這份說明文件介紹的產品「GKE on AWS」現已進入
維護模式,並將於 2027 年 3 月 17 日關閉。
API 角色和權限
AWS 上的 GKE 具有特定的 Identity and Access Management (IAM) 權限。下表說明這些權限。如需管理權限的操作說明,請參閱「授予、變更及撤銷資源存取權」。
GKE on AWS API 權限
GKE on AWS API 包含預先定義的 gkemulticloud.viewer 和 gkemulticloud.admin 角色。下表說明這些角色:
| 角色 |
權限 |
Anthos 多雲端管理員
(roles/gkemulticloud.admin)
具備 Anthos 多雲端資源的管理員存取權。
|
gkemulticloud.*
gkemulticloud.attachedClusters.creategkemulticloud.attachedClusters.createTagBindinggkemulticloud.attachedClusters.deletegkemulticloud.attachedClusters.deleteTagBindinggkemulticloud.attachedClusters.generateInstallManifestgkemulticloud.attachedClusters.getgkemulticloud.attachedClusters.importgkemulticloud.attachedClusters.listgkemulticloud.attachedClusters.listEffectiveTagsgkemulticloud.attachedClusters.listTagBindingsgkemulticloud.attachedClusters.updategkemulticloud.attachedServerConfigs.getgkemulticloud.awsClusters.creategkemulticloud.awsClusters.deletegkemulticloud.awsClusters.generateAccessTokengkemulticloud.awsClusters.getgkemulticloud.awsClusters.getAdminKubeconfiggkemulticloud.awsClusters.listgkemulticloud.awsClusters.updategkemulticloud.awsNodePools.creategkemulticloud.awsNodePools.deletegkemulticloud.awsNodePools.getgkemulticloud.awsNodePools.listgkemulticloud.awsNodePools.updategkemulticloud.awsServerConfigs.getgkemulticloud.azureClients.creategkemulticloud.azureClients.deletegkemulticloud.azureClients.getgkemulticloud.azureClients.listgkemulticloud.azureClusters.creategkemulticloud.azureClusters.deletegkemulticloud.azureClusters.generateAccessTokengkemulticloud.azureClusters.getgkemulticloud.azureClusters.getAdminKubeconfiggkemulticloud.azureClusters.listgkemulticloud.azureClusters.updategkemulticloud.azureNodePools.creategkemulticloud.azureNodePools.deletegkemulticloud.azureNodePools.getgkemulticloud.azureNodePools.listgkemulticloud.azureNodePools.updategkemulticloud.azureServerConfigs.getgkemulticloud.operations.cancelgkemulticloud.operations.deletegkemulticloud.operations.getgkemulticloud.operations.listgkemulticloud.operations.wait
resourcemanager.projects.get
resourcemanager.projects.list
|
Anthos 多雲端檢視者
(roles/gkemulticloud.viewer)
具備 Anthos 多雲端資源的檢視者權限。
|
gkemulticloud.attachedClusters.generateInstallManifest
gkemulticloud.attachedClusters.get
gkemulticloud.attachedClusters.list
gkemulticloud.attachedClusters.listEffectiveTags
gkemulticloud.attachedClusters.listTagBindings
gkemulticloud.attachedServerConfigs.get
gkemulticloud.awsClusters.generateAccessToken
gkemulticloud.awsClusters.get
gkemulticloud.awsClusters.list
gkemulticloud.awsNodePools.get
gkemulticloud.awsNodePools.list
gkemulticloud.awsServerConfigs.get
gkemulticloud.azureClients.get
gkemulticloud.azureClients.list
gkemulticloud.azureClusters.generateAccessToken
gkemulticloud.azureClusters.get
gkemulticloud.azureClusters.list
gkemulticloud.azureNodePools.get
gkemulticloud.azureNodePools.list
gkemulticloud.azureServerConfigs.get
gkemulticloud.operations.get
gkemulticloud.operations.list
gkemulticloud.operations.wait
resourcemanager.projects.get
resourcemanager.projects.list
|
後續步驟
擁有者和編輯者等其他 IAM 角色也包含 GKE on AWS 權限。詳情請參閱完整的 IAM 權限參考資料清單。
除非另有註明,否則本頁面中的內容是採用創用 CC 姓名標示 4.0 授權,程式碼範例則為阿帕契 2.0 授權。詳情請參閱《Google Developers 網站政策》。Java 是 Oracle 和/或其關聯企業的註冊商標。
上次更新時間:2025-10-20 (世界標準時間)。
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-10-20 (世界標準時間)。"],[],[]]
