使用 IAM 控管存取權
透過集合功能整理內容
你可以依據偏好儲存及分類內容。
本頁面說明 Application Design Center 的角色和權限。如要控管應用程式設計中心的存取權,請使用 Identity and Access Management (IAM) 為使用者、群組和服務帳戶指派角色。
預先定義的 App Design Center 角色
如要授予特定 Google Cloud 資源的存取權,並防止未經授權者存取其他資源,請在啟用應用程式的資料夾或管理專案中,指派 App Design Center 的預先定義角色:
使用下列 IAM 角色管理空間和製作範本:
- Application Design Center 管理員 (
roles/designcenter.admin)
- Application Design Center 使用者 (
roles/designcenter.user)
- Application Design Center 檢視者 (
roles/designcenter.viewer)
使用下列 IAM 角色建立應用程式設定,並管理部署生命週期:
- 應用程式管理員 (
roles/designcenter.applicationAdmin)
- 應用程式編輯者 (
roles/designcenter.applicationEditor)
- 應用程式檢視者 (
roles/designcenter.applicationViewer)
Application Design Center 管理員角色包含其他 Application Design Center 角色的所有權限。
App Design Center 角色說明
下表說明應用程式設計中心的角色和一般職責。
角色 |
說明 |
Purpose |
App Design Center 管理員 |
可建立及管理所有應用程式設計中心構件,並將應用程式控制權委派給其他使用者。 |
- 管理應用程式的完整生命週期。
- 通常是平台管理員,他們一般具有管理權限,且可全面掌握端對端架構。
|
App Design Center 使用者 |
可建立及更新應用程式範本。 |
- 擴大建立、更新或刪除應用程式範本的功能,減輕平台管理員的工作負擔。
- 通常是需要建立及管理應用程式範本的平台工程師。
|
App Design Center 檢視者 |
可查看空間、目錄、範本、應用程式及其屬性。 |
- 啟用空間、目錄、應用程式及其依附元件的基本瀏覽權限。
- 通常是機構內的大多數人員。為發揮最大效益,請將這個角色授予所有 App Design Center 使用者。
|
應用程式管理員 |
可建立、管理及部署應用程式,並將應用程式控制權委派給其他應用程式開發人員。 |
- 管理應用程式草稿和部署作業,以及附加儲存個別資源所需的服務專案。
- 通常是負責建立應用程式的管理員和開發人員。
|
應用程式編輯者 |
可建立、管理及部署應用程式。 |
- 擴展管理草稿和部署作業的功能,減輕應用程式管理員的工作負擔。
- 通常是應用程式營運商,對部署作業有深入瞭解。
|
應用程式檢視器 |
可查看應用程式。 |
- 啟用範本、應用程式及其依附元件的基本可見度。
- 通常是機構內的大多數人員。為發揮最大效益,請將這個角色授予所有 Application Design Center 使用者。
|
Application Design Center 權限
下表列出 App Design Center IAM 角色及其權限。
Application Design Center 管理員
Beta 版
(roles/designcenter.admin)
具備 Application Design Center 資源的完整存取權。
|
apphub.applications.create
apphub.applications.delete
apphub.applications.get
apphub.applications.list
apphub.applications.update
apphub.locations.*
apphub.locations.getapphub.locations.list
apphub.serviceProjectAttachments.list
cloudbuild.builds.get
cloudbuild.builds.list
config.deployments.get
config.deployments.getIamPolicy
config.deployments.list
config.locations.*
config.locations.getconfig.locations.list
config.operations.get
config.operations.list
config.previews.export
config.previews.get
config.previews.list
config.resources.*
config.resources.getconfig.resources.list
config.revisions.get
config.revisions.list
config.terraformversions.*
config.terraformversions.getconfig.terraformversions.list
designcenter.*
designcenter.applicationTemplateRevisions.deletedesigncenter.applicationTemplateRevisions.getdesigncenter.applicationTemplateRevisions.listdesigncenter.applicationTemplates.createdesigncenter.applicationTemplates.deletedesigncenter.applicationTemplates.getdesigncenter.applicationTemplates.listdesigncenter.applicationTemplates.updatedesigncenter.applications.createdesigncenter.applications.deletedesigncenter.applications.getdesigncenter.applications.listdesigncenter.applications.updatedesigncenter.catalogTemplateRevisions.createdesigncenter.catalogTemplateRevisions.deletedesigncenter.catalogTemplateRevisions.getdesigncenter.catalogTemplateRevisions.listdesigncenter.catalogTemplates.createdesigncenter.catalogTemplates.deletedesigncenter.catalogTemplates.getdesigncenter.catalogTemplates.listdesigncenter.catalogTemplates.updatedesigncenter.catalogs.createdesigncenter.catalogs.deletedesigncenter.catalogs.getdesigncenter.catalogs.listdesigncenter.catalogs.updatedesigncenter.components.createdesigncenter.components.deletedesigncenter.components.getdesigncenter.components.listdesigncenter.components.updatedesigncenter.connections.createdesigncenter.connections.deletedesigncenter.connections.getdesigncenter.connections.listdesigncenter.connections.updatedesigncenter.locations.getdesigncenter.locations.listdesigncenter.operations.canceldesigncenter.operations.deletedesigncenter.operations.getdesigncenter.operations.listdesigncenter.sharedTemplateRevisions.getdesigncenter.sharedTemplateRevisions.listdesigncenter.sharedTemplates.getdesigncenter.sharedTemplates.listdesigncenter.shares.createdesigncenter.shares.deletedesigncenter.shares.getdesigncenter.shares.listdesigncenter.spaces.createdesigncenter.spaces.deletedesigncenter.spaces.getdesigncenter.spaces.getIamPolicydesigncenter.spaces.listdesigncenter.spaces.setIamPolicydesigncenter.spaces.update
monitoring.timeSeries.create
orgpolicy.policy.get
resourcemanager.projects.get
resourcemanager.projects.list
storage.folders.*
storage.folders.createstorage.folders.deletestorage.folders.getstorage.folders.liststorage.folders.rename
storage.managedFolders.create
storage.managedFolders.delete
storage.managedFolders.get
storage.managedFolders.list
storage.multipartUploads.*
storage.multipartUploads.abortstorage.multipartUploads.createstorage.multipartUploads.liststorage.multipartUploads.listParts
storage.objects.create
storage.objects.createContext
storage.objects.delete
storage.objects.deleteContext
storage.objects.get
storage.objects.list
storage.objects.move
storage.objects.restore
storage.objects.update
storage.objects.updateContext
|
Application Design Center 使用者
Beta 版
(roles/designcenter.user)
可授予 Application Design Center 資源的唯讀存取權。
|
apphub.serviceProjectAttachments.list
designcenter.applicationTemplateRevisions.*
designcenter.applicationTemplateRevisions.deletedesigncenter.applicationTemplateRevisions.getdesigncenter.applicationTemplateRevisions.list
designcenter.applicationTemplates.*
designcenter.applicationTemplates.createdesigncenter.applicationTemplates.deletedesigncenter.applicationTemplates.getdesigncenter.applicationTemplates.listdesigncenter.applicationTemplates.update
designcenter.applications.get
designcenter.applications.list
designcenter.catalogTemplateRevisions.get
designcenter.catalogTemplateRevisions.list
designcenter.catalogTemplates.get
designcenter.catalogTemplates.list
designcenter.catalogs.get
designcenter.catalogs.list
designcenter.components.*
designcenter.components.createdesigncenter.components.deletedesigncenter.components.getdesigncenter.components.listdesigncenter.components.update
designcenter.connections.*
designcenter.connections.createdesigncenter.connections.deletedesigncenter.connections.getdesigncenter.connections.listdesigncenter.connections.update
designcenter.locations.*
designcenter.locations.getdesigncenter.locations.list
designcenter.operations.get
designcenter.operations.list
designcenter.sharedTemplateRevisions.*
designcenter.sharedTemplateRevisions.getdesigncenter.sharedTemplateRevisions.list
designcenter.sharedTemplates.*
designcenter.sharedTemplates.getdesigncenter.sharedTemplates.list
designcenter.shares.get
designcenter.shares.list
designcenter.spaces.get
designcenter.spaces.getIamPolicy
designcenter.spaces.list
monitoring.timeSeries.create
orgpolicy.policy.get
resourcemanager.projects.get
resourcemanager.projects.list
storage.folders.*
storage.folders.createstorage.folders.deletestorage.folders.getstorage.folders.liststorage.folders.rename
storage.managedFolders.create
storage.managedFolders.delete
storage.managedFolders.get
storage.managedFolders.list
storage.multipartUploads.*
storage.multipartUploads.abortstorage.multipartUploads.createstorage.multipartUploads.liststorage.multipartUploads.listParts
storage.objects.create
storage.objects.createContext
storage.objects.delete
storage.objects.deleteContext
storage.objects.get
storage.objects.list
storage.objects.move
storage.objects.restore
storage.objects.update
storage.objects.updateContext
|
Application Design Center 檢視者
Beta 版
(roles/designcenter.viewer)
可授予 Application Design Center 資源的唯讀存取權。
|
designcenter.applicationTemplateRevisions.get
designcenter.applicationTemplateRevisions.list
designcenter.applicationTemplates.get
designcenter.applicationTemplates.list
designcenter.applications.get
designcenter.applications.list
designcenter.catalogTemplateRevisions.get
designcenter.catalogTemplateRevisions.list
designcenter.catalogTemplates.get
designcenter.catalogTemplates.list
designcenter.catalogs.get
designcenter.catalogs.list
designcenter.components.get
designcenter.components.list
designcenter.connections.get
designcenter.connections.list
designcenter.locations.*
designcenter.locations.getdesigncenter.locations.list
designcenter.operations.get
designcenter.operations.list
designcenter.sharedTemplateRevisions.*
designcenter.sharedTemplateRevisions.getdesigncenter.sharedTemplateRevisions.list
designcenter.sharedTemplates.*
designcenter.sharedTemplates.getdesigncenter.sharedTemplates.list
designcenter.shares.get
designcenter.shares.list
designcenter.spaces.get
designcenter.spaces.getIamPolicy
designcenter.spaces.list
resourcemanager.projects.get
resourcemanager.projects.list
storage.folders.get
storage.folders.list
storage.managedFolders.get
storage.managedFolders.list
storage.objects.get
storage.objects.list
|
應用程式管理員
Beta 版
(roles/designcenter.applicationAdmin)
可授予應用程式的管理員存取權。
|
apphub.applications.create
apphub.applications.delete
apphub.applications.get
apphub.applications.list
apphub.applications.update
apphub.locations.*
apphub.locations.getapphub.locations.list
apphub.serviceProjectAttachments.list
cloudbuild.builds.get
cloudbuild.builds.list
config.deployments.get
config.deployments.getIamPolicy
config.deployments.list
config.locations.*
config.locations.getconfig.locations.list
config.operations.get
config.operations.list
config.previews.export
config.previews.get
config.previews.list
config.resources.*
config.resources.getconfig.resources.list
config.revisions.get
config.revisions.list
config.terraformversions.*
config.terraformversions.getconfig.terraformversions.list
designcenter.applicationTemplateRevisions.get
designcenter.applicationTemplateRevisions.list
designcenter.applicationTemplates.get
designcenter.applicationTemplates.list
designcenter.applications.*
designcenter.applications.createdesigncenter.applications.deletedesigncenter.applications.getdesigncenter.applications.listdesigncenter.applications.update
designcenter.sharedTemplateRevisions.*
designcenter.sharedTemplateRevisions.getdesigncenter.sharedTemplateRevisions.list
designcenter.sharedTemplates.*
designcenter.sharedTemplates.getdesigncenter.sharedTemplates.list
designcenter.shares.get
designcenter.shares.list
designcenter.spaces.get
designcenter.spaces.list
resourcemanager.projects.get
resourcemanager.projects.list
|
應用程式編輯者
Beta 版
(roles/designcenter.applicationEditor)
可授予應用程式的讀寫權限。
|
apphub.applications.create
apphub.applications.delete
apphub.applications.get
apphub.applications.list
apphub.applications.update
apphub.locations.*
apphub.locations.getapphub.locations.list
apphub.serviceProjectAttachments.list
cloudbuild.builds.get
cloudbuild.builds.list
config.deployments.get
config.deployments.getIamPolicy
config.deployments.list
config.locations.*
config.locations.getconfig.locations.list
config.operations.get
config.operations.list
config.previews.export
config.previews.get
config.previews.list
config.resources.*
config.resources.getconfig.resources.list
config.revisions.get
config.revisions.list
config.terraformversions.*
config.terraformversions.getconfig.terraformversions.list
designcenter.applicationTemplateRevisions.get
designcenter.applicationTemplateRevisions.list
designcenter.applicationTemplates.get
designcenter.applicationTemplates.list
designcenter.applications.*
designcenter.applications.createdesigncenter.applications.deletedesigncenter.applications.getdesigncenter.applications.listdesigncenter.applications.update
designcenter.sharedTemplateRevisions.*
designcenter.sharedTemplateRevisions.getdesigncenter.sharedTemplateRevisions.list
designcenter.sharedTemplates.*
designcenter.sharedTemplates.getdesigncenter.sharedTemplates.list
designcenter.shares.get
designcenter.shares.list
designcenter.spaces.get
designcenter.spaces.list
resourcemanager.projects.get
resourcemanager.projects.list
|
應用程式檢視者
Beta 版
(roles/designcenter.applicationViewer)
可授予應用程式的唯讀存取權。
|
apphub.applications.get
apphub.applications.list
apphub.locations.*
apphub.locations.getapphub.locations.list
config.deployments.get
config.deployments.getIamPolicy
config.deployments.list
config.locations.*
config.locations.getconfig.locations.list
config.operations.get
config.operations.list
config.previews.get
config.previews.list
config.resources.*
config.resources.getconfig.resources.list
config.revisions.get
config.revisions.list
config.terraformversions.*
config.terraformversions.getconfig.terraformversions.list
designcenter.applicationTemplateRevisions.get
designcenter.applicationTemplateRevisions.list
designcenter.applicationTemplates.get
designcenter.applicationTemplates.list
designcenter.applications.get
designcenter.applications.list
designcenter.sharedTemplateRevisions.*
designcenter.sharedTemplateRevisions.getdesigncenter.sharedTemplateRevisions.list
designcenter.sharedTemplates.*
designcenter.sharedTemplates.getdesigncenter.sharedTemplates.list
designcenter.shares.get
designcenter.shares.list
designcenter.spaces.get
designcenter.spaces.list
resourcemanager.projects.get
resourcemanager.projects.list
|
後續步驟
除非另有註明,否則本頁面中的內容是採用創用 CC 姓名標示 4.0 授權,程式碼範例則為阿帕契 2.0 授權。詳情請參閱《Google Developers 網站政策》。Java 是 Oracle 和/或其關聯企業的註冊商標。
上次更新時間:2025-12-16 (世界標準時間)。
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-12-16 (世界標準時間)。"],[],[]]
