IAM 역할 및 권한

이 페이지에서는 Identity and Access Management(IAM)를 사용하여 Gemini Enterprise 리소스에 대한 API 액세스 및 권한을 제어하는 방법을 설명합니다.

개요

Google Cloud 는 IAM을 제공하며, 이를 통해 특정 Google Cloud 리소스에 더욱 세분화된 액세스 권한을 부여하고 원치 않는 리소스 액세스를 차단할 수 있습니다. 이 페이지에서는 Gemini Enterprise의 IAM 역할과 권한을 설명합니다.Google Cloud IAM에 대한 자세한 내용은 IAM 문서를 참조하세요.

Gemini Enterprise는 Gemini Enterprise 리소스에 대한 액세스 제어를 돕기 위해 설계된 사전 정의된 역할 집합을 제공합니다. 사전 정의된 역할이 필요한 권한 집합을 제공하지 않는 경우, 직접 커스텀 역할을 만들어 사용할 수도 있습니다. 또한 이전의 기본 역할(편집자, 뷰어, 소유자)도 여전히 사용할 수 있지만, 이들 역할은 Gemini Enterprise 역할과 같은 세밀한 제어 기능을 제공하지는 않습니다. 특히 기본 역할은 Gemini Enterprise 전용이 아니라 Google Cloud 전체 리소스에 대한 액세스를 제공합니다. 자세한 내용은 기본 역할 문서를 참조하세요.

사전 정의된 역할

Gemini Enterprise는 주 구성원에게 더 세분화된 권한을 부여할 수 있도록 여러 사전 정의된 역할을 제공합니다. 주 구성원에게 부여한 역할에 따라 해당 주 구성원이 수행할 수 있는 작업이 결정됩니다. 주 구성원은 개인, 그룹, 서비스 계정이 될 수 있습니다.

한 주 구성원에게 여러 개의 역할을 부여할 수 있으며, 적절한 권한이 있다면 언제라도 주 구성원에게 부여된 역할을 변경할 수 있습니다.

폭넓은 역할일수록 세부적으로 정의된 역할을 포함합니다. 예를 들어 검색 엔진 편집자 역할에는 검색 엔진 뷰어 역할의 모든 권한과 더불어 검색 엔진 편집자 역할의 추가 권한이 포함됩니다. 마찬가지로 검색 엔진 관리자 역할에는 검색 엔진 편집자 역할의 모든 권한과 그 추가 권한이 포함됩니다.

기본 역할(소유자, 편집자, 뷰어)은 Google Cloud전반에 대한 권한을 제공합니다. 반면, Gemini Enterprise 전용 역할은 다음과 같은 일반적인 Google Cloud 사용을 위해 필요한 Google Cloud권한을 제외하고 Gemini Enterprise 관련 권한만 제공합니다.

  • resourcemanager.projects.get
  • resourcemanager.projects.list
  • serviceusage.services.list
  • serviceusage.services.get

다음 표에는 Gemini Enterprise IAM 역할과 각 역할에 해당하는 모든 권한 목록이 나열됩니다.

역할 권한

(roles/discoveryengine.admin)

모든 검색 엔진 리소스에 대한 전체 액세스 권한을 부여합니다.

discoveryengine.aclConfigs.*

  • discoveryengine.aclConfigs.get
  • discoveryengine.aclConfigs.update

discoveryengine.agents.*

  • discoveryengine.agents.create
  • discoveryengine.agents.delete
  • discoveryengine.agents.get
  • discoveryengine.agents.list
  • discoveryengine.agents.update

discoveryengine.alertPolicies.*

  • discoveryengine.alertPolicies.create
  • discoveryengine.alertPolicies.get
  • discoveryengine.alertPolicies.update

discoveryengine.analytics.*

  • discoveryengine.analytics.acquireDashboardSession
  • discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.*

  • discoveryengine.assistants.assist
  • discoveryengine.assistants.create
  • discoveryengine.assistants.delete
  • discoveryengine.assistants.get
  • discoveryengine.assistants.list
  • discoveryengine.assistants.update

discoveryengine.billingAccountLicenseConfigs.*

  • discoveryengine.billingAccountLicenseConfigs.distribute
  • discoveryengine.billingAccountLicenseConfigs.get
  • discoveryengine.billingAccountLicenseConfigs.list
  • discoveryengine.billingAccountLicenseConfigs.retract

discoveryengine.branches.*

  • discoveryengine.branches.get
  • discoveryengine.branches.list

discoveryengine.cmekConfigs.*

  • discoveryengine.cmekConfigs.get
  • discoveryengine.cmekConfigs.list
  • discoveryengine.cmekConfigs.update

discoveryengine.collections.*

  • discoveryengine.collections.delete
  • discoveryengine.collections.get
  • discoveryengine.collections.list

discoveryengine.completionConfigs.*

  • discoveryengine.completionConfigs.completeQuery
  • discoveryengine.completionConfigs.get
  • discoveryengine.completionConfigs.update

discoveryengine.connectorRuns.*

  • discoveryengine.connectorRuns.cancel
  • discoveryengine.connectorRuns.list

discoveryengine.controls.*

  • discoveryengine.controls.create
  • discoveryengine.controls.delete
  • discoveryengine.controls.get
  • discoveryengine.controls.list
  • discoveryengine.controls.update

discoveryengine.conversations.*

  • discoveryengine.conversations.converse
  • discoveryengine.conversations.create
  • discoveryengine.conversations.delete
  • discoveryengine.conversations.get
  • discoveryengine.conversations.list
  • discoveryengine.conversations.update

discoveryengine.dataConnectors.*

  • discoveryengine.dataConnectors.acquireAccessToken
  • discoveryengine.dataConnectors.acquireAndStoreRefreshToken
  • discoveryengine.dataConnectors.buildActionInvocation
  • discoveryengine.dataConnectors.checkRefreshToken
  • discoveryengine.dataConnectors.executeAction
  • discoveryengine.dataConnectors.get
  • discoveryengine.dataConnectors.queryAvailableActions
  • discoveryengine.dataConnectors.startConnectorRun
  • discoveryengine.dataConnectors.update

discoveryengine.dataStores.*

  • discoveryengine.dataStores.completeQuery
  • discoveryengine.dataStores.create
  • discoveryengine.dataStores.delete
  • discoveryengine.dataStores.enrollSolutions
  • discoveryengine.dataStores.get
  • discoveryengine.dataStores.list
  • discoveryengine.dataStores.listCustomModels
  • discoveryengine.dataStores.trainCustomModel
  • discoveryengine.dataStores.update

discoveryengine.documentProcessingConfigs.*

  • discoveryengine.documentProcessingConfigs.get
  • discoveryengine.documentProcessingConfigs.update

discoveryengine.documents.*

  • discoveryengine.documents.batchGetDocumentsMetadata
  • discoveryengine.documents.create
  • discoveryengine.documents.delete
  • discoveryengine.documents.get
  • discoveryengine.documents.import
  • discoveryengine.documents.list
  • discoveryengine.documents.purge
  • discoveryengine.documents.update

discoveryengine.engines.*

  • discoveryengine.engines.create
  • discoveryengine.engines.createEngineUserData
  • discoveryengine.engines.delete
  • discoveryengine.engines.get
  • discoveryengine.engines.list
  • discoveryengine.engines.pause
  • discoveryengine.engines.resume
  • discoveryengine.engines.tune
  • discoveryengine.engines.update

discoveryengine.evaluations.*

  • discoveryengine.evaluations.create
  • discoveryengine.evaluations.get
  • discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.identityMappingStores.*

  • discoveryengine.identityMappingStores.create
  • discoveryengine.identityMappingStores.delete
  • discoveryengine.identityMappingStores.get
  • discoveryengine.identityMappingStores.importIdentityMappings
  • discoveryengine.identityMappingStores.list
  • discoveryengine.identityMappingStores.listIdentityMappings
  • discoveryengine.identityMappingStores.purgeIdentityMappings

discoveryengine.licenseConfigs.*

  • discoveryengine.licenseConfigs.create
  • discoveryengine.licenseConfigs.get
  • discoveryengine.licenseConfigs.list
  • discoveryengine.licenseConfigs.update

discoveryengine.locations.*

  • discoveryengine.locations.estimateDataSize
  • discoveryengine.locations.exchangeAuthCredentials
  • discoveryengine.locations.getConnectorSource
  • discoveryengine.locations.listConnectorSources
  • discoveryengine.locations.setUpDataConnector

discoveryengine.models.*

  • discoveryengine.models.create
  • discoveryengine.models.delete
  • discoveryengine.models.get
  • discoveryengine.models.list
  • discoveryengine.models.pause
  • discoveryengine.models.resume
  • discoveryengine.models.tune
  • discoveryengine.models.update

discoveryengine.operations.*

  • discoveryengine.operations.get
  • discoveryengine.operations.list

discoveryengine.projects.*

  • discoveryengine.projects.get
  • discoveryengine.projects.provision
  • discoveryengine.projects.reportConsentChange

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.*

  • discoveryengine.sampleQueries.create
  • discoveryengine.sampleQueries.delete
  • discoveryengine.sampleQueries.get
  • discoveryengine.sampleQueries.import
  • discoveryengine.sampleQueries.list
  • discoveryengine.sampleQueries.update

discoveryengine.sampleQuerySets.*

  • discoveryengine.sampleQuerySets.create
  • discoveryengine.sampleQuerySets.delete
  • discoveryengine.sampleQuerySets.get
  • discoveryengine.sampleQuerySets.list
  • discoveryengine.sampleQuerySets.update

discoveryengine.schemas.*

  • discoveryengine.schemas.create
  • discoveryengine.schemas.delete
  • discoveryengine.schemas.get
  • discoveryengine.schemas.list
  • discoveryengine.schemas.preview
  • discoveryengine.schemas.update
  • discoveryengine.schemas.validate

discoveryengine.servingConfigs.*

  • discoveryengine.servingConfigs.answer
  • discoveryengine.servingConfigs.create
  • discoveryengine.servingConfigs.delete
  • discoveryengine.servingConfigs.get
  • discoveryengine.servingConfigs.list
  • discoveryengine.servingConfigs.recommend
  • discoveryengine.servingConfigs.search
  • discoveryengine.servingConfigs.update

discoveryengine.sessions.*

  • discoveryengine.sessions.addContextFile
  • discoveryengine.sessions.create
  • discoveryengine.sessions.delete
  • discoveryengine.sessions.downloadFile
  • discoveryengine.sessions.get
  • discoveryengine.sessions.list
  • discoveryengine.sessions.listSessionFileMetadata
  • discoveryengine.sessions.recommendQuestions
  • discoveryengine.sessions.removeContextFile
  • discoveryengine.sessions.search
  • discoveryengine.sessions.selectContextFiles
  • discoveryengine.sessions.update
  • discoveryengine.sessions.uploadFile

discoveryengine.siteSearchEngines.*

  • discoveryengine.siteSearchEngines.batchVerifyTargetSites
  • discoveryengine.siteSearchEngines.disableAdvancedSiteSearch
  • discoveryengine.siteSearchEngines.enableAdvancedSiteSearch
  • discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
  • discoveryengine.siteSearchEngines.get
  • discoveryengine.siteSearchEngines.recrawlUris

discoveryengine.sitemaps.*

  • discoveryengine.sitemaps.create
  • discoveryengine.sitemaps.delete
  • discoveryengine.sitemaps.fetch

discoveryengine.suggestionDenyListEntries.*

  • discoveryengine.suggestionDenyListEntries.import
  • discoveryengine.suggestionDenyListEntries.purge

discoveryengine.targetSites.*

  • discoveryengine.targetSites.batchCreate
  • discoveryengine.targetSites.create
  • discoveryengine.targetSites.delete
  • discoveryengine.targetSites.get
  • discoveryengine.targetSites.list
  • discoveryengine.targetSites.update

discoveryengine.userEvents.*

  • discoveryengine.userEvents.create
  • discoveryengine.userEvents.fetchStats
  • discoveryengine.userEvents.import
  • discoveryengine.userEvents.purge

discoveryengine.userStores.*

  • discoveryengine.userStores.batchUpdateUserLicenses
  • discoveryengine.userStores.get
  • discoveryengine.userStores.listUserLicenses
  • discoveryengine.userStores.update

discoveryengine.users.*

  • discoveryengine.users.get
  • discoveryengine.users.update

discoveryengine.widgetConfigs.*

  • discoveryengine.widgetConfigs.get
  • discoveryengine.widgetConfigs.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/discoveryengine.editor)

모든 검색 엔진 리소스에 대한 읽기 및 쓰기 액세스 권한을 부여합니다.

discoveryengine.aclConfigs.get

discoveryengine.agents.*

  • discoveryengine.agents.create
  • discoveryengine.agents.delete
  • discoveryengine.agents.get
  • discoveryengine.agents.list
  • discoveryengine.agents.update

discoveryengine.alertPolicies.get

discoveryengine.analytics.*

  • discoveryengine.analytics.acquireDashboardSession
  • discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.assist

discoveryengine.assistants.get

discoveryengine.assistants.list

discoveryengine.branches.*

  • discoveryengine.branches.get
  • discoveryengine.branches.list

discoveryengine.cmekConfigs.get

discoveryengine.cmekConfigs.list

discoveryengine.collections.get

discoveryengine.collections.list

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.get

discoveryengine.connectorRuns.list

discoveryengine.controls.get

discoveryengine.controls.list

discoveryengine.conversations.*

  • discoveryengine.conversations.converse
  • discoveryengine.conversations.create
  • discoveryengine.conversations.delete
  • discoveryengine.conversations.get
  • discoveryengine.conversations.list
  • discoveryengine.conversations.update

discoveryengine.dataConnectors.acquireAccessToken

discoveryengine.dataConnectors.acquireAndStoreRefreshToken

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.executeAction

discoveryengine.dataConnectors.get

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.dataStores.completeQuery

discoveryengine.dataStores.get

discoveryengine.dataStores.list

discoveryengine.dataStores.listCustomModels

discoveryengine.dataStores.trainCustomModel

discoveryengine.documentProcessingConfigs.get

discoveryengine.documents.batchGetDocumentsMetadata

discoveryengine.documents.create

discoveryengine.documents.delete

discoveryengine.documents.get

discoveryengine.documents.import

discoveryengine.documents.list

discoveryengine.documents.update

discoveryengine.engines.createEngineUserData

discoveryengine.engines.get

discoveryengine.engines.list

discoveryengine.engines.pause

discoveryengine.engines.resume

discoveryengine.engines.tune

discoveryengine.evaluations.get

discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.identityMappingStores.*

  • discoveryengine.identityMappingStores.create
  • discoveryengine.identityMappingStores.delete
  • discoveryengine.identityMappingStores.get
  • discoveryengine.identityMappingStores.importIdentityMappings
  • discoveryengine.identityMappingStores.list
  • discoveryengine.identityMappingStores.listIdentityMappings
  • discoveryengine.identityMappingStores.purgeIdentityMappings

discoveryengine.licenseConfigs.get

discoveryengine.licenseConfigs.list

discoveryengine.models.*

  • discoveryengine.models.create
  • discoveryengine.models.delete
  • discoveryengine.models.get
  • discoveryengine.models.list
  • discoveryengine.models.pause
  • discoveryengine.models.resume
  • discoveryengine.models.tune
  • discoveryengine.models.update

discoveryengine.operations.*

  • discoveryengine.operations.get
  • discoveryengine.operations.list

discoveryengine.projects.get

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.*

  • discoveryengine.sampleQueries.create
  • discoveryengine.sampleQueries.delete
  • discoveryengine.sampleQueries.get
  • discoveryengine.sampleQueries.import
  • discoveryengine.sampleQueries.list
  • discoveryengine.sampleQueries.update

discoveryengine.sampleQuerySets.*

  • discoveryengine.sampleQuerySets.create
  • discoveryengine.sampleQuerySets.delete
  • discoveryengine.sampleQuerySets.get
  • discoveryengine.sampleQuerySets.list
  • discoveryengine.sampleQuerySets.update

discoveryengine.schemas.get

discoveryengine.schemas.list

discoveryengine.schemas.preview

discoveryengine.schemas.validate

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.get

discoveryengine.servingConfigs.list

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.*

  • discoveryengine.sessions.addContextFile
  • discoveryengine.sessions.create
  • discoveryengine.sessions.delete
  • discoveryengine.sessions.downloadFile
  • discoveryengine.sessions.get
  • discoveryengine.sessions.list
  • discoveryengine.sessions.listSessionFileMetadata
  • discoveryengine.sessions.recommendQuestions
  • discoveryengine.sessions.removeContextFile
  • discoveryengine.sessions.search
  • discoveryengine.sessions.selectContextFiles
  • discoveryengine.sessions.update
  • discoveryengine.sessions.uploadFile

discoveryengine.siteSearchEngines.get

discoveryengine.targetSites.get

discoveryengine.targetSites.list

discoveryengine.userEvents.create

discoveryengine.userEvents.fetchStats

discoveryengine.userEvents.import

discoveryengine.userStores.get

discoveryengine.widgetConfigs.*

  • discoveryengine.widgetConfigs.get
  • discoveryengine.widgetConfigs.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/discoveryengine.user)

검색 엔진 리소스에 대한 사용자 수준 액세스 권한을 부여합니다.

discoveryengine.accounts.create

discoveryengine.agents.*

  • discoveryengine.agents.create
  • discoveryengine.agents.delete
  • discoveryengine.agents.get
  • discoveryengine.agents.list
  • discoveryengine.agents.update

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.assist

discoveryengine.completionConfigs.completeQuery

discoveryengine.dataConnectors.acquireAccessToken

discoveryengine.dataConnectors.acquireAndStoreRefreshToken

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.executeAction

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.engines.createEngineUserData

discoveryengine.engines.get

discoveryengine.notebooks.create

discoveryengine.notebooks.list

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.*

  • discoveryengine.sessions.addContextFile
  • discoveryengine.sessions.create
  • discoveryengine.sessions.delete
  • discoveryengine.sessions.downloadFile
  • discoveryengine.sessions.get
  • discoveryengine.sessions.list
  • discoveryengine.sessions.listSessionFileMetadata
  • discoveryengine.sessions.recommendQuestions
  • discoveryengine.sessions.removeContextFile
  • discoveryengine.sessions.search
  • discoveryengine.sessions.selectContextFiles
  • discoveryengine.sessions.update
  • discoveryengine.sessions.uploadFile

discoveryengine.userEvents.create

discoveryengine.users.*

  • discoveryengine.users.get
  • discoveryengine.users.update

discoveryengine.widgetConfigs.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/discoveryengine.viewer)

모든 검색 엔진 리소스에 대한 읽기 액세스 권한을 부여합니다.

discoveryengine.aclConfigs.get

discoveryengine.agents.get

discoveryengine.agents.list

discoveryengine.alertPolicies.get

discoveryengine.analytics.*

  • discoveryengine.analytics.acquireDashboardSession
  • discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.get

discoveryengine.assistants.list

discoveryengine.branches.*

  • discoveryengine.branches.get
  • discoveryengine.branches.list

discoveryengine.cmekConfigs.get

discoveryengine.cmekConfigs.list

discoveryengine.collections.get

discoveryengine.collections.list

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.get

discoveryengine.connectorRuns.list

discoveryengine.controls.get

discoveryengine.controls.list

discoveryengine.conversations.converse

discoveryengine.conversations.get

discoveryengine.conversations.list

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.get

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.dataStores.completeQuery

discoveryengine.dataStores.get

discoveryengine.dataStores.list

discoveryengine.dataStores.listCustomModels

discoveryengine.documentProcessingConfigs.get

discoveryengine.documents.batchGetDocumentsMetadata

discoveryengine.documents.get

discoveryengine.documents.list

discoveryengine.engines.get

discoveryengine.engines.list

discoveryengine.evaluations.get

discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.identityMappingStores.get

discoveryengine.identityMappingStores.list

discoveryengine.identityMappingStores.listIdentityMappings

discoveryengine.models.get

discoveryengine.models.list

discoveryengine.operations.*

  • discoveryengine.operations.get
  • discoveryengine.operations.list

discoveryengine.projects.get

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.get

discoveryengine.sampleQueries.list

discoveryengine.sampleQuerySets.get

discoveryengine.sampleQuerySets.list

discoveryengine.schemas.get

discoveryengine.schemas.list

discoveryengine.schemas.preview

discoveryengine.schemas.validate

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.get

discoveryengine.servingConfigs.list

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.downloadFile

discoveryengine.sessions.get

discoveryengine.sessions.list

discoveryengine.sessions.listSessionFileMetadata

discoveryengine.sessions.recommendQuestions

discoveryengine.siteSearchEngines.get

discoveryengine.targetSites.get

discoveryengine.targetSites.list

discoveryengine.userEvents.fetchStats

discoveryengine.userStores.get

discoveryengine.widgetConfigs.get

resourcemanager.projects.get

resourcemanager.projects.list

Gemini Enterprise IAM 관리

Google Cloud 콘솔을 사용하여 IAM 허용 정책 및 IAM 역할을 가져오고 설정할 수 있습니다. 자세한 내용은 프로젝트, 폴더, 조직에 대한 액세스 관리를 참조하세요.

관리자에게 권한 부여

프로젝트 소유자는 관리자 역할이 필요한 사용자에게 Discovery Engine Admin, Service Usage Consumer, Logs Viewer 역할을 부여할 수 있습니다.

역할을 추가하려면 다음 단계를 따르세요.

  1. Google Cloud 콘솔에서 IAM 페이지로 이동합니다.

    IAM으로 이동
  2. 프로젝트를 선택합니다.
  3. 액세스 권한 부여를 클릭합니다.

  4. 새 주 구성원 필드에 사용자 식별자를 입력합니다. 일반적으로 Google 계정의 이메일 주소 또는 사용자 그룹을 입력합니다.

  5. 역할을 추가합니다.
    1. 다른 역할 추가를 클릭합니다.
    2. 역할 선택 목록에서 검색 엔진 관리자를 선택합니다.
    3. a 및 b 단계를 반복하여 서비스 사용량 소비자 역할과 로그 뷰어 역할도 추가합니다.
  6. 저장을 클릭합니다.

사용자에게 권한 부여

이 섹션에서는 사용자가 앱에 액세스하는 데 필요한 Discovery Engine user 역할을 부여하는 방법을 설명합니다.

  1. Google Cloud 콘솔에서 IAM 페이지로 이동합니다.

    IAM으로 이동
  2. 프로젝트를 선택합니다.
  3. 액세스 권한 부여를 클릭합니다.

  4. 새 주 구성원 필드에 사용자 식별자를 입력합니다. 일반적으로 Google 계정 이메일 주소, 사용자 그룹, 직원 ID 풀 사용자 식별자를 입력합니다. 자세한 내용은 허용 정책의 주 구성원 식별자를 참조하세요.

  5. 역할을 추가합니다.
    1. 다른 역할 추가를 클릭합니다.
    2. 역할 선택 목록에서 Discovery Engine 사용자를 선택합니다.
  6. 저장을 클릭합니다.

사용자가 앱을 관리하고 공유할 수 있도록 하려면 Discovery Engine viewer 역할을 부여하세요.

다음 단계