Para obtener una lista de los permisos y funciones que admite Eventarc, consulta las secciones que se incluyen a continuación.
Habilitar la API de Eventarc
A fin de ver y asignar las funciones de IAM para Eventarc, debes habilitar la API de Eventarc en tu proyecto. No podrás ver las funciones de Eventarc en la consola de Google Cloud hasta que habilites la API.
En la siguiente tabla, se muestran las funciones predefinidas de IAM para Eventarc con la lista correspondiente de todos los permisos que incluye cada una.
Las funciones predefinidas abordan los casos de uso más típicos. Si las funciones predefinidas no cubren tu caso de uso, puedes crear una función personalizada de IAM.
Funciones de Eventarc
Role
Permissions
Eventarc Admin
(roles/eventarc.admin)
Full control over all Eventarc resources.
Lowest-level resources where you can grant this role:
Project
eventarc.*
eventarc.channelConnections.create
eventarc.channelConnections.delete
eventarc.channelConnections.get
eventarc.channelConnections.getIamPolicy
eventarc.channelConnections.list
eventarc.channelConnections.publish
eventarc.channelConnections.setIamPolicy
eventarc.channels.attach
eventarc.channels.create
eventarc.channels.delete
eventarc.channels.get
eventarc.channels.getIamPolicy
eventarc.channels.list
eventarc.channels.publish
eventarc.channels.setIamPolicy
eventarc.channels.undelete
eventarc.channels.update
eventarc.enrollments.create
eventarc.enrollments.delete
eventarc.enrollments.get
eventarc.enrollments.getIamPolicy
eventarc.enrollments.list
eventarc.enrollments.setIamPolicy
eventarc.enrollments.update
eventarc.events.receiveAuditLogWritten
eventarc.events.receiveEvent
eventarc.googleApiSources.create
eventarc.googleApiSources.delete
eventarc.googleApiSources.get
eventarc.googleApiSources.getIamPolicy
eventarc.googleApiSources.list
eventarc.googleApiSources.setIamPolicy
eventarc.googleApiSources.update
eventarc.googleChannelConfigs.get
eventarc.googleChannelConfigs.update
eventarc.locations.get
eventarc.locations.list
eventarc.messageBuses.create
eventarc.messageBuses.delete
eventarc.messageBuses.get
eventarc.messageBuses.getIamPolicy
eventarc.messageBuses.list
eventarc.messageBuses.publish
eventarc.messageBuses.setIamPolicy
eventarc.messageBuses.update
eventarc.messageBuses.use
eventarc.operations.cancel
eventarc.operations.delete
eventarc.operations.get
eventarc.operations.list
eventarc.pipelines.create
eventarc.pipelines.delete
eventarc.pipelines.get
eventarc.pipelines.getIamPolicy
eventarc.pipelines.list
eventarc.pipelines.setIamPolicy
eventarc.pipelines.update
eventarc.providers.get
eventarc.providers.list
eventarc.triggers.create
eventarc.triggers.delete
eventarc.triggers.get
eventarc.triggers.getIamPolicy
eventarc.triggers.list
eventarc.triggers.setIamPolicy
eventarc.triggers.undelete
eventarc.triggers.update
resourcemanager.projects.get
resourcemanager.projects.list
Eventarc Connection Publisher
Beta
(roles/eventarc.connectionPublisher)
Can publish events to Eventarc channel connections.
Lowest-level resources where you can grant this role:
Project
eventarc.channelConnections.get
eventarc.channelConnections.list
eventarc.channelConnections.publish
resourcemanager.projects.get
resourcemanager.projects.list
Eventarc Developer
(roles/eventarc.developer)
Access to read and write Eventarc resources.
Lowest-level resources where you can grant this role:
Project
eventarc.channelConnections.create
eventarc.channelConnections.delete
eventarc.channelConnections.get
eventarc.channelConnections.getIamPolicy
eventarc.channelConnections.list
eventarc.channelConnections.publish
eventarc.channels.attach
eventarc.channels.create
eventarc.channels.delete
eventarc.channels.get
eventarc.channels.getIamPolicy
eventarc.channels.list
eventarc.channels.publish
eventarc.channels.undelete
eventarc.channels.update
eventarc.enrollments.create
eventarc.enrollments.delete
eventarc.enrollments.get
eventarc.enrollments.getIamPolicy
eventarc.enrollments.list
eventarc.enrollments.update
eventarc.googleApiSources.create
eventarc.googleApiSources.delete
eventarc.googleApiSources.get
eventarc.googleApiSources.getIamPolicy
eventarc.googleApiSources.list
eventarc.googleApiSources.update
eventarc.googleChannelConfigs.*
eventarc.googleChannelConfigs.get
eventarc.googleChannelConfigs.update
eventarc.locations.*
eventarc.locations.get
eventarc.locations.list
eventarc.operations.*
eventarc.operations.cancel
eventarc.operations.delete
eventarc.operations.get
eventarc.operations.list
eventarc.pipelines.create
eventarc.pipelines.delete
eventarc.pipelines.get
eventarc.pipelines.getIamPolicy
eventarc.pipelines.list
eventarc.pipelines.update
eventarc.providers.*
eventarc.providers.get
eventarc.providers.list
eventarc.triggers.create
eventarc.triggers.delete
eventarc.triggers.get
eventarc.triggers.getIamPolicy
eventarc.triggers.list
eventarc.triggers.undelete
eventarc.triggers.update
resourcemanager.projects.get
resourcemanager.projects.list
Eventarc Event Receiver
(roles/eventarc.eventReceiver)
Can receive events from all event providers.
Lowest-level resources where you can grant this role:
Project
eventarc.events.*
eventarc.events.receiveAuditLogWritten
eventarc.events.receiveEvent
Eventarc Message Bus Admin
Beta
(roles/eventarc.messageBusAdmin)
Full control over Message Buses resources.
eventarc.messageBuses.create
eventarc.messageBuses.delete
eventarc.messageBuses.get
eventarc.messageBuses.getIamPolicy
eventarc.messageBuses.list
eventarc.messageBuses.publish
eventarc.messageBuses.update
eventarc.messageBuses.use
Eventarc Message Bus User
Beta
(roles/eventarc.messageBusUser)
Access to publish to or bind to a Message Bus.
eventarc.messageBuses.get
eventarc.messageBuses.list
eventarc.messageBuses.publish
eventarc.messageBuses.use
Eventarc Publisher
Beta
(roles/eventarc.publisher)
Can publish events to Eventarc channels.
Lowest-level resources where you can grant this role:
Project
eventarc.channels.get
eventarc.channels.list
eventarc.channels.publish
resourcemanager.projects.get
resourcemanager.projects.list
Eventarc Viewer
(roles/eventarc.viewer)
Can view the state of all Eventarc resources, including IAM policies.
Lowest-level resources where you can grant this role:
Project
eventarc.channelConnections.get
eventarc.channelConnections.getIamPolicy
eventarc.channelConnections.list
eventarc.channels.get
eventarc.channels.getIamPolicy
eventarc.channels.list
eventarc.enrollments.get
eventarc.enrollments.getIamPolicy
eventarc.enrollments.list
eventarc.googleApiSources.get
eventarc.googleApiSources.getIamPolicy
eventarc.googleApiSources.list
eventarc.googleChannelConfigs.get
eventarc.locations.*
eventarc.locations.get
eventarc.locations.list
eventarc.messageBuses.get
eventarc.messageBuses.getIamPolicy
eventarc.messageBuses.list
eventarc.messageBuses.use
eventarc.operations.get
eventarc.operations.list
eventarc.pipelines.get
eventarc.pipelines.getIamPolicy
eventarc.pipelines.list
eventarc.providers.*
eventarc.providers.get
eventarc.providers.list
eventarc.triggers.get
eventarc.triggers.getIamPolicy
eventarc.triggers.list
resourcemanager.projects.get
resourcemanager.projects.list
Para obtener más información sobre los roles y permisos avanzados de Eventarc, consulta Todos los roles y permisos.
Administración de IAM a nivel de proyecto
A nivel de proyecto, puedes otorgar, cambiar y revocar roles de IAM con la consola de Google Cloud, la API de IAM o la CLI de Google Cloud.
Para obtener instrucciones, consulta Administra el acceso a proyectos, carpetas y organizaciones.
[[["Fácil de comprender","easyToUnderstand","thumb-up"],["Resolvió mi problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Otro","otherDown","thumb-down"]],["Última actualización: 2024-12-22 (UTC)"],[],[]]
