Informationen zu Rollen

Mit Sammlungen den Überblick behalten Sie können Inhalte basierend auf Ihren Einstellungen speichern und kategorisieren.

Auf dieser Seite werden IAM-Rollen beschrieben und die vordefinierten Rollen aufgelistet, die Sie Ihren Hauptkonten zuweisen können.

Eine Rolle enthält eine Reihe von Berechtigungen, mit denen Sie bestimmte Aktionen für Google Cloud-Ressourcen vornehmen können. Wenn Sie Hauptkonten Berechtigungen erteilen möchten, einschließlich Nutzern, Gruppen und Dienstkonten, weisen Sie den Hauptkonten Rollen zu.

Voraussetzungen für diese Anleitung

Rollentypen

Es gibt drei Arten von Rollen in IAM:

  • Einfache Rollen, zu denen die Rollen "Inhaber", "Bearbeiter" und "Betrachter" gehören und die es schon vor der Einführung von IAM gab.
  • Vordefinierte Rollen, die detaillierten Zugriff auf einen bestimmten Dienst bieten und von Google Cloud verwaltet werden.
  • Benutzerdefinierte Rollen, die detaillierten Zugriff gemäß einer vom Nutzer angegebenen Liste von Berechtigungen bieten.

Mit einer der folgenden Methoden können Sie ermitteln, ob eine Berechtigung in einer einfachen, vordefinierten oder benutzerdefinierten Rolle enthalten ist:

  • Führen Sie den Befehl gcloud iam roles describe aus, um die Berechtigungen der Rolle aufzulisten:
  • Rufen Sie die REST API-Methode roles.get() auf, um die Berechtigungen in der Rolle aufzulisten.
  • Nur für einfache und vordefinierte Rollen: Suchen Sie in der Berechtigungsreferenz, ob die Berechtigung von der Rolle gewährt wird.
  • Nur für vordefinierte Rollen: Suchen Sie auf dieser Seite in den vordefinierten Rollenbeschreibungen, um zu sehen, welche Berechtigungen die Rolle enthält.

In den folgenden Abschnitten werden die einzelnen Rollentypen beschrieben und Beispiele für deren Verwendung gegeben.

Einfache Rollen

Vor der Einführung von IAM gab es mehrere einfache Rollen: "Inhaber", "Bearbeiter" und "Betrachter". Diese Rollen sind konzentrisch, was bedeutet, dass die Inhaberrolle die Berechtigungen der Bearbeiterrolle und die Bearbeiterrolle die Berechtigungen der Betrachterrolle beinhaltet. Sie wurden ursprünglich als „einfache Rollen“ bezeichnet.

In der folgenden Tabelle sind die Berechtigungen zusammengefasst, die die einfachen Rollen in allen Google Cloud-Diensten enthalten:

Definitionen für einfache Rollen

Name Titel Berechtigungen
roles/viewer Betrachter Berechtigungen für schreibgeschützte Aktionen, die sich nicht auf den Status auswirken, z. B. Anzeigen (aber nicht Ändern) vorhandener Ressourcen oder Daten
roles/editor Bearbeiter Alle Berechtigungen des Betrachters sowie Berechtigungen für Aktionen, durch die der Status geändert wird, z. B. das Ändern vorhandener Ressourcen
Hinweis: Die Bearbeiterrolle enthält Berechtigungen zum Erstellen und Löschen von Ressourcen für die meisten Google Cloud-Dienste. Es enthält jedoch nicht die Berechtigung, sämtliche Aktionen für alle Dienste auszuführen. Weitere Informationen dazu, wie Sie prüfen können, ob eine Rolle die erforderlichen Berechtigungen hat, finden Sie auf dieser Seite unter Rollentypen.
roles/owner Inhaber Alle Berechtigungen des Bearbeiters und Berechtigungen für die folgenden Aktionen:
  • Rollen und Berechtigungen für ein Projekt und alle Ressourcen innerhalb des Projekts verwalten
  • Abrechnung für ein Projekt einrichten
Hinweis:
  • Durch das Zuweisen der Inhaberrolle auf Ressourcenebene, z. B. ein Pub/Sub-Thema, wird die Inhaberrolle im übergeordneten Projekt nicht zugewiesen.
  • Wenn Sie die Inhaberrolle auf Organisationsebene zuweisen, können Sie die Metadaten der Organisation nicht aktualisieren. Sie können damit jedoch alle Projekte und andere Ressourcen in dieser Organisation ändern.
  • Hinweis: Wenn Sie einem Nutzer außerhalb Ihrer Organisation die Rolle Inhaber für ein Projekt zuweisen möchten, müssen Sie die Google Cloud Console verwenden, nicht die gcloud CLI. Wenn Ihr Projekt nicht zu einer Organisation gehört, müssen Sie die Cloud Console zum Erteilen der Rolle „Inhaber“ verwenden.

Sie können einfache Rollen mit der Google Cloud Console, der API und der gcloud-Befehlszeile zuweisen. Informationen zum Zuweisen einfacher Rollen für ein Projekt, einen Ordner oder eine Organisation finden Sie unter Zugriff auf Projekte, Ordner und Organisationen verwalten. Informationen zum Zuweisen einfacher Rollen für andere Ressourcen finden Sie unter Zugriff auf andere Ressourcen verwalten.

Vordefinierte Rollen

Zusätzlich zu den einfachen Rollen bietet IAM weitere vordefinierte Rollen, die detaillierten Zugriff auf bestimmte Ressourcen von Google Cloud ermöglichen und unerwünschten Zugriff auf andere Ressourcen verhindern. Vordefinierte Rollen werden von Google erstellt und verwaltet. Google aktualisiert seine Berechtigungen bei Bedarf automatisch, z. B. wenn Google Cloud neue Features oder Dienste hinzufügt.

Die folgende Tabelle enthält diese Rollen, ihre Beschreibung und den Ressourcentyp der untersten Ebene, für den Rollen festgelegt werden. Eine bestimmte Rolle kann diesem Ressourcentyp oder in den meisten Fällen einem übergeordneten Typ in der Google Cloud-Ressourcen-Hierarchie zugewiesen werden.

Sie können demselben Nutzer auf jeder Ebene der Ressourcenhierarchie mehrere Rollen zuweisen. Zum Beispiel kann ein Nutzer die Rollen "Compute-Netzwerkadministrator" und "Logbetrachter" für ein Projekt und auch die Rolle "Pub/Sub-Publisher" für ein Pub/Sub-Thema in diesem Projekt haben. Informationen zum Auflisten der in einer Rolle enthaltenen Berechtigungen finden Sie unter Rollenmetadaten abrufen.

Informationen zur Auswahl der am besten geeigneten vordefinierten Rollen finden Sie unter Vordefinierte Rollen auswählen.

Rollen zur Zugriffsgenehmigung

Rolle Berechtigungen

(roles/accessapproval.approver)

Kann Anfragen für Zugriffsgenehmigungen ansehen und bearbeiten sowie Konfigurationen ansehen

Enthält 3 Inhaberberechtigungen

accessapproval.requests.*

  • accessapproval.requests.approve
  • accessapproval.requests.dismiss
  • accessapproval.requests.get
  • accessapproval.requests.invalidate
  • accessapproval.requests.list

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/accessapproval.configEditor)

Kann die Zugriffsgenehmigungskonfiguration aktualisieren

Enthält 2 Inhaberberechtigungen

accessapproval.serviceAccounts.get

accessapproval.settings.*

  • accessapproval.settings.delete
  • accessapproval.settings.get
  • accessapproval.settings.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/accessapproval.invalidator)

Funktion zur Annullierung bereits genehmigter Genehmigungsanfragen

Enthält 1 Inhaberberechtigung

accessapproval.requests.invalidate

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/accessapproval.viewer)

Kann Anfragen für Zugriffsgenehmigungen und Konfigurationen ansehen

accessapproval.requests.get

accessapproval.requests.list

accessapproval.serviceAccounts.get

accessapproval.settings.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager-Rollen

Rolle Berechtigungen

(roles/accesscontextmanager.gcpAccessAdmin)

Cloud-Zugriffsbindungen erstellen, bearbeiten und ändern.

accesscontextmanager.gcpUserAccessBindings.*

  • accesscontextmanager.gcpUserAccessBindings.create
  • accesscontextmanager.gcpUserAccessBindings.delete
  • accesscontextmanager.gcpUserAccessBindings.get
  • accesscontextmanager.gcpUserAccessBindings.list
  • accesscontextmanager.gcpUserAccessBindings.update

(roles/accesscontextmanager.gcpAccessReader)

Lesezugriff auf Cloud-Zugriffsbindungen

accesscontextmanager.gcpUserAccessBindings.get

accesscontextmanager.gcpUserAccessBindings.list

(roles/accesscontextmanager.policyAdmin)

Vollständiger Zugriff auf Richtlinien, Zugriffsebenen, Zugriffszonen und Beschreibungen vertrauenswürdiger Organisationen.

Enthält 2 Inhaberberechtigungen

accesscontextmanager.accessLevels.*

  • accesscontextmanager.accessLevels.create
  • accesscontextmanager.accessLevels.delete
  • accesscontextmanager.accessLevels.get
  • accesscontextmanager.accessLevels.list
  • accesscontextmanager.accessLevels.replaceAll
  • accesscontextmanager.accessLevels.update

accesscontextmanager.accessPolicies.*

  • accesscontextmanager.accessPolicies.create
  • accesscontextmanager.accessPolicies.delete
  • accesscontextmanager.accessPolicies.get
  • accesscontextmanager.accessPolicies.getIamPolicy
  • accesscontextmanager.accessPolicies.list
  • accesscontextmanager.accessPolicies.setIamPolicy
  • accesscontextmanager.accessPolicies.update

accesscontextmanager.accessZones.*

  • accesscontextmanager.accessZones.create
  • accesscontextmanager.accessZones.delete
  • accesscontextmanager.accessZones.get
  • accesscontextmanager.accessZones.list
  • accesscontextmanager.accessZones.update

accesscontextmanager.policies.*

  • accesscontextmanager.policies.create
  • accesscontextmanager.policies.delete
  • accesscontextmanager.policies.get
  • accesscontextmanager.policies.getIamPolicy
  • accesscontextmanager.policies.list
  • accesscontextmanager.policies.setIamPolicy
  • accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

  • accesscontextmanager.servicePerimeters.commit
  • accesscontextmanager.servicePerimeters.create
  • accesscontextmanager.servicePerimeters.delete
  • accesscontextmanager.servicePerimeters.get
  • accesscontextmanager.servicePerimeters.list
  • accesscontextmanager.servicePerimeters.replaceAll
  • accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/accesscontextmanager.policyEditor)

Schreibzugriff auf Richtlinien. Erstellen, bearbeiten und ändern Sie Zugriffsebenen, Zugriffszonen und Beschreibungen vertrauenswürdiger Organisationen.

accesscontextmanager.accessLevels.*

  • accesscontextmanager.accessLevels.create
  • accesscontextmanager.accessLevels.delete
  • accesscontextmanager.accessLevels.get
  • accesscontextmanager.accessLevels.list
  • accesscontextmanager.accessLevels.replaceAll
  • accesscontextmanager.accessLevels.update

accesscontextmanager.accessPolicies.create

accesscontextmanager.accessPolicies.delete

accesscontextmanager.accessPolicies.get

accesscontextmanager.accessPolicies.getIamPolicy

accesscontextmanager.accessPolicies.list

accesscontextmanager.accessPolicies.update

accesscontextmanager.accessZones.*

  • accesscontextmanager.accessZones.create
  • accesscontextmanager.accessZones.delete
  • accesscontextmanager.accessZones.get
  • accesscontextmanager.accessZones.list
  • accesscontextmanager.accessZones.update

accesscontextmanager.policies.create

accesscontextmanager.policies.delete

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

  • accesscontextmanager.servicePerimeters.commit
  • accesscontextmanager.servicePerimeters.create
  • accesscontextmanager.servicePerimeters.delete
  • accesscontextmanager.servicePerimeters.get
  • accesscontextmanager.servicePerimeters.list
  • accesscontextmanager.servicePerimeters.replaceAll
  • accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/accesscontextmanager.policyReader)

Lesezugriff auf Richtlinien, Zugriffsebenen, Zugriffszonen und Beschreibungen vertrauenswürdiger Organisationen.

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.accessPolicies.get

accesscontextmanager.accessPolicies.getIamPolicy

accesscontextmanager.accessPolicies.list

accesscontextmanager.accessZones.get

accesscontextmanager.accessZones.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/accesscontextmanager.vpcScTroubleshooterViewer)

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

logging.exclusions.get

logging.exclusions.list

logging.logEntries.list

logging.logMetrics.get

logging.logMetrics.list

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.sinks.get

logging.sinks.list

logging.usage.get

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Actions-Rollen

Rolle Berechtigungen

(roles/actions.Admin)

Kann Aktionen bearbeiten und bereitstellen

actions.*

  • actions.agent.claimContentProvider
  • actions.agent.get
  • actions.agent.update
  • actions.agentVersions.create
  • actions.agentVersions.delete
  • actions.agentVersions.deploy
  • actions.agentVersions.get
  • actions.agentVersions.list

firebase.projects.get

firebase.projects.update

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

(roles/actions.Viewer)

Kann Aktionen aufrufen

actions.agent.get

actions.agentVersions.get

actions.agentVersions.list

firebase.projects.get

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.services.use

AI Notebooks-Rollen

Rolle Berechtigungen

(roles/notebooks.admin)

Vollständiger Zugriff auf alle Notebooks-Ressourcen

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Instanz

Enthält 5 Inhaberberechtigungen

compute.acceleratorTypes.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

  • compute.diskTypes.get
  • compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewalls.get

compute.firewalls.list

compute.forwardingRules.get

compute.forwardingRules.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

  • compute.interconnectLocations.get
  • compute.interconnectLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listPeeringRoutes

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

  • compute.nodeTypes.get
  • compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.validate

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetInstances.get

compute.targetInstances.list

compute.targetPools.get

compute.targetPools.list

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

notebooks.*

  • notebooks.environments.create
  • notebooks.environments.delete
  • notebooks.environments.get
  • notebooks.environments.getIamPolicy
  • notebooks.environments.list
  • notebooks.environments.setIamPolicy
  • notebooks.executions.create
  • notebooks.executions.delete
  • notebooks.executions.get
  • notebooks.executions.getIamPolicy
  • notebooks.executions.list
  • notebooks.executions.setIamPolicy
  • notebooks.instances.checkUpgradability
  • notebooks.instances.create
  • notebooks.instances.delete
  • notebooks.instances.diagnose
  • notebooks.instances.get
  • notebooks.instances.getHealth
  • notebooks.instances.getIamPolicy
  • notebooks.instances.list
  • notebooks.instances.reset
  • notebooks.instances.setAccelerator
  • notebooks.instances.setIamPolicy
  • notebooks.instances.setLabels
  • notebooks.instances.setMachineType
  • notebooks.instances.start
  • notebooks.instances.stop
  • notebooks.instances.update
  • notebooks.instances.updateConfig
  • notebooks.instances.updateShieldInstanceConfig
  • notebooks.instances.upgrade
  • notebooks.instances.use
  • notebooks.locations.get
  • notebooks.locations.list
  • notebooks.operations.cancel
  • notebooks.operations.delete
  • notebooks.operations.get
  • notebooks.operations.list
  • notebooks.runtimes.create
  • notebooks.runtimes.delete
  • notebooks.runtimes.diagnose
  • notebooks.runtimes.get
  • notebooks.runtimes.getIamPolicy
  • notebooks.runtimes.list
  • notebooks.runtimes.reset
  • notebooks.runtimes.setIamPolicy
  • notebooks.runtimes.start
  • notebooks.runtimes.stop
  • notebooks.runtimes.switch
  • notebooks.runtimes.update
  • notebooks.schedules.create
  • notebooks.schedules.delete
  • notebooks.schedules.get
  • notebooks.schedules.getIamPolicy
  • notebooks.schedules.list
  • notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

(roles/notebooks.legacyAdmin)

Vollständiger Zugriff auf alle Notebooks-Ressourcen über die Compute API.

Enthält 38 Inhaberberechtigungen

compute.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list
  • compute.addresses.create
  • compute.addresses.createInternal
  • compute.addresses.delete
  • compute.addresses.deleteInternal
  • compute.addresses.get
  • compute.addresses.list
  • compute.addresses.setLabels
  • compute.addresses.use
  • compute.addresses.useInternal
  • compute.autoscalers.create
  • compute.autoscalers.delete
  • compute.autoscalers.get
  • compute.autoscalers.list
  • compute.autoscalers.update
  • compute.backendBuckets.addSignedUrlKey
  • compute.backendBuckets.create
  • compute.backendBuckets.delete
  • compute.backendBuckets.deleteSignedUrlKey
  • compute.backendBuckets.get
  • compute.backendBuckets.getIamPolicy
  • compute.backendBuckets.list
  • compute.backendBuckets.setIamPolicy
  • compute.backendBuckets.setSecurityPolicy
  • compute.backendBuckets.update
  • compute.backendBuckets.use
  • compute.backendServices.addSignedUrlKey
  • compute.backendServices.create
  • compute.backendServices.delete
  • compute.backendServices.deleteSignedUrlKey
  • compute.backendServices.get
  • compute.backendServices.getIamPolicy
  • compute.backendServices.list
  • compute.backendServices.setIamPolicy
  • compute.backendServices.setSecurityPolicy
  • compute.backendServices.update
  • compute.backendServices.use
  • compute.commitments.create
  • compute.commitments.get
  • compute.commitments.list
  • compute.commitments.update
  • compute.commitments.updateReservations
  • compute.diskTypes.get
  • compute.diskTypes.list
  • compute.disks.addResourcePolicies
  • compute.disks.create
  • compute.disks.createSnapshot
  • compute.disks.createTagBinding
  • compute.disks.delete
  • compute.disks.deleteTagBinding
  • compute.disks.get
  • compute.disks.getIamPolicy
  • compute.disks.list
  • compute.disks.listEffectiveTags
  • compute.disks.listTagBindings
  • compute.disks.removeResourcePolicies
  • compute.disks.resize
  • compute.disks.setIamPolicy
  • compute.disks.setLabels
  • compute.disks.update
  • compute.disks.use
  • compute.disks.useReadOnly
  • compute.externalVpnGateways.create
  • compute.externalVpnGateways.delete
  • compute.externalVpnGateways.get
  • compute.externalVpnGateways.list
  • compute.externalVpnGateways.setLabels
  • compute.externalVpnGateways.use
  • compute.firewallPolicies.addAssociation
  • compute.firewallPolicies.cloneRules
  • compute.firewallPolicies.copyRules
  • compute.firewallPolicies.create
  • compute.firewallPolicies.delete
  • compute.firewallPolicies.get
  • compute.firewallPolicies.getIamPolicy
  • compute.firewallPolicies.list
  • compute.firewallPolicies.move
  • compute.firewallPolicies.removeAssociation
  • compute.firewallPolicies.setIamPolicy
  • compute.firewallPolicies.update
  • compute.firewallPolicies.use
  • compute.firewalls.create
  • compute.firewalls.delete
  • compute.firewalls.get
  • compute.firewalls.list
  • compute.firewalls.update
  • compute.forwardingRules.create
  • compute.forwardingRules.delete
  • compute.forwardingRules.get
  • compute.forwardingRules.list
  • compute.forwardingRules.pscCreate
  • compute.forwardingRules.pscDelete
  • compute.forwardingRules.pscSetLabels
  • compute.forwardingRules.pscSetTarget
  • compute.forwardingRules.pscUpdate
  • compute.forwardingRules.setLabels
  • compute.forwardingRules.setTarget
  • compute.forwardingRules.update
  • compute.forwardingRules.use
  • compute.globalAddresses.create
  • compute.globalAddresses.createInternal
  • compute.globalAddresses.delete
  • compute.globalAddresses.deleteInternal
  • compute.globalAddresses.get
  • compute.globalAddresses.list
  • compute.globalAddresses.setLabels
  • compute.globalAddresses.use
  • compute.globalForwardingRules.create
  • compute.globalForwardingRules.delete
  • compute.globalForwardingRules.get
  • compute.globalForwardingRules.list
  • compute.globalForwardingRules.pscCreate
  • compute.globalForwardingRules.pscDelete
  • compute.globalForwardingRules.pscGet
  • compute.globalForwardingRules.pscSetLabels
  • compute.globalForwardingRules.pscSetTarget
  • compute.globalForwardingRules.pscUpdate
  • compute.globalForwardingRules.setLabels
  • compute.globalForwardingRules.setTarget
  • compute.globalForwardingRules.update
  • compute.globalNetworkEndpointGroups.attachNetworkEndpoints
  • compute.globalNetworkEndpointGroups.create
  • compute.globalNetworkEndpointGroups.delete
  • compute.globalNetworkEndpointGroups.detachNetworkEndpoints
  • compute.globalNetworkEndpointGroups.get
  • compute.globalNetworkEndpointGroups.list
  • compute.globalNetworkEndpointGroups.use
  • compute.globalOperations.delete
  • compute.globalOperations.get
  • compute.globalOperations.getIamPolicy
  • compute.globalOperations.list
  • compute.globalOperations.setIamPolicy
  • compute.globalPublicDelegatedPrefixes.create
  • compute.globalPublicDelegatedPrefixes.delete
  • compute.globalPublicDelegatedPrefixes.get
  • compute.globalPublicDelegatedPrefixes.list
  • compute.globalPublicDelegatedPrefixes.update
  • compute.globalPublicDelegatedPrefixes.updatePolicy
  • compute.globalPublicDelegatedPrefixes.use
  • compute.healthChecks.create
  • compute.healthChecks.delete
  • compute.healthChecks.get
  • compute.healthChecks.list
  • compute.healthChecks.update
  • compute.healthChecks.use
  • compute.healthChecks.useReadOnly
  • compute.httpHealthChecks.create
  • compute.httpHealthChecks.delete
  • compute.httpHealthChecks.get
  • compute.httpHealthChecks.list
  • compute.httpHealthChecks.update
  • compute.httpHealthChecks.use
  • compute.httpHealthChecks.useReadOnly
  • compute.httpsHealthChecks.create
  • compute.httpsHealthChecks.delete
  • compute.httpsHealthChecks.get
  • compute.httpsHealthChecks.list
  • compute.httpsHealthChecks.update
  • compute.httpsHealthChecks.use
  • compute.httpsHealthChecks.useReadOnly
  • compute.images.create
  • compute.images.createTagBinding
  • compute.images.delete
  • compute.images.deleteTagBinding
  • compute.images.deprecate
  • compute.images.get
  • compute.images.getFromFamily
  • compute.images.getIamPolicy
  • compute.images.list
  • compute.images.listEffectiveTags
  • compute.images.listTagBindings
  • compute.images.setIamPolicy
  • compute.images.setLabels
  • compute.images.update
  • compute.images.useReadOnly
  • compute.instanceGroupManagers.create
  • compute.instanceGroupManagers.delete
  • compute.instanceGroupManagers.get
  • compute.instanceGroupManagers.list
  • compute.instanceGroupManagers.update
  • compute.instanceGroupManagers.use
  • compute.instanceGroups.create
  • compute.instanceGroups.delete
  • compute.instanceGroups.get
  • compute.instanceGroups.list
  • compute.instanceGroups.update
  • compute.instanceGroups.use
  • compute.instanceTemplates.create
  • compute.instanceTemplates.delete
  • compute.instanceTemplates.get
  • compute.instanceTemplates.getIamPolicy
  • compute.instanceTemplates.list
  • compute.instanceTemplates.setIamPolicy
  • compute.instanceTemplates.useReadOnly
  • compute.instances.addAccessConfig
  • compute.instances.addMaintenancePolicies
  • compute.instances.addResourcePolicies
  • compute.instances.attachDisk
  • compute.instances.create
  • compute.instances.createTagBinding
  • compute.instances.delete
  • compute.instances.deleteAccessConfig
  • compute.instances.deleteTagBinding
  • compute.instances.detachDisk
  • compute.instances.get
  • compute.instances.getEffectiveFirewalls
  • compute.instances.getGuestAttributes
  • compute.instances.getIamPolicy
  • compute.instances.getScreenshot
  • compute.instances.getSerialPortOutput
  • compute.instances.getShieldedInstanceIdentity
  • compute.instances.getShieldedVmIdentity
  • compute.instances.list
  • compute.instances.listEffectiveTags
  • compute.instances.listReferrers
  • compute.instances.listTagBindings
  • compute.instances.osAdminLogin
  • compute.instances.osLogin
  • compute.instances.removeMaintenancePolicies
  • compute.instances.removeResourcePolicies
  • compute.instances.reset
  • compute.instances.resume
  • compute.instances.sendDiagnosticInterrupt
  • compute.instances.setDeletionProtection
  • compute.instances.setDiskAutoDelete
  • compute.instances.setIamPolicy
  • compute.instances.setLabels
  • compute.instances.setMachineResources
  • compute.instances.setMachineType
  • compute.instances.setMetadata
  • compute.instances.setMinCpuPlatform
  • compute.instances.setName
  • compute.instances.setScheduling
  • compute.instances.setServiceAccount
  • compute.instances.setShieldedInstanceIntegrityPolicy
  • compute.instances.setShieldedVmIntegrityPolicy
  • compute.instances.setTags
  • compute.instances.start
  • compute.instances.startWithEncryptionKey
  • compute.instances.stop
  • compute.instances.suspend
  • compute.instances.update
  • compute.instances.updateAccessConfig
  • compute.instances.updateDisplayDevice
  • compute.instances.updateNetworkInterface
  • compute.instances.updateSecurity
  • compute.instances.updateShieldedInstanceConfig
  • compute.instances.updateShieldedVmConfig
  • compute.instances.use
  • compute.instances.useReadOnly
  • compute.interconnectAttachments.create
  • compute.interconnectAttachments.delete
  • compute.interconnectAttachments.get
  • compute.interconnectAttachments.list
  • compute.interconnectAttachments.setLabels
  • compute.interconnectAttachments.update
  • compute.interconnectAttachments.use
  • compute.interconnectLocations.get
  • compute.interconnectLocations.list
  • compute.interconnects.create
  • compute.interconnects.delete
  • compute.interconnects.get
  • compute.interconnects.list
  • compute.interconnects.setLabels
  • compute.interconnects.update
  • compute.interconnects.use
  • compute.licenseCodes.get
  • compute.licenseCodes.getIamPolicy
  • compute.licenseCodes.list
  • compute.licenseCodes.setIamPolicy
  • compute.licenseCodes.update
  • compute.licenseCodes.use
  • compute.licenses.create
  • compute.licenses.delete
  • compute.licenses.get
  • compute.licenses.getIamPolicy
  • compute.licenses.list
  • compute.licenses.setIamPolicy
  • compute.machineImages.create
  • compute.machineImages.delete
  • compute.machineImages.get
  • compute.machineImages.getIamPolicy
  • compute.machineImages.list
  • compute.machineImages.setIamPolicy
  • compute.machineImages.useReadOnly
  • compute.machineTypes.get
  • compute.machineTypes.list
  • compute.maintenancePolicies.create
  • compute.maintenancePolicies.delete
  • compute.maintenancePolicies.get
  • compute.maintenancePolicies.getIamPolicy
  • compute.maintenancePolicies.list
  • compute.maintenancePolicies.setIamPolicy
  • compute.maintenancePolicies.use
  • compute.networkAttachments.create
  • compute.networkAttachments.delete
  • compute.networkAttachments.get
  • compute.networkAttachments.list
  • compute.networkEdgeSecurityServices.create
  • compute.networkEdgeSecurityServices.delete
  • compute.networkEdgeSecurityServices.get
  • compute.networkEdgeSecurityServices.list
  • compute.networkEdgeSecurityServices.update
  • compute.networkEndpointGroups.attachNetworkEndpoints
  • compute.networkEndpointGroups.create
  • compute.networkEndpointGroups.delete
  • compute.networkEndpointGroups.detachNetworkEndpoints
  • compute.networkEndpointGroups.get
  • compute.networkEndpointGroups.getIamPolicy
  • compute.networkEndpointGroups.list
  • compute.networkEndpointGroups.setIamPolicy
  • compute.networkEndpointGroups.use
  • compute.networks.access
  • compute.networks.addPeering
  • compute.networks.create
  • compute.networks.delete
  • compute.networks.get
  • compute.networks.getEffectiveFirewalls
  • compute.networks.getRegionEffectiveFirewalls
  • compute.networks.list
  • compute.networks.listPeeringRoutes
  • compute.networks.mirror
  • compute.networks.removePeering
  • compute.networks.setFirewallPolicy
  • compute.networks.switchToCustomMode
  • compute.networks.update
  • compute.networks.updatePeering
  • compute.networks.updatePolicy
  • compute.networks.use
  • compute.networks.useExternalIp
  • compute.nodeGroups.addNodes
  • compute.nodeGroups.create
  • compute.nodeGroups.delete
  • compute.nodeGroups.deleteNodes
  • compute.nodeGroups.get
  • compute.nodeGroups.getIamPolicy
  • compute.nodeGroups.list
  • compute.nodeGroups.setIamPolicy
  • compute.nodeGroups.setNodeTemplate
  • compute.nodeGroups.update
  • compute.nodeTemplates.create
  • compute.nodeTemplates.delete
  • compute.nodeTemplates.get
  • compute.nodeTemplates.getIamPolicy
  • compute.nodeTemplates.list
  • compute.nodeTemplates.setIamPolicy
  • compute.nodeTypes.get
  • compute.nodeTypes.list
  • compute.organizations.administerXpn
  • compute.organizations.disableXpnHost
  • compute.organizations.disableXpnResource
  • compute.organizations.enableXpnHost
  • compute.organizations.enableXpnResource
  • compute.organizations.listAssociations
  • compute.organizations.setFirewallPolicy
  • compute.organizations.setSecurityPolicy
  • compute.oslogin.updateExternalUser
  • compute.packetMirrorings.create
  • compute.packetMirrorings.delete
  • compute.packetMirrorings.get
  • compute.packetMirrorings.list
  • compute.packetMirrorings.update
  • compute.projects.get
  • compute.projects.setCommonInstanceMetadata
  • compute.projects.setDefaultNetworkTier
  • compute.projects.setDefaultServiceAccount
  • compute.projects.setUsageExportBucket
  • compute.publicAdvertisedPrefixes.create
  • compute.publicAdvertisedPrefixes.delete
  • compute.publicAdvertisedPrefixes.get
  • compute.publicAdvertisedPrefixes.list
  • compute.publicAdvertisedPrefixes.update
  • compute.publicAdvertisedPrefixes.updatePolicy
  • compute.publicAdvertisedPrefixes.use
  • compute.publicDelegatedPrefixes.create
  • compute.publicDelegatedPrefixes.delete
  • compute.publicDelegatedPrefixes.get
  • compute.publicDelegatedPrefixes.list
  • compute.publicDelegatedPrefixes.update
  • compute.publicDelegatedPrefixes.updatePolicy
  • compute.publicDelegatedPrefixes.use
  • compute.regionBackendServices.create
  • compute.regionBackendServices.delete
  • compute.regionBackendServices.get
  • compute.regionBackendServices.getIamPolicy
  • compute.regionBackendServices.list
  • compute.regionBackendServices.setIamPolicy
  • compute.regionBackendServices.setSecurityPolicy
  • compute.regionBackendServices.update
  • compute.regionBackendServices.use
  • compute.regionFirewallPolicies.cloneRules
  • compute.regionFirewallPolicies.create
  • compute.regionFirewallPolicies.delete
  • compute.regionFirewallPolicies.get
  • compute.regionFirewallPolicies.getIamPolicy
  • compute.regionFirewallPolicies.list
  • compute.regionFirewallPolicies.setIamPolicy
  • compute.regionFirewallPolicies.update
  • compute.regionFirewallPolicies.use
  • compute.regionHealthCheckServices.create
  • compute.regionHealthCheckServices.delete
  • compute.regionHealthCheckServices.get
  • compute.regionHealthCheckServices.list
  • compute.regionHealthCheckServices.update
  • compute.regionHealthCheckServices.use
  • compute.regionHealthChecks.create
  • compute.regionHealthChecks.delete
  • compute.regionHealthChecks.get
  • compute.regionHealthChecks.list
  • compute.regionHealthChecks.update
  • compute.regionHealthChecks.use
  • compute.regionHealthChecks.useReadOnly
  • compute.regionNetworkEndpointGroups.create
  • compute.regionNetworkEndpointGroups.delete
  • compute.regionNetworkEndpointGroups.get
  • compute.regionNetworkEndpointGroups.list
  • compute.regionNetworkEndpointGroups.use
  • compute.regionNotificationEndpoints.create
  • compute.regionNotificationEndpoints.delete
  • compute.regionNotificationEndpoints.get
  • compute.regionNotificationEndpoints.list
  • compute.regionNotificationEndpoints.update
  • compute.regionNotificationEndpoints.use
  • compute.regionOperations.delete
  • compute.regionOperations.get
  • compute.regionOperations.getIamPolicy
  • compute.regionOperations.list
  • compute.regionOperations.setIamPolicy
  • compute.regionSecurityPolicies.create
  • compute.regionSecurityPolicies.delete
  • compute.regionSecurityPolicies.get
  • compute.regionSecurityPolicies.list
  • compute.regionSecurityPolicies.update
  • compute.regionSecurityPolicies.use
  • compute.regionSslCertificates.create
  • compute.regionSslCertificates.delete
  • compute.regionSslCertificates.get
  • compute.regionSslCertificates.list
  • compute.regionSslPolicies.create
  • compute.regionSslPolicies.delete
  • compute.regionSslPolicies.get
  • compute.regionSslPolicies.list
  • compute.regionSslPolicies.listAvailableFeatures
  • compute.regionSslPolicies.update
  • compute.regionSslPolicies.use
  • compute.regionTargetHttpProxies.create
  • compute.regionTargetHttpProxies.delete
  • compute.regionTargetHttpProxies.get
  • compute.regionTargetHttpProxies.list
  • compute.regionTargetHttpProxies.setUrlMap
  • compute.regionTargetHttpProxies.update
  • compute.regionTargetHttpProxies.use
  • compute.regionTargetHttpsProxies.create
  • compute.regionTargetHttpsProxies.delete
  • compute.regionTargetHttpsProxies.get
  • compute.regionTargetHttpsProxies.list
  • compute.regionTargetHttpsProxies.setSslCertificates
  • compute.regionTargetHttpsProxies.setUrlMap
  • compute.regionTargetHttpsProxies.update
  • compute.regionTargetHttpsProxies.use
  • compute.regionTargetTcpProxies.create
  • compute.regionTargetTcpProxies.delete
  • compute.regionTargetTcpProxies.get
  • compute.regionTargetTcpProxies.list
  • compute.regionTargetTcpProxies.use
  • compute.regionUrlMaps.create
  • compute.regionUrlMaps.delete
  • compute.regionUrlMaps.get
  • compute.regionUrlMaps.invalidateCache
  • compute.regionUrlMaps.list
  • compute.regionUrlMaps.update
  • compute.regionUrlMaps.use
  • compute.regionUrlMaps.validate
  • compute.regions.get
  • compute.regions.list
  • compute.reservations.create
  • compute.reservations.delete
  • compute.reservations.get
  • compute.reservations.list
  • compute.reservations.resize
  • compute.reservations.update
  • compute.resourcePolicies.create
  • compute.resourcePolicies.delete
  • compute.resourcePolicies.get
  • compute.resourcePolicies.getIamPolicy
  • compute.resourcePolicies.list
  • compute.resourcePolicies.setIamPolicy
  • compute.resourcePolicies.use
  • compute.routers.create
  • compute.routers.delete
  • compute.routers.get
  • compute.routers.list
  • compute.routers.update
  • compute.routers.use
  • compute.routes.create
  • compute.routes.delete
  • compute.routes.get
  • compute.routes.list
  • compute.securityPolicies.addAssociation
  • compute.securityPolicies.copyRules
  • compute.securityPolicies.create
  • compute.securityPolicies.delete
  • compute.securityPolicies.get
  • compute.securityPolicies.getIamPolicy
  • compute.securityPolicies.list
  • compute.securityPolicies.move
  • compute.securityPolicies.removeAssociation
  • compute.securityPolicies.setIamPolicy
  • compute.securityPolicies.setLabels
  • compute.securityPolicies.update
  • compute.securityPolicies.use
  • compute.serviceAttachments.create
  • compute.serviceAttachments.delete
  • compute.serviceAttachments.get
  • compute.serviceAttachments.getIamPolicy
  • compute.serviceAttachments.list
  • compute.serviceAttachments.setIamPolicy
  • compute.serviceAttachments.update
  • compute.serviceAttachments.use
  • compute.snapshots.create
  • compute.snapshots.createTagBinding
  • compute.snapshots.delete
  • compute.snapshots.deleteTagBinding
  • compute.snapshots.get
  • compute.snapshots.getIamPolicy
  • compute.snapshots.list
  • compute.snapshots.listEffectiveTags
  • compute.snapshots.listTagBindings
  • compute.snapshots.setIamPolicy
  • compute.snapshots.setLabels
  • compute.snapshots.useReadOnly
  • compute.sslCertificates.create
  • compute.sslCertificates.delete
  • compute.sslCertificates.get
  • compute.sslCertificates.list
  • compute.sslPolicies.create
  • compute.sslPolicies.delete
  • compute.sslPolicies.get
  • compute.sslPolicies.list
  • compute.sslPolicies.listAvailableFeatures
  • compute.sslPolicies.update
  • compute.sslPolicies.use
  • compute.subnetworks.create
  • compute.subnetworks.delete
  • compute.subnetworks.expandIpCidrRange
  • compute.subnetworks.get
  • compute.subnetworks.getIamPolicy
  • compute.subnetworks.list
  • compute.subnetworks.mirror
  • compute.subnetworks.setIamPolicy
  • compute.subnetworks.setPrivateIpGoogleAccess
  • compute.subnetworks.update
  • compute.subnetworks.use
  • compute.subnetworks.useExternalIp
  • compute.targetGrpcProxies.create
  • compute.targetGrpcProxies.delete
  • compute.targetGrpcProxies.get
  • compute.targetGrpcProxies.list
  • compute.targetGrpcProxies.update
  • compute.targetGrpcProxies.use
  • compute.targetHttpProxies.create
  • compute.targetHttpProxies.delete
  • compute.targetHttpProxies.get
  • compute.targetHttpProxies.list
  • compute.targetHttpProxies.setUrlMap
  • compute.targetHttpProxies.update
  • compute.targetHttpProxies.use
  • compute.targetHttpsProxies.create
  • compute.targetHttpsProxies.delete
  • compute.targetHttpsProxies.get
  • compute.targetHttpsProxies.list
  • compute.targetHttpsProxies.setCertificateMap
  • compute.targetHttpsProxies.setQuicOverride
  • compute.targetHttpsProxies.setSslCertificates
  • compute.targetHttpsProxies.setSslPolicy
  • compute.targetHttpsProxies.setUrlMap
  • compute.targetHttpsProxies.update
  • compute.targetHttpsProxies.use
  • compute.targetInstances.create
  • compute.targetInstances.delete
  • compute.targetInstances.get
  • compute.targetInstances.list
  • compute.targetInstances.use
  • compute.targetPools.addHealthCheck
  • compute.targetPools.addInstance
  • compute.targetPools.create
  • compute.targetPools.delete
  • compute.targetPools.get
  • compute.targetPools.list
  • compute.targetPools.removeHealthCheck
  • compute.targetPools.removeInstance
  • compute.targetPools.update
  • compute.targetPools.use
  • compute.targetSslProxies.create
  • compute.targetSslProxies.delete
  • compute.targetSslProxies.get
  • compute.targetSslProxies.list
  • compute.targetSslProxies.setBackendService
  • compute.targetSslProxies.setCertificateMap
  • compute.targetSslProxies.setProxyHeader
  • compute.targetSslProxies.setSslCertificates
  • compute.targetSslProxies.setSslPolicy
  • compute.targetSslProxies.update
  • compute.targetSslProxies.use
  • compute.targetTcpProxies.create
  • compute.targetTcpProxies.delete
  • compute.targetTcpProxies.get
  • compute.targetTcpProxies.list
  • compute.targetTcpProxies.update
  • compute.targetTcpProxies.use
  • compute.targetVpnGateways.create
  • compute.targetVpnGateways.delete
  • compute.targetVpnGateways.get
  • compute.targetVpnGateways.list
  • compute.targetVpnGateways.setLabels
  • compute.targetVpnGateways.use
  • compute.urlMaps.create
  • compute.urlMaps.delete
  • compute.urlMaps.get
  • compute.urlMaps.invalidateCache
  • compute.urlMaps.list
  • compute.urlMaps.update
  • compute.urlMaps.use
  • compute.urlMaps.validate
  • compute.vpnGateways.create
  • compute.vpnGateways.delete
  • compute.vpnGateways.get
  • compute.vpnGateways.list
  • compute.vpnGateways.setLabels
  • compute.vpnGateways.use
  • compute.vpnTunnels.create
  • compute.vpnTunnels.delete
  • compute.vpnTunnels.get
  • compute.vpnTunnels.list
  • compute.vpnTunnels.setLabels
  • compute.zoneOperations.delete
  • compute.zoneOperations.get
  • compute.zoneOperations.getIamPolicy
  • compute.zoneOperations.list
  • compute.zoneOperations.setIamPolicy
  • compute.zones.get
  • compute.zones.list

notebooks.*

  • notebooks.environments.create
  • notebooks.environments.delete
  • notebooks.environments.get
  • notebooks.environments.getIamPolicy
  • notebooks.environments.list
  • notebooks.environments.setIamPolicy
  • notebooks.executions.create
  • notebooks.executions.delete
  • notebooks.executions.get
  • notebooks.executions.getIamPolicy
  • notebooks.executions.list
  • notebooks.executions.setIamPolicy
  • notebooks.instances.checkUpgradability
  • notebooks.instances.create
  • notebooks.instances.delete
  • notebooks.instances.diagnose
  • notebooks.instances.get
  • notebooks.instances.getHealth
  • notebooks.instances.getIamPolicy
  • notebooks.instances.list
  • notebooks.instances.reset
  • notebooks.instances.setAccelerator
  • notebooks.instances.setIamPolicy
  • notebooks.instances.setLabels
  • notebooks.instances.setMachineType
  • notebooks.instances.start
  • notebooks.instances.stop
  • notebooks.instances.update
  • notebooks.instances.updateConfig
  • notebooks.instances.updateShieldInstanceConfig
  • notebooks.instances.upgrade
  • notebooks.instances.use
  • notebooks.locations.get
  • notebooks.locations.list
  • notebooks.operations.cancel
  • notebooks.operations.delete
  • notebooks.operations.get
  • notebooks.operations.list
  • notebooks.runtimes.create
  • notebooks.runtimes.delete
  • notebooks.runtimes.diagnose
  • notebooks.runtimes.get
  • notebooks.runtimes.getIamPolicy
  • notebooks.runtimes.list
  • notebooks.runtimes.reset
  • notebooks.runtimes.setIamPolicy
  • notebooks.runtimes.start
  • notebooks.runtimes.stop
  • notebooks.runtimes.switch
  • notebooks.runtimes.update
  • notebooks.schedules.create
  • notebooks.schedules.delete
  • notebooks.schedules.get
  • notebooks.schedules.getIamPolicy
  • notebooks.schedules.list
  • notebooks.schedules.setIamPolicy

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

(roles/notebooks.legacyViewer)

Lesezugriff auf alle Notebooks-Ressourcen über die Compute API.

compute.acceleratorTypes.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

  • compute.diskTypes.get
  • compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewalls.get

compute.firewalls.list

compute.forwardingRules.get

compute.forwardingRules.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

  • compute.interconnectLocations.get
  • compute.interconnectLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listPeeringRoutes

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

  • compute.nodeTypes.get
  • compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.validate

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetInstances.get

compute.targetInstances.list

compute.targetPools.get

compute.targetPools.list

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

  • notebooks.locations.get
  • notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

(roles/notebooks.runner)

Eingeschränkter Zugriff zum Ausführen geplanter Notebooks.

compute.acceleratorTypes.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

  • compute.diskTypes.get
  • compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewalls.get

compute.firewalls.list

compute.forwardingRules.get

compute.forwardingRules.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

  • compute.interconnectLocations.get
  • compute.interconnectLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listPeeringRoutes

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

  • compute.nodeTypes.get
  • compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.validate

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetInstances.get

compute.targetInstances.list

compute.targetPools.get

compute.targetPools.list

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.create

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.create

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

  • notebooks.locations.get
  • notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.create

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.create

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

(roles/notebooks.viewer)

Lesezugriff auf alle Notebooks-Ressourcen

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Instanz

compute.acceleratorTypes.*

  • compute.acceleratorTypes.get
  • compute.acceleratorTypes.list

compute.addresses.get

compute.addresses.list

compute.autoscalers.get

compute.autoscalers.list

compute.backendBuckets.get

compute.backendBuckets.getIamPolicy

compute.backendBuckets.list

compute.backendServices.get

compute.backendServices.getIamPolicy

compute.backendServices.list

compute.commitments.get

compute.commitments.list

compute.diskTypes.*

  • compute.diskTypes.get
  • compute.diskTypes.list

compute.disks.get

compute.disks.getIamPolicy

compute.disks.list

compute.disks.listEffectiveTags

compute.disks.listTagBindings

compute.externalVpnGateways.get

compute.externalVpnGateways.list

compute.firewallPolicies.get

compute.firewallPolicies.getIamPolicy

compute.firewallPolicies.list

compute.firewalls.get

compute.firewalls.list

compute.forwardingRules.get

compute.forwardingRules.list

compute.globalAddresses.get

compute.globalAddresses.list

compute.globalForwardingRules.get

compute.globalForwardingRules.list

compute.globalForwardingRules.pscGet

compute.globalNetworkEndpointGroups.get

compute.globalNetworkEndpointGroups.list

compute.globalOperations.get

compute.globalOperations.getIamPolicy

compute.globalOperations.list

compute.globalPublicDelegatedPrefixes.get

compute.globalPublicDelegatedPrefixes.list

compute.healthChecks.get

compute.healthChecks.list

compute.httpHealthChecks.get

compute.httpHealthChecks.list

compute.httpsHealthChecks.get

compute.httpsHealthChecks.list

compute.images.get

compute.images.getFromFamily

compute.images.getIamPolicy

compute.images.list

compute.images.listEffectiveTags

compute.images.listTagBindings

compute.instanceGroupManagers.get

compute.instanceGroupManagers.list

compute.instanceGroups.get

compute.instanceGroups.list

compute.instanceTemplates.get

compute.instanceTemplates.getIamPolicy

compute.instanceTemplates.list

compute.instances.get

compute.instances.getEffectiveFirewalls

compute.instances.getGuestAttributes

compute.instances.getIamPolicy

compute.instances.getScreenshot

compute.instances.getSerialPortOutput

compute.instances.getShieldedInstanceIdentity

compute.instances.getShieldedVmIdentity

compute.instances.list

compute.instances.listEffectiveTags

compute.instances.listReferrers

compute.instances.listTagBindings

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnectLocations.*

  • compute.interconnectLocations.get
  • compute.interconnectLocations.list

compute.interconnects.get

compute.interconnects.list

compute.licenseCodes.get

compute.licenseCodes.getIamPolicy

compute.licenseCodes.list

compute.licenses.get

compute.licenses.getIamPolicy

compute.licenses.list

compute.machineImages.get

compute.machineImages.getIamPolicy

compute.machineImages.list

compute.machineTypes.*

  • compute.machineTypes.get
  • compute.machineTypes.list

compute.maintenancePolicies.get

compute.maintenancePolicies.getIamPolicy

compute.maintenancePolicies.list

compute.networkAttachments.get

compute.networkAttachments.list

compute.networkEdgeSecurityServices.get

compute.networkEdgeSecurityServices.list

compute.networkEndpointGroups.get

compute.networkEndpointGroups.getIamPolicy

compute.networkEndpointGroups.list

compute.networks.get

compute.networks.getEffectiveFirewalls

compute.networks.getRegionEffectiveFirewalls

compute.networks.list

compute.networks.listPeeringRoutes

compute.nodeGroups.get

compute.nodeGroups.getIamPolicy

compute.nodeGroups.list

compute.nodeTemplates.get

compute.nodeTemplates.getIamPolicy

compute.nodeTemplates.list

compute.nodeTypes.*

  • compute.nodeTypes.get
  • compute.nodeTypes.list

compute.organizations.listAssociations

compute.packetMirrorings.get

compute.packetMirrorings.list

compute.projects.get

compute.publicAdvertisedPrefixes.get

compute.publicAdvertisedPrefixes.list

compute.publicDelegatedPrefixes.get

compute.publicDelegatedPrefixes.list

compute.regionBackendServices.get

compute.regionBackendServices.getIamPolicy

compute.regionBackendServices.list

compute.regionFirewallPolicies.get

compute.regionFirewallPolicies.getIamPolicy

compute.regionFirewallPolicies.list

compute.regionHealthCheckServices.get

compute.regionHealthCheckServices.list

compute.regionHealthChecks.get

compute.regionHealthChecks.list

compute.regionNetworkEndpointGroups.get

compute.regionNetworkEndpointGroups.list

compute.regionNotificationEndpoints.get

compute.regionNotificationEndpoints.list

compute.regionOperations.get

compute.regionOperations.getIamPolicy

compute.regionOperations.list

compute.regionSecurityPolicies.get

compute.regionSecurityPolicies.list

compute.regionSslCertificates.get

compute.regionSslCertificates.list

compute.regionSslPolicies.get

compute.regionSslPolicies.list

compute.regionSslPolicies.listAvailableFeatures

compute.regionTargetHttpProxies.get

compute.regionTargetHttpProxies.list

compute.regionTargetHttpsProxies.get

compute.regionTargetHttpsProxies.list

compute.regionTargetTcpProxies.get

compute.regionTargetTcpProxies.list

compute.regionUrlMaps.get

compute.regionUrlMaps.list

compute.regionUrlMaps.validate

compute.regions.*

  • compute.regions.get
  • compute.regions.list

compute.reservations.get

compute.reservations.list

compute.resourcePolicies.get

compute.resourcePolicies.getIamPolicy

compute.resourcePolicies.list

compute.routers.get

compute.routers.list

compute.routes.get

compute.routes.list

compute.securityPolicies.get

compute.securityPolicies.getIamPolicy

compute.securityPolicies.list

compute.serviceAttachments.get

compute.serviceAttachments.getIamPolicy

compute.serviceAttachments.list

compute.snapshots.get

compute.snapshots.getIamPolicy

compute.snapshots.list

compute.snapshots.listEffectiveTags

compute.snapshots.listTagBindings

compute.sslCertificates.get

compute.sslCertificates.list

compute.sslPolicies.get

compute.sslPolicies.list

compute.sslPolicies.listAvailableFeatures

compute.subnetworks.get

compute.subnetworks.getIamPolicy

compute.subnetworks.list

compute.targetGrpcProxies.get

compute.targetGrpcProxies.list

compute.targetHttpProxies.get

compute.targetHttpProxies.list

compute.targetHttpsProxies.get

compute.targetHttpsProxies.list

compute.targetInstances.get

compute.targetInstances.list

compute.targetPools.get

compute.targetPools.list

compute.targetSslProxies.get

compute.targetSslProxies.list

compute.targetTcpProxies.get

compute.targetTcpProxies.list

compute.targetVpnGateways.get

compute.targetVpnGateways.list

compute.urlMaps.get

compute.urlMaps.list

compute.urlMaps.validate

compute.vpnGateways.get

compute.vpnGateways.list

compute.vpnTunnels.get

compute.vpnTunnels.list

compute.zoneOperations.get

compute.zoneOperations.getIamPolicy

compute.zoneOperations.list

compute.zones.*

  • compute.zones.get
  • compute.zones.list

notebooks.environments.get

notebooks.environments.getIamPolicy

notebooks.environments.list

notebooks.executions.get

notebooks.executions.getIamPolicy

notebooks.executions.list

notebooks.instances.checkUpgradability

notebooks.instances.get

notebooks.instances.getHealth

notebooks.instances.getIamPolicy

notebooks.instances.list

notebooks.locations.*

  • notebooks.locations.get
  • notebooks.locations.list

notebooks.operations.get

notebooks.operations.list

notebooks.runtimes.get

notebooks.runtimes.getIamPolicy

notebooks.runtimes.list

notebooks.schedules.get

notebooks.schedules.getIamPolicy

notebooks.schedules.list

resourcemanager.projects.get

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

AI Platform-Rollen

Rolle Berechtigungen

(roles/ml.admin)

Vollzugriff auf AI Platform-Ressourcen und die zugehörigen Jobs, Vorgänge, Modelle und Versionen.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Projekt

Enthält 3 Inhaberberechtigungen

ml.*

  • ml.jobs.cancel
  • ml.jobs.create
  • ml.jobs.get
  • ml.jobs.getIamPolicy
  • ml.jobs.list
  • ml.jobs.setIamPolicy
  • ml.jobs.update
  • ml.locations.get
  • ml.locations.list
  • ml.models.create
  • ml.models.delete
  • ml.models.get
  • ml.models.getIamPolicy
  • ml.models.list
  • ml.models.predict
  • ml.models.setIamPolicy
  • ml.models.update
  • ml.operations.cancel
  • ml.operations.get
  • ml.operations.list
  • ml.projects.getConfig
  • ml.studies.create
  • ml.studies.delete
  • ml.studies.get
  • ml.studies.getIamPolicy
  • ml.studies.list
  • ml.studies.setIamPolicy
  • ml.trials.create
  • ml.trials.delete
  • ml.trials.get
  • ml.trials.list
  • ml.trials.update
  • ml.versions.create
  • ml.versions.delete
  • ml.versions.get
  • ml.versions.list
  • ml.versions.predict
  • ml.versions.update

resourcemanager.projects.get

(roles/ml.developer)

Verwendung von AI Platform-Ressourcen zur Erstellung von Modellen, Versionen und Jobs zu Schulungs- und Vorhersagezwecken sowie zum Senden von Online-Vorhersageanfragen.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Projekt

Enthält 1 Inhaberberechtigung

ml.jobs.create

ml.jobs.get

ml.jobs.getIamPolicy

ml.jobs.list

ml.locations.*

  • ml.locations.get
  • ml.locations.list

ml.models.create

ml.models.get

ml.models.getIamPolicy

ml.models.list

ml.models.predict

ml.operations.get

ml.operations.list

ml.projects.getConfig

ml.studies.*

  • ml.studies.create
  • ml.studies.delete
  • ml.studies.get
  • ml.studies.getIamPolicy
  • ml.studies.list
  • ml.studies.setIamPolicy

ml.trials.*

  • ml.trials.create
  • ml.trials.delete
  • ml.trials.get
  • ml.trials.list
  • ml.trials.update

ml.versions.get

ml.versions.list

ml.versions.predict

resourcemanager.projects.get

(roles/ml.jobOwner)

Vollzugriff auf alle Berechtigungen für eine bestimmte Jobressource. Diese Rolle wird dem Nutzer, der den Job erstellt, automatisch zugewiesen.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Job

Enthält 1 Inhaberberechtigung

ml.jobs.*

  • ml.jobs.cancel
  • ml.jobs.create
  • ml.jobs.get
  • ml.jobs.getIamPolicy
  • ml.jobs.list
  • ml.jobs.setIamPolicy
  • ml.jobs.update

(roles/ml.modelOwner)

Vollzugriff auf das Modell und seine Versionen. Diese Rolle wird dem Nutzer, der das Modell erstellt, automatisch zugewiesen.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Modell

Enthält 1 Inhaberberechtigung

ml.models.*

  • ml.models.create
  • ml.models.delete
  • ml.models.get
  • ml.models.getIamPolicy
  • ml.models.list
  • ml.models.predict
  • ml.models.setIamPolicy
  • ml.models.update

ml.versions.*

  • ml.versions.create
  • ml.versions.delete
  • ml.versions.get
  • ml.versions.list
  • ml.versions.predict
  • ml.versions.update

(roles/ml.modelUser)

Berechtigung zum Lesen des Modells und seiner Versionen sowie deren Nutzung für die Vorhersage.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Modell

ml.models.get

ml.models.predict

ml.versions.get

ml.versions.list

ml.versions.predict

(roles/ml.operationOwner)

Vollzugriff auf alle Berechtigungen für eine bestimmte Betriebsressource.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Aktion

ml.operations.*

  • ml.operations.cancel
  • ml.operations.get
  • ml.operations.list

(roles/ml.viewer)

Lesezugriff auf AI Platform-Ressourcen.

Ressourcen auf der niedrigsten Ebene, für die Sie diese Rolle zuweisen können:

  • Projekt

ml.jobs.get

ml.jobs.list

ml.locations.*

  • ml.locations.get
  • ml.locations.list

ml.models.get

ml.models.list

ml.operations.get

ml.operations.list

ml.projects.getConfig

ml.studies.get

ml.studies.getIamPolicy

ml.studies.list

ml.trials.get

ml.trials.list

ml.versions.get

ml.versions.list

resourcemanager.projects.get

Analytics Hub-Rollen

Rolle Berechtigungen

(roles/analyticshub.admin)

Data Exchanges und Einträge verwalten

Enthält 2 Inhaberberechtigungen

analyticshub.dataExchanges.*

  • analyticshub.dataExchanges.create
  • analyticshub.dataExchanges.delete
  • analyticshub.dataExchanges.get
  • analyticshub.dataExchanges.getIamPolicy
  • analyticshub.dataExchanges.list
  • analyticshub.dataExchanges.setIamPolicy
  • analyticshub.dataExchanges.update

analyticshub.listings.create

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.listingAdmin)

Gewährt vollständige Kontrolle über den Eintrag, einschließlich Aktualisieren, Löschen und Festlegen von ACLs

Enthält 1 Inhaberberechtigung

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.delete

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.setIamPolicy

analyticshub.listings.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.publisher)

Kann in Data Exchanges veröffentlichen und daher Einträge erstellen

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.create

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.subscriber)

Kann in Data Exchanges suchen und Einträge abonnieren

Enthält 1 Inhaberberechtigung

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

analyticshub.listings.subscribe

resourcemanager.projects.get

resourcemanager.projects.list

(roles/analyticshub.viewer)

Kann in Data Exchanges und Einträgen suchen

analyticshub.dataExchanges.get

analyticshub.dataExchanges.getIamPolicy

analyticshub.dataExchanges.list

analyticshub.listings.get

analyticshub.listings.getIamPolicy

analyticshub.listings.list

resourcemanager.projects.get

resourcemanager.projects.list

Android Management-Rollen

Rolle Berechtigungen

(roles/androidmanagement.user)

Vollständiger Zugriff zur Verwaltung von Geräten

androidmanagement.enterprises.manage

serviceusage.quotas.get

serviceusage.services.get

serviceusage.services.list

Anthos Multi-Cloud-Rollen

Rolle Berechtigungen

(roles/gkemulticloud.admin)

Administratorzugriff auf Anthos-Multi-Cloud-Ressourcen.

Enthält 2 Inhaberberechtigungen

gkemulticloud.*

  • gkemulticloud.awsClusters.create
  • gkemulticloud.awsClusters.delete
  • gkemulticloud.awsClusters.generateAccessToken
  • gkemulticloud.awsClusters.get
  • gkemulticloud.awsClusters.getAdminKubeconfig
  • gkemulticloud.awsClusters.list
  • gkemulticloud.awsClusters.update
  • gkemulticloud.awsNodePools.create
  • gkemulticloud.awsNodePools.delete
  • gkemulticloud.awsNodePools.get
  • gkemulticloud.awsNodePools.list
  • gkemulticloud.awsNodePools.update
  • gkemulticloud.awsServerConfigs.get
  • gkemulticloud.azureClients.create
  • gkemulticloud.azureClients.delete
  • gkemulticloud.azureClients.get
  • gkemulticloud.azureClients.list
  • gkemulticloud.azureClusters.create
  • gkemulticloud.azureClusters.delete
  • gkemulticloud.azureClusters.generateAccessToken
  • gkemulticloud.azureClusters.get
  • gkemulticloud.azureClusters.getAdminKubeconfig
  • gkemulticloud.azureClusters.list
  • gkemulticloud.azureClusters.update
  • gkemulticloud.azureNodePools.create
  • gkemulticloud.azureNodePools.delete
  • gkemulticloud.azureNodePools.get
  • gkemulticloud.azureNodePools.list
  • gkemulticloud.azureNodePools.update
  • gkemulticloud.azureServerConfigs.get
  • gkemulticloud.operations.cancel
  • gkemulticloud.operations.delete
  • gkemulticloud.operations.get
  • gkemulticloud.operations.list
  • gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

(roles/gkemulticloud.telemetryWriter)

Gewährt Zugriff, um Clustertelemetriedaten wie Logs, Messwerte und Ressourcenmetadaten zu schreiben.

logging.logEntries.create

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

opsconfigmonitoring.resourceMetadata.write

(roles/gkemulticloud.viewer)

Lesezugriff auf Anthos-Multi-Cloud-Ressourcen.

gkemulticloud.awsClusters.generateAccessToken

gkemulticloud.awsClusters.get

gkemulticloud.awsClusters.list

gkemulticloud.awsNodePools.get

gkemulticloud.awsNodePools.list

gkemulticloud.awsServerConfigs.get

gkemulticloud.azureClients.get

gkemulticloud.azureClients.list

gkemulticloud.azureClusters.generateAccessToken

gkemulticloud.azureClusters.get

gkemulticloud.azureClusters.list

gkemulticloud.azureNodePools.get

gkemulticloud.azureNodePools.list

gkemulticloud.azureServerConfigs.get

gkemulticloud.operations.get

gkemulticloud.operations.list

gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

API-Gateway-Rollen

Rolle Berechtigungen

(roles/apigateway.admin)

Vollständiger Zugriff auf ApiGateway und zugehörige Ressourcen.

Enthält 3 Inhaberberechtigungen

apigateway.*

  • apigateway.apiconfigs.create
  • apigateway.apiconfigs.delete
  • apigateway.apiconfigs.get
  • apigateway.apiconfigs.getIamPolicy
  • apigateway.apiconfigs.list
  • apigateway.apiconfigs.setIamPolicy
  • apigateway.apiconfigs.update
  • apigateway.apis.create
  • apigateway.apis.delete
  • apigateway.apis.get
  • apigateway.apis.getIamPolicy
  • apigateway.apis.list
  • apigateway.apis.setIamPolicy
  • apigateway.apis.update
  • apigateway.gateways.create
  • apigateway.gateways.delete
  • apigateway.gateways.get
  • apigateway.gateways.getIamPolicy
  • apigateway.gateways.list
  • apigateway.gateways.setIamPolicy
  • apigateway.gateways.update
  • apigateway.locations.get
  • apigateway.locations.list
  • apigateway.operations.cancel
  • apigateway.operations.delete
  • apigateway.operations.get
  • apigateway.operations.list

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.get

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.get

serviceusage.services.list

(roles/apigateway.viewer)

Lesezugriff auf ApiGateway und zugehörige Ressourcen.

apigateway.apiconfigs.get

apigateway.apiconfigs.getIamPolicy

apigateway.apiconfigs.list

apigateway.apis.get

apigateway.apis.getIamPolicy

apigateway.apis.list

apigateway.gateways.get

apigateway.gateways.getIamPolicy

apigateway.gateways.list

apigateway.locations.*

  • apigateway.locations.get
  • apigateway.locations.list

apigateway.operations.get

apigateway.operations.list

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.get

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.list

servicemanagement.services.get

serviceusage.services.list

Apigee-Rollen

Rolle Berechtigungen

(roles/apigee.admin)

Vollständiger Zugriff auf alle Apigee-Ressourcen-Features

Enthält 1 Inhaberberechtigung

apigee.*