La disponibilidad de Solución Bare Metal está pasando a un modelo especializado que solo permite el acceso a través de una lista de permitidos. Si ya eres cliente, ponte en contacto con el equipo de tu cuenta de Google para descubrir las ventajas de migrar a las nuevas ofertas de la colaboración estratégica entre Oracle y Google Cloud.

Configurar la gestión de identidades y accesos en la solución Bare Metal

Si quieres que un principal, como un usuario de un proyecto o una cuenta de servicio, acceda a los recursos de tu entorno de Bare Metal Solution, debes asignarle los roles y permisos adecuados. Google Cloud Para conceder acceso, puedes crear una política de Gestión de Identidades y Accesos (IAM) y asignar roles predefinidos específicos de Bare Metal Solution.

Concede roles con permisos suficientes para que tus principales puedan hacer su trabajo, pero no más, de forma que puedas seguir el Google Cloud principio de seguridad de mínimos accesos.

Roles predefinidos de Solución Bare Metal

Cada rol de gestión de identidades y accesos de Bare Metal Solution contiene permisos que dan a la entidad principal acceso a recursos específicos, como se muestra en la siguiente tabla.

Role Permissions

Role	Permissions
Bare Metal Solution Admin (`roles/baremetalsolution.admin`) Administrator of Bare Metal Solution resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.` `baremetalsolution.instances.attachNetwork` `baremetalsolution.instances.attachVolume` `baremetalsolution.instances.create` `baremetalsolution.instances.detachLun` `baremetalsolution.instances.detachNetwork` `baremetalsolution.instances.detachVolume` `baremetalsolution.instances.disableInteractiveSerialConsole` `baremetalsolution.instances.enableInteractiveSerialConsole` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.instances.rename` `baremetalsolution.instances.reset` `baremetalsolution.instances.start` `baremetalsolution.instances.stop` `baremetalsolution.instances.update` `baremetalsolution.luns.` `baremetalsolution.luns.create` `baremetalsolution.luns.delete` `baremetalsolution.luns.evict` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.luns.update` `baremetalsolution.maintenanceevents.` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list` `baremetalsolution.networkquotas.list` `baremetalsolution.networks.` `baremetalsolution.networks.create` `baremetalsolution.networks.delete` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.networks.rename` `baremetalsolution.networks.update` `baremetalsolution.nfsshares.` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list` `baremetalsolution.snapshotschedulepolicies.` `baremetalsolution.snapshotschedulepolicies.create` `baremetalsolution.snapshotschedulepolicies.delete` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.snapshotschedulepolicies.update` `baremetalsolution.sshKeys.` `baremetalsolution.sshKeys.create` `baremetalsolution.sshKeys.delete` `baremetalsolution.sshKeys.list` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Editor (`roles/baremetalsolution.editor`) Editor of Bare Metal Solution resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.` `baremetalsolution.instances.attachNetwork` `baremetalsolution.instances.attachVolume` `baremetalsolution.instances.create` `baremetalsolution.instances.detachLun` `baremetalsolution.instances.detachNetwork` `baremetalsolution.instances.detachVolume` `baremetalsolution.instances.disableInteractiveSerialConsole` `baremetalsolution.instances.enableInteractiveSerialConsole` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.instances.rename` `baremetalsolution.instances.reset` `baremetalsolution.instances.start` `baremetalsolution.instances.stop` `baremetalsolution.instances.update` `baremetalsolution.luns.` `baremetalsolution.luns.create` `baremetalsolution.luns.delete` `baremetalsolution.luns.evict` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.luns.update` `baremetalsolution.maintenanceevents.` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list` `baremetalsolution.networkquotas.list` `baremetalsolution.networks.` `baremetalsolution.networks.create` `baremetalsolution.networks.delete` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.networks.rename` `baremetalsolution.networks.update` `baremetalsolution.nfsshares.` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list` `baremetalsolution.snapshotschedulepolicies.` `baremetalsolution.snapshotschedulepolicies.create` `baremetalsolution.snapshotschedulepolicies.delete` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.snapshotschedulepolicies.update` `baremetalsolution.sshKeys.` `baremetalsolution.sshKeys.create` `baremetalsolution.sshKeys.delete` `baremetalsolution.sshKeys.list` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Viewer (`roles/baremetalsolution.viewer`) Viewer of Bare Metal Solution resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list` `baremetalsolution.networkquotas.list` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.sshKeys.list` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Instances Admin (`roles/baremetalsolution.instancesadmin`) Admin of Bare Metal Solution Instance resources	`baremetalsolution.instances.*` `baremetalsolution.instances.attachNetwork` `baremetalsolution.instances.attachVolume` `baremetalsolution.instances.create` `baremetalsolution.instances.detachLun` `baremetalsolution.instances.detachNetwork` `baremetalsolution.instances.detachVolume` `baremetalsolution.instances.disableInteractiveSerialConsole` `baremetalsolution.instances.enableInteractiveSerialConsole` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.instances.rename` `baremetalsolution.instances.reset` `baremetalsolution.instances.start` `baremetalsolution.instances.stop` `baremetalsolution.instances.update` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Instances Viewer (`roles/baremetalsolution.instancesviewer`) Viewer of Bare Metal Solution Instance resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.operations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Luns Admin (`roles/baremetalsolution.lunsadmin`) Administrator of Bare Metal Solution Lun resources	`baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.operations.get`
Luns Viewer (`roles/baremetalsolution.lunsviewer`) Viewer of Bare Metal Solution Lun resources	`baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.operations.get`
Maintenance Events Admin (`roles/baremetalsolution.maintenanceeventsadmin`) Administrator of Bare Metal Solution maintenance events resources	`baremetalsolution.maintenanceevents.*` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list`
Maintenance Events Editor (`roles/baremetalsolution.maintenanceeventseditor`) Editor of Bare Metal Solution maintenance events resources	`baremetalsolution.maintenanceevents.*` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list`
Maintenance Events Viewer (`roles/baremetalsolution.maintenanceeventsviewer`) Viewer of Bare Metal Solution maintenance events resources	`baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list`
Networks Admin (`roles/baremetalsolution.networksadmin`) Admin of Bare Metal Solution networks resources	`baremetalsolution.networkquotas.list` `baremetalsolution.networks.*` `baremetalsolution.networks.create` `baremetalsolution.networks.delete` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.networks.rename` `baremetalsolution.networks.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list`
NFS Shares Admin (`roles/baremetalsolution.nfssharesadmin`) Administrator of Bare Metal Solution NFS Share resources	`baremetalsolution.nfsshares.*` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list`
NFS Shares Editor (`roles/baremetalsolution.nfsshareseditor`) Editor of Bare Metal Solution NFS Share resources	`baremetalsolution.nfsshares.*` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list`
NFS Shares Viewer (`roles/baremetalsolution.nfssharesviewer`) Viewer of Bare Metal Solution NFS Share resources	`baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.operations.get`
OS Images Viewer (`roles/baremetalsolution.osimagesviewer`) Viewer of Bare Metal Solution OS images resources	`baremetalsolution.osimages.list`
Bare Metal Solution Procurements Admin (`roles/baremetalsolution.procurementsadmin`) Administrator of Bare Metal Solution Procurements	`baremetalsolution.pods.list` `baremetalsolution.procurements.*` `baremetalsolution.procurements.create` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list`
Bare Metal Solution Procurements Editor (`roles/baremetalsolution.procurementseditor`) Editor of Bare Metal Solution Procurements	`baremetalsolution.pods.list` `baremetalsolution.procurements.*` `baremetalsolution.procurements.create` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list`
Bare Metal Solution Procurements Viewer (`roles/baremetalsolution.procurementsviewer`) Viewer of Bare Metal Solution Procurements	`baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list`
Bare Metal Solution Storage Admin (`roles/baremetalsolution.storageadmin`) Administrator of Bare Metal Solution storage resources	`baremetalsolution.luns.` `baremetalsolution.luns.create` `baremetalsolution.luns.delete` `baremetalsolution.luns.evict` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.luns.update` `baremetalsolution.nfsshares.` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list` `baremetalsolution.snapshotschedulepolicies.` `baremetalsolution.snapshotschedulepolicies.create` `baremetalsolution.snapshotschedulepolicies.delete` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.snapshotschedulepolicies.update` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore` `resourcemanager.projects.get` `resourcemanager.projects.list`
Volume Admin (`roles/baremetalsolution.volumesadmin`) Administrator of Bare Metal Solution volume resources	`baremetalsolution.operations.get` `baremetalsolution.pods.list` `baremetalsolution.volumes.*` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update`
Volumes Editor (`roles/baremetalsolution.volumeseditor`) Editor of Bare Metal Solution volumes resources	`baremetalsolution.operations.get` `baremetalsolution.pods.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update`
Snapshots Admin (`roles/baremetalsolution.volumesnapshotsadmin`) Administrator of Bare Metal Solution snapshots resources	`baremetalsolution.operations.get` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore`
Snapshots Editor (`roles/baremetalsolution.volumesnapshotseditor`) Editor of Bare Metal Solution snapshots resources	`baremetalsolution.operations.get` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list`
Snapshots Viewer (`roles/baremetalsolution.volumesnapshotsviewer`) Viewer of Bare Metal Solution snapshots resources	`baremetalsolution.operations.get` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list`
Volumes Viewer (`roles/baremetalsolution.volumessviewer`) Viewer of Bare Metal Solution volumes resources	`baremetalsolution.operations.get` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list`

Bare Metal Solution Admin

(roles/baremetalsolution.admin)

Administrator of Bare Metal Solution resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.*

baremetalsolution.instances.attachNetwork
baremetalsolution.instances.attachVolume
baremetalsolution.instances.create
baremetalsolution.instances.detachLun
baremetalsolution.instances.detachNetwork
baremetalsolution.instances.detachVolume
baremetalsolution.instances.disableInteractiveSerialConsole
baremetalsolution.instances.enableInteractiveSerialConsole
baremetalsolution.instances.get
baremetalsolution.instances.list
baremetalsolution.instances.rename
baremetalsolution.instances.reset
baremetalsolution.instances.start
baremetalsolution.instances.stop
baremetalsolution.instances.update

baremetalsolution.luns.*

baremetalsolution.luns.create
baremetalsolution.luns.delete
baremetalsolution.luns.evict
baremetalsolution.luns.get
baremetalsolution.luns.list
baremetalsolution.luns.update

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

baremetalsolution.networkquotas.list

baremetalsolution.networks.*

baremetalsolution.networks.create
baremetalsolution.networks.delete
baremetalsolution.networks.get
baremetalsolution.networks.list
baremetalsolution.networks.rename
baremetalsolution.networks.update

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

baremetalsolution.snapshotschedulepolicies.*

baremetalsolution.snapshotschedulepolicies.create
baremetalsolution.snapshotschedulepolicies.delete
baremetalsolution.snapshotschedulepolicies.get
baremetalsolution.snapshotschedulepolicies.list
baremetalsolution.snapshotschedulepolicies.update

baremetalsolution.sshKeys.*

baremetalsolution.sshKeys.create
baremetalsolution.sshKeys.delete
baremetalsolution.sshKeys.list

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Editor

(roles/baremetalsolution.editor)

Editor of Bare Metal Solution resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.*

baremetalsolution.instances.attachNetwork
baremetalsolution.instances.attachVolume
baremetalsolution.instances.create
baremetalsolution.instances.detachLun
baremetalsolution.instances.detachNetwork
baremetalsolution.instances.detachVolume
baremetalsolution.instances.disableInteractiveSerialConsole
baremetalsolution.instances.enableInteractiveSerialConsole
baremetalsolution.instances.get
baremetalsolution.instances.list
baremetalsolution.instances.rename
baremetalsolution.instances.reset
baremetalsolution.instances.start
baremetalsolution.instances.stop
baremetalsolution.instances.update

baremetalsolution.luns.*

baremetalsolution.luns.create
baremetalsolution.luns.delete
baremetalsolution.luns.evict
baremetalsolution.luns.get
baremetalsolution.luns.list
baremetalsolution.luns.update

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

baremetalsolution.networkquotas.list

baremetalsolution.networks.*

baremetalsolution.networks.create
baremetalsolution.networks.delete
baremetalsolution.networks.get
baremetalsolution.networks.list
baremetalsolution.networks.rename
baremetalsolution.networks.update

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

baremetalsolution.snapshotschedulepolicies.*

baremetalsolution.snapshotschedulepolicies.create
baremetalsolution.snapshotschedulepolicies.delete
baremetalsolution.snapshotschedulepolicies.get
baremetalsolution.snapshotschedulepolicies.list
baremetalsolution.snapshotschedulepolicies.update

baremetalsolution.sshKeys.*

baremetalsolution.sshKeys.create
baremetalsolution.sshKeys.delete
baremetalsolution.sshKeys.list

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Viewer

(roles/baremetalsolution.viewer)

Viewer of Bare Metal Solution resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.get

baremetalsolution.instances.list

baremetalsolution.luns.get

baremetalsolution.luns.list

baremetalsolution.maintenanceevents.get

baremetalsolution.maintenanceevents.list

baremetalsolution.networkquotas.list

baremetalsolution.networks.get

baremetalsolution.networks.list

baremetalsolution.nfsshares.get

baremetalsolution.nfsshares.list

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

baremetalsolution.snapshotschedulepolicies.get

baremetalsolution.snapshotschedulepolicies.list

baremetalsolution.sshKeys.list

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.get

baremetalsolution.volumes.list

baremetalsolution.volumesnapshots.get

baremetalsolution.volumesnapshots.list

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Instances Admin

(roles/baremetalsolution.instancesadmin)

Admin of Bare Metal Solution Instance resources

baremetalsolution.instances.*

baremetalsolution.instances.attachNetwork
baremetalsolution.instances.attachVolume
baremetalsolution.instances.create
baremetalsolution.instances.detachLun
baremetalsolution.instances.detachNetwork
baremetalsolution.instances.detachVolume
baremetalsolution.instances.disableInteractiveSerialConsole
baremetalsolution.instances.enableInteractiveSerialConsole
baremetalsolution.instances.get
baremetalsolution.instances.list
baremetalsolution.instances.rename
baremetalsolution.instances.reset
baremetalsolution.instances.start
baremetalsolution.instances.stop
baremetalsolution.instances.update

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Instances Viewer

(roles/baremetalsolution.instancesviewer)

Viewer of Bare Metal Solution Instance resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.get

baremetalsolution.instances.list

baremetalsolution.operations.get

resourcemanager.projects.get

resourcemanager.projects.list

Luns Admin

(roles/baremetalsolution.lunsadmin)

Administrator of Bare Metal Solution Lun resources

baremetalsolution.luns.get

baremetalsolution.luns.list

baremetalsolution.operations.get

Luns Viewer

(roles/baremetalsolution.lunsviewer)

Viewer of Bare Metal Solution Lun resources

baremetalsolution.luns.get

baremetalsolution.luns.list

baremetalsolution.operations.get

Maintenance Events Admin

(roles/baremetalsolution.maintenanceeventsadmin)

Administrator of Bare Metal Solution maintenance events resources

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

Maintenance Events Editor

(roles/baremetalsolution.maintenanceeventseditor)

Editor of Bare Metal Solution maintenance events resources

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

Maintenance Events Viewer

(roles/baremetalsolution.maintenanceeventsviewer)

Viewer of Bare Metal Solution maintenance events resources

baremetalsolution.maintenanceevents.get

baremetalsolution.maintenanceevents.list

Networks Admin

(roles/baremetalsolution.networksadmin)

Admin of Bare Metal Solution networks resources

baremetalsolution.networkquotas.list

baremetalsolution.networks.*

baremetalsolution.networks.create
baremetalsolution.networks.delete
baremetalsolution.networks.get
baremetalsolution.networks.list
baremetalsolution.networks.rename
baremetalsolution.networks.update

baremetalsolution.operations.get

baremetalsolution.pods.list

NFS Shares Admin

(roles/baremetalsolution.nfssharesadmin)

Administrator of Bare Metal Solution NFS Share resources

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.pods.list

NFS Shares Editor

(roles/baremetalsolution.nfsshareseditor)

Editor of Bare Metal Solution NFS Share resources

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.pods.list

NFS Shares Viewer

(roles/baremetalsolution.nfssharesviewer)

Viewer of Bare Metal Solution NFS Share resources

baremetalsolution.nfsshares.get

baremetalsolution.nfsshares.list

baremetalsolution.operations.get

OS Images Viewer

(roles/baremetalsolution.osimagesviewer)

Viewer of Bare Metal Solution OS images resources

baremetalsolution.osimages.list

Bare Metal Solution Procurements Admin

(roles/baremetalsolution.procurementsadmin)

Administrator of Bare Metal Solution Procurements

baremetalsolution.pods.list

baremetalsolution.procurements.*

baremetalsolution.procurements.create
baremetalsolution.procurements.get
baremetalsolution.procurements.list

baremetalsolution.skus.list

Bare Metal Solution Procurements Editor

(roles/baremetalsolution.procurementseditor)

Editor of Bare Metal Solution Procurements

baremetalsolution.pods.list

baremetalsolution.procurements.*

baremetalsolution.procurements.create
baremetalsolution.procurements.get
baremetalsolution.procurements.list

baremetalsolution.skus.list

Bare Metal Solution Procurements Viewer

(roles/baremetalsolution.procurementsviewer)

Viewer of Bare Metal Solution Procurements

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

Bare Metal Solution Storage Admin

(roles/baremetalsolution.storageadmin)

Administrator of Bare Metal Solution storage resources

baremetalsolution.luns.*

baremetalsolution.luns.create
baremetalsolution.luns.delete
baremetalsolution.luns.evict
baremetalsolution.luns.get
baremetalsolution.luns.list
baremetalsolution.luns.update

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.pods.list

baremetalsolution.snapshotschedulepolicies.*

baremetalsolution.snapshotschedulepolicies.create
baremetalsolution.snapshotschedulepolicies.delete
baremetalsolution.snapshotschedulepolicies.get
baremetalsolution.snapshotschedulepolicies.list
baremetalsolution.snapshotschedulepolicies.update

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

resourcemanager.projects.get

resourcemanager.projects.list

Volume Admin

(roles/baremetalsolution.volumesadmin)

Administrator of Bare Metal Solution volume resources

baremetalsolution.operations.get

baremetalsolution.pods.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

Volumes Editor

(roles/baremetalsolution.volumeseditor)

Editor of Bare Metal Solution volumes resources

baremetalsolution.operations.get

baremetalsolution.pods.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.create

baremetalsolution.volumes.delete

baremetalsolution.volumes.get

baremetalsolution.volumes.list

baremetalsolution.volumes.rename

baremetalsolution.volumes.resize

baremetalsolution.volumes.update

Snapshots Admin

(roles/baremetalsolution.volumesnapshotsadmin)

Administrator of Bare Metal Solution snapshots resources

baremetalsolution.operations.get

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

Snapshots Editor

(roles/baremetalsolution.volumesnapshotseditor)

Editor of Bare Metal Solution snapshots resources

baremetalsolution.operations.get

baremetalsolution.volumesnapshots.create

baremetalsolution.volumesnapshots.delete

baremetalsolution.volumesnapshots.get

baremetalsolution.volumesnapshots.list

Snapshots Viewer

(roles/baremetalsolution.volumesnapshotsviewer)

Viewer of Bare Metal Solution snapshots resources

baremetalsolution.operations.get

baremetalsolution.volumesnapshots.get

baremetalsolution.volumesnapshots.list

Volumes Viewer

(roles/baremetalsolution.volumessviewer)

Viewer of Bare Metal Solution volumes resources

baremetalsolution.operations.get

baremetalsolution.volumes.get

baremetalsolution.volumes.list

Service agent roles

Service agent roles should only be granted to service agents.

Role Permissions

Role	Permissions
Bare Metal Solution Service Agent (`roles/baremetalsolution.serviceAgent`) Gives permission to manage network resources such as interconnect pairing keys, required for Bare Metal Solution. Warning: Do not grant service agent roles to any principals except service agents.	`compute.interconnectAttachments.get` `compute.interconnectAttachments.list` `compute.interconnects.get` `compute.interconnects.list` `compute.networks.get` `compute.networks.list` `compute.projects.get` `resourcemanager.projects.get`

Bare Metal Solution Service Agent

(roles/baremetalsolution.serviceAgent)

Gives permission to manage network resources such as interconnect pairing keys, required for Bare Metal Solution.

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnects.get

compute.interconnects.list

compute.networks.get

compute.networks.list

compute.projects.get

resourcemanager.projects.get

Te recomendamos que asignes los roles de la siguiente manera:

Rellenar un formulario de solicitud
- Roles de Solución Bare Metal: administrador, editor o administrador de instancias Y lector de redes de Compute
- Roles básicos: propietario o editor
Reiniciar un servidor de Bare Metal Solution
- Roles de Solución Bare Metal: administrador o editor
- Roles básicos: propietario o editor
Listar servidores o solicitar el estado
- Roles de Solución Bare Metal: Visor o Visor de instancias
- Rol básico: lector
Gestionar componentes de almacenamiento
- Roles de Solución Bare Metal: administrador, editor o administrador de almacenamiento
- Roles básicos: propietario o editor
Gestionar componentes de red
- Roles de Solución Bare Metal: administrador, editor o administrador de redes
- Roles básicos: propietario o editor

Para ver una lista completa de los roles de Bare Metal Solution, consulta Roles predefinidos e introduce baremetalsolution. en el cuadro de búsqueda.

Para ver una lista completa de los permisos de Bare Metal Solution, consulta Buscar un permiso e introduce baremetalsolution. en el cuadro de búsqueda.

Conceder un rol de gestión de identidades y accesos

Añade una política de gestión de identidades y accesos para conceder un rol de Solución Bare Metal a una cuenta principal. El rol contiene permisos que permiten a la entidad principal realizar determinadas acciones. Para asignar un rol, sigue estos pasos:

Consola

Asegúrate de tener un rol que contenga los permisos de gestión de identidades y accesos adecuados para asignar roles a otros usuarios, como Propietario, Administrador de gestión de identidades y accesos del proyecto o Administrador de seguridad. Para obtener más información sobre este requisito, consulta la sección Roles obligatorios.
En la consola, ve a la página de permisos de gestión de identidades y accesos. Google Cloud

Ir a IAM
Haz clic en Conceder acceso.
Introduce la siguiente información:
- En Añadir principales, introduce tus usuarios. Puedes añadir usuarios individuales, grupos de Google, cuentas de servicio o dominios de Google Workspace.
- En Asignar roles, elige un rol del menú Selecciona un rol para concederlo a las entidades de seguridad.
- Haz clic en Añadir otro rol si necesitas asignar varios roles a tus principales.
- Haz clic en Guardar.
Tus principales y sus roles asignados aparecen en la página de estado Permisos de IAM.

gcloud

Asegúrate de tener un rol que contenga los permisos de gestión de identidades y accesos adecuados para asignar roles a otros usuarios, como Propietario, Administrador de gestión de identidades y accesos del proyecto o Administrador de seguridad. Para obtener más información sobre este requisito, consulta la sección Roles obligatorios.
Abre una ventana de Cloud Shell en tu Google Cloud proyecto.
Añade el ID de tu proyecto Google Cloud , la dirección de correo de la cuenta principal Google Cloud y la ruta del rol de Solución Bare Metal que quieras al siguiente comando:
```
gcloud projects add-iam-policy-binding PROJECT_ID \
 --member=user:username@example.com \
 --role=roles/baremetalsolution.admin
 
```
Copia el comando y pégalo en la ventana de Cloud Shell.
Pulsa la tecla Intro o de retorno.
En algunos casos, se abre una ventana Autorizar Cloud Shell en la que se te pide que permitas una llamada a la API. Si ves este mensaje, haz clic en Autorizar.

Si has introducido los comandos correctamente, el resultado será el siguiente:

Updated IAM policy for project [PROJECT_ID].
  bindings:
  - members:
   - user:username@example.com
   role: roles/baremetalsolution.admin
  - members:
   - serviceAccount:service-PROJECT_NUMBER@compute-system.iam.gserviceaccount.com
   role: roles/compute.serviceAgent
  - members:
   - serviceAccount:PROJECT_NUMBER-compute@developer.gserviceaccount.com
   - serviceAccount:PROJECT_NUMBER@cloudservices.gserviceaccount.com
   role: roles/editor
  - members:
   - user:username@example.com
   role: roles/owner
  etag: ETAG_NUMBER
  version: 1

Para obtener más información sobre la gestión de identidades y accesos, consulte el artículo Gestión de identidades y accesos.