角色与权限

本页面介绍了 Cloud Storage 中所需的 Identity and Access Management (IAM) 角色和权限, 设置安全 Web 代理实例。

您可以授予用户或服务账号权限或预定义角色,也可以创建使用所指定权限的自定义角色。 下表介绍了 IAM 预定义角色及其关联的权限。

如需了解详情,请参阅 IAM 权限参考

说明 角色 权限(方法)
预配和管理安全 Web 代理实例

创建具有指定权限的自定义角色。如需了解如何创建自定义角色,请参阅创建自定义角色
  • certificatemanager.certs.get
  • certificatemanager.certs.list
  • certificatemanager.certs.use
  • compute.addresses.create
  • compute.addresses.createInternal
  • compute.addresses.list
  • compute.instances.update
  • compute.networks.get
  • compute.networks.list
  • compute.projects.get
  • compute.projects.get
  • compute.regionOperations.get
  • compute.regionOperations.wait
  • compute.routers.create
  • compute.routers.delete
  • compute.routers.get
  • compute.routers.list
  • compute.routers.update
  • compute.subnetworks.get
  • compute.subnetworks.list
  • networksecurity.GatewaySecurityPolicies.get
  • networksecurity.GatewaySecurityPolicies.list
  • networksecurity.GatewaySecurityPolicies.use
  • networksecurity.GatewaySecurityPolicyRules.get
  • networksecurity.GatewaySecurityPolicyRules.list
  • networksecurity.locations.list
  • networksecurity.urlLists.get
  • networksecurity.urlLists.list
  • networksecurity.urlLists.use
  • networkservices.gateways.create
  • networkservices.gateways.delete
  • networkservices.gateways.get
  • networkservices.gateways.list
  • networkservices.gateways.update
  • networkservices.gateways.use
  • networkservices.locations.list
  • networkservices.operations.get
  • networkservices.operations.list
  • resourcemanager.projects.get
  • resourcemanager.projects.list
  • serviceusage.quotas.get
  • serviceusage.services.get
  • serviceusage.services.list
查看、创建、更新、列出和删除安全 Web 代理政策

创建具有指定权限的自定义角色。如需了解如何创建自定义角色,请参阅创建自定义角色
  • networksecurity.gatewaySecurityPolicies.create
  • networksecurity.gatewaySecurityPolicies.delete
  • networksecurity.gatewaySecurityPolicies.get
  • networksecurity.gatewaySecurityPolicies.list
  • networksecurity.gatewaySecurityPolicies.update
  • networksecurity.gatewaySecurityPolicyRules.create
  • networksecurity.gatewaySecurityPolicyRules.delete
  • networksecurity.gatewaySecurityPolicyRules.get
  • networksecurity.gatewaySecurityPolicyRules.list
  • networksecurity.gatewaySecurityPolicyRules.update
  • networksecurity.operations.get
  • networksecurity.tlsInspectionPolicies.list
  • networksecurity.tlsInspectionPolicies.use
  • networksecurity.urlLists.create
  • networksecurity.urlLists.delete
  • networksecurity.urlLists.get
  • networksecurity.urlLists.list
  • networksecurity.urlLists.update
  • networksecurity.urlLists.use

如需详细了解项目角色和权限,请参阅以下内容:

后续步骤