Project: /speech-to-text/v2/docs/_project.yaml Book: /speech-to-text/v2/_book.yaml
This page shows how you can control Speech-to-Text access and permissions by using Identity and Access Management (IAM) roles and permissions.
Overview
Google Cloud offers Identity and Access Management (IAM), which lets you give more granular access to specific Google Cloud resources, and prevent unwanted access to other resources. For information about IAM, see Identity and Access Management documentation.
Speech-to-Text provides a set of predefined roles that help you control access to your Speech-to-Text resources. You can also create your own custom roles, if the predefined roles don't provide the sets of permissions you need.
The basic roles of Editor, Viewer, and Owner are also available,though they don't provide fine-grained control like the Speech-to-Text roles. In particular, the basic roles provide access to resources across Google Cloud. The roles specific to Speech-to-Text provide only Speech-to-Text permissions. For more information, see basic roles.
Predefined roles
Predefined roles provide finer-grained permissions to principals (individuals, groups, or service accounts). The role you grant to a principal controls what actions the principal can take. You can grant multiple roles to the same principal, and you can change the roles granted to a principal at any time, provided you have the permissions to do so.
Broader roles encompass the more narrowly defined roles. For example, the Speech-to-Text Editor role includes all Speech-to-Text Editor role permissions and the Speech-to-Text Viewer role permissions. Likewise, the Speech-to-Text Admin role includes all Speech-to-Text Admin role permissions and the Speech-to-Text Editor role permissions.
| Name | Speech-to-Text permissions ( speech.) |
Description |
|---|---|---|
| Project > Owner | All speech permissions |
Full access and control for all Google Cloud resources including user access and billing for a project |
| Project > Editor | All speech permissions except:config.update |
Read/write access to all Google Cloud and Speech-to-Text
resources except config.update and the ability to modify
permissions and billing |
| Project > Viewer |
*.get*.listrecognizers.recognize |
Read-only access to all Google Cloud resources, including Speech-to-Text resources, and permission to make recognition requests |
| Cloud Speech Administrator | All speech permissions |
Full control for all Speech-to-Text resources |
| Cloud Speech Editor |
customClasses.*locations.*operations.*phraseSets.*recognizers.* |
Read/write access to all Speech-to-Text resources except config |
| Cloud Speech Client |
customClasses.getcustomClasses.listlocations.getlocations.listoperations.getoperations.listphraseSets.getphraseSets.listrecognizers.getrecognizers.listrecognizers.recognize |
Read access to all Speech-to-Text resources |
Manage Speech-to-Text IAM
You can get and set IAM policies and roles by using the Google Cloud console. For more information, see Manage access to projects, folders, and organizations .
What's next
- Learn how to grant and revoke access.
- Learn more about IAM.
- Learn more about basic roles.
- Learn more about custom roles.