Identity and Access Management(IAM)のロールは、Managed Service for Microsoft Active Directory(マネージド Microsoft AD)API の使用方法について規定しています。以下は、マネージド Microsoft AD で使用できる各 IAM のロールと使用可能なメソッドの一覧です。
さらに、Managed Microsoft AD を表示して有効化するには、サービス アカウントに servicemanagement.services.bind
の権限が必要です。詳細については、サービス管理のロールと権限をご覧ください。
Role | Permissions |
---|---|
Google Cloud Managed Identities Admin( Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level. |
|
Google Cloud Managed Identities Backup Admin( Full access to Google Cloud Managed Identities Backup and related resources. Intended to be granted on a project-level |
|
Google Cloud Managed Identities Backup Viewer( Read-only access to Google Cloud Managed Identities Backup and related resources. |
|
Google Cloud Managed Identities Domain Admin( Read-Update-Delete to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a resource (domain) level. |
|
Google Cloud Managed Identities Domain Join Beta( Access to domain join VMs with Cloud AD |
|
Google Cloud Managed Identities Peering Admin( Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level |
|
Google Cloud Managed Identities Peering Viewer( Read-only access to Google Cloud Managed Identities Peering and related resources. |
|
Google Cloud Managed Identities Viewer( Read-only access to Google Cloud Managed Identities Domains and related resources. |
|
IAM ロールの詳細については、ロールについてをご覧ください。