Untuk mengetahui informasi versi, lihat catatan rilis Distributed Cloud terhubung.

Peran dan izin

Halaman ini mencantumkan izin yang diperlukan oleh Google Distributed Cloud yang terhubung dan peran Identity and Access Management (IAM) yang mencakupnya.

Peran

Bagian ini mencantumkan peran IAM yang mencakup izin yang terhubung ke Distributed Cloud.

Google Cloud peran project untuk Distributed Cloud terhubung

Tabel berikut mencantumkan peran project dan izin yang terkait dengan Distributed Cloud yang dienkapsulasi. Google Cloud

Peran	Resource	Izin
Edge Container Viewer `roles/edgecontainer.viewer`	zona, node, node pool, cluster, koneksi VPN	`edgecontainer.clusters.list` `edgecontainer.clusters.get` `edgecontainer.clusters.generateAccessToken` `edgecontainer.clusters.getIamPolicy` `edgecontainer.nodePools.list` `edgecontainer.nodePools.get` `edgecontainer.nodePools.getIamPolicy` `edgecontainer.machines.list` `edgecontainer.machines.get` `edgecontainer.machines.getIamPolicy` `edgecontainer.vpnConnections.list` `edgecontainer.vpnConnections.get` `edgecontainer.vpnConnections.getIamPolicy` `edgecontainer.locations.list` `edgecontainer.locations.get` `edgecontainer.operations.list` `edgecontainer.operations.get` `edgecontainer.serverconfig.get`
Edge Container Admin `roles/edgecontainer.admin`	zona, node, node pool, cluster, koneksi VPN	Mencakup semua izin dari peran Edge Container Viewer, ditambah berikut ini: `edgecontainer.clusters.create` `edgecontainer.clusters.update` `edgecontainer.clusters.upgrade` `edgecontainer.clusters.delete` `edgecontainer.clusters.setIamPolicy` `edgecontainer.clusters.generateOfflineCredential` `edgecontainer.nodePools.create` `edgecontainer.nodePools.update` `edgecontainer.nodePools.delete` `edgecontainer.nodePools.setIamPolicy` `edgecontainer.machines.create` `edgecontainer.machines.update` `edgecontainer.machines.delete` `edgecontainer.machines.use` `edgecontainer.machines.setIamPolicy` `edgecontainer.vpnConnections.create` `edgecontainer.vpnConnections.update` `edgecontainer.vpnConnections.delete` `edgecontainer.vpnConnections.setIamPolicy` `edgecontainer.operations.cancel` `edgecontainer.operations.delete`
Pengguna Mesin Container Edge `roles/edgecontainer.machineUser`	mesin	`edgecontainer.machines.use`
Pengguna Kredensial Offline Edge Container `roles/edgecontainer.offlineCredentialUser`	cluster	`edgecontainer.clusters.generateOfflineCredential`
Edge Network Viewer `roles/edgenetwork.viewer`	zona, jaringan, subnet, interkoneksi, lampiran interkoneksi, router, lokasi, operasi	`edgenetwork.networks.list` `edgenetwork.networks.get` `edgenetwork.networks.getStatus` `edgenetwork.networks.getIamPolicy` `edgenetwork.subnetworks.list` `edgenetwork.subnetworks.get` `edgenetwork.subnetworks.getIamPolicy` `edgenetwork.interconnects.list` `edgenetwork.interconnects.get` `edgenetwork.interconnects.getDiagnostics` `edgenetwork.interconnects.getIamPolicy` `edgenetwork.interconnectAttachments.list` `edgenetwork.interconnectAttachments.get` `edgenetwork.interconnectAttachments.getIamPolicy` `edgenetwork.routers.list` `edgenetwork.routers.get` `edgenetwork.routers.getRouterStatus` `edgenetwork.routers.getIamPolicy` `edgenetwork.zones.list` `edgenetwork.zones.get` `edgenetwork.locations.list` `edgenetwork.locations.get` `edgenetwork.operations.list` `edgenetwork.operations.get`
Edge Network Admin `roles/edgenetwork.admin`	zona, jaringan, subnet, interkoneksi, lampiran interkoneksi, router, operasi	Mencakup semua izin dari peran Edge Network Viewer, ditambah izin berikut: `edgenetwork.networks.create` `edgenetwork.networks.delete` `edgenetwork.networks.setIamPolicy` `edgenetwork.subnetworks.create` `edgenetwork.subnetworks.delete` `edgenetwork.subnetworks.setIamPolicy` `edgenetwork.interconnects.setIamPolicy` `edgenetwork.interconnectAttachments.create` `edgenetwork.interconnectAttachments.delete` `edgenetwork.interconnectAttachments.setIamPolicy` `edgenetwork.routers.create` `edgenetwork.routers.update` `edgenetwork.routers.patch` `edgenetwork.routers.delete` `edgenetwork.routers.setIamPolicy` `edgenetwork.zones.initialize` `edgenetwork.operations.cancel` `edgenetwork.operations.delete`

Peran khusus

Google Cloud juga memungkinkan Anda membuat peran khusus yang mencakup izin khusus untuk kebutuhan bisnis Anda, seperti prinsip hak istimewa terendah. Untuk mengetahui petunjuknya, lihat Membuat dan mengelola peran khusus.

Izin

Bagian ini mencantumkan izin yang diperlukan untuk melakukan operasi tertentu pada resource yang terhubung ke Distributed Cloud.

Operasi dan metode	Resource	Izin
Mencantumkan region dalam Google Cloud project. `locations.list`	region	`edgecontainer.locations.list` di project Google Cloud target
Mendapatkan informasi tentang suatu wilayah. `locations.get`	region	`edgecontainer.locations.get` di project Google Cloud target
Buat cluster. `clusters.create`	cluster	`edgecontainer.clusters.create` di project Google Cloud target
Mencantumkan cluster dalam Google Cloud project. `clusters.list`	cluster	`edgecontainer.clusters.list` di project Google Cloud target
Dapatkan kredensial untuk cluster. `clusters.get`	cluster	`edgecontainer.clusters.get` di project Google Cloud target
Buat token akses untuk cluster. `clusters.generateAccessToken`	cluster	`edgecontainer.clusters.generateAccessToken` di project Google Cloud target
Ubah cluster. `clusters.update`	cluster	`edgecontainer.clusters.update` di project Google Cloud target
Mengupgrade, mendowngrade, atau menyematkan cluster ke versi stack software Distributed Cloud tertentu. `clusters.upgrade`	cluster	`edgecontainer.clusters.upgrade` di project Google Cloud target
Buat kredensial akses offline untuk cluster bidang kontrol lokal. `clusters.generateOfflineCredential`	cluster	`edgecontainer.clusters.generateOfflineCredential` di project Google Cloud target
Hapus cluster. `clusters.delete`	cluster	`edgecontainer.clusters.delete` di project Google Cloud target
Buat node pool. `nodePools.create`	node pool	`edgecontainer.nodePools.create` di project Google Cloud target
Mencantumkan node pool dalam Google Cloud project. `nodePools.list`	node pool	`edgecontainer.nodePools.list` di project Google Cloud target
Mendapatkan informasi tentang node pool. `nodePools.get`	node pool	`edgecontainer.nodePools.get` di project Google Cloud target
Ubah node pool. `nodePools.update`	node pool	`edgecontainer.nodePools.update` di project Google Cloud target
Hapus node pool. `nodePools.delete`	node pool	`edgecontainer.nodePools.delete` di project Google Cloud target
Buat node (mesin). `machines.create`	node	`edgecontainer.machines.create` di project Google Cloud target
Mencantumkan node (mesin) dalam Google Cloud project. `machines.list`	node	`edgecontainer.machines.list` di project Google Cloud target
Mendapatkan informasi tentang node (mesin). `machines.get`	node	`edgecontainer.machines.get` di project Google Cloud target
Ubah node (mesin). `machines.update`	node	`edgecontainer.machines.update` di project Google Cloud target
Deploy workload ke node (mesin). `machines.use`	node	`edgecontainer.machines.use` di project Google Cloud target
Menghapus node (mesin). `machines.delete`	node	`edgecontainer.machines.delete` di project Google Cloud target
Mencantumkan workload yang di-deploy dalam zona. `operations.list`	operasi	`edgecontainer.operations.list` di project Google Cloud target
Mendapatkan informasi tentang beban kerja. `operations.get`	operasi	`edgecontainer.operations.get` di project Google Cloud target
Membatalkan workload yang sedang berlangsung. `operations.cancel`	operasi	`edgecontainer.operations.cancel` di project Google Cloud target
Hapus workload. `operations.delete`	operasi	`edgecontainer.operations.delete` di project Google Cloud target
Mendapatkan konfigurasi server untuk cluster. `serverconfig.get`	serverconfig	`edgecontainer.serverconfig.get` di project Google Cloud target
Buat koneksi VPN. `vpnConnections.create`	Koneksi VPN	`edgecontainer.vpnConnections.create` di project Google Cloud target
Mencantumkan koneksi VPN di project Google Cloud . `vpnConnections.list`	Koneksi VPN	`edgecontainer.vpnConnections.list` di project Google Cloud target
Mendapatkan informasi tentang koneksi VPN. `vpnConnections.get`	Koneksi VPN	`edgecontainer.vpnConnections.get` di project Google Cloud target
Ubah koneksi VPN. `vpnConnections.update`	Koneksi VPN	`edgecontainer.vpnConnections.update` di project Google Cloud target
Hapus koneksi VPN. `vpnConnections.delete`	Koneksi VPN	`edgecontainer.vpnConnections.delete` di project Google Cloud target
Mencantumkan zona dalam Google Cloud project. `zones.list`	zona	`edgenetwork.zones.list` di project Google Cloud mesin target
Mendapatkan informasi tentang zona. `zones.get`	zona	`edgenetwork.zones.get` di project Google Cloud mesin target
Lakukan inisialisasi zona. `zones.initialize`	zona	`edgenetwork.zones.initialize` di project Google Cloud mesin target
Buat jaringan. `networks.create`	networks	`edgenetwork.networks.create` di project Google Cloud mesin target
Mencantumkan jaringan dalam Google Cloud project. `networks.list`	networks	`edgenetwork.networks.list` di project Google Cloud mesin target
Mendapatkan informasi tentang jaringan. `networks.get`	networks	`edgenetwork.networks.get` di project Google Cloud mesin target
Mendapatkan status tentang jaringan. `networks.getStatus`	networks	`edgenetwork.networks.getStatus` di project Google Cloud mesin target
Menghapus jaringan. `networks.delete`	networks	`edgenetwork.networks.delete` di project Google Cloud mesin target
Buat subnet. `subnetworks.create`	subnet	`edgenetwork.subnetworks.create` di project Google Cloud mesin target
Mencantumkan subnet dalam Google Cloud project. `subnetworks.list`	subnet	`edgenetwork.subnetworks.list` di project Google Cloud mesin target
Mendapatkan informasi tentang subnet. `subnetworks.get`	subnet	`edgenetwork.subnetworks.get` di project Google Cloud mesin target
Hapus subnet. `subnetworks.delete`	subnet	`edgenetwork.subnetworks.delete` di project Google Cloud mesin target
Mencantumkan interkoneksi dalam Google Cloud project. `interconnects.list`	interconnects	`edgenetwork.interconnects.list` di project Google Cloud mesin target
Mendapatkan informasi tentang interkoneksi. `interconnects.get`	interconnects	`edgenetwork.interconnects.get` di project Google Cloud mesin target
Mendapatkan informasi diagnostik tentang interconnect. `interconnects.getDiagnostics`	interconnects	`edgenetwork.interconnects.getDiagnostics` di project Google Cloud mesin target
Buat lampiran interkoneksi. `interconnectAttachments.create`	lampiran interkoneksi	`edgenetwork.interconnectAttachments.create` di project Google Cloud mesin target
Mencantumkan lampiran Interconnect dalam Google Cloud project. `interconnectAttachments.list`	lampiran interkoneksi	`edgenetwork.interconnectAttachments.list` di project Google Cloud mesin target
Mendapatkan informasi tentang lampiran interkoneksi. `interconnectAttachments.get`	lampiran interkoneksi	`edgenetwork.interconnectAttachments.get` di project Google Cloud mesin target
Menghapus lampiran interkoneksi. `interconnectAttachments.delete`	lampiran interkoneksi	`edgenetwork.interconnectAttachments.delete` di project Google Cloud mesin target
Buat router. `routers.create`	routers	`edgenetwork.routers.create` di project Google Cloud mesin target
Mencantumkan router dalam Google Cloud project. `routers.list`	routers	`edgenetwork.routers.list` di project Google Cloud mesin target
Mendapatkan status tentang router. `routers.getRouterStatus`	routers	`edgenetwork.routers.getRouterStatus` di project Google Cloud mesin target
Mendapatkan informasi tentang router. `routers.get`	routers	`edgenetwork.routers.get` di project Google Cloud mesin target
Ubah router. `routers.update`	routers	`edgenetwork.routers.update` di project Google Cloud mesin target
Hapus router. `routers.delete`	routers	`edgenetwork.routers.delete` di project Google Cloud mesin target
Mencantumkan workload yang di-deploy dalam zona. `operations.list`	operasi	`edgenetwork.operations.list` di project Google Cloud mesin target
Mendapatkan informasi tentang beban kerja. `operations.get`	operasi	`edgenetwork.operations.get` di project Google Cloud mesin target
Membatalkan workload yang sedang berlangsung. `operations.cancel`	operasi	`edgenetwork.operations.cancel` di project Google Cloud mesin target
Hapus workload. `operations.delete`	operasi	`edgenetwork.operations.delete` di project Google Cloud mesin target
Mencantumkan lokasi di project Google Cloud machine. `locations.list`	lokasi	`edgenetwork.locations.list` di project Google Cloud mesin target
Mendapatkan informasi tentang suatu lokasi. `locations.get`	lokasi	`edgenetwork.locations.get` di project Google Cloud mesin target

Peran dan izin Tetap teratur dengan koleksi Simpan dan kategorikan konten berdasarkan preferensi Anda.

Peran

Google Cloud peran project untuk Distributed Cloud terhubung

Peran khusus

Izin

Peran dan izin