Kontrol akses dengan IAM

Dengan Identity and Access Management (IAM), Anda dapat memberikan akses ke resource tertentu. Untuk memberikan akses ke resource, Anda memberikan peran tertentu kepada pengguna, yang memberi pengguna izin tertentu.

Halaman ini mencantumkan semua peran IAM Workload Manager dan izin yang diberikan oleh peran tersebut.

Peran Workload Manager

Role Permissions

(roles/workloadmanager.admin)

Full access to Workload Manager all resources.

compute.acceleratorTypes.list

compute.diskTypes.list

compute.machineTypes.list

compute.networks.list

compute.projects.get

compute.regions.list

compute.subnetworks.list

compute.zones.list

dns.managedZones.list

iam.serviceAccounts.list

monitoring.timeSeries.list

orgpolicy.policy.get

resourcemanager.projects.get

resourcemanager.projects.getIamPolicy

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

storage.buckets.list

storage.objects.list

workloadmanager.*

  • workloadmanager.actuations.create
  • workloadmanager.actuations.delete
  • workloadmanager.actuations.get
  • workloadmanager.actuations.list
  • workloadmanager.deployments.create
  • workloadmanager.deployments.delete
  • workloadmanager.deployments.get
  • workloadmanager.deployments.list
  • workloadmanager.discoveredprofiles.get
  • workloadmanager.discoveredprofiles.getHealth
  • workloadmanager.discoveredprofiles.list
  • workloadmanager.evaluations.create
  • workloadmanager.evaluations.delete
  • workloadmanager.evaluations.get
  • workloadmanager.evaluations.list
  • workloadmanager.evaluations.run
  • workloadmanager.evaluations.update
  • workloadmanager.executions.delete
  • workloadmanager.executions.get
  • workloadmanager.executions.list
  • workloadmanager.insights.export
  • workloadmanager.insights.listSapSystems
  • workloadmanager.insights.write
  • workloadmanager.locations.get
  • workloadmanager.locations.list
  • workloadmanager.operations.cancel
  • workloadmanager.operations.delete
  • workloadmanager.operations.get
  • workloadmanager.operations.list
  • workloadmanager.results.list
  • workloadmanager.rules.list

(roles/workloadmanager.deploymentAdmin)

Full access to Workload Manager deployment resources.

compute.acceleratorTypes.list

compute.diskTypes.list

compute.machineTypes.list

compute.networks.list

compute.projects.get

compute.regions.list

compute.subnetworks.list

compute.zones.list

dns.managedZones.list

iam.serviceAccounts.list

monitoring.timeSeries.list

resourcemanager.projects.get

resourcemanager.projects.getIamPolicy

resourcemanager.projects.list

serviceusage.quotas.get

serviceusage.services.get

storage.buckets.list

storage.objects.list

workloadmanager.actuations.*

  • workloadmanager.actuations.create
  • workloadmanager.actuations.delete
  • workloadmanager.actuations.get
  • workloadmanager.actuations.list

workloadmanager.deployments.*

  • workloadmanager.deployments.create
  • workloadmanager.deployments.delete
  • workloadmanager.deployments.get
  • workloadmanager.deployments.list

workloadmanager.locations.*

  • workloadmanager.locations.get
  • workloadmanager.locations.list

workloadmanager.operations.*

  • workloadmanager.operations.cancel
  • workloadmanager.operations.delete
  • workloadmanager.operations.get
  • workloadmanager.operations.list

(roles/workloadmanager.deploymentViewer)

Read-only access to Workload Manager deployment resources.

resourcemanager.projects.get

resourcemanager.projects.list

workloadmanager.actuations.get

workloadmanager.actuations.list

workloadmanager.deployments.get

workloadmanager.deployments.list

(roles/workloadmanager.evaluationAdmin)

Full access to Workload Manager evaluation resources.

orgpolicy.policy.get

resourcemanager.projects.get

resourcemanager.projects.list

workloadmanager.evaluations.*

  • workloadmanager.evaluations.create
  • workloadmanager.evaluations.delete
  • workloadmanager.evaluations.get
  • workloadmanager.evaluations.list
  • workloadmanager.evaluations.run
  • workloadmanager.evaluations.update

workloadmanager.executions.*

  • workloadmanager.executions.delete
  • workloadmanager.executions.get
  • workloadmanager.executions.list

workloadmanager.locations.*

  • workloadmanager.locations.get
  • workloadmanager.locations.list

workloadmanager.operations.*

  • workloadmanager.operations.cancel
  • workloadmanager.operations.delete
  • workloadmanager.operations.get
  • workloadmanager.operations.list

workloadmanager.results.list

workloadmanager.rules.list

(roles/workloadmanager.evaluationViewer)

Read-only access to Workload Manager evaluation resources.

orgpolicy.policy.get

resourcemanager.projects.get

resourcemanager.projects.list

workloadmanager.evaluations.get

workloadmanager.evaluations.list

workloadmanager.executions.get

workloadmanager.executions.list

workloadmanager.results.list

workloadmanager.rules.list

(roles/workloadmanager.insightWriter)

The role used to write data to WLM data warehouse.

workloadmanager.insights.write

(roles/workloadmanager.serviceAgent)

Gives Workload Manager Service Agent access to CAI export functions and Cloud Monitoring.

cloudasset.assets.exportAccessPolicy

cloudasset.assets.exportIamPolicy

cloudasset.assets.exportOSInventories

cloudasset.assets.exportOrgPolicy

cloudasset.assets.exportResource

cloudasset.assets.listAccessPolicy

cloudasset.assets.listIamPolicy

cloudasset.assets.listOSInventories

cloudasset.assets.listOrgPolicy

cloudasset.assets.listResource

cloudasset.assets.searchAllResources

config.deployments.create

config.deployments.delete

config.deployments.get

config.deployments.list

config.deployments.update

config.locations.*

  • config.locations.get
  • config.locations.list

config.operations.*

  • config.operations.cancel
  • config.operations.delete
  • config.operations.get
  • config.operations.list

config.resources.list

config.revisions.get

config.revisions.list

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.list

serviceusage.services.use

workloadmanager.insights.export

workloadmanager.insights.listSapSystems

(roles/workloadmanager.viewer)

Read-only access to Workload Manager all resources.

orgpolicy.policy.get

resourcemanager.projects.get

resourcemanager.projects.list

workloadmanager.actuations.get

workloadmanager.actuations.list

workloadmanager.deployments.get

workloadmanager.deployments.list

workloadmanager.discoveredprofiles.*

  • workloadmanager.discoveredprofiles.get
  • workloadmanager.discoveredprofiles.getHealth
  • workloadmanager.discoveredprofiles.list

workloadmanager.evaluations.get

workloadmanager.evaluations.list

workloadmanager.executions.get

workloadmanager.executions.list

workloadmanager.results.list

workloadmanager.rules.list

(roles/workloadmanager.worker)

The role used by Workload Manager application runners to read and update workloads.

orgpolicy.policy.get

resourcemanager.projects.get

resourcemanager.projects.list

workloadmanager.actuations.*

  • workloadmanager.actuations.create
  • workloadmanager.actuations.delete
  • workloadmanager.actuations.get
  • workloadmanager.actuations.list

workloadmanager.deployments.*

  • workloadmanager.deployments.create
  • workloadmanager.deployments.delete
  • workloadmanager.deployments.get
  • workloadmanager.deployments.list

workloadmanager.discoveredprofiles.*

  • workloadmanager.discoveredprofiles.get
  • workloadmanager.discoveredprofiles.getHealth
  • workloadmanager.discoveredprofiles.list

workloadmanager.evaluations.*

  • workloadmanager.evaluations.create
  • workloadmanager.evaluations.delete
  • workloadmanager.evaluations.get
  • workloadmanager.evaluations.list
  • workloadmanager.evaluations.run
  • workloadmanager.evaluations.update

workloadmanager.executions.*

  • workloadmanager.executions.delete
  • workloadmanager.executions.get
  • workloadmanager.executions.list

workloadmanager.insights.write

workloadmanager.results.list

workloadmanager.rules.list

(roles/workloadmanager.workloadViewer)

The role used to view the workload related data.

resourcemanager.projects.get

resourcemanager.projects.list

workloadmanager.discoveredprofiles.*

  • workloadmanager.discoveredprofiles.get
  • workloadmanager.discoveredprofiles.getHealth
  • workloadmanager.discoveredprofiles.list

Izin Workload Manager

Izin Termasuk dalam peran

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Workload Manager Deployment Viewer (roles/workloadmanager.deploymentViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Workload Manager Deployment Viewer (roles/workloadmanager.deploymentViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Workload Manager Deployment Viewer (roles/workloadmanager.deploymentViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Workload Manager Deployment Viewer (roles/workloadmanager.deploymentViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Workload Manager Workload Viewer (roles/workloadmanager.workloadViewer)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Workload Manager Workload Viewer (roles/workloadmanager.workloadViewer)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Workload Manager Workload Viewer (roles/workloadmanager.workloadViewer)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Workload Manager Evaluation Viewer (roles/workloadmanager.evaluationViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Workload Manager Evaluation Viewer (roles/workloadmanager.evaluationViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Workload Manager Evaluation Viewer (roles/workloadmanager.evaluationViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Workload Manager Evaluation Viewer (roles/workloadmanager.evaluationViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Peran agen layanan

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Peran agen layanan

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Workload Manager Insights Writer (roles/workloadmanager.insightWriter)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pemilik (roles/owner)

Editor (roles/editor)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Deployment Workload Manager (roles/workloadmanager.deploymentAdmin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Workload Manager Evaluation Viewer (roles/workloadmanager.evaluationViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Pemilik (roles/owner)

Editor (roles/editor)

Viewer (roles/viewer)

Security Admin (roles/iam.securityAdmin)

Auditor Keamanan (roles/iam.securityAuditor)

Security Reviewer (roles/iam.securityReviewer)

Support User (roles/iam.supportUser)

Workload Manager Admin (roles/workloadmanager.admin)

Admin Evaluasi Workload Manager (roles/workloadmanager.evaluationAdmin)

Workload Manager Evaluation Viewer (roles/workloadmanager.evaluationViewer)

Workload Manager Viewer (roles/workloadmanager.viewer)

Pekerja Workload Manager (roles/workloadmanager.worker)

Langkah berikutnya