Topik ini memuat daftar nilai yang dapat digunakan untuk atribut resource dalam suatu kondisi, termasuk nilai string untuk layanan resource, jenis resource, dan format untuk string nama resource.
Anda dapat menggunakan atribut resource untuk mengubah cakupan izin yang disediakan oleh binding peran. Jika suatu peran berisi izin yang berlaku untuk berbagai jenis resource, suatu kondisi dapat memberikan subset izin peran berdasarkan layanan resource, jenis resource, dan nama resource.
Atribut resource tersedia untuk layanan Google Cloud dan jenis resource yang tercantum di halaman ini. Layanan dan jenis resource lainnya tidak mengenali atribut resource.
Untuk mengetahui informasi selengkapnya tentang Identity and Access Management (IAM), lihat artikel berikut:
Nilai layanan resource
Tabel berikut mencantumkan nilai yang dapat dimuat oleh atribut layanan resource.
Nilai layanan resource | Referensi REST |
---|---|
apigee.googleapis.com |
Referensi API |
backupdr.googleapis.com |
Referensi API |
bigquery.googleapis.com |
Referensi API |
bigqueryreservation.googleapis.com |
Referensi API |
bigtableadmin.googleapis.com |
Referensi API |
binaryauthorization.googleapis.com |
Referensi API |
clouddeploy.googleapis.com |
Referensi API |
cloudkms.googleapis.com |
Referensi API |
cloudresourcemanager.googleapis.com |
Referensi API |
compute.googleapis.com |
Referensi API |
container.googleapis.com |
Referensi API |
connectors.googleapis.com |
Referensi API |
dataform.googleapis.com |
Referensi API |
firestore.googleapis.com |
Referensi API |
iap.googleapis.com |
Referensi API |
integrations.googleapis.com |
Referensi API |
logging.googleapis.com |
Referensi API |
managedkafka.googleapis.com |
Referensi API |
pubsublite.googleapis.com |
Referensi API |
secretmanager.googleapis.com |
Referensi API |
spanner.googleapis.com |
Referensi API |
sqladmin.googleapis.com |
Referensi API |
storage.googleapis.com |
Referensi API |
Nilai jenis resource
Tabel berikut mencantumkan nilai yang dapat dimuat oleh atribut jenis resource.
Nilai jenis resource | Referensi |
---|---|
apigee.googleapis.com/ApiProduct |
Baca selengkapnya |
apigee.googleapis.com/ApiProductAttribute |
Baca selengkapnya |
apigee.googleapis.com/Cache |
Baca selengkapnya |
apigee.googleapis.com/Developer |
Baca selengkapnya |
apigee.googleapis.com/DeveloperApp |
Baca selengkapnya |
apigee.googleapis.com/DeveloperAppAttribute |
Baca selengkapnya |
apigee.googleapis.com/DeveloperAttribute |
Baca selengkapnya |
apigee.googleapis.com/Export |
Baca selengkapnya |
apigee.googleapis.com/FlowHook |
Baca selengkapnya |
apigee.googleapis.com/KeyStore |
Baca selengkapnya |
apigee.googleapis.com/KeyStoreAlias |
Baca selengkapnya |
apigee.googleapis.com/KeyValueEntry |
Baca selengkapnya |
apigee.googleapis.com/KeyValueMap |
Baca selengkapnya |
apigee.googleapis.com/Proxy |
Baca selengkapnya |
apigee.googleapis.com/ProxyRevision |
Baca selengkapnya |
apigee.googleapis.com/Query |
Baca selengkapnya |
apigee.googleapis.com/RatePlan |
Baca selengkapnya |
apigee.googleapis.com/Reference |
Baca selengkapnya |
apigee.googleapis.com/SharedFlow |
Baca selengkapnya |
apigee.googleapis.com/SharedFlowRevision |
Baca selengkapnya |
apigee.googleapis.com/TargetServer |
Baca selengkapnya |
apigee.googleapis.com/TraceSession |
Baca selengkapnya |
backupdr.googleapis.com/BackupVaults |
Baca selengkapnya |
bigquery.googleapis.com/Dataset |
Baca selengkapnya |
bigquery.googleapis.com/Model |
Baca selengkapnya |
bigquery.googleapis.com/Routine |
Baca selengkapnya |
bigquery.googleapis.com/Table |
Baca selengkapnya |
bigqueryreservation.googleapis.com/Assignment |
Baca selengkapnya |
bigqueryreservation.googleapis.com/BiReservation |
Baca selengkapnya |
bigqueryreservation.googleapis.com/CapacityCommitment |
Baca selengkapnya |
bigqueryreservation.googleapis.com/Location |
Baca selengkapnya |
bigqueryreservation.googleapis.com/Reservation |
Baca selengkapnya |
bigtableadmin.googleapis.com/AppProfile |
Baca selengkapnya |
bigtableadmin.googleapis.com/Backup |
Baca selengkapnya |
bigtableadmin.googleapis.com/Cluster |
Baca selengkapnya |
bigtableadmin.googleapis.com/Instance |
Baca selengkapnya |
bigtableadmin.googleapis.com/Table |
Baca selengkapnya |
binaryauthorization.googleapis.com/Attestor |
Baca selengkapnya |
binaryauthorization.googleapis.com/ContinuousValidationConfig |
Baca selengkapnya |
binaryauthorization.googleapis.com/Policy |
Baca selengkapnya |
cloud.googleapis.com/Location 1 |
Baca selengkapnya |
cloudkms.googleapis.com/CryptoKey |
Baca selengkapnya |
cloudkms.googleapis.com/CryptoKeyVersion |
Baca selengkapnya |
cloudkms.googleapis.com/KeyRing |
Baca selengkapnya |
cloudresourcemanager.googleapis.com/Project 2 |
Baca selengkapnya |
compute.googleapis.com/BackendService |
Baca selengkapnya |
compute.googleapis.com/Disk |
Baca selengkapnya |
compute.googleapis.com/Firewall |
Baca selengkapnya |
compute.googleapis.com/ForwardingRule |
Baca selengkapnya |
compute.googleapis.com/GlobalForwardingRule |
Baca selengkapnya |
compute.googleapis.com/Image |
Baca selengkapnya |
compute.googleapis.com/Instance |
Baca selengkapnya |
compute.googleapis.com/InstanceTemplate |
Baca selengkapnya |
compute.googleapis.com/Snapshot |
Baca selengkapnya |
compute.googleapis.com/TargetHttpProxy |
Baca selengkapnya |
compute.googleapis.com/TargetHttpsProxy |
Baca selengkapnya |
compute.googleapis.com/TargetSslProxy |
Baca selengkapnya |
compute.googleapis.com/TargetTcpProxy |
Baca selengkapnya |
connectors.googleapis.com/Connection |
Baca selengkapnya |
connectors.googleapis.com/ConnectionSchemaMetadata |
Baca selengkapnya |
connectors.googleapis.com/EndpointAttachment |
Baca selengkapnya |
connectors.googleapis.com/EventSubscription |
Baca selengkapnya |
connectors.googleapis.com/ManagedZone |
Baca selengkapnya |
container.googleapis.com/Clusters |
Baca selengkapnya |
dataform.googleapis.com/CompilationResult |
Baca selengkapnya |
dataform.googleapis.com/Location |
Baca selengkapnya |
dataform.googleapis.com/ReleaseConfig |
Baca selengkapnya |
dataform.googleapis.com/Repository |
Baca selengkapnya |
dataform.googleapis.com/WorkflowConfig |
Baca selengkapnya |
dataform.googleapis.com/WorkflowInvocation |
Baca selengkapnya |
dataform.googleapis.com/Workspace |
Baca selengkapnya |
firestore.googleapis.com/Database |
Baca selengkapnya |
iap.googleapis.com/Tunnel |
Baca selengkapnya |
iap.googleapis.com/TunnelInstance |
Baca selengkapnya |
iap.googleapis.com/TunnelZone |
Baca selengkapnya |
iap.googleapis.com/Web |
Baca selengkapnya |
iap.googleapis.com/WebService |
Baca selengkapnya |
iap.googleapis.com/WebServiceVersion |
Baca selengkapnya |
iap.googleapis.com/WebType |
Baca selengkapnya |
integrations.googleapis.com/AuthConfig |
Baca selengkapnya |
integrations.googleapis.com/Execution |
Baca selengkapnya |
integrations.googleapis.com/Integration |
Baca selengkapnya |
integrations.googleapis.com/IntegrationVersion |
Baca selengkapnya |
integrations.googleapis.com/Location |
t/a |
integrations.googleapis.com/Suspension |
Baca selengkapnya |
logging.googleapis.com/LogBucket |
Baca selengkapnya |
logging.googleapis.com/LogView |
Baca selengkapnya |
managedkafka.googleapis.com/Cluster |
Baca selengkapnya |
managedkafka.googleapis.com/ConsumerGroup |
Baca selengkapnya |
managedkafka.googleapis.com/Operation |
Baca selengkapnya |
managedkafka.googleapis.com/Topic |
Baca selengkapnya |
pubsublite.googleapis.com/Location |
Baca selengkapnya |
pubsublite.googleapis.com/Subscription |
Baca selengkapnya |
pubsublite.googleapis.com/Topic |
Baca selengkapnya |
secretmanager.googleapis.com/Secret |
Baca selengkapnya |
secretmanager.googleapis.com/SecretVersion |
Baca selengkapnya |
spanner.googleapis.com/Backup |
Baca selengkapnya |
spanner.googleapis.com/Database |
Baca selengkapnya |
spanner.googleapis.com/Instance |
Baca selengkapnya |
sqladmin.googleapis.com/BackupRun |
Baca selengkapnya |
sqladmin.googleapis.com/Instance |
Baca selengkapnya |
storage.googleapis.com/Bucket |
Baca selengkapnya |
storage.googleapis.com/ManagedFolder |
Baca selengkapnya |
storage.googleapis.com/Object |
Baca selengkapnya |
1 Cloud Key Management Service menggunakan jenis resource ini sebagai induk dari resource key ring.
2 Apigee menggunakan jenis resource ini sebagai induk resource apa pun yang termasuk dalam organisasi Apigee.
Format nama resource
Tabel berikut mencantumkan format setiap jenis atribut nama resource.
Referensi resource | Template format nama resource |
---|---|
Atribut produk API Apigee | organizations/organization-name/apiproducts/product-id/attributes/attribute-id |
Produk API Apigee | organizations/organization-name/apiproducts/product-id |
Proxy API Apigee | organizations/organization-name/apis/proxy-id |
Entri peta nilai kunci Proxy API Apigee | organizations/organization-name/api/proxy-id/keyvaluemaps/keyvaluemap-id/entries/entry-id |
Peta nilai kunci Proxy API Apigee | organizations/organization-name/apis/proxy-id/keyvaluemaps/key-value-map-id |
Revisi Proxy API Apigee | organizations/organization-name/apis/proxy-id/revisions/revision-id |
Cache Apigee | organizations/organization-name/environments/environment-id/caches/cache-id |
Atribut aplikasi developer Apigee | organizations/organization-name/developers/developer-id/apps/app-id/attributes/attribute-id |
Aplikasi developer Apigee | organizations/organization-name/developers/developer-id/apps/app-id |
Atribut developer Apigee | organizations/organization-name/developers/developer-id/attributes/attribute-id |
Developer Apigee | organizations/organization-name/developers/developer-id |
Entri peta nilai kunci lingkungan Apigee | organizations/organization-name/environments/environment-id/keyvaluemaps/keyvaluemap-id/entries/entry-id |
Peta nilai kunci lingkungan Apigee | organizations/organization-name/environments/environment/keyvaluemaps/key-value-map-id |
Ekspor Apigee | organizations/organization-name/environments/environment-id/analytics/exports/export-id |
Flow hook Apigee | organizations/organization-name/environments/environment-id/flowhooks/flowhook-id |
Alias keystore Apigee | organizations/organization-name/environments/environment-id/keystores/keystore-id/aliases/alias-id |
Keystore Apigee | organizations/organization-name/environments/environment-id/keystores/keystore-id |
Kueri Apigee | organizations/organization-name/environments/environment-id/queries/query-id |
Paket tarif Apigee | organizations/organization-name/apiproducts/product-id/rateplans/rate-plan-id |
Referensi Apigee | organizations/organization-name/environments/environment-id/references/reference-id |
Revisi alur bersama Apigee | organizations/organization-name/sharedflows/shared-flow-id/revisions/revision-id |
Alur bersama Apigee | organizations/organization-name/sharedflows/shared-flow-id |
Server target Apigee | organizations/organization-name/environments/environment-id/targetservers/targetserver-id |
Sesi trace (debug) Apigee | organizations/organization-name/environments/environment-id/apis/proxy-id/revisions/revision-id/debugsessions/session-id |
backupVaults Layanan Pencadangan dan DR | projects/project-id/locations/location-id/backupVaults/backup-vault-id |
datasets BigQuery | projects/project-id/datasets/dataset-id |
Model BigQuery | projects/project-id/datasets/dataset-id/models/model-id |
Rutinitas BigQuery | projects/project-id/datasets/dataset-id/routines/routine-id |
Tabel BigQuery | projects/project-id/datasets/dataset-id/tables/table-id |
Penetapan BigQuery Reservation API | projects/project-id/locations/location-id/reservations/reservation-id/assignments/assignment-id |
Reservasi BI BigQuery Reservation API | projects/project-id/locations/location-id/biReservation |
Komitmen kapasitas BigQuery Reservation API | projects/project-id/locations/location-id/capacityCommitments/capacity-commitment-id |
Lokasi BigQuery Reservation API | projects/project-id/locations/location-id |
reservations BigQuery Reservation API | projects/project-id/locations/location-id/reservations/reservation-id |
Attestor Otorisasi Biner | projects/project-number/attestors/attestor-id |
Konfigurasi validasi berkelanjutan Otorisasi Biner | projects/project-number/continuousValidationConfig |
Kebijakan Otorisasi Biner | projects/project-number/policy |
appProfiles Bigtable | projects/project-number/instances/instance-id/appProfiles/appProfile-id |
Cadangan Bigtable | projects/project-number/instances/instance-id/clusters/cluster-id/backups/backup-id |
clusters Bigtable | projects/project-number/instances/instance-id/clusters/cluster-id |
Instance Bigtable | projects/project-number/instances/instance-id |
Tabel Bigtable | projects/project-number/instances/instance-id/tables/table-id |
Otomatisasi Cloud Deploy berjalan | projects/project-id/locations/location-id/deliveryPipelines/delivery-pipeline-id/automationRuns/automation-run-id |
Otomatisasi Cloud Deploy | projects/project-id/locations/location-id/deliveryPipelines/delivery-pipeline-id/automations/automation-id |
Jenis target kustom Cloud Deploy | projects/project-id/locations/location-id/customTargetTypes/custom-target-type-id |
Pipeline pengiriman Cloud Deploy | projects/project-id/locations/location-id/deliveryPipelines/delivery-pipeline-id |
Penyelesaian tugas Cloud Deploy | projects/project-id/locations/location-id/deliveryPipelines/delivery-pipeline-id/releases/release-id/rollouts/rollout-id/jobRuns/job-run-id |
Rilis Cloud Deploy | projects/project-id/locations/location-id/deliveryPipelines/delivery-pipeline-id/releases/release-id |
Peluncuran Cloud Deploy | projects/project-id/locations/location-id/deliveryPipelines/delivery-pipeline-id/releases/release-id/rollouts/rollout-id |
Target Cloud Deploy | projects/project-id/locations/location-id/targets/target-id |
Database Firestore | projects/project-id/databases/database-id |
Kunci kriptografis Cloud Key Management Service | projects/project-id/locations/location-id/keyRings/keyring-id/cryptoKeys/cryptokey-id |
Versi kunci kripto Cloud Key Management Service | projects/project-id/locations/location-id/keyRings/keyring-id/cryptoKeys/cryptokey-id/cryptoKeyVersions/cryptokeyversion-id |
Key ring Cloud Key Management Service | projects/project-id/locations/location-id/keyRings/keyring-id |
Bucket log Cloud Logging | projects/project-id/locations/location-id/buckets/bucket-id |
Tampilan log Cloud Logging | projects/project-id/locations/location-id/buckets/bucket-id/views/view-id |
Cadangan Spanner | projects/project-id/instances/instance-id/backups/backup-id |
Database Spanner | projects/project-id/instances/instance-id/databases/database-id |
Instance Spanner | projects/project-id/instances/instance-id |
Proses pencadangan Cloud SQL | projects/project-id/instances/instance-id/backupRuns/backup-id |
Instance Cloud SQL | projects/project-id/instances/instance-id |
Bucket Cloud Storage1 | projects/_/buckets/bucket-name |
Folder terkelola Cloud Storage1, 2 | projects/_/buckets/bucket-name/managedFolders/managed-folder-name |
Objek Cloud Storage1, 3 | projects/_/buckets/bucket-name/objects/object-name |
Layanan backend global Compute Engine | projects/project-id/global/backendServices/backend-service-id |
Layanan backend regional Compute Engine | projects/project-id/regions/region-id/backendServices/backend-service-id |
Firewall Compute Engine | projects/project-id/global/firewalls/firewall-id |
Aturan penerusan global Compute Engine | projects/project-id/global/forwardingRules/forwarding-rule-id |
Aturan penerusan regional Compute Engine | projects/project-id/regions/region-id/forwardingRules/forwarding-rule-id |
Image Compute Engine | projects/project-id/global/images/image-id |
Template instance Compute Engine | projects/project-id/global/instanceTemplates/instance-template-id |
Instance Compute Engine | projects/project-id/zones/zone-id/instances/instance-id |
Persistent disk regional Compute Engine | projects/project-id/regions/region-id/disks/disk-id |
Persistent disk zona Compute Engine | projects/project-id/zones/zone-id/disks/disk-id |
Snapshot Compute Engine | projects/project-id/global/snapshots/snapshot-id |
Proxy HTTP target global Compute Engine | projects/project-id/global/targetHttpProxies/target-http-proxy-id |
Proxy HTTP target regional Compute Engine | projects/project-id/regions/region-id/targetHttpProxies/target-http-proxy-id |
Proxy HTTPS target global Compute Engine | projects/project-id/global/targetHttpsProxies/target-https-proxy-id |
Proxy HTTPS target regional Compute Engine | projects/project-id/regions/region-id/targetHttpsProxies/target-https-proxy-id |
Proxy SSL target Compute Engine | projects/project-id/global/targetSslProxies/target-ssl-proxy-id |
Proxy TCP target Compute Engine | projects/project-id/global/targetTcpProxies/target-tcp-proxy-id |
clusters Google Kubernetes Engine | projects/project-id/locations/location/clusters/cluster-id |
Hasil kompilasi Dataform | projects/project-id/locations/location/repositories/repository/compilationResults/compilation-result |
Lokasi Dataform | projects/project-id/locations/location |
Konfigurasi rilis Dataform | projects/project-id/locations/location/repositories/repository/releaseConfigs/release-config |
Repositori Dataform | projects/project-id/locations/location/repositories/repository |
Konfigurasi alur kerja Dataform | projects/project-id/locations/location/repositories/repository/workflowConfigs/workflow-config |
Pemanggilan alur kerja Dataform | projects/project-id/locations/location/repositories/repository/workflowInvocations/workflow-invocation |
Ruang kerja Dataform | projects/project-id/locations/location/repositories/repository/workspaces/workspace |
Koneksi Integration Connectors | projects/project-id/locations/location/connections/connection-name |
Metadata skema koneksi Integration Connectors | projects/project-id/locations/location/connections/connection-name/connectionSchemaMetadata |
Lampiran endpoint Integration Connectors | projects/project-id/locations/location/endpointAttachments/endpoint-attachment-name |
Langganan peristiwa Integration Connectors | projects/project-id/locations/location/eventSubscriptions/event-subscription-name |
Zona terkelola Integration Connectors | projects/project-id/locations/global/managedZones/managed-zone-name |
clusters Google Cloud Managed Service for Apache Kafka | projects/project-number/locations/location/clusters/cluster-name |
Grup konsumen Google Cloud Managed Service for Apache Kafka | projects/project-number/locations/location/clusters/cluster-name/consumerGroups/consumer-group |
Operasi Google Cloud Managed Service for Apache Kafka | projects/project-number/locations/location/operations/operation |
Topik Google Cloud Managed Service for Apache Kafka | projects/project-number/locations/location/clusters/cluster-name/topics/topic-name |
Lokasi Pub/Sub Lite | projects/project-number/locations/location |
Langganan Pub/Sub Lite | projects/project-number/locations/location/subscriptions/subscription-id |
Topik Pub/Sub Lite | projects/project-number/locations/location/topics/topic-id |
Organisasi Resource Manager4 | organizations/organization-name |
Secret Secret Manager | projects/project-number/secrets/secret-id |
Versi secret Secret Manager5 | projects/project-number/secrets/secret-id/versions/secret-version |
1 Untuk Cloud Storage, nama resource berisi garis bawah (_
),
bukan project ID. Anda tidak dapat mengganti garis bawah dengan project ID, nama project, atau nomor project.
2 Gunakan seluruh nama folder terkelola, termasuk garis miring ke depan. Di Cloud Storage, karakter ini adalah bagian dari nama folder terkelola, bukan pemisah jalur.
3 Gunakan seluruh nama objek, termasuk garis miring ke depan. Di Cloud Storage, karakter ini adalah bagian dari nama objek, bukan pemisah lokasi.
4 Apigee menggunakan format ini saat Anda mencantumkan semua jenis resource yang termasuk dalam organisasi Apigee.
5 Jika sebuah kondisi mengevaluasi nama resource untuk sebuah versi secret,
versi secret dalam permintaan tersebut harus sama persis dengan versi secret dalam
kondisi agar kondisi terpenuhi. Misalnya, jika versi dalam
kondisi adalah latest
, hanya permintaan dengan versi latest
yang memenuhi
kondisi; permintaan dengan versi 3
tidak memenuhi kondisi tersebut, meskipun
3
adalah versi terbaru.
Tag resource
Anda dapat melampirkan tag ke organisasi, project, dan folder. Setiap resource Google Cloud dapat mewarisi tag dari resource dengan level lebih tinggi ini.
Anda dapat menggunakan beberapa jenis ID berbeda untuk merujuk pada kunci dan nilai tag:
-
ID permanen, yang bersifat unik secara global dan tidak dapat digunakan kembali. Misalnya, kunci tag
dapat memiliki ID permanen
tagKeys/123456789012
, dan nilai tag dapat memiliki ID permanentagValues/567890123456
. -
Nama pendek. Nama pendek untuk setiap kunci harus unik dalam project atau
organisasi tempat kunci ditentukan, dan nama pendek untuk setiap nilai harus unik
untuk kunci yang terkait. Misalnya, kunci tag dapat memiliki nama pendek
env
, dan nilai tag dapat memiliki nama pendekprod
. -
Nama dengan namespace, yang menambahkan ID numerik organisasi atau ID project Anda ke
nama pendek kunci tag. Misalnya, kunci tag yang dibuat untuk organisasi dapat memiliki
nama dengan namespace
123456789012/env
. Untuk mempelajari cara mendapatkan ID organisasi, lihat Mendapatkan ID resource organisasi. Kunci tag yang dibuat untuk project dapat memiliki nama dengan namespacemyproject/env
. Untuk mempelajari cara mendapatkan project ID, lihat Mengidentifikasi project.
ID khusus bergantung pada nilai dan kunci tag yang telah Anda buat untuk organisasi Anda. Untuk mempelajari cara mencantumkan kunci dan nilai tag yang tersedia untuk Anda, lihat Mencantumkan kunci tag dan Mencantumkan nilai tag.