Esta página foi traduzida pela API Cloud Translation.

Controlo de acesso para a API Cloud Billing Budget

Google Cloud oferece a gestão de identidade e de acesso (IAM), que permite conceder acesso mais detalhado a recursos Google Cloud específicos e impede o acesso indesejado a outros recursos. O IAM permite-lhe adotar o princípio de segurança do menor privilégio, pelo que concede apenas o acesso necessário aos seus recursos.

O IAM permite-lhe controlar quem (utilizadores) tem que acesso (funções) a que recursos através da definição de políticas IAM. As políticas de IAM concedem funções específicas a um utilizador, o que lhe dá determinadas autorizações.

Esta página explica as funções de gestão de identidade e acesso disponíveis para as APIs Cloud Billing. Por exemplo, pode usar o IAM para conceder funções como administrador, utilizador e gestor de projetos para uma conta de faturação do Google Cloud. Para uma descrição detalhada do IAM e das respetivas funcionalidades, consulte o guia do programador de Identity and Access Management. Em particular, consulte a secção Conceder, alterar e revogar o acesso.

Autorizações e funções

Para um utilizador ver os detalhes da conta do Cloud Billing na Google Cloud consola ou para um método da API Cloud Billing devolver informações da conta do Cloud Billing, o utilizador ou o autor da chamada tem de ter as autorizações necessárias. A tabela seguinte lista as autorizações e as funções da IAM necessárias para usar a API Cloud Billing Budget.

Autorizações necessárias para a API Cloud Billing Budget

A tabela seguinte descreve as autorizações necessárias para chamar cada método da API Google Cloud Billing Budget. Também estão incluídas as funções de faturação padrão do IAM que concedem automaticamente essas autorizações.

Método da API	Autorização necessária	Função de IAM que concede autorizações
`GetBudget`	Para obter os detalhes de um orçamento, o autor da chamada tem de ter a autorização `billing.budgets.get` na conta do Cloud Billing do orçamento. Para orçamentos de projeto único, em vez de autorizações da conta de faturação, o autor da chamada pode ter as seguintes autorizações no projeto: `resourcemanager.projects.get` e `billing.resourcebudgets.read`.	Administrador da conta de faturação, Gestor de custos da conta de faturação ou Leitor da conta de faturação na conta do Cloud Billing do orçamento. Para orçamentos de projeto único, Proprietário do projeto, Editor do projeto ou Leitor do projeto.
`ListBudgets`	Para devolver uma lista de orçamentos aplicados a uma conta do Cloud Billing, o autor da chamada tem de ter a autorização `billing.budgets.list` na conta do Cloud Billing. Para orçamentos de projeto único, em vez de autorizações da conta de faturação, o autor da chamada pode ter as seguintes autorizações no projeto: `resourcemanager.projects.get` e `billing.resourcebudgets.read`.	Administrador da conta de faturação, Gestor de custos da conta de faturação ou Leitor da conta de faturação na conta do Cloud Billing do orçamento. Para orçamentos de projeto único, Proprietário do projeto, Editor do projeto ou Leitor do projeto.
`CreateBudget`	Para criar um novo orçamento, o autor da chamada tem de ter a autorização `billing.budgets.create` na conta do Cloud Billing do orçamento. Para orçamentos de projeto único, em vez de autorizações da conta de faturação, o autor da chamada pode ter as seguintes autorizações no projeto: `resourcemanager.projects.get`, `billing.resourcebudgets.read` e `billing.resourcebudgets.write`.	Administrador da conta de faturação ou gestor de custos da conta de faturação do orçamento. Para orçamentos de projeto único, proprietário do projeto ou editor do projeto no projeto.
`UpdateBudget`	Para atualizar um orçamento existente, o autor da chamada tem de ter a autorização `billing.budgets.update` na conta do Cloud Billing do orçamento. Para orçamentos de projeto único, em vez de autorizações da conta de faturação, o autor da chamada pode ter as seguintes autorizações no projeto: `resourcemanager.projects.get`, `billing.resourcebudgets.read` e `billing.resourcebudgets.write`.	Administrador da conta de faturação ou gestor de custos da conta de faturação do orçamento. Para orçamentos de projeto único, proprietário do projeto ou editor do projeto no projeto.
`DeleteBudget`	Para eliminar um orçamento existente, o autor da chamada tem de ter a autorização `billing.budgets.delete` na conta do Cloud Billing do orçamento. Para orçamentos de projeto único, em vez de autorizações da conta de faturação, o autor da chamada pode ter as seguintes autorizações no projeto: `resourcemanager.projects.get`, `billing.resourcebudgets.read` e `billing.resourcebudgets.write`.	Administrador da conta de faturação ou gestor de custos da conta de faturação do orçamento. Para orçamentos de projeto único, proprietário do projeto ou editor do projeto no projeto.

Funções

Não concede autorizações diretamente aos utilizadores. Em vez disso, concede-lhes funções, que têm uma ou mais autorizações incluídas.

Pode conceder uma ou mais funções no mesmo recurso.

A tabela seguinte lista as funções de faturação de IAM padrão que pode conceder para aceder às APIs Cloud Billing, a descrição do que a função faz e as autorizações incluídas nessa função.

Role Permissions

Role	Permissions
Billing Account Administrator (`roles/billing.admin`) Provides access to see and manage all aspects of billing accounts. Lowest-level resources where you can grant this role: Billing Account	`billing.accounts.close` `billing.accounts.get` `billing.accounts.getCarbonInformation` `billing.accounts.getIamPolicy` `billing.accounts.getPaymentInfo` `billing.accounts.getPricing` `billing.accounts.getSpendingInformation` `billing.accounts.getUsageExportSpec` `billing.accounts.list` `billing.accounts.move` `billing.accounts.redeemPromotion` `billing.accounts.removeFromOrganization` `billing.accounts.reopen` `billing.accounts.setIamPolicy` `billing.accounts.update` `billing.accounts.updatePaymentInfo` `billing.accounts.updateUsageExportSpec` `billing.anomalies.` `billing.anomalies.get` `billing.anomalies.list` `billing.anomalies.submitFeedback` `billing.anomaliesConfigs.` `billing.anomaliesConfigs.get` `billing.anomaliesConfigs.update` `billing.billingAccountPrice.get` `billing.billingAccountPrices.list` `billing.billingAccountServices.` `billing.billingAccountServices.get` `billing.billingAccountServices.list` `billing.billingAccountSkuGroupSkus.` `billing.billingAccountSkuGroupSkus.get` `billing.billingAccountSkuGroupSkus.list` `billing.billingAccountSkuGroups.` `billing.billingAccountSkuGroups.get` `billing.billingAccountSkuGroups.list` `billing.billingAccountSkus.` `billing.billingAccountSkus.get` `billing.billingAccountSkus.list` `billing.budgets.` `billing.budgets.create` `billing.budgets.delete` `billing.budgets.get` `billing.budgets.list` `billing.budgets.update` `billing.credits.list` `billing.finOpsBenchmarkInformation.get` `billing.finOpsHealthInformation.get` `billing.resourceAssociations.` `billing.resourceAssociations.create` `billing.resourceAssociations.delete` `billing.resourceAssociations.list` `billing.subscriptions.` `billing.subscriptions.create` `billing.subscriptions.get` `billing.subscriptions.list` `billing.subscriptions.update` `cloudasset.assets.searchAllResources` `cloudnotifications.activities.list` `cloudsupport.properties.get` `cloudsupport.techCases.` `cloudsupport.techCases.create` `cloudsupport.techCases.escalate` `cloudsupport.techCases.get` `cloudsupport.techCases.list` `cloudsupport.techCases.update` `commerceoffercatalog.` `commerceoffercatalog.agreements.get` `commerceoffercatalog.agreements.list` `commerceoffercatalog.documents.get` `commerceoffercatalog.documents.list` `commerceoffercatalog.offers.get` `compute.commitments.` `compute.commitments.create` `compute.commitments.get` `compute.commitments.list` `compute.commitments.update` `compute.commitments.updateReservations` `consumerprocurement.accounts.` `consumerprocurement.accounts.create` `consumerprocurement.accounts.delete` `consumerprocurement.accounts.get` `consumerprocurement.accounts.list` `consumerprocurement.consents.check` `consumerprocurement.consents.grant` `consumerprocurement.consents.list` `consumerprocurement.consents.revoke` `consumerprocurement.events.` `consumerprocurement.events.get` `consumerprocurement.events.list` `consumerprocurement.licensePools.` `consumerprocurement.licensePools.assign` `consumerprocurement.licensePools.enumerateLicensedUsers` `consumerprocurement.licensePools.get` `consumerprocurement.licensePools.unassign` `consumerprocurement.licensePools.update` `consumerprocurement.orderAttributions.` `consumerprocurement.orderAttributions.get` `consumerprocurement.orderAttributions.list` `consumerprocurement.orderAttributions.update` `consumerprocurement.orders.` `consumerprocurement.orders.cancel` `consumerprocurement.orders.get` `consumerprocurement.orders.list` `consumerprocurement.orders.modify` `consumerprocurement.orders.place` `dataprocessing.datasources.get` `dataprocessing.datasources.list` `dataprocessing.groupcontrols.get` `dataprocessing.groupcontrols.list` `logging.logEntries.list` `logging.logServiceIndexes.list` `logging.logServices.list` `logging.logs.list` `logging.privateLogEntries.list` `recommender.cloudsqlIdleInstanceRecommendations.get` `recommender.cloudsqlIdleInstanceRecommendations.list` `recommender.cloudsqlOverprovisionedInstanceRecommendations.get` `recommender.cloudsqlOverprovisionedInstanceRecommendations.list` `recommender.commitmentUtilizationInsights.` `recommender.commitmentUtilizationInsights.get` `recommender.commitmentUtilizationInsights.list` `recommender.commitmentUtilizationInsights.update` `recommender.computeAddressIdleResourceRecommendations.get` `recommender.computeAddressIdleResourceRecommendations.list` `recommender.computeDiskIdleResourceRecommendations.get` `recommender.computeDiskIdleResourceRecommendations.list` `recommender.computeImageIdleResourceRecommendations.get` `recommender.computeImageIdleResourceRecommendations.list` `recommender.computeInstanceGroupManagerMachineTypeRecommendations.get` `recommender.computeInstanceGroupManagerMachineTypeRecommendations.list` `recommender.computeInstanceIdleResourceRecommendations.get` `recommender.computeInstanceIdleResourceRecommendations.list` `recommender.computeInstanceMachineTypeRecommendations.get` `recommender.computeInstanceMachineTypeRecommendations.list` `recommender.costInsights.` `recommender.costInsights.get` `recommender.costInsights.list` `recommender.costInsights.update` `recommender.costRecommendations.` `recommender.costRecommendations.listAll` `recommender.costRecommendations.summarizeAll` `recommender.resourcemanagerProjectUtilizationRecommendations.get` `recommender.resourcemanagerProjectUtilizationRecommendations.list` `recommender.spendBasedCommitmentInsights.` `recommender.spendBasedCommitmentInsights.get` `recommender.spendBasedCommitmentInsights.list` `recommender.spendBasedCommitmentInsights.update` `recommender.spendBasedCommitmentRecommendations.` `recommender.spendBasedCommitmentRecommendations.get` `recommender.spendBasedCommitmentRecommendations.list` `recommender.spendBasedCommitmentRecommendations.update` `recommender.spendBasedCommitmentRecommenderConfig.` `recommender.spendBasedCommitmentRecommenderConfig.get` `recommender.spendBasedCommitmentRecommenderConfig.update` `recommender.usageCommitmentRecommendations.` `recommender.usageCommitmentRecommendations.get` `recommender.usageCommitmentRecommendations.list` `recommender.usageCommitmentRecommendations.update` `resourcemanager.projects.createBillingAssignment` `resourcemanager.projects.deleteBillingAssignment` `resourcemanager.projects.get` `resourcemanager.projects.list`
Carbon Footprint Viewer (`roles/billing.carbonViewer`)	`billing.accounts.get` `billing.accounts.getCarbonInformation` `billing.accounts.list`
Billing Account Costs Manager (`roles/billing.costsManager`) Manage budgets for a billing account, and view, analyze, and export cost information of a billing account. Lowest-level resources where you can grant this role: Billing Account	`billing.accounts.get` `billing.accounts.getIamPolicy` `billing.accounts.getSpendingInformation` `billing.accounts.getUsageExportSpec` `billing.accounts.list` `billing.accounts.updateUsageExportSpec` `billing.anomalies.get` `billing.anomalies.list` `billing.anomaliesConfigs.` `billing.anomaliesConfigs.get` `billing.anomaliesConfigs.update` `billing.budgets.` `billing.budgets.create` `billing.budgets.delete` `billing.budgets.get` `billing.budgets.list` `billing.budgets.update` `billing.resourceAssociations.list` `recommender.costInsights.*` `recommender.costInsights.get` `recommender.costInsights.list` `recommender.costInsights.update`
Billing Account Creator (`roles/billing.creator`) Provides access to create billing accounts. Lowest-level resources where you can grant this role: Organization	`billing.accounts.create` `resourcemanager.organizations.get`
Project Billing Costs Manager (`roles/billing.projectCostsManager`) When granted in conjunction with cost view permissions on projects, provides access to billing information scoped to the projects to which the user has cost access. Lowest-level resources where you can grant this role: Billing Account	`billing.accounts.getIamPolicy` `billing.accounts.getSpendingInformationScoped` `billing.costRecommendations.listScoped`
Project Billing Manager (`roles/billing.projectManager`) When granted in conjunction with the Billing Account User role, provides access to assign a project's billing account or disable its billing. Lowest-level resources where you can grant this role: Project	`resourcemanager.projects.createBillingAssignment` `resourcemanager.projects.deleteBillingAssignment`
Billing Account User (`roles/billing.user`) When granted in conjunction with the Project Owner role or Project Billing Manager role, provides access to associate projects with billing accounts. Lowest-level resources where you can grant this role: Billing Account	`billing.accounts.get` `billing.accounts.getIamPolicy` `billing.accounts.list` `billing.accounts.redeemPromotion` `billing.credits.list` `billing.resourceAssociations.create`
Billing Account Viewer (`roles/billing.viewer`) View billing account cost and pricing information, transactions, and billing and commitment recommendations. Lowest-level resources where you can grant this role: Billing Account	`billing.accounts.get` `billing.accounts.getCarbonInformation` `billing.accounts.getIamPolicy` `billing.accounts.getPaymentInfo` `billing.accounts.getPricing` `billing.accounts.getSpendingInformation` `billing.accounts.getUsageExportSpec` `billing.accounts.list` `billing.anomalies.get` `billing.anomalies.list` `billing.anomaliesConfigs.get` `billing.billingAccountPrice.get` `billing.billingAccountPrices.list` `billing.billingAccountServices.` `billing.billingAccountServices.get` `billing.billingAccountServices.list` `billing.billingAccountSkuGroupSkus.` `billing.billingAccountSkuGroupSkus.get` `billing.billingAccountSkuGroupSkus.list` `billing.billingAccountSkuGroups.` `billing.billingAccountSkuGroups.get` `billing.billingAccountSkuGroups.list` `billing.billingAccountSkus.` `billing.billingAccountSkus.get` `billing.billingAccountSkus.list` `billing.budgets.get` `billing.budgets.list` `billing.credits.list` `billing.finOpsBenchmarkInformation.get` `billing.finOpsHealthInformation.get` `billing.resourceAssociations.list` `billing.subscriptions.get` `billing.subscriptions.list` `commerceoffercatalog.` `commerceoffercatalog.agreements.get` `commerceoffercatalog.agreements.list` `commerceoffercatalog.documents.get` `commerceoffercatalog.documents.list` `commerceoffercatalog.offers.get` `consumerprocurement.accounts.get` `consumerprocurement.accounts.list` `consumerprocurement.consents.check` `consumerprocurement.consents.list` `consumerprocurement.orderAttributions.get` `consumerprocurement.orderAttributions.list` `consumerprocurement.orders.get` `consumerprocurement.orders.list` `dataprocessing.datasources.get` `dataprocessing.datasources.list` `dataprocessing.groupcontrols.get` `dataprocessing.groupcontrols.list` `recommender.commitmentUtilizationInsights.get` `recommender.commitmentUtilizationInsights.list` `recommender.costInsights.get` `recommender.costInsights.list` `recommender.costRecommendations.` `recommender.costRecommendations.listAll` `recommender.costRecommendations.summarizeAll` `recommender.spendBasedCommitmentInsights.get` `recommender.spendBasedCommitmentInsights.list` `recommender.spendBasedCommitmentRecommendations.get` `recommender.spendBasedCommitmentRecommendations.list` `recommender.spendBasedCommitmentRecommenderConfig.get` `recommender.usageCommitmentRecommendations.get` `recommender.usageCommitmentRecommendations.list`

Billing Account Administrator

(roles/billing.admin)

Provides access to see and manage all aspects of billing accounts.

Lowest-level resources where you can grant this role:

Billing Account

billing.accounts.close

billing.accounts.get

billing.accounts.getCarbonInformation

billing.accounts.getIamPolicy

billing.accounts.getPaymentInfo

billing.accounts.getPricing

billing.accounts.getSpendingInformation

billing.accounts.getUsageExportSpec

billing.accounts.list

billing.accounts.move

billing.accounts.redeemPromotion

billing.accounts.removeFromOrganization

billing.accounts.reopen

billing.accounts.setIamPolicy

billing.accounts.update

billing.accounts.updatePaymentInfo

billing.accounts.updateUsageExportSpec

billing.anomalies.*

billing.anomalies.get
billing.anomalies.list
billing.anomalies.submitFeedback

billing.anomaliesConfigs.*

billing.anomaliesConfigs.get
billing.anomaliesConfigs.update

billing.billingAccountPrice.get

billing.billingAccountPrices.list

billing.billingAccountServices.*

billing.billingAccountServices.get
billing.billingAccountServices.list

billing.billingAccountSkuGroupSkus.*

billing.billingAccountSkuGroupSkus.get
billing.billingAccountSkuGroupSkus.list

billing.billingAccountSkuGroups.*

billing.billingAccountSkuGroups.get
billing.billingAccountSkuGroups.list

billing.billingAccountSkus.*

billing.billingAccountSkus.get
billing.billingAccountSkus.list

billing.budgets.*

billing.budgets.create
billing.budgets.delete
billing.budgets.get
billing.budgets.list
billing.budgets.update

billing.credits.list

billing.finOpsBenchmarkInformation.get

billing.finOpsHealthInformation.get

billing.resourceAssociations.*

billing.resourceAssociations.create
billing.resourceAssociations.delete
billing.resourceAssociations.list

billing.subscriptions.*

billing.subscriptions.create
billing.subscriptions.get
billing.subscriptions.list
billing.subscriptions.update

cloudasset.assets.searchAllResources

cloudnotifications.activities.list

cloudsupport.properties.get

cloudsupport.techCases.*

cloudsupport.techCases.create
cloudsupport.techCases.escalate
cloudsupport.techCases.get
cloudsupport.techCases.list
cloudsupport.techCases.update

commerceoffercatalog.*

commerceoffercatalog.agreements.get
commerceoffercatalog.agreements.list
commerceoffercatalog.documents.get
commerceoffercatalog.documents.list
commerceoffercatalog.offers.get

compute.commitments.*

compute.commitments.create
compute.commitments.get
compute.commitments.list
compute.commitments.update
compute.commitments.updateReservations

consumerprocurement.accounts.*

consumerprocurement.accounts.create
consumerprocurement.accounts.delete
consumerprocurement.accounts.get
consumerprocurement.accounts.list

consumerprocurement.consents.check

consumerprocurement.consents.grant

consumerprocurement.consents.list

consumerprocurement.consents.revoke

consumerprocurement.events.*

consumerprocurement.events.get
consumerprocurement.events.list

consumerprocurement.licensePools.*

consumerprocurement.licensePools.assign
consumerprocurement.licensePools.enumerateLicensedUsers
consumerprocurement.licensePools.get
consumerprocurement.licensePools.unassign
consumerprocurement.licensePools.update

consumerprocurement.orderAttributions.*

consumerprocurement.orderAttributions.get
consumerprocurement.orderAttributions.list
consumerprocurement.orderAttributions.update

consumerprocurement.orders.*

consumerprocurement.orders.cancel
consumerprocurement.orders.get
consumerprocurement.orders.list
consumerprocurement.orders.modify
consumerprocurement.orders.place

dataprocessing.datasources.get

dataprocessing.datasources.list

dataprocessing.groupcontrols.get

dataprocessing.groupcontrols.list

logging.logEntries.list

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.privateLogEntries.list

recommender.cloudsqlIdleInstanceRecommendations.get

recommender.cloudsqlIdleInstanceRecommendations.list

recommender.cloudsqlOverprovisionedInstanceRecommendations.get

recommender.cloudsqlOverprovisionedInstanceRecommendations.list

recommender.commitmentUtilizationInsights.*

recommender.commitmentUtilizationInsights.get
recommender.commitmentUtilizationInsights.list
recommender.commitmentUtilizationInsights.update

recommender.computeAddressIdleResourceRecommendations.get

recommender.computeAddressIdleResourceRecommendations.list

recommender.computeDiskIdleResourceRecommendations.get

recommender.computeDiskIdleResourceRecommendations.list

recommender.computeImageIdleResourceRecommendations.get

recommender.computeImageIdleResourceRecommendations.list

recommender.computeInstanceGroupManagerMachineTypeRecommendations.get

recommender.computeInstanceGroupManagerMachineTypeRecommendations.list

recommender.computeInstanceIdleResourceRecommendations.get

recommender.computeInstanceIdleResourceRecommendations.list

recommender.computeInstanceMachineTypeRecommendations.get

recommender.computeInstanceMachineTypeRecommendations.list

recommender.costInsights.*

recommender.costInsights.get
recommender.costInsights.list
recommender.costInsights.update

recommender.costRecommendations.*

recommender.costRecommendations.listAll
recommender.costRecommendations.summarizeAll

recommender.resourcemanagerProjectUtilizationRecommendations.get

recommender.resourcemanagerProjectUtilizationRecommendations.list

recommender.spendBasedCommitmentInsights.*

recommender.spendBasedCommitmentInsights.get
recommender.spendBasedCommitmentInsights.list
recommender.spendBasedCommitmentInsights.update

recommender.spendBasedCommitmentRecommendations.*

recommender.spendBasedCommitmentRecommendations.get
recommender.spendBasedCommitmentRecommendations.list
recommender.spendBasedCommitmentRecommendations.update

recommender.spendBasedCommitmentRecommenderConfig.*

recommender.spendBasedCommitmentRecommenderConfig.get
recommender.spendBasedCommitmentRecommenderConfig.update

recommender.usageCommitmentRecommendations.*

recommender.usageCommitmentRecommendations.get
recommender.usageCommitmentRecommendations.list
recommender.usageCommitmentRecommendations.update

resourcemanager.projects.createBillingAssignment

resourcemanager.projects.deleteBillingAssignment

resourcemanager.projects.get

resourcemanager.projects.list

Carbon Footprint Viewer

(roles/billing.carbonViewer)

billing.accounts.get

billing.accounts.getCarbonInformation

billing.accounts.list

Billing Account Costs Manager

(roles/billing.costsManager)

Manage budgets for a billing account, and view, analyze, and export cost information of a billing account.

Lowest-level resources where you can grant this role:

Billing Account

billing.accounts.get

billing.accounts.getIamPolicy

billing.accounts.getSpendingInformation

billing.accounts.getUsageExportSpec

billing.accounts.list

billing.accounts.updateUsageExportSpec

billing.anomalies.get

billing.anomalies.list

billing.anomaliesConfigs.*

billing.anomaliesConfigs.get
billing.anomaliesConfigs.update

billing.budgets.*

billing.budgets.create
billing.budgets.delete
billing.budgets.get
billing.budgets.list
billing.budgets.update

billing.resourceAssociations.list

recommender.costInsights.*

recommender.costInsights.get
recommender.costInsights.list
recommender.costInsights.update

Billing Account Creator

(roles/billing.creator)

Provides access to create billing accounts.

Lowest-level resources where you can grant this role:

Organization

billing.accounts.create

resourcemanager.organizations.get

Project Billing Costs Manager

(roles/billing.projectCostsManager)

When granted in conjunction with cost view permissions on projects, provides access to billing information scoped to the projects to which the user has cost access.

Lowest-level resources where you can grant this role:

Billing Account

billing.accounts.getIamPolicy

billing.accounts.getSpendingInformationScoped

billing.costRecommendations.listScoped

Project Billing Manager

(roles/billing.projectManager)

When granted in conjunction with the Billing Account User role, provides access to assign a project's billing account or disable its billing.

Lowest-level resources where you can grant this role:

Project

resourcemanager.projects.createBillingAssignment

resourcemanager.projects.deleteBillingAssignment

Billing Account User

(roles/billing.user)

When granted in conjunction with the Project Owner role or Project Billing Manager role, provides access to associate projects with billing accounts.

Lowest-level resources where you can grant this role:

Billing Account

billing.accounts.get

billing.accounts.getIamPolicy

billing.accounts.list

billing.accounts.redeemPromotion

billing.credits.list

billing.resourceAssociations.create

Billing Account Viewer

(roles/billing.viewer)

View billing account cost and pricing information, transactions, and billing and commitment recommendations.

Lowest-level resources where you can grant this role:

Billing Account

billing.accounts.get

billing.accounts.getCarbonInformation

billing.accounts.getIamPolicy

billing.accounts.getPaymentInfo

billing.accounts.getPricing

billing.accounts.getSpendingInformation

billing.accounts.getUsageExportSpec

billing.accounts.list

billing.anomalies.get

billing.anomalies.list

billing.anomaliesConfigs.get

billing.billingAccountPrice.get

billing.billingAccountPrices.list

billing.billingAccountServices.*

billing.billingAccountServices.get
billing.billingAccountServices.list

billing.billingAccountSkuGroupSkus.*

billing.billingAccountSkuGroupSkus.get
billing.billingAccountSkuGroupSkus.list

billing.billingAccountSkuGroups.*

billing.billingAccountSkuGroups.get
billing.billingAccountSkuGroups.list

billing.billingAccountSkus.*

billing.billingAccountSkus.get
billing.billingAccountSkus.list

billing.budgets.get

billing.budgets.list

billing.credits.list

billing.finOpsBenchmarkInformation.get

billing.finOpsHealthInformation.get

billing.resourceAssociations.list

billing.subscriptions.get

billing.subscriptions.list

commerceoffercatalog.*

commerceoffercatalog.agreements.get
commerceoffercatalog.agreements.list
commerceoffercatalog.documents.get
commerceoffercatalog.documents.list
commerceoffercatalog.offers.get

consumerprocurement.accounts.get

consumerprocurement.accounts.list

consumerprocurement.consents.check

consumerprocurement.consents.list

consumerprocurement.orderAttributions.get

consumerprocurement.orderAttributions.list

consumerprocurement.orders.get

consumerprocurement.orders.list

dataprocessing.datasources.get

dataprocessing.datasources.list

dataprocessing.groupcontrols.get

dataprocessing.groupcontrols.list

recommender.commitmentUtilizationInsights.get

recommender.commitmentUtilizationInsights.list

recommender.costInsights.get

recommender.costInsights.list

recommender.costRecommendations.*

recommender.costRecommendations.listAll
recommender.costRecommendations.summarizeAll

recommender.spendBasedCommitmentInsights.get

recommender.spendBasedCommitmentInsights.list

recommender.spendBasedCommitmentRecommendations.get

recommender.spendBasedCommitmentRecommendations.list

recommender.spendBasedCommitmentRecommenderConfig.get

recommender.usageCommitmentRecommendations.get

recommender.usageCommitmentRecommendations.list

Tenha em atenção que as funções roles/billing.admin, roles/billing.costsManager, roles/billing.viewer e roles/billing.projectManager também incluem autorizações para outros serviços Google Cloud .

Tópicos relacionados

Faça a gestão do acesso a projetos, pastas e organizações na documentação do IAM
Faça a gestão do acesso a outros recursos na documentação da IAM
Crie funções personalizadas para a Faturação na nuvem

Controlo de acesso para a API Cloud Billing Budget Mantenha tudo organizado com as coleções Salve e categorize o conteúdo com base nas suas preferências.

Autorizações e funções

Autorizações necessárias para a API Cloud Billing Budget

Funções

Billing Account Administrator

Carbon Footprint Viewer

Billing Account Costs Manager

Billing Account Creator

Project Billing Costs Manager

Project Billing Manager

Billing Account User

Billing Account Viewer

Tópicos relacionados

Controlo de acesso para a API Cloud Billing Budget