processes.update
datalineage.runs.create
datalineage.runs.get
datalineage.runs.list
datalineage.runs.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Events Producer
(roles/datalineage.producer)
可授予在 Data Lineage API 中创建所有资源的权限
|
datalineage.events.create
datalineage.processes.create
datalineage.processes.get
datalineage.processes.update
datalineage.runs.create
datalineage.runs.get
datalineage.runs.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Lineage Viewer
(roles/datalineage.viewer)
可授予对 Data Lineage API 中所有资源的读取权限
|
datalineage.events.get
datalineage.events.list
datalineage.locations.searchLinks
datalineage.processes.get
datalineage.processes.list
datalineage.runs.get
datalineage.runs.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Data Processing Controls Resource Admin
(roles/dataprocessing.admin)
能够完全管理数据处理控制设置并查看所有数据源数据的 Data processing controls admin。
|
billing.accounts.get
billing.accounts.list
dataprocessing.*
|
Data Processing Controls Data Source Manager
(roles/dataprocessing.dataSourceManager)
可以获取、列出并更新底层数据的数据处理控制数据源管理员。
|
dataprocessing.datasources.list
dataprocessing.datasources.update
|
Dataproc Resource Manager 管理员
Beta 版
(roles/dataprocrm.admin)
授予对所有 Dataproc Resource Manager 资源的完整访问权限。适用于需要创建和删除任何 Dataproc Resource Manager 资源的用户。
|
dataprocrm.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Dataproc Resource Manager Viewer
Beta 版
(roles/dataprocrm.viewer)
授予对所有 Dataproc Resource Manager 资源的读取权限。适用于需要对 Dataproc Resource Manager 资源进行只读访问的用户。
|
dataprocrm.locations.*
dataprocrm.nodePools.get
dataprocrm.nodePools.list
dataprocrm.nodes.get
dataprocrm.nodes.list
dataprocrm.nodes.mintOAuthToken
dataprocrm.operations.get
dataprocrm.operations.list
dataprocrm.workloads.get
dataprocrm.workloads.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect 管理员
Beta 版
(roles/developerconnect.admin)
拥有对 Developer Connect 资源的完整访问权限。
|
developerconnect.connections.*
developerconnect.gitRepositoryLinks.create
developerconnect.gitRepositoryLinks.delete
developerconnect.gitRepositoryLinks.fetchGitRefs
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect Read Token Accessor
Beta 版
(roles/developerconnect.readTokenAccessor)
授予对只读令牌(PAT 和短期有效的令牌)的访问权限。此外,还可以授予查看 Git 代码库链接的权限。
|
developerconnect.connections.get
developerconnect.gitRepositoryLinks.fetchReadToken
developerconnect.gitRepositoryLinks.get
|
Developer Connect Token Accessor
Beta 版
(roles/developerconnect.tokenAccessor)
授予对读写和只读令牌(PAT 和短期有效的令牌)的访问权限。此外,还可以授予查看 Git 代码库链接的权限。
|
developerconnect.connections.get
developerconnect.gitRepositoryLinks.fetchReadToken
developerconnect.gitRepositoryLinks.fetchReadWriteToken
developerconnect.gitRepositoryLinks.get
|
Developer Connect User
Beta 版
(roles/developerconnect.user)
授予查看连接和使用与实际代码库交互(例如从代码库中读取内容)的功能的权限
|
developerconnect.connections.fetchGitHubInstallations
developerconnect.connections.fetchLinkableGitRepositories
developerconnect.connections.get
developerconnect.connections.list
developerconnect.gitRepositoryLinks.fetchGitRefs
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.get
developerconnect.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Developer Connect 查看者
Beta 版
(roles/developerconnect.viewer)
拥有对 Developer Connect 资源的只读权限。
|
developerconnect.connections.get
developerconnect.connections.list
developerconnect.gitRepositoryLinks.get
developerconnect.gitRepositoryLinks.list
developerconnect.locations.*
developerconnect.operations.get
developerconnect.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine 管理员
(roles/discoveryengine.admin)
授予对所有 Discovery Engine 资源的完整访问权限。
|
discoveryengine.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine 编辑器
(roles/discoveryengine.editor)
授予对所有 Discovery Engine 资源的读写权限。
|
discoveryengine.aclConfigs.get
discoveryengine.analytics.*
discoveryengine.answers.get
discoveryengine.branches.*
discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.collections.get
discoveryengine.collections.list
discoveryengine.completionConfigs.completeQuery
discoveryengine.completionConfigs.get
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.conversations.*
discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.documentProcessingConfigs.get
discoveryengine.documents.batchGetDocumentsMetadata
discoveryengine.documents.create
discoveryengine.documents.delete
discoveryengine.documents.get
discoveryengine.documents.import
discoveryengine.documents.list
discoveryengine.documents.update
discoveryengine.engines.get
discoveryengine.engines.list
discoveryengine.engines.pause
discoveryengine.engines.resume
discoveryengine.engines.tune
discoveryengine.evaluations.get
discoveryengine.evaluations.list
discoveryengine.groundingConfigs.check
discoveryengine.models.*
discoveryengine.operations.*
discoveryengine.projects.get
discoveryengine.rankingConfigs.rank
discoveryengine.sampleQueries.*
discoveryengine.sampleQuerySets.*
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.validate
discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.sessions.*
discoveryengine.siteSearchEngines.get
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.userEvents.create
discoveryengine.userEvents.fetchStats
discoveryengine.userEvents.import
discoveryengine.widgetConfigs.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Discovery Engine User
Beta 版
(roles/discoveryengine.user)
授予对 Discovery Engine 资源的用户级访问权限。
|
discoveryengine.answers.get
discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.search
discoveryengine.sessions.get
|
Discovery Engine 查看者
(roles/discoveryengine.viewer)
授予对所有 Discovery Engine 资源的读取权限。
|
discoveryengine.aclConfigs.get
discoveryengine.analytics.*
discoveryengine.answers.get
discoveryengine.branches.*
discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.collections.get
discoveryengine.collections.list
discoveryengine.completionConfigs.completeQuery
discoveryengine.completionConfigs.get
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.conversations.converse
discoveryengine.conversations.get
discoveryengine.conversations.list
discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.documentProcessingConfigs.get
discoveryengine.documents.batchGetDocumentsMetadata
discoveryengine.documents.get
discoveryengine.documents.list
discoveryengine.engines.get
discoveryengine.engines.list
discoveryengine.evaluations.get
discoveryengine.evaluations.list
discoveryengine.groundingConfigs.check
discoveryengine.models.get
discoveryengine.models.list
discoveryengine.operations.*
discoveryengine.projects.get
discoveryengine.rankingConfigs.rank
discoveryengine.sampleQueries.get
discoveryengine.sampleQueries.list
discoveryengine.sampleQuerySets.get
discoveryengine.sampleQuerySets.list
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.validate
discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.sessions.get
discoveryengine.sessions.list
discoveryengine.siteSearchEngines.get
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.userEvents.fetchStats
discoveryengine.widgetConfigs.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Admin
Beta 版
(roles/enterprisepurchasing.admin)
拥有对 Enterprise Purchasing 资源的完整访问权限。
|
enterprisepurchasing.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Editor
Beta 版
(roles/enterprisepurchasing.editor)
拥有对 Enterprise Purchasing 资源的修改权限。
|
enterprisepurchasing.gcveCuds.get
enterprisepurchasing.gcveCuds.list
enterprisepurchasing.gcveNodePricingInfo.list
enterprisepurchasing.locations.*
enterprisepurchasing.operations.get
enterprisepurchasing.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Enterprise Purchasing Viewer
Beta 版
(roles/enterprisepurchasing.viewer)
拥有对 Enterprise Purchasing 资源的只读权限。
|
enterprisepurchasing.gcveCuds.get
enterprisepurchasing.gcveCuds.list
enterprisepurchasing.gcveNodePricingInfo.list
enterprisepurchasing.locations.*
enterprisepurchasing.operations.get
enterprisepurchasing.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/essentialcontacts.admin)
能够全面访问所有重要联系人
|
essentialcontacts.*
|
|
(roles/essentialcontacts.viewer)
能查看所有重要联系人
|
essentialcontacts.contacts.get
essentialcontacts.contacts.list
|
Firebase Cloud Messaging API Admin
Beta 版
(roles/firebasecloudmessaging.admin)
拥有对 Firebase Cloud Messaging API 资源的完整读写权限。
|
cloudmessaging.messages.create
fcmdata.deliverydata.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Firebase Crash Symbol Uploader
(roles/firebasecrash.symbolMappingsAdmin)
拥有 Firebase 崩溃报告符号映射文件资源的完全读写权限。
|
firebase.clients.get
firebase.clients.list
resourcemanager.projects.get
|
Firebase Data Connect API 管理员
Beta 版
(roles/firebasedataconnect.admin)
拥有对 Firebase Data Connect API 资源(包括数据)的完整访问权限。
|
firebasedataconnect.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Firebase Data Connect API 数据管理员
Beta 版
(roles/firebasedataconnect.dataAdmin)
拥有对数据源的完整访问权限。
|
firebasedataconnect.services.executeGraphql
firebasedataconnect.services.executeGraphqlRead
|
Firebase Data Connect API 数据查看者
Beta 版
(roles/firebasedataconnect.dataViewer)
拥有对数据源的只读权限。
|
firebasedataconnect.services.executeGraphqlRead
|
Firebase Data Connect API 查看者
Beta 版
(roles/firebasedataconnect.viewer)
拥有对 Firebase Data Connect API 资源的只读权限。角色不授予对数据的访问权限。
|
firebasedataconnect.connectorRevisions.get
firebasedataconnect.connectorRevisions.list
firebasedataconnect.connectors.get
firebasedataconnect.connectors.list
firebasedataconnect.locations.*
firebasedataconnect.operations.get
firebasedataconnect.operations.list
firebasedataconnect.schemaRevisions.get
firebasedataconnect.schemaRevisions.list
firebasedataconnect.schemas.get
firebasedataconnect.schemas.list
firebasedataconnect.services.get
firebasedataconnect.services.list
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Admin
Beta 版
(roles/gdchardwaremanagement.admin)
拥有对 GDC Hardware Management 资源的完整访问权限。
|
gdchardwaremanagement.*
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC 硬件管理运营商
Beta 版
(roles/gdchardwaremanagement.operator)
可以创建、读取和更新支持此类操作的 GDC Hardware Management 资源。还会授予对 HardwareGroup 资源的删除权限。
|
gdchardwaremanagement.changeLogEntries.*
gdchardwaremanagement.comments.*
gdchardwaremanagement.hardware.*
gdchardwaremanagement.hardwareGroups.*
gdchardwaremanagement.locations.*
gdchardwaremanagement.operations.get
gdchardwaremanagement.operations.list
gdchardwaremanagement.orders.create
gdchardwaremanagement.orders.get
gdchardwaremanagement.orders.list
gdchardwaremanagement.orders.update
gdchardwaremanagement.sites.*
gdchardwaremanagement.skus.*
gdchardwaremanagement.zones.*
resourcemanager.projects.get
resourcemanager.projects.list
|
GDC Hardware Management Reader
Beta 版
(roles/gdchardwaremanagement.reader)
拥有对 GDC Hardware Management 资源的只读权限。
|
gdchardwaremanagement.changeLogEntries.*
gdchardwaremanagement.comments.get
gdchardwaremanagement.comments.list
gdchardwaremanagement.hardware.get
gdchardwaremanagement.hardware.list
gdchardwaremanagement.hardwareGroups.get
gdchardwaremanagement.hardwareGroups.list
gdchardwaremanagement.locations.*
gdchardwaremanagement.operations.get
gdchardwaremanagement.operations.list
gdchardwaremanagement.orders.get
gdchardwaremanagement.orders.list
gdchardwaremanagement.sites.get
gdchardwaremanagement.sites.list
gdchardwaremanagement.skus.*
gdchardwaremanagement.zones.get
gdchardwaremanagement.zones.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/identityplatform.admin)
拥有对 Identity Platform 资源的完全访问权限。
|
firebaseauth.*
identitytoolkit.*
|
|
(roles/identityplatform.viewer)
拥有对 Identity Platform 资源的读取权限。
|
firebaseauth.configs.get
firebaseauth.users.get
identitytoolkit.tenants.get
identitytoolkit.tenants.getIamPolicy
identitytoolkit.tenants.list
|
|
(roles/identitytoolkit.admin)
拥有对 Identity Toolkit 资源的完全访问权限。
|
firebaseauth.*
identitytoolkit.*
|
|
(roles/identitytoolkit.viewer)
拥有对 Identity Toolkit 资源的读取权限。
|
firebaseauth.configs.get
firebaseauth.users.get
identitytoolkit.tenants.get
identitytoolkit.tenants.getIamPolicy
identitytoolkit.tenants.list
|
Apigee Integration Admin
(roles/integrations.apigeeIntegrationAdminRole)
拥有对所有 Apigee 集成的完整访问权限的用户。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeAuthConfigs.*
integrations.apigeeCertificates.*
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.*
integrations.apigeeSfdcInstances.*
integrations.apigeeSuspensions.*
integrations.authConfigs.*
integrations.certificates.*
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.*
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Deployer
(roles/integrations.apigeeIntegrationDeployerRole)
可在集成运行时中部署/取消部署 Apigee 集成的开发者。
|
integrations.apigeeIntegrationVers.deploy
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Editor
(roles/integrations.apigeeIntegrationEditorRole)
可以列出、创建和更新 Apigee 集成的开发者。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeAuthConfigs.create
integrations.apigeeAuthConfigs.get
integrations.apigeeAuthConfigs.list
integrations.apigeeAuthConfigs.update
integrations.apigeeCertificates.create
integrations.apigeeCertificates.get
integrations.apigeeCertificates.list
integrations.apigeeCertificates.update
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.create
integrations.apigeeSfdcChannels.get
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcChannels.update
integrations.apigeeSfdcInstances.create
integrations.apigeeSfdcInstances.get
integrations.apigeeSfdcInstances.list
integrations.apigeeSfdcInstances.update
integrations.authConfigs.create
integrations.authConfigs.get
integrations.authConfigs.list
integrations.authConfigs.update
integrations.certificates.get
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Invoker
(roles/integrations.apigeeIntegrationInvokerRole)
可以调用 Apigee 集成的角色。
|
connectors.actions.*
connectors.connections.executeSqlQuery
connectors.entities.*
connectors.entityTypes.list
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.*
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.get
integrations.integrationVersions.invoke
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Viewer
(roles/integrations.apigeeIntegrationsViewer)
可以列出和查看 Apigee 集成的开发者。
|
integrations.apigeeAuthConfigs.list
integrations.apigeeCertificates.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcInstances.list
integrations.authConfigs.get
integrations.authConfigs.list
integrations.certificates.get
integrations.certificates.list
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.list
integrations.sfdcChannels.list
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Apigee Integration Approver
(roles/integrations.apigeeSuspensionResolver)
可以批准/拒绝包含暂停/等待任务的 Apigee 集成的角色。
|
integrations.apigeeSuspensions.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Certificate Viewer
(roles/integrations.certificateViewer)
可以列出和查看证书的开发者。
|
integrations.certificates.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Admin
(roles/integrations.integrationAdmin)
拥有对所有集成的完整访问权限 (CRUD) 的用户。
|
integrations.apigeeAuthConfigs.*
integrations.apigeeCertificates.*
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.*
integrations.apigeeSfdcInstances.*
integrations.apigeeSuspensions.*
integrations.authConfigs.*
integrations.certificates.*
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.*
integrations.sfdcChannels.*
integrations.sfdcInstances.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Deployer
(roles/integrations.integrationDeployer)
可在集成运行时中部署/取消部署集成的开发者。
|
integrations.apigeeIntegrationVers.deploy
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.deploy
integrations.integrations.get
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Editor
(roles/integrations.integrationEditor)
可以列出、创建和更新集成的开发者。
|
integrations.apigeeAuthConfigs.create
integrations.apigeeAuthConfigs.get
integrations.apigeeAuthConfigs.list
integrations.apigeeAuthConfigs.update
integrations.apigeeCertificates.create
integrations.apigeeCertificates.get
integrations.apigeeCertificates.list
integrations.apigeeCertificates.update
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.*
integrations.apigeeIntegrations.*
integrations.apigeeSfdcChannels.create
integrations.apigeeSfdcChannels.get
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcChannels.update
integrations.apigeeSfdcInstances.create
integrations.apigeeSfdcInstances.get
integrations.apigeeSfdcInstances.list
integrations.apigeeSfdcInstances.update
integrations.authConfigs.create
integrations.authConfigs.get
integrations.authConfigs.list
integrations.authConfigs.update
integrations.certificates.get
integrations.executions.*
integrations.integrationVersions.create
integrations.integrationVersions.delete
integrations.integrationVersions.deploy
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrationVersions.update
integrations.integrations.create
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
integrations.integrations.update
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Invoker
(roles/integrations.integrationInvoker)
可以调用集成的角色。
|
integrations.apigeeExecutions.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.*
integrations.executions.*
integrations.integrationVersions.get
integrations.integrationVersions.invoke
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.invoke
integrations.integrations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Viewer
(roles/integrations.integrationViewer)
可以列出和查看集成的开发者。
|
integrations.apigeeAuthConfigs.list
integrations.apigeeCertificates.list
integrations.apigeeIntegrationVers.get
integrations.apigeeIntegrationVers.list
integrations.apigeeIntegrations.list
integrations.apigeeSfdcChannels.list
integrations.apigeeSfdcInstances.list
integrations.authConfigs.get
integrations.authConfigs.list
integrations.certificates.get
integrations.certificates.list
integrations.executions.get
integrations.executions.list
integrations.integrationVersions.get
integrations.integrationVersions.list
integrations.integrations.get
integrations.integrations.list
integrations.sfdcChannels.list
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Security Integration Admin
Beta 版
(roles/integrations.securityIntegrationAdmin)
拥有对所有安全集成的完整访问权限的用户。
|
integrations.securityAuthConfigs.*
integrations.securityExecutions.*
integrations.securityIntegTempVers.*
integrations.securityIntegrationVers.*
integrations.securityIntegrations.*
|
Application Integration SFDC Instance Admin
(roles/integrations.sfdcInstanceAdmin)
拥有对所有 SFDC 实例的完整访问权限 (CRUD) 的用户。
|
integrations.sfdcChannels.*
integrations.sfdcInstances.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration SFDC Instance Editor
(roles/integrations.sfdcInstanceEditor)
可以列出、创建和更新集成的开发者。
|
integrations.sfdcChannels.create
integrations.sfdcChannels.get
integrations.sfdcChannels.list
integrations.sfdcChannels.update
integrations.sfdcInstances.create
integrations.sfdcInstances.get
integrations.sfdcInstances.list
integrations.sfdcInstances.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration SFDC Instance Viewer
(roles/integrations.sfdcInstanceViewer)
可以列出和查看 SFDC 实例的开发者。
|
integrations.sfdcChannels.get
integrations.sfdcChannels.list
integrations.sfdcInstances.get
integrations.sfdcInstances.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Application Integration Approver
(roles/integrations.suspensionResolver)
此角色可以解决已暂停的集成的相关问题。
|
integrations.apigeeSuspensions.*
integrations.suspensions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Admin
Beta 版
(roles/issuerswitch.accountManagerAdmin)
此角色可以执行所有与账号管理员相关的操作
|
issuerswitch.accountManagerTransactions.*
issuerswitch.managedAccounts.*
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch 账号管理器交易管理员
Beta 版
(roles/issuerswitch.accountManagerTransactionsAdmin)
此角色可以执行所有与账号管理员事务相关的操作
|
issuerswitch.accountManagerTransactions.*
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Account Manager Transactions Viewer
Beta 版
(roles/issuerswitch.accountManagerTransactionsViewer)
此角色可以查看所有账号管理员事务
|
issuerswitch.accountManagerTransactions.list
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Admin
Beta 版
(roles/issuerswitch.admin)
拥有对所有颁发机构切换角色的权限
|
issuerswitch.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch 参与者管理员
Beta 版
(roles/issuerswitch.issuerParticipantsAdmin)
拥有对 Issuerswitch 参与者的完整访问权限
|
issuerswitch.issuerParticipants.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Resolutions Admin
Beta 版
(roles/issuerswitch.resolutionsAdmin)
拥有对颁发机构切换解决方案的完整访问权限
|
issuerswitch.complaintTransactions.list
issuerswitch.complaints.*
issuerswitch.disputes.*
issuerswitch.operations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Rules Admin
Beta 版
(roles/issuerswitch.rulesAdmin)
拥有对颁发机构切换规则的完整访问权限
|
issuerswitch.ruleMetadata.list
issuerswitch.ruleMetadataValues.*
issuerswitch.rules.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Rules Viewer
Beta 版
(roles/issuerswitch.rulesViewer)
此角色可以查看规则和相关元数据。
|
issuerswitch.ruleMetadata.list
issuerswitch.ruleMetadataValues.list
issuerswitch.rules.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Issuerswitch Transactions Viewer
Beta 版
(roles/issuerswitch.transactionsViewer)
此角色可以查看所有事务
|
issuerswitch.complaintTransactions.list
issuerswitch.financialTransactions.list
issuerswitch.mandateTransactions.list
issuerswitch.metadataTransactions.list
issuerswitch.operations.get
issuerswitch.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/kubernetesmetadata.publisher)
Kubernetes 集群元数据的发布方
|
kubernetesmetadata.*
|
代管式 Flink 管理员
Beta 版
(roles/managedflink.admin)
拥有对托管式 Flink 资源的完整访问权限。
|
managedflink.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Managed Flink Developer
Beta 版
(roles/managedflink.developer)
拥有对托管式 Flink 作业和会话的完整访问权限以及对部署的读取权限。
|
managedflink.deployments.get
managedflink.deployments.list
managedflink.jobs.*
managedflink.locations.*
managedflink.operations.get
managedflink.operations.list
managedflink.sessions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
代管式 Flink 查看器
Beta 版
(roles/managedflink.viewer)
拥有对代管式 Flink 资源的只读权限。
|
managedflink.deployments.get
managedflink.deployments.list
managedflink.jobs.get
managedflink.jobs.list
managedflink.locations.*
managedflink.operations.get
managedflink.operations.list
managedflink.sessions.get
managedflink.sessions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Managed Kafka Admin
Beta 版
(roles/managedkafka.admin)
拥有对 Managed Kafka 资源的完整访问权限。
|
managedkafka.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Client
Beta 版
(roles/managedkafka.client)
提供连接集群中 Kafka 服务器的权限,例如提供 Kafka 数据平面访问权限。适用于一些用户,如提供方和使用方。
|
managedkafka.clusters.connect
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.*
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Cluster Editor
Beta 版
(roles/managedkafka.clusterEditor)
提供对 Kafka 集群的读写权限。适用于一些用户,例如,预配 Kafka 集群但无需读取或修改主题或使用方群组的 IT 部门。
|
managedkafka.clusters.create
managedkafka.clusters.delete
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.clusters.update
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.get
managedkafka.topics.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Consumer Group Editor
Beta 版
(roles/managedkafka.consumerGroupEditor)
提供对使用方群组元数据的读写权限。适用于配置使用方群组的开发者等用户。
|
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.*
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.get
managedkafka.topics.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Topic Editor
Beta 版
(roles/managedkafka.topicEditor)
提供对主题元数据的读写权限。适用于配置主题的开发者等用户。
|
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.*
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Managed Kafka Viewer
Beta 版
(roles/managedkafka.viewer)
拥有对托管 Kafka 资源的只读权限。
|
managedkafka.clusters.get
managedkafka.clusters.list
managedkafka.consumerGroups.get
managedkafka.consumerGroups.list
managedkafka.locations.*
managedkafka.operations.get
managedkafka.operations.list
managedkafka.topics.get
managedkafka.topics.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.quotas.get
serviceusage.services.get
serviceusage.services.list
|
Mandiant Attack Surface Management Editor
Beta 版
(roles/mandiant.attackSurfaceManagementEditor)
拥有对 Attack Surface Management 的写入权限
|
mandiant.genericAttackSurfaceManagements.create
mandiant.genericAttackSurfaceManagements.delete
mandiant.genericAttackSurfaceManagements.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Attack Surface Management Viewer
Beta 版
(roles/mandiant.attackSurfaceManagementViewer)
拥有对 Attack Surface Management 的读取权限
|
mandiant.genericAttackSurfaceManagements.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Digital Threat Monitoring Editor
Beta 版
(roles/mandiant.digitalThreatMonitoringEditor)
拥有对 Digital Threat Monitoring 的写入权限
|
mandiant.genericDigitalThreatMonitorings.create
mandiant.genericDigitalThreatMonitorings.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Digital Threat Monitoring Viewer
Beta 版
(roles/mandiant.digitalThreatMonitoringViewer)
拥有对 Digital Threat Monitoring 的读取权限
|
mandiant.genericDigitalThreatMonitorings.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Expertise On Demand Editor
Beta 版
(roles/mandiant.expertiseOnDemandEditor)
拥有对 Expertise On Demand 的写入权限
|
mandiant.genericExpertiseOnDemands.create
mandiant.genericExpertiseOnDemands.delete
mandiant.genericExpertiseOnDemands.update
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Expertise On Demand Viewer
Beta 版
(roles/mandiant.expertiseOnDemandViewer)
拥有对 Expertise On Demand 的读取权限
|
mandiant.genericExpertiseOnDemands.get
mandiant.genericPlatforms.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Threat Intel Editor
Beta 版
(roles/mandiant.threatIntelEditor)
拥有对 Threat Intel 的写入权限
|
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
mandiant.genericThreatIntels.create
mandiant.genericThreatIntels.delete
mandiant.genericThreatIntels.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Threat Intel Viewer
Beta 版
(roles/mandiant.threatIntelViewer)
拥有对 Threat Intel 的读取权限
|
mandiant.genericPlatforms.get
mandiant.genericThreatIntels.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Validation Editor
Beta 版
(roles/mandiant.validationEditor)
拥有对 Validation 的写入权限
|
mandiant.genericPlatforms.create
mandiant.genericPlatforms.delete
mandiant.genericPlatforms.update
mandiant.genericValidations.create
mandiant.genericValidations.delete
mandiant.genericValidations.update
resourcemanager.projects.get
resourcemanager.projects.list
|
Mandiant Validation Viewer
Beta 版
(roles/mandiant.validationViewer)
拥有对 Validation 的读取权限
|
mandiant.genericPlatforms.get
mandiant.genericValidations.get
resourcemanager.projects.get
resourcemanager.projects.list
|
移动解决方案超额用量查看者
Beta 版
(roles/mapsanalytics.mobilitySolutionsOverageViewer)
可授予对移动解决方案超额用量指标数据的只读权限。
|
mapsanalytics.metricData.queryMobilitySolutionsOverageData
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.list
|
Maps Analytics Viewer
Beta 版
(roles/mapsanalytics.viewer)
可授予对所有 Maps Analytics 资源的只读权限。
|
mapsanalytics.metricData.query
mapsanalytics.metricMetadata.list
resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.list
|
|
(roles/mapsplatformdatasets.admin)
授予对所有 Maps Platform Datasets API 资源的读写权限
|
mapsadmin.clientStyles.*
mapsplatformdatasets.*
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/mapsplatformdatasets.viewer)
授予对所有 Maps Platform Datasets API 资源的只读权限
|
mapsadmin.clientStyles.get
mapsadmin.clientStyles.list
mapsplatformdatasets.datasets.export
mapsplatformdatasets.datasets.get
mapsplatformdatasets.datasets.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace Solutions Admin
Beta 版
(roles/marketplacesolutions.admin)
拥有对 Marketplace 解决方案资源的完整访问权限。
|
marketplacesolutions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace 解决方案编辑者
Beta 版
(roles/marketplacesolutions.editor)
拥有对 Marketplace 解决方案资源的修改权限。
|
marketplacesolutions.locations.*
marketplacesolutions.operations.get
marketplacesolutions.operations.list
marketplacesolutions.powerImages.*
marketplacesolutions.powerInstances.get
marketplacesolutions.powerInstances.list
marketplacesolutions.powerInstances.update
marketplacesolutions.powerNetworks.*
marketplacesolutions.powerSshKeys.*
marketplacesolutions.powerVolumes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Marketplace 解决方案查看者
Beta 版
(roles/marketplacesolutions.viewer)
拥有对 Marketplace 解决方案资源的只读权限。
|
marketplacesolutions.locations.*
marketplacesolutions.operations.get
marketplacesolutions.operations.list
marketplacesolutions.powerImages.*
marketplacesolutions.powerInstances.get
marketplacesolutions.powerInstances.list
marketplacesolutions.powerNetworks.*
marketplacesolutions.powerSshKeys.*
marketplacesolutions.powerVolumes.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Memorystore 管理员
Beta 版
(roles/memorystore.admin)
拥有对 Memorystore 资源的完整访问权限。
|
memorystore.instances.create
memorystore.instances.delete
memorystore.instances.get
memorystore.instances.list
memorystore.instances.update
memorystore.locations.*
memorystore.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Memorystore DB Connector User
Beta 版
(roles/memorystore.dbConnectionUser)
可以连接到 Memorystore Server 数据库。
|
memorystore.instances.connect
|
Memorystore Viewer
Beta 版
(roles/memorystore.viewer)
拥有对 Memorystore 资源的只读权限。
|
memorystore.instances.get
memorystore.instances.list
memorystore.locations.*
memorystore.operations.get
memorystore.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Admin
(roles/nestconsole.homeDeveloperAdmin)
拥有对 Google Home 开发者控制台资源的管理员权限
|
nestconsole.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Editor
(roles/nestconsole.homeDeveloperEditor)
拥有对 Google Home 开发者控制台资源的读写权限
|
nestconsole.smarthomePreviews.update
nestconsole.smarthomeProjects.get
nestconsole.smarthomeProjects.update
nestconsole.smarthomeVersions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Home Developer Console Reader
(roles/nestconsole.homeDeveloperViewer)
拥有对 Google Home 开发者控制台资源的只读权限
|
nestconsole.smarthomeProjects.get
nestconsole.smarthomeVersions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Cloud NetApp Volumes 管理员
Beta 版
(roles/netapp.admin)
拥有对 Google Cloud NetApp Volumes 资源的完整访问权限。
|
netapp.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Google Cloud NetApp Volumes Viewer
Beta 版
(roles/netapp.viewer)
拥有对 Google Cloud NetApp Volumes 资源的只读权限。
|
netapp.activeDirectories.get
netapp.activeDirectories.list
netapp.backupPolicies.get
netapp.backupPolicies.list
netapp.backupVaults.get
netapp.backupVaults.list
netapp.backups.get
netapp.backups.list
netapp.kmsConfigs.get
netapp.kmsConfigs.list
netapp.locations.*
netapp.operations.get
netapp.operations.list
netapp.replications.get
netapp.replications.list
netapp.snapshots.get
netapp.snapshots.list
netapp.storagePools.get
netapp.storagePools.list
netapp.volumes.get
netapp.volumes.list
resourcemanager.projects.get
resourcemanager.projects.list
|
OAuth Config Editor
Beta 版
(roles/oauthconfig.editor)
拥有对 OAuth 配置资源的读写权限
|
clientauthconfig.*
oauthconfig.*
|
OAuth Config Viewer
Beta 版
(roles/oauthconfig.viewer)
拥有对 OAuth 配置资源的只读权限
|
clientauthconfig.brands.get
clientauthconfig.brands.list
clientauthconfig.clients.get
clientauthconfig.clients.list
oauthconfig.clientpolicy.get
oauthconfig.testusers.get
oauthconfig.verification.get
|
Observability Admin
Beta 版
(roles/observability.admin)
拥有对 Observability 资源的完整访问权限。
|
observability.*
|
Observability Editor
Beta 版
(roles/observability.editor)
拥有对 Observability 资源的修改权限。
|
observability.*
|
Observability Viewer
Beta 版
(roles/observability.viewer)
拥有对 Observability 资源的只读权限。
|
observability.scopes.get
|
Oracle Database@Google Cloud admin
(roles/oracledatabase.admin)
可授予管理所有 Oracle 数据库资源的完整访问权限。
|
oracledatabase.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Autonomous Database Admin
(roles/oracledatabase.autonomousDatabaseAdmin)
可授予管理所有 Autonomous Database 资源的完整访问权限。
|
oracledatabase.autonomousDatabaseBackups.*
oracledatabase.autonomousDatabaseCharacterSets.list
oracledatabase.autonomousDatabases.*
oracledatabase.autonomousDbVersions.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Autonomous Database Viewer
(roles/oracledatabase.autonomousDatabaseViewer)
授予查看所有 Autonomous Database 资源的读取权限。
|
oracledatabase.autonomousDatabaseBackups.get
oracledatabase.autonomousDatabaseBackups.list
oracledatabase.autonomousDatabaseCharacterSets.list
oracledatabase.autonomousDatabases.generateWallet
oracledatabase.autonomousDatabases.get
oracledatabase.autonomousDatabases.list
oracledatabase.autonomousDbVersions.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Exadata 基础架构管理员
(roles/oracledatabase.cloudExadataInfrastructureAdmin)
可授予管理所有 Exadata Infrastructure 资源的完整访问权限。
|
oracledatabase.cloudExadataInfrastructures.create
oracledatabase.cloudExadataInfrastructures.delete
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.cloudExadataInfrastructures.update
oracledatabase.dbServers.list
oracledatabase.dbSystemShapes.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Exadata Infrastructure Viewer
(roles/oracledatabase.cloudExadataInfrastructureViewer)
授予查看所有 Exadata Infrastructure 资源的读取权限。
|
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.dbServers.list
oracledatabase.dbSystemShapes.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud VM Cluster Admin
(roles/oracledatabase.cloudVmClusterAdmin)
授予管理所有虚拟机集群资源的完整权限。
|
oracledatabase.cloudExadataInfrastructures.use
oracledatabase.cloudVmClusters.*
oracledatabase.dbNodes.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud VM Cluster Viewer
(roles/oracledatabase.cloudVmClusterViewer)
授予查看所有虚拟机集群资源的读取权限。
|
oracledatabase.cloudVmClusters.get
oracledatabase.cloudVmClusters.list
oracledatabase.dbNodes.list
oracledatabase.entitlements.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Oracle Database@Google Cloud Viewer
(roles/oracledatabase.viewer)
授予对所有 Oracle 数据库资源的查看权限。
|
oracledatabase.autonomousDatabaseBackups.get
oracledatabase.autonomousDatabaseBackups.list
oracledatabase.autonomousDatabaseCharacterSets.list
oracledatabase.autonomousDatabases.generateWallet
oracledatabase.autonomousDatabases.get
oracledatabase.autonomousDatabases.list
oracledatabase.autonomousDbVersions.list
oracledatabase.cloudExadataInfrastructures.get
oracledatabase.cloudExadataInfrastructures.list
oracledatabase.cloudVmClusters.get
oracledatabase.cloudVmClusters.list
oracledatabase.dbNodes.list
oracledatabase.dbServers.list
oracledatabase.dbSystemShapes.list
oracledatabase.entitlements.list
oracledatabase.giVersions.list
oracledatabase.locations.*
oracledatabase.operations.get
oracledatabase.operations.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Admin
Beta 版
(roles/paymentsresellersubscription.partnerAdmin)
拥有对所有 Payments Reseller 资源(包括订阅、产品和促销活动)的完全访问权限
|
paymentsresellersubscription.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Viewer
Beta 版
(roles/paymentsresellersubscription.partnerViewer)
拥有对所有 Payments Reseller 资源(包括订阅、产品和促销活动)的读取权限
|
paymentsresellersubscription.products.list
paymentsresellersubscription.promotions.list
paymentsresellersubscription.subscriptions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Products Viewer
Beta 版
(roles/paymentsresellersubscription.productViewer)
拥有对 Payments Reseller 产品资源的读取权限
|
paymentsresellersubscription.products.list
resourcemanager.projects.get
resourcemanager.projects.list
|
|
(roles/paymentsresellersubscription.promotionViewer)
拥有对 Payments Reseller 促销活动资源的读取权限
|
paymentsresellersubscription.promotions.list
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Subscriptions Editor
Beta 版
(roles/paymentsresellersubscription.subscriptionEditor)
拥有对 Payments Reseller 订阅资源的写入权限
|
paymentsresellersubscription.subscriptions.*
resourcemanager.projects.get
resourcemanager.projects.list
|
Payments Reseller Subscriptions Viewer
Beta 版
(roles/paymentsresellersubscription.subscriptionViewer)
拥有对 Payments Reseller 订阅资源的读取权限
|
paymentsresellersubscription.subscriptions.get
resourcemanager.projects.get
resourcemanager.projects.list
|
Activity Analysis Viewer
Beta 版
(roles/policyanalyzer.activityAnalysisViewer)
可以读取所有活动分析数据的 Viewer 用户。
|
policyanalyzer.*
|
|
(roles/policyremediatormanager.policyRemediatorAdmin)
授予启用和停用组织 Policy Remediator 的权限
|
policyremediatormanager.*
|
|
(roles/policyremediatormanager.policyRemediatorReader)
授予读取/查看组织的 Policy Remediator 状态的权限
|
policyremediatormanager.locations.*
policyremediatormanager.operations.get
policyremediatormanager.operations.list
policyremediatormanager.remediatorServices.get
|
Simulator Admin
Beta 版
(roles/policysimulator.admin)
可以运行和访问重放的管理员用户。
|
policysimulator.replayResults.list
policysimulator.replays.*
|
组织政策模拟器管理员
Beta 版
(roles/policysimulator.orgPolicyAdmin)
可以运行和访问模拟的组织政策管理员。
|
cloudasset.assets.analyzeOrgPolicy
cloudasset.assets.exportResource
cloudasset.assets.listResource
cloudasset.assets.searchAllResources
orgpolicy.customConstraints.get
orgpolicy.customConstraints.list
orgpolicy.policies.list
orgpolicy.policy.get
policysimulator.orgPolicyViolations.list
policysimulator.orgPolicyViolationsPreviews.*
resourcemanager.organizations.get
|
External Account Key Creator
Beta 版
(roles/publicca.externalAccountKeyCreator)
此角色可以创建新的 externalAccountKey 资源。
|
publicca.externalAccountKeys.create
resourcemanager.projects.get
resourcemanager.projects.list
|
Subscription Linking Admin
(roles/readerrevenuesubscriptionlinking.admin)
拥有对出版物读者资源的完整访问权限
|
readerrevenuesubscriptionlinking.*
resourcemanager.projects.get
resourcemanager.projects.list
|
订阅关联使用权查看者
(roles/readerrevenuesubscriptionlinking.entitlementsViewer)
此角色可以查看所有出版物读者权益
|
readerrevenuesubscriptionlinking.readerEntitlements.get
|
Subscription Linking Viewer
(roles/readerrevenuesubscriptionlinking.viewer)
此角色可以查看所有出版物读者资源
|
readerrevenuesubscriptionlinking.readerEntitlements.get
readerrevenuesubscriptionlinking.readers.get
resourcemanager.projects.get
resourcemanager.projects.list
|
建议导出器
(roles/recommender.exporter)
建议的导出方
|
recommender.resources.export
|
Remote Build Execution Action Cache Writer
测试版
(roles/remotebuildexecution.actionCacheWriter)
Remote Build Execution 操作缓存写入者
|
remotebuildexecution.actions.set
remotebuildexecution.blobs.create
|
Remote Build Execution Artifact Admin
测试版
(roles/remotebuildexecution.artifactAdmin)
Remote Build Execution 工件管理员
|
remotebuildexecution.actions.create
remotebuildexecution.actions.delete
remotebuildexecution.actions.get
remotebuildexecution.blobs.*
remotebuildexecution.logstreams.*
|
Remote Build Execution Artifact Creator
测试版
(roles/remotebuildexecution.artifactCreator)
Remote Build Execution 工件创建者
|
remotebuildexecution.actions.create
remotebuildexecution.actions.get
remotebuildexecution.blobs.*
remotebuildexecution.logstreams.*
|
Remote Build Execution Artifact Viewer
测试版
(roles/remotebuildexecution.artifactViewer)
Remote Build Execution 工件查看者
|
remotebuildexecution.actions.get
remotebuildexecution.blobs.get
remotebuildexecution.logstreams.get
|
Remote Build Execution Configuration Admin
测试版
(roles/remotebuildexecution.configurationAdmin)
Remote Build Execution 配置管理员
|
remotebuildexecution.instances.*
remotebuildexecution.workerpools.*
|
Remote Build Execution Configuration Viewer
测试版
(roles/remotebuildexecution.configurationViewer)
Remote Build Execution 配置查看者
|
remotebuildexecution.instances.get
remotebuildexecution.instances.list
remotebuildexecution.workerpools.get
remotebuildexecution.workerpools.list
|
Remote Build Execution Logstream Writer
测试版
(roles/remotebuildexecution.logstreamWriter)
Remote Build Execution 日志流写入者
|
remotebuildexecution.logstreams.create
remotebuildexecution.logstreams.update
|
Remote Build Execution Reservation Admin
Beta 版
(roles/remotebuildexecution.reservationAdmin)
Remote Build Execution 预留管理员
|
remotebuildexecution.actions.create
remotebuildexecution.actions.delete
remotebuildexecution.actions.get
|
Remote Build Execution Worker
测试版
(roles/remotebuildexecution.worker)
Remote Build Execution 工作处理者
|
remotebuildexecution.actions.update
remotebuildexecution.blobs.*
remotebuildexecution.botsessions.*
remotebuildexecution.logstreams.create
remotebuildexecution.logstreams.update
|
Retail Admin
(roles/retail.admin)
拥有对 Retail API 资源的完整访问权限。
|
automlrecommendations.apiKeys.create
automlrecommendations.apiKeys.delete
automlrecommendations.catalogItems.*
automlrecommendations.catalogs.*
automlrecommendations.eventStores.getStats
automlrecommendations.events.create
automlrecommendations.events.list
automlrecommendations.events.purge
automlrecommendations.events.rejoin
automlrecommendations.placements.*
automlrecommendations.recommendations.*
retail.*
|
Retail Editor
(roles/retail.editor)
拥有对 Retail API 资源的完整访问权限,但不具备完全清除、重新加入和 setSponsorship 权限。
|
automlrecommendations.apiKeys.create
automlrecommendations.apiKeys.delete
automlrecommendations.catalogItems.*
automlrecommendations.catalogs.*
automlrecommendations.eventStores.getStats
automlrecommendations.events.create
automlrecommendations.events.list
automlrecommendations.placements.*
automlrecommendations.recommendations.*
retail.alertConfigs.*
retail.attributesConfigs.addCatalogAttribute
retail.attributesConfigs.exportCatalogAttributes
retail.attributesConfigs.get
retail.attributesConfigs.importCatalogAttributes
retail.attributesConfigs.replaceCatalogAttribute
retail.attributesConfigs.update
retail.branches.*
retail.catalogs.*
retail.controls.*
retail.experiments.*
retail.models.*
retail.operations.*
retail.placements.*
retail.products.create
retail.products.delete
retail.products.export
retail.products.get
retail.products.import
retail.products.list
retail.products.update
retail.retailProjects.get
retail.servingConfigs.*
retail.userEvents.create
retail.userEvents.import
|
Retail Viewer
(roles/retail.viewer)
授予读取 Retail 中所有资源的权限。
|
automlrecommendations.catalogItems.get
automlrecommendations.catalogItems.list
automlrecommendations.catalogs.getStats
automlrecommendations.catalogs.list
automlrecommendations.eventStores.getStats
automlrecommendations.events.list
automlrecommendations.placements.getStats
automlrecommendations.placements.list
automlrecommendations.recommendations.list
retail.alertConfigs.get
retail.attributesConfigs.exportCatalogAttributes
retail.attributesConfigs.get
retail.branches.*
retail.catalogs.completeQuery
retail.catalogs.exportAnalyticsMetrics
retail.catalogs.list
retail.controls.export
retail.controls.get
retail.controls.list
retail.experiments.get
retail.experiments.list
retail.experiments.loadExperimentLookerDashboard
retail.experiments.queryTrafficMetrics
retail.models.get
retail.models.list
retail.operations.*
retail.placements.*
retail.products.export
retail.products.get
retail.products.list
retail.retailProjects.get
retail.servingConfigs.get
retail.servingConfigs.list
retail.servingConfigs.predict
retail.servingConfigs.search
|
RISC Configuration Admin
Beta 版
(roles/riscconfigs.admin)
拥有对 RISC 配置资源的读写权限。
|
clientauthconfig.clients.list
riscconfigurationservice.*
|
RISC Configuration Viewer
Beta 版
(roles/riscconfigs.viewer)
拥有对 RISC 配置资源的只读权限。
|
clientauthconfig.clients.list
riscconfigurationservice.riscconfigs.get
|
Route Optimization Editor
(roles/routeoptimization.editor)
此角色可以通过 BatchOptimizeTours 创建长时间运行的操作。
|
resourcemanager.projects.get
resourcemanager.projects.list
routeoptimization.*
|
路由优化查看者
(roles/routeoptimization.viewer)
此角色可以查看任何长时间运行的操作。
|
resourcemanager.projects.get
resourcemanager.projects.list
routeoptimization.operations.get
|
Serverless Integrations Developer
Beta 版
(roles/runapps.developer)
拥有创建和更改无服务器集成及其配置的权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.*
runapps.deployments.get
runapps.deployments.list
runapps.locations.*
runapps.operations.*
|
Serverless Integrations Operator
Beta 版
(roles/runapps.operator)
拥有部署无服务器集成的权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.get
runapps.applications.getStatus
runapps.applications.list
runapps.deployments.*
runapps.locations.*
runapps.operations.*
|
Serverless Integrations Viewer
Beta 版
(roles/runapps.viewer)
拥有对无服务器集成资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
runapps.applications.get
runapps.applications.getStatus
runapps.applications.list
runapps.deployments.get
runapps.deployments.list
runapps.locations.*
runapps.operations.get
runapps.operations.list
|
Cloud RuntimeConfig Admin
(roles/runtimeconfig.admin)
拥有 RuntimeConfig 资源的完整访问权限。
|
runtimeconfig.*
|
|
(roles/securedlandingzone.bqdwOrgRemediator)
拥有在组织级修改(修复)SLZ BQDW Blueprint 中的资源的权限。
|
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.update
|
|
(roles/securedlandingzone.bqdwProjectRemediator)
拥有在项目级修改(修复)SLZ BQDW Blueprint 中的资源的权限。
|
bigquery.datasets.get
bigquery.datasets.getIamPolicy
bigquery.datasets.setIamPolicy
bigquery.datasets.update
cloudkms.cryptoKeys.get
cloudkms.cryptoKeys.getIamPolicy
cloudkms.cryptoKeys.list
cloudkms.cryptoKeys.setIamPolicy
cloudkms.cryptoKeys.update
cloudkms.keyRings.getIamPolicy
cloudkms.keyRings.setIamPolicy
pubsub.topics.get
pubsub.topics.getIamPolicy
pubsub.topics.list
pubsub.topics.setIamPolicy
pubsub.topics.update
resourcemanager.projects.update
serviceusage.services.use
storage.buckets.get
storage.buckets.getIamPolicy
storage.buckets.list
storage.buckets.setIamPolicy
storage.buckets.update
|
Overwatch Activator
Beta 版
(roles/securedlandingzone.overwatchActivator)
此角色可以启动或暂停 Overwatch
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.overwatches.activate
securedlandingzone.overwatches.suspend
|
Overwatch Admin
Beta 版
(roles/securedlandingzone.overwatchAdmin)
拥有对 Overwatch 的完全访问权限
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.*
|
Overwatch Viewer
Beta 版
(roles/securedlandingzone.overwatchViewer)
此角色可以查看 Overwatch 的所有属性
|
resourcemanager.projects.get
resourcemanager.projects.list
securedlandingzone.operations.get
securedlandingzone.overwatches.get
securedlandingzone.overwatches.list
|
Security Posture 管理员
(roles/securityposture.admin)
拥有对 Security Posture 服务 API 的完整访问权限。
|
orgpolicy.*
resourcemanager.organizations.get
securitycenter.securityhealthanalyticssettings.*
securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.*
securitycentermanagement.securityHealthAnalyticsCustomModules.create
securitycentermanagement.securityHealthAnalyticsCustomModules.delete
securitycentermanagement.securityHealthAnalyticsCustomModules.get
securitycentermanagement.securityHealthAnalyticsCustomModules.list
securitycentermanagement.securityHealthAnalyticsCustomModules.update
securityposture.*
|
Security Posture 部署者
(roles/securityposture.postureDeployer)
拥有对 Posture Deployment 资源的更改和读取权限。
|
orgpolicy.*
resourcemanager.organizations.get
securitycenter.securityhealthanalyticssettings.*
securitycentermanagement.securityHealthAnalyticsCustomModules.create
securitycentermanagement.securityHealthAnalyticsCustomModules.delete
securitycentermanagement.securityHealthAnalyticsCustomModules.update
securityposture.operations.get
securityposture.postureDeployments.*
|
Security Posture Deployment Viewer
(roles/securityposture.postureDeploymentsViewer)
拥有对 Posture Deployment 资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postureDeployments.get
securityposture.postureDeployments.list
|
Security Posture 资源编辑者
(roles/securityposture.postureEditor)
拥有对 Posture 资源的更改和读取权限。
|
securityposture.operations.get
securityposture.postures.*
|
Security Posture Resource Viewer
(roles/securityposture.postureViewer)
拥有对 Posture 资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postures.get
securityposture.postures.list
|
安全状况左移验证器
(roles/securityposture.reportCreator)
拥有创建 IaC 验证报告等报告的权限。
|
securityposture.operations.get
securityposture.reports.*
|
Security Posture Viewer
(roles/securityposture.viewer)
拥有对所有 SecurityPosture 服务资源的只读权限。
|
resourcemanager.organizations.get
securityposture.operations.get
securityposture.postureDeployments.get
securityposture.postureDeployments.list
securityposture.postureTemplates.*
securityposture.postures.get
securityposture.postures.list
|
Personalized Service Health 查看者
(roles/servicehealth.viewer)
拥有对 Personalized Service Health 资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
servicehealth.*
|
Security Insights Viewer
Beta 版
(roles/servicesecurityinsights.securityInsightsViewer)
拥有对 Security Insights 资源的只读权限
|
servicesecurityinsights.*
|
Speaker ID Admin
(roles/speakerid.admin)
授予对所有 Speaker ID 资源(包括项目设置)的完整访问权限。
|
speakerid.*
|
Speaker ID Editor
(roles/speakerid.editor)
授予读写所有 Speaker ID 资源的权限。
|
speakerid.phrases.*
speakerid.speakers.*
|
Speaker ID Verifier
(roles/speakerid.verifier)
授予对所有 Speaker ID 资源的读取权限,并允许验证。
|
speakerid.phrases.get
speakerid.phrases.list
speakerid.speakers.get
speakerid.speakers.list
speakerid.speakers.verify
|
Speaker ID Viewer
(roles/speakerid.viewer)
授予对所有 Speaker ID 资源的读取权限。
|
speakerid.phrases.get
speakerid.phrases.list
speakerid.speakers.get
speakerid.speakers.list
|
Cloud Speech Administrator
(roles/speech.admin)
授予对 Speech-to-text 中的所有资源的完全访问权限
|
speech.*
|
Cloud Speech Client
(roles/speech.client)
授予对识别 API 的访问权限。
|
speech.adaptations.execute
speech.customClasses.get
speech.customClasses.list
speech.locations.*
speech.operations.get
speech.operations.list
speech.operations.wait
speech.phraseSets.get
speech.phraseSets.list
speech.recognizers.get
speech.recognizers.list
speech.recognizers.recognize
|
Cloud Speech Editor
(roles/speech.editor)
授予修改 Speech-to-text 中的资源的权限
|
speech.adaptations.execute
speech.customClasses.*
speech.locations.*
speech.operations.*
speech.phraseSets.*
speech.recognizers.*
|
Storage Insights Admin
(roles/storageinsights.admin)
拥有对存储空间分析资源的完整访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.*
|
Storage Insights Analyst
(roles/storageinsights.analyst)
拥有对存储空间分析的数据访问权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.datasetConfigs.get
storageinsights.datasetConfigs.linkDataset
storageinsights.datasetConfigs.list
storageinsights.datasetConfigs.unlinkDataset
storageinsights.locations.*
storageinsights.operations.get
storageinsights.operations.list
storageinsights.reportConfigs.get
storageinsights.reportConfigs.list
storageinsights.reportDetails.*
|
Storage Insights Viewer
(roles/storageinsights.viewer)
拥有对存储空间分析资源的只读权限。
|
resourcemanager.projects.get
resourcemanager.projects.list
storageinsights.datasetConfigs.get
storageinsights.datasetConfigs.list
storageinsights.locations.*
storageinsights.operations.get
storageinsights.operations.list
storageinsights.reportConfigs.get
storageinsights.reportConfigs.list
storageinsights.reportDetails.*
|
Subscribe with Google Developer
测试版
(roles/subscribewithgoogledeveloper.developer)
可以访问通过 Google 订阅的开发者工具。
|
resourcemanager.projects.get
resourcemanager.projects.list
subscribewithgoogledeveloper.tools.get
|
Telco Automation Admin
Beta 版
(roles/telcoautomation.admin)
拥有对 Telco Automation 资源的完整访问权限。
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.getShared
logging.queries.listShared
logging.queries.usePrivate
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
monitoring.timeSeries.list
observability.scopes.get
resourcemanager.projects.get
serviceusage.quotas.*
serviceusage.services.*
source.repos.get
source.repos.list
telcoautomation.*
|
Telco Automation Blueprint Designer
Beta 版
(roles/telcoautomation.blueprintDesigner)
能够管理蓝图
|
telcoautomation.blueprints.create
telcoautomation.blueprints.delete
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.blueprints.propose
telcoautomation.blueprints.update
telcoautomation.deployments.computeStatus
telcoautomation.deployments.get
telcoautomation.deployments.list
telcoautomation.hydratedDeployments.get
telcoautomation.hydratedDeployments.list
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
telcoautomation.publicBlueprints.*
|
Telco Automation Deployment Admin
Beta 版
(roles/telcoautomation.deploymentAdmin)
能够管理部署
|
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Tier 1 Operations Admin
Beta 版
(roles/telcoautomation.opsAdminTier1)
能够获取部署状态
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.getShared
logging.queries.listShared
logging.queries.usePrivate
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
observability.scopes.get
resourcemanager.projects.get
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.computeStatus
telcoautomation.deployments.get
telcoautomation.deployments.list
telcoautomation.hydratedDeployments.get
telcoautomation.hydratedDeployments.list
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation 第 4 级运营管理员
Beta 版
(roles/telcoautomation.opsAdminTier4)
能够管理部署及其状态
|
logging.buckets.get
logging.buckets.list
logging.exclusions.get
logging.exclusions.list
logging.links.get
logging.links.list
logging.locations.*
logging.logEntries.list
logging.logMetrics.get
logging.logMetrics.list
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.operations.get
logging.operations.list
logging.queries.getShared
logging.queries.listShared
logging.queries.usePrivate
logging.sinks.get
logging.sinks.list
logging.usage.get
logging.views.get
logging.views.list
observability.scopes.get
resourcemanager.projects.get
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Telco Automation Service Orchestrator
Beta 版
(roles/telcoautomation.serviceOrchestrator)
能够管理部署
|
telcoautomation.blueprints.get
telcoautomation.blueprints.list
telcoautomation.deployments.*
telcoautomation.hydratedDeployments.*
telcoautomation.orchestrationClusters.get
telcoautomation.orchestrationClusters.list
|
Timeseries Insights DataSet Editor
Beta 版
(roles/timeseriesinsights.datasetsEditor)
拥有对数据集的修改权限。
|
timeseriesinsights.*
|
Timeseries Insights DataSet Owner
Beta 版
(roles/timeseriesinsights.datasetsOwner)
拥有数据集的完整访问权限。
|
timeseriesinsights.*
|
Timeseries Insights DataSet Viewer
Beta 版
(roles/timeseriesinsights.datasetsViewer)
拥有对数据集的只读权限(列出和查询)。
|
timeseriesinsights.datasets.evaluate
timeseriesinsights.datasets.list
timeseriesinsights.datasets.query
timeseriesinsights.locations.*
|
Traffic Director Client
Beta 版
(roles/trafficdirector.client)
提取服务配置和报告指标。
|
trafficdirector.*
|
Translation Hub Admin
Beta 版
(roles/translationhub.admin)
Translation Hub 的管理员
|
automl.models.get
automl.models.list
automl.models.predict
cloudtranslate.customModels.get
cloudtranslate.customModels.list
cloudtranslate.customModels.predict
cloudtranslate.glossaries.create
cloudtranslate.glossaries.delete
cloudtranslate.glossaries.get
cloudtranslate.glossaries.list
cloudtranslate.glossaries.predict
resourcemanager.projects.get
resourcemanager.projects.list
translationhub.*
|
Translation Hub Portal User
Beta 版
(roles/translationhub.portalUser)
Translation Hub 的门户用户
|
automl.models.get
automl.models.list
automl.models.predict
cloudtranslate.customModels.get
cloudtranslate.customModels.list
cloudtranslate.customModels.predict
cloudtranslate.glossaries.get
cloudtranslate.glossaries.list
cloudtranslate.glossaries.predict
resourcemanager.projects.get
resourcemanager.projects.list
translationhub.portals.get
translationhub.portals.list
|
Visual Inspection AI Solution Editor
(roles/visualinspection.editor)
拥有对所有 Visual Inspection AI 资源(visualinspection.locations.reportUsageMetrics 除外)的读写权限
|
visualinspection.annotationSets.*
visualinspection.annotationSpecs.*
visualinspection.annotations.*
visualinspection.datasets.*
visualinspection.images.*
visualinspection.locations.get
visualinspection.locations.list
visualinspection.modelEvaluations.*
visualinspection.models.*
visualinspection.modules.*
visualinspection.operations.*
visualinspection.solutionArtifacts.*
visualinspection.solutions.*
|
Visual Inspection AI Usage Metrics Reporter
(roles/visualinspection.usageMetricsReporter)
拥有对视觉检测 AI 服务的 ReportUsageMetric 访问权限
|
visualinspection.locations.reportUsageMetrics
|
Visual Inspection AI Viewer
(roles/visualinspection.viewer)
对 Visual Inspection AI 资源的读取权限
|
visualinspection.annotationSets.get
visualinspection.annotationSets.list
visualinspection.annotationSpecs.get
visualinspection.annotationSpecs.list
visualinspection.annotations.get
visualinspection.annotations.list
visualinspection.datasets.export
visualinspection.datasets.get
visualinspection.datasets.list
visualinspection.images.get
visualinspection.images.list
visualinspection.locations.get
visualinspection.locations.list
visualinspection.modelEvaluations.*
visualinspection.models.get
visualinspection.models.list
visualinspection.modules.get
visualinspection.modules.list
visualinspection.operations.*
visualinspection.solutionArtifacts.get
visualinspection.solutionArtifacts.list
visualinspection.solutionArtifacts.predict
visualinspection.solutions.get
visualinspection.solutions.list
|
