本文档中介绍的产品 GKE on AWS 现已进入
维护模式,并将于 2027 年 3 月 17 日关停。
API 角色和权限
GKE on AWS 具有特定的 Identity and Access Management (IAM) 权限。下表介绍了这些权限。如需了解如何管理权限,请参阅授予、更改和撤消对资源的访问权限。
GKE on AWS API 权限
GKE on AWS API 具有预定义的 gkemulticloud.viewer 和 gkemulticloud.admin 角色。下表介绍了这些角色:
| 角色 |
权限 |
Anthos Multi-cloud Admin
(roles/gkemulticloud.admin)
可以管理 Anthos 多云资源。
|
gkemulticloud.*
gkemulticloud.attachedClusters.creategkemulticloud.attachedClusters.createTagBindinggkemulticloud.attachedClusters.deletegkemulticloud.attachedClusters.deleteTagBindinggkemulticloud.attachedClusters.generateInstallManifestgkemulticloud.attachedClusters.getgkemulticloud.attachedClusters.importgkemulticloud.attachedClusters.listgkemulticloud.attachedClusters.listEffectiveTagsgkemulticloud.attachedClusters.listTagBindingsgkemulticloud.attachedClusters.updategkemulticloud.attachedServerConfigs.getgkemulticloud.awsClusters.creategkemulticloud.awsClusters.deletegkemulticloud.awsClusters.generateAccessTokengkemulticloud.awsClusters.getgkemulticloud.awsClusters.getAdminKubeconfiggkemulticloud.awsClusters.listgkemulticloud.awsClusters.updategkemulticloud.awsNodePools.creategkemulticloud.awsNodePools.deletegkemulticloud.awsNodePools.getgkemulticloud.awsNodePools.listgkemulticloud.awsNodePools.updategkemulticloud.awsServerConfigs.getgkemulticloud.azureClients.creategkemulticloud.azureClients.deletegkemulticloud.azureClients.getgkemulticloud.azureClients.listgkemulticloud.azureClusters.creategkemulticloud.azureClusters.deletegkemulticloud.azureClusters.generateAccessTokengkemulticloud.azureClusters.getgkemulticloud.azureClusters.getAdminKubeconfiggkemulticloud.azureClusters.listgkemulticloud.azureClusters.updategkemulticloud.azureNodePools.creategkemulticloud.azureNodePools.deletegkemulticloud.azureNodePools.getgkemulticloud.azureNodePools.listgkemulticloud.azureNodePools.updategkemulticloud.azureServerConfigs.getgkemulticloud.operations.cancelgkemulticloud.operations.deletegkemulticloud.operations.getgkemulticloud.operations.listgkemulticloud.operations.wait
resourcemanager.projects.get
resourcemanager.projects.list
|
Anthos Multi-cloud Viewer
(roles/gkemulticloud.viewer)
可以查看 Anthos 多云资源。
|
gkemulticloud.attachedClusters.generateInstallManifest
gkemulticloud.attachedClusters.get
gkemulticloud.attachedClusters.list
gkemulticloud.attachedClusters.listEffectiveTags
gkemulticloud.attachedClusters.listTagBindings
gkemulticloud.attachedServerConfigs.get
gkemulticloud.awsClusters.generateAccessToken
gkemulticloud.awsClusters.get
gkemulticloud.awsClusters.list
gkemulticloud.awsNodePools.get
gkemulticloud.awsNodePools.list
gkemulticloud.awsServerConfigs.get
gkemulticloud.azureClients.get
gkemulticloud.azureClients.list
gkemulticloud.azureClusters.generateAccessToken
gkemulticloud.azureClusters.get
gkemulticloud.azureClusters.list
gkemulticloud.azureNodePools.get
gkemulticloud.azureNodePools.list
gkemulticloud.azureServerConfigs.get
gkemulticloud.operations.get
gkemulticloud.operations.list
gkemulticloud.operations.wait
resourcemanager.projects.get
resourcemanager.projects.list
|
后续步骤
其他 IAM 角色(例如 Owner 和 Editor)包含 GKE on AWS 权限。如需了解详情,请参阅完整的 IAM 权限参考列表。
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-10-20。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-10-20。"],[],[]]
