Kontrol akses dengan IAM

Halaman ini menjelaskan cara mengontrol akses dan izin Discovery Engine API untuk resource Agent Search menggunakan Identity and Access Management (IAM).

Ringkasan

Google Cloud menawarkan IAM, yang memungkinkan Anda memberikan akses yang lebih terperinci ke resource Google Cloud tertentu dan mencegah akses yang tidak diinginkan ke resource lain. Halaman ini menjelaskan peran dan izin IAM Penelusuran Agen. Untuk mengetahui deskripsi mendetail tentang Google Cloud IAM, lihat dokumentasi IAM.

Penelusuran Agen menyediakan sekumpulan peran yang telah ditetapkan yang dirancang untuk membantu Anda mengontrol akses ke resource Penelusuran Agen. Anda juga dapat membuat peran khusus sendiri jika peran yang telah ditetapkan tidak menyediakan kumpulan izin yang Anda perlukan. Selain itu, peran dasar lama (Editor, Viewer, dan Pemilik) juga tetap tersedia untuk Anda, meskipun tidak memberikan kontrol terperinci yang sama dengan peran Agent Search. Secara khusus, peran dasar memberikan akses ke resource di seluruh Google Cloud , bukan hanya untuk Penelusuran Agen. Lihat dokumentasi peran dasar untuk mengetahui informasi selengkapnya.

Peran yang telah ditetapkan

Agent Search menyediakan beberapa peran yang telah ditentukan sebelumnya yang dapat Anda gunakan untuk memberikan izin yang lebih terperinci kepada akun utama. Peran yang Anda berikan kepada akun utama mengontrol tindakan yang dapat dilakukan akun utama. Akun utama dapat berupa individu, grup, atau akun layanan.

Anda dapat memberikan beberapa peran ke akun utama yang sama, dan dapat mengubah peran yang diberikan ke akun utama kapan saja, asalkan Anda memiliki izin untuk melakukannya.

Peran yang lebih luas mencakup peran yang lebih spesifik. Misalnya, peran Editor Discovery Engine mencakup semua izin peran Viewer Discovery Engine, beserta izin tambahan peran Editor Discovery Engine. Demikian juga, peran Admin Discovery Engine mencakup semua izin peran Editor Discovery Engine, beserta izin tambahannya.

Peran dasar (Pemilik, Editor, Viewer) memberikan izin di seluruh Google Cloud. Peran khusus untuk Agent Search hanya memberikan izin Agent Search, kecuali izin berikut Google Cloudyang diperlukan untuk penggunaan umum Google Cloud :

  • resourcemanager.projects.get
  • resourcemanager.projects.list
  • serviceusage.services.list
  • serviceusage.services.get

Tabel berikut mencantumkan peran IAM Agent Search beserta daftar terkait semua izin untuk setiap peran.

Peran Izin

(roles/discoveryengine.admin)

Memberikan akses penuh ke semua resource discoveryengine.

cloudaicompanion.aiDevToolsSettings.*

  • cloudaicompanion.aiDevToolsSettings.create
  • cloudaicompanion.aiDevToolsSettings.delete
  • cloudaicompanion.aiDevToolsSettings.get
  • cloudaicompanion.aiDevToolsSettings.list
  • cloudaicompanion.aiDevToolsSettings.update

cloudaicompanion.codeRepositoryIndexes.*

  • cloudaicompanion.codeRepositoryIndexes.create
  • cloudaicompanion.codeRepositoryIndexes.delete
  • cloudaicompanion.codeRepositoryIndexes.get
  • cloudaicompanion.codeRepositoryIndexes.list
  • cloudaicompanion.codeRepositoryIndexes.update

cloudaicompanion.codeToolsSettings.*

  • cloudaicompanion.codeToolsSettings.create
  • cloudaicompanion.codeToolsSettings.delete
  • cloudaicompanion.codeToolsSettings.get
  • cloudaicompanion.codeToolsSettings.list
  • cloudaicompanion.codeToolsSettings.update

cloudaicompanion.dataSharingWithGoogleSettings.*

  • cloudaicompanion.dataSharingWithGoogleSettings.create
  • cloudaicompanion.dataSharingWithGoogleSettings.delete
  • cloudaicompanion.dataSharingWithGoogleSettings.get
  • cloudaicompanion.dataSharingWithGoogleSettings.list
  • cloudaicompanion.dataSharingWithGoogleSettings.update

cloudaicompanion.geminiGcpEnablementSettings.*

  • cloudaicompanion.geminiGcpEnablementSettings.create
  • cloudaicompanion.geminiGcpEnablementSettings.delete
  • cloudaicompanion.geminiGcpEnablementSettings.get
  • cloudaicompanion.geminiGcpEnablementSettings.list
  • cloudaicompanion.geminiGcpEnablementSettings.update

cloudaicompanion.instances.queryEffectiveSetting

cloudaicompanion.instances.queryEffectiveSettingBindings

cloudaicompanion.loggingSettings.*

  • cloudaicompanion.loggingSettings.create
  • cloudaicompanion.loggingSettings.delete
  • cloudaicompanion.loggingSettings.get
  • cloudaicompanion.loggingSettings.list
  • cloudaicompanion.loggingSettings.update

cloudaicompanion.operations.*

  • cloudaicompanion.operations.cancel
  • cloudaicompanion.operations.delete
  • cloudaicompanion.operations.get
  • cloudaicompanion.operations.list

cloudaicompanion.releaseChannelSettings.*

  • cloudaicompanion.releaseChannelSettings.create
  • cloudaicompanion.releaseChannelSettings.delete
  • cloudaicompanion.releaseChannelSettings.get
  • cloudaicompanion.releaseChannelSettings.list
  • cloudaicompanion.releaseChannelSettings.update

cloudaicompanion.repositoryGroups.create

cloudaicompanion.repositoryGroups.delete

cloudaicompanion.repositoryGroups.get

cloudaicompanion.repositoryGroups.getIamPolicy

cloudaicompanion.repositoryGroups.list

cloudaicompanion.repositoryGroups.setIamPolicy

cloudaicompanion.repositoryGroups.update

cloudaicompanion.settingBindings.*

  • cloudaicompanion.settingBindings.aiDevToolsSettingsCreate
  • cloudaicompanion.settingBindings.aiDevToolsSettingsDelete
  • cloudaicompanion.settingBindings.aiDevToolsSettingsGet
  • cloudaicompanion.settingBindings.aiDevToolsSettingsList
  • cloudaicompanion.settingBindings.aiDevToolsSettingsUpdate
  • cloudaicompanion.settingBindings.aiDevToolsSettingsUse
  • cloudaicompanion.settingBindings.codeToolsSettingsCreate
  • cloudaicompanion.settingBindings.codeToolsSettingsDelete
  • cloudaicompanion.settingBindings.codeToolsSettingsGet
  • cloudaicompanion.settingBindings.codeToolsSettingsList
  • cloudaicompanion.settingBindings.codeToolsSettingsUpdate
  • cloudaicompanion.settingBindings.codeToolsSettingsUse
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsCreate
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsDelete
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsGet
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsList
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUpdate
  • cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUse
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsCreate
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsDelete
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsGet
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsList
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUpdate
  • cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUse
  • cloudaicompanion.settingBindings.loggingSettingsCreate
  • cloudaicompanion.settingBindings.loggingSettingsDelete
  • cloudaicompanion.settingBindings.loggingSettingsGet
  • cloudaicompanion.settingBindings.loggingSettingsList
  • cloudaicompanion.settingBindings.loggingSettingsUpdate
  • cloudaicompanion.settingBindings.loggingSettingsUse
  • cloudaicompanion.settingBindings.releaseChannelSettingsCreate
  • cloudaicompanion.settingBindings.releaseChannelSettingsDelete
  • cloudaicompanion.settingBindings.releaseChannelSettingsGet
  • cloudaicompanion.settingBindings.releaseChannelSettingsList
  • cloudaicompanion.settingBindings.releaseChannelSettingsUpdate
  • cloudaicompanion.settingBindings.releaseChannelSettingsUse

cloudnotifications.activities.list

discoveryengine.aclConfigs.*

  • discoveryengine.aclConfigs.get
  • discoveryengine.aclConfigs.update

discoveryengine.agentFiles.*

  • discoveryengine.agentFiles.delete
  • discoveryengine.agentFiles.download
  • discoveryengine.agentFiles.import
  • discoveryengine.agentFiles.list
  • discoveryengine.agentFiles.upload

discoveryengine.agentIamProposals.*

  • discoveryengine.agentIamProposals.create
  • discoveryengine.agentIamProposals.delete
  • discoveryengine.agentIamProposals.get
  • discoveryengine.agentIamProposals.list

discoveryengine.agents.create

discoveryengine.agents.delete

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.getIamPolicy

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.agents.manage

discoveryengine.agents.setIamPolicy

discoveryengine.agents.update

discoveryengine.alertPolicies.*

  • discoveryengine.alertPolicies.create
  • discoveryengine.alertPolicies.get
  • discoveryengine.alertPolicies.update

discoveryengine.analytics.*

  • discoveryengine.analytics.acquireDashboardSession
  • discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.*

  • discoveryengine.assistants.assist
  • discoveryengine.assistants.create
  • discoveryengine.assistants.delete
  • discoveryengine.assistants.get
  • discoveryengine.assistants.list
  • discoveryengine.assistants.update

discoveryengine.authorizations.*

  • discoveryengine.authorizations.create
  • discoveryengine.authorizations.delete
  • discoveryengine.authorizations.get
  • discoveryengine.authorizations.list
  • discoveryengine.authorizations.storeUserAuthorization
  • discoveryengine.authorizations.update

discoveryengine.billingAccountLicenseConfigs.*

  • discoveryengine.billingAccountLicenseConfigs.distribute
  • discoveryengine.billingAccountLicenseConfigs.get
  • discoveryengine.billingAccountLicenseConfigs.list
  • discoveryengine.billingAccountLicenseConfigs.retract

discoveryengine.branches.*

  • discoveryengine.branches.get
  • discoveryengine.branches.list

discoveryengine.cannedQueries.*

  • discoveryengine.cannedQueries.create
  • discoveryengine.cannedQueries.delete
  • discoveryengine.cannedQueries.get
  • discoveryengine.cannedQueries.list
  • discoveryengine.cannedQueries.listActiveCannedQueryUserViews
  • discoveryengine.cannedQueries.update

discoveryengine.cmekConfigs.*

  • discoveryengine.cmekConfigs.get
  • discoveryengine.cmekConfigs.list
  • discoveryengine.cmekConfigs.update

discoveryengine.collections.*

  • discoveryengine.collections.delete
  • discoveryengine.collections.get
  • discoveryengine.collections.list

discoveryengine.completionConfigs.*

  • discoveryengine.completionConfigs.completeQuery
  • discoveryengine.completionConfigs.get
  • discoveryengine.completionConfigs.removeSuggestion
  • discoveryengine.completionConfigs.update

discoveryengine.completionSuggestions.*

  • discoveryengine.completionSuggestions.import
  • discoveryengine.completionSuggestions.purge

discoveryengine.connectorRuns.*

  • discoveryengine.connectorRuns.cancel
  • discoveryengine.connectorRuns.list

discoveryengine.controls.*

  • discoveryengine.controls.create
  • discoveryengine.controls.delete
  • discoveryengine.controls.get
  • discoveryengine.controls.list
  • discoveryengine.controls.update

discoveryengine.conversations.*

  • discoveryengine.conversations.converse
  • discoveryengine.conversations.create
  • discoveryengine.conversations.delete
  • discoveryengine.conversations.get
  • discoveryengine.conversations.list
  • discoveryengine.conversations.update

discoveryengine.dataConnectors.*

  • discoveryengine.dataConnectors.acquireAccessToken
  • discoveryengine.dataConnectors.acquireAndStoreRefreshToken
  • discoveryengine.dataConnectors.buildActionInvocation
  • discoveryengine.dataConnectors.checkRefreshToken
  • discoveryengine.dataConnectors.executeAction
  • discoveryengine.dataConnectors.get
  • discoveryengine.dataConnectors.queryAvailableActions
  • discoveryengine.dataConnectors.startConnectorRun
  • discoveryengine.dataConnectors.update

discoveryengine.dataStores.*

  • discoveryengine.dataStores.completeQuery
  • discoveryengine.dataStores.create
  • discoveryengine.dataStores.delete
  • discoveryengine.dataStores.enrollSolutions
  • discoveryengine.dataStores.get
  • discoveryengine.dataStores.list
  • discoveryengine.dataStores.listCustomModels
  • discoveryengine.dataStores.trainCustomModel
  • discoveryengine.dataStores.update

discoveryengine.documentProcessingConfigs.*

  • discoveryengine.documentProcessingConfigs.get
  • discoveryengine.documentProcessingConfigs.update

discoveryengine.documents.*

  • discoveryengine.documents.batchGetDocumentsMetadata
  • discoveryengine.documents.create
  • discoveryengine.documents.delete
  • discoveryengine.documents.get
  • discoveryengine.documents.import
  • discoveryengine.documents.list
  • discoveryengine.documents.purge
  • discoveryengine.documents.update

discoveryengine.engines.*

  • discoveryengine.engines.create
  • discoveryengine.engines.createEngineUserData
  • discoveryengine.engines.delete
  • discoveryengine.engines.generateMemories
  • discoveryengine.engines.generatePersonalContext
  • discoveryengine.engines.get
  • discoveryengine.engines.getEngineUserData
  • discoveryengine.engines.getIamPolicy
  • discoveryengine.engines.getPersonalContext
  • discoveryengine.engines.list
  • discoveryengine.engines.pause
  • discoveryengine.engines.resume
  • discoveryengine.engines.setIamPolicy
  • discoveryengine.engines.tune
  • discoveryengine.engines.update
  • discoveryengine.engines.updateEngineUserData

discoveryengine.evaluations.*

  • discoveryengine.evaluations.create
  • discoveryengine.evaluations.get
  • discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.*

  • discoveryengine.ideaForgeIdeas.create
  • discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.*

  • discoveryengine.ideaForgeInstances.get
  • discoveryengine.ideaForgeInstances.start

discoveryengine.identityMappingStores.*

  • discoveryengine.identityMappingStores.create
  • discoveryengine.identityMappingStores.delete
  • discoveryengine.identityMappingStores.get
  • discoveryengine.identityMappingStores.importIdentityMappings
  • discoveryengine.identityMappingStores.list
  • discoveryengine.identityMappingStores.listIdentityMappings
  • discoveryengine.identityMappingStores.purgeIdentityMappings

discoveryengine.licenseConfigs.*

  • discoveryengine.licenseConfigs.create
  • discoveryengine.licenseConfigs.get
  • discoveryengine.licenseConfigs.list
  • discoveryengine.licenseConfigs.update

discoveryengine.locations.*

  • discoveryengine.locations.completeExternalIdentities
  • discoveryengine.locations.estimateDataSize
  • discoveryengine.locations.exchangeAuthCredentials
  • discoveryengine.locations.fetchAgentCards
  • discoveryengine.locations.getConnectorSource
  • discoveryengine.locations.listConnectorSources
  • discoveryengine.locations.setUpDataConnector

discoveryengine.memories.*

  • discoveryengine.memories.delete
  • discoveryengine.memories.list
  • discoveryengine.memories.retrieve
  • discoveryengine.memories.update

discoveryengine.models.*

  • discoveryengine.models.create
  • discoveryengine.models.delete
  • discoveryengine.models.get
  • discoveryengine.models.list
  • discoveryengine.models.pause
  • discoveryengine.models.resume
  • discoveryengine.models.tune
  • discoveryengine.models.update

discoveryengine.notificationMessages.*

  • discoveryengine.notificationMessages.ackAll
  • discoveryengine.notificationMessages.list
  • discoveryengine.notificationMessages.update

discoveryengine.operations.*

  • discoveryengine.operations.get
  • discoveryengine.operations.list

discoveryengine.projects.*

  • discoveryengine.projects.get
  • discoveryengine.projects.provision
  • discoveryengine.projects.reportConsentChange

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.*

  • discoveryengine.sampleQueries.create
  • discoveryengine.sampleQueries.delete
  • discoveryengine.sampleQueries.get
  • discoveryengine.sampleQueries.import
  • discoveryengine.sampleQueries.list
  • discoveryengine.sampleQueries.update

discoveryengine.sampleQuerySets.*

  • discoveryengine.sampleQuerySets.create
  • discoveryengine.sampleQuerySets.delete
  • discoveryengine.sampleQuerySets.get
  • discoveryengine.sampleQuerySets.list
  • discoveryengine.sampleQuerySets.update

discoveryengine.schemas.*

  • discoveryengine.schemas.create
  • discoveryengine.schemas.delete
  • discoveryengine.schemas.get
  • discoveryengine.schemas.list
  • discoveryengine.schemas.preview
  • discoveryengine.schemas.update
  • discoveryengine.schemas.validate

discoveryengine.servingConfigs.*

  • discoveryengine.servingConfigs.answer
  • discoveryengine.servingConfigs.create
  • discoveryengine.servingConfigs.delete
  • discoveryengine.servingConfigs.get
  • discoveryengine.servingConfigs.list
  • discoveryengine.servingConfigs.recommend
  • discoveryengine.servingConfigs.search
  • discoveryengine.servingConfigs.update

discoveryengine.sessions.*

  • discoveryengine.sessions.addContextFile
  • discoveryengine.sessions.create
  • discoveryengine.sessions.delete
  • discoveryengine.sessions.downloadFile
  • discoveryengine.sessions.generateSummary
  • discoveryengine.sessions.get
  • discoveryengine.sessions.list
  • discoveryengine.sessions.listSessionFileMetadata
  • discoveryengine.sessions.recommendQuestions
  • discoveryengine.sessions.removeContextFile
  • discoveryengine.sessions.search
  • discoveryengine.sessions.selectContextFiles
  • discoveryengine.sessions.update
  • discoveryengine.sessions.uploadFile

discoveryengine.sharedContents.*

  • discoveryengine.sharedContents.create
  • discoveryengine.sharedContents.delete
  • discoveryengine.sharedContents.get
  • discoveryengine.sharedContents.list

discoveryengine.siteSearchEngines.*

  • discoveryengine.siteSearchEngines.batchVerifyTargetSites
  • discoveryengine.siteSearchEngines.disableAdvancedSiteSearch
  • discoveryengine.siteSearchEngines.enableAdvancedSiteSearch
  • discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
  • discoveryengine.siteSearchEngines.get
  • discoveryengine.siteSearchEngines.recrawlUris

discoveryengine.sitemaps.*

  • discoveryengine.sitemaps.create
  • discoveryengine.sitemaps.delete
  • discoveryengine.sitemaps.fetch

discoveryengine.suggestionDenyListEntries.*

  • discoveryengine.suggestionDenyListEntries.import
  • discoveryengine.suggestionDenyListEntries.purge

discoveryengine.targetSites.*

  • discoveryengine.targetSites.batchCreate
  • discoveryengine.targetSites.create
  • discoveryengine.targetSites.delete
  • discoveryengine.targetSites.get
  • discoveryengine.targetSites.list
  • discoveryengine.targetSites.update

discoveryengine.userEvents.*

  • discoveryengine.userEvents.create
  • discoveryengine.userEvents.fetchStats
  • discoveryengine.userEvents.import
  • discoveryengine.userEvents.purge

discoveryengine.userStores.*

  • discoveryengine.userStores.batchUpdateUserLicenses
  • discoveryengine.userStores.get
  • discoveryengine.userStores.listUserLicenses
  • discoveryengine.userStores.update

discoveryengine.users.*

  • discoveryengine.users.get
  • discoveryengine.users.update

discoveryengine.widgetConfigs.*

  • discoveryengine.widgetConfigs.get
  • discoveryengine.widgetConfigs.update

monitoring.alertPolicies.get

monitoring.alertPolicies.list

monitoring.alertPolicies.listEffectiveTags

monitoring.alertPolicies.listTagBindings

monitoring.alerts.*

  • monitoring.alerts.get
  • monitoring.alerts.list

monitoring.dashboards.get

monitoring.dashboards.list

monitoring.dashboards.listEffectiveTags

monitoring.dashboards.listTagBindings

monitoring.groups.get

monitoring.groups.list

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

  • monitoring.monitoredResourceDescriptors.get
  • monitoring.monitoredResourceDescriptors.list

monitoring.notificationChannelDescriptors.*

  • monitoring.notificationChannelDescriptors.get
  • monitoring.notificationChannelDescriptors.list

monitoring.notificationChannels.get

monitoring.notificationChannels.list

monitoring.services.get

monitoring.services.list

monitoring.slos.get

monitoring.slos.list

monitoring.snoozes.get

monitoring.snoozes.list

monitoring.timeSeries.list

monitoring.uptimeCheckConfigs.get

monitoring.uptimeCheckConfigs.list

opsconfigmonitoring.resourceMetadata.list

resourcemanager.projects.get

resourcemanager.projects.list

stackdriver.projects.get

stackdriver.resourceMetadata.list

(roles/discoveryengine.editor)

Memberikan akses baca dan tulis ke semua resource mesin penemuan.

discoveryengine.aclConfigs.get

discoveryengine.agentFiles.*

  • discoveryengine.agentFiles.delete
  • discoveryengine.agentFiles.download
  • discoveryengine.agentFiles.import
  • discoveryengine.agentFiles.list
  • discoveryengine.agentFiles.upload

discoveryengine.agents.create

discoveryengine.agents.delete

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.getIamPolicy

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.agents.manage

discoveryengine.agents.update

discoveryengine.alertPolicies.get

discoveryengine.analytics.*

  • discoveryengine.analytics.acquireDashboardSession
  • discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.assist

discoveryengine.assistants.get

discoveryengine.assistants.list

discoveryengine.authorizations.storeUserAuthorization

discoveryengine.branches.*

  • discoveryengine.branches.get
  • discoveryengine.branches.list

discoveryengine.cannedQueries.get

discoveryengine.cannedQueries.list

discoveryengine.cannedQueries.listActiveCannedQueryUserViews

discoveryengine.cmekConfigs.get

discoveryengine.cmekConfigs.list

discoveryengine.collections.get

discoveryengine.collections.list

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.get

discoveryengine.completionConfigs.removeSuggestion

discoveryengine.connectorRuns.list

discoveryengine.controls.get

discoveryengine.controls.list

discoveryengine.conversations.*

  • discoveryengine.conversations.converse
  • discoveryengine.conversations.create
  • discoveryengine.conversations.delete
  • discoveryengine.conversations.get
  • discoveryengine.conversations.list
  • discoveryengine.conversations.update

discoveryengine.dataConnectors.acquireAccessToken

discoveryengine.dataConnectors.acquireAndStoreRefreshToken

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.executeAction

discoveryengine.dataConnectors.get

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.dataStores.completeQuery

discoveryengine.dataStores.get

discoveryengine.dataStores.list

discoveryengine.dataStores.listCustomModels

discoveryengine.dataStores.trainCustomModel

discoveryengine.documentProcessingConfigs.get

discoveryengine.documents.batchGetDocumentsMetadata

discoveryengine.documents.create

discoveryengine.documents.delete

discoveryengine.documents.get

discoveryengine.documents.import

discoveryengine.documents.list

discoveryengine.documents.update

discoveryengine.engines.createEngineUserData

discoveryengine.engines.generateMemories

discoveryengine.engines.generatePersonalContext

discoveryengine.engines.get

discoveryengine.engines.getEngineUserData

discoveryengine.engines.getPersonalContext

discoveryengine.engines.list

discoveryengine.engines.pause

discoveryengine.engines.resume

discoveryengine.engines.tune

discoveryengine.engines.updateEngineUserData

discoveryengine.evaluations.get

discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.*

  • discoveryengine.ideaForgeIdeas.create
  • discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.*

  • discoveryengine.ideaForgeInstances.get
  • discoveryengine.ideaForgeInstances.start

discoveryengine.identityMappingStores.*

  • discoveryengine.identityMappingStores.create
  • discoveryengine.identityMappingStores.delete
  • discoveryengine.identityMappingStores.get
  • discoveryengine.identityMappingStores.importIdentityMappings
  • discoveryengine.identityMappingStores.list
  • discoveryengine.identityMappingStores.listIdentityMappings
  • discoveryengine.identityMappingStores.purgeIdentityMappings

discoveryengine.licenseConfigs.get

discoveryengine.licenseConfigs.list

discoveryengine.locations.completeExternalIdentities

discoveryengine.locations.fetchAgentCards

discoveryengine.memories.*

  • discoveryengine.memories.delete
  • discoveryengine.memories.list
  • discoveryengine.memories.retrieve
  • discoveryengine.memories.update

discoveryengine.models.*

  • discoveryengine.models.create
  • discoveryengine.models.delete
  • discoveryengine.models.get
  • discoveryengine.models.list
  • discoveryengine.models.pause
  • discoveryengine.models.resume
  • discoveryengine.models.tune
  • discoveryengine.models.update

discoveryengine.notificationMessages.*

  • discoveryengine.notificationMessages.ackAll
  • discoveryengine.notificationMessages.list
  • discoveryengine.notificationMessages.update

discoveryengine.operations.*

  • discoveryengine.operations.get
  • discoveryengine.operations.list

discoveryengine.projects.get

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.*

  • discoveryengine.sampleQueries.create
  • discoveryengine.sampleQueries.delete
  • discoveryengine.sampleQueries.get
  • discoveryengine.sampleQueries.import
  • discoveryengine.sampleQueries.list
  • discoveryengine.sampleQueries.update

discoveryengine.sampleQuerySets.*

  • discoveryengine.sampleQuerySets.create
  • discoveryengine.sampleQuerySets.delete
  • discoveryengine.sampleQuerySets.get
  • discoveryengine.sampleQuerySets.list
  • discoveryengine.sampleQuerySets.update

discoveryengine.schemas.get

discoveryengine.schemas.list

discoveryengine.schemas.preview

discoveryengine.schemas.validate

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.get

discoveryengine.servingConfigs.list

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.*

  • discoveryengine.sessions.addContextFile
  • discoveryengine.sessions.create
  • discoveryengine.sessions.delete
  • discoveryengine.sessions.downloadFile
  • discoveryengine.sessions.generateSummary
  • discoveryengine.sessions.get
  • discoveryengine.sessions.list
  • discoveryengine.sessions.listSessionFileMetadata
  • discoveryengine.sessions.recommendQuestions
  • discoveryengine.sessions.removeContextFile
  • discoveryengine.sessions.search
  • discoveryengine.sessions.selectContextFiles
  • discoveryengine.sessions.update
  • discoveryengine.sessions.uploadFile

discoveryengine.sharedContents.*

  • discoveryengine.sharedContents.create
  • discoveryengine.sharedContents.delete
  • discoveryengine.sharedContents.get
  • discoveryengine.sharedContents.list

discoveryengine.siteSearchEngines.get

discoveryengine.targetSites.get

discoveryengine.targetSites.list

discoveryengine.userEvents.create

discoveryengine.userEvents.fetchStats

discoveryengine.userEvents.import

discoveryengine.userStores.get

discoveryengine.widgetConfigs.*

  • discoveryengine.widgetConfigs.get
  • discoveryengine.widgetConfigs.update

resourcemanager.projects.get

resourcemanager.projects.list

(roles/discoveryengine.user)

Memberikan akses tingkat pengguna ke resource Discovery Engine.

businessaicode.*

  • businessaicode.locations.generateContent
  • businessaicode.locations.queryConfiguration
  • businessaicode.locations.sendTelemetry

cloudaicompanion.companions.*

  • cloudaicompanion.companions.generateChat
  • cloudaicompanion.companions.generateCode

cloudaicompanion.entitlements.get

cloudaicompanion.instances.*

  • cloudaicompanion.instances.completeCode
  • cloudaicompanion.instances.completeTask
  • cloudaicompanion.instances.exportMetrics
  • cloudaicompanion.instances.generateCode
  • cloudaicompanion.instances.generateText
  • cloudaicompanion.instances.queryEffectiveSetting
  • cloudaicompanion.instances.queryEffectiveSettingBindings

cloudaicompanion.licenses.selfAssign

cloudaicompanion.operations.get

cloudaicompanion.topics.create

discoveryengine.accounts.create

discoveryengine.agentFiles.*

  • discoveryengine.agentFiles.delete
  • discoveryengine.agentFiles.download
  • discoveryengine.agentFiles.import
  • discoveryengine.agentFiles.list
  • discoveryengine.agentFiles.upload

discoveryengine.agentIamProposals.*

  • discoveryengine.agentIamProposals.create
  • discoveryengine.agentIamProposals.delete
  • discoveryengine.agentIamProposals.get
  • discoveryengine.agentIamProposals.list

discoveryengine.agents.create

discoveryengine.agents.delete

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.agents.requestReview

discoveryengine.agents.update

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.assist

discoveryengine.authorizations.storeUserAuthorization

discoveryengine.cannedQueries.listActiveCannedQueryUserViews

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.removeSuggestion

discoveryengine.dataConnectors.acquireAccessToken

discoveryengine.dataConnectors.acquireAndStoreRefreshToken

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.executeAction

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.engines.createEngineUserData

discoveryengine.engines.generateMemories

discoveryengine.engines.generatePersonalContext

discoveryengine.engines.get

discoveryengine.engines.getEngineUserData

discoveryengine.engines.getPersonalContext

discoveryengine.engines.updateEngineUserData

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.*

  • discoveryengine.ideaForgeIdeas.create
  • discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.*

  • discoveryengine.ideaForgeInstances.get
  • discoveryengine.ideaForgeInstances.start

discoveryengine.locations.completeExternalIdentities

discoveryengine.locations.fetchAgentCards

discoveryengine.memories.*

  • discoveryengine.memories.delete
  • discoveryengine.memories.list
  • discoveryengine.memories.retrieve
  • discoveryengine.memories.update

discoveryengine.notebooks.create

discoveryengine.notebooks.list

discoveryengine.notificationMessages.*

  • discoveryengine.notificationMessages.ackAll
  • discoveryengine.notificationMessages.list
  • discoveryengine.notificationMessages.update

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.*

  • discoveryengine.sessions.addContextFile
  • discoveryengine.sessions.create
  • discoveryengine.sessions.delete
  • discoveryengine.sessions.downloadFile
  • discoveryengine.sessions.generateSummary
  • discoveryengine.sessions.get
  • discoveryengine.sessions.list
  • discoveryengine.sessions.listSessionFileMetadata
  • discoveryengine.sessions.recommendQuestions
  • discoveryengine.sessions.removeContextFile
  • discoveryengine.sessions.search
  • discoveryengine.sessions.selectContextFiles
  • discoveryengine.sessions.update
  • discoveryengine.sessions.uploadFile

discoveryengine.sharedContents.*

  • discoveryengine.sharedContents.create
  • discoveryengine.sharedContents.delete
  • discoveryengine.sharedContents.get
  • discoveryengine.sharedContents.list

discoveryengine.userEvents.create

discoveryengine.users.*

  • discoveryengine.users.get
  • discoveryengine.users.update

discoveryengine.widgetConfigs.get

resourcemanager.projects.get

resourcemanager.projects.list

(roles/discoveryengine.viewer)

Memberikan akses baca ke semua resource mesin penemuan.

discoveryengine.aclConfigs.get

discoveryengine.agentFiles.list

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.getIamPolicy

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.alertPolicies.get

discoveryengine.analytics.*

  • discoveryengine.analytics.acquireDashboardSession
  • discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.get

discoveryengine.assistants.list

discoveryengine.branches.*

  • discoveryengine.branches.get
  • discoveryengine.branches.list

discoveryengine.cannedQueries.get

discoveryengine.cannedQueries.list

discoveryengine.cannedQueries.listActiveCannedQueryUserViews

discoveryengine.cmekConfigs.get

discoveryengine.cmekConfigs.list

discoveryengine.collections.get

discoveryengine.collections.list

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.get

discoveryengine.connectorRuns.list

discoveryengine.controls.get

discoveryengine.controls.list

discoveryengine.conversations.converse

discoveryengine.conversations.get

discoveryengine.conversations.list

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.get

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.dataStores.completeQuery

discoveryengine.dataStores.get

discoveryengine.dataStores.list

discoveryengine.dataStores.listCustomModels

discoveryengine.documentProcessingConfigs.get

discoveryengine.documents.batchGetDocumentsMetadata

discoveryengine.documents.get

discoveryengine.documents.list

discoveryengine.engines.get

discoveryengine.engines.getPersonalContext

discoveryengine.engines.list

discoveryengine.evaluations.get

discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.get

discoveryengine.identityMappingStores.get

discoveryengine.identityMappingStores.list

discoveryengine.identityMappingStores.listIdentityMappings

discoveryengine.locations.completeExternalIdentities

discoveryengine.locations.fetchAgentCards

discoveryengine.memories.list

discoveryengine.memories.retrieve

discoveryengine.models.get

discoveryengine.models.list

discoveryengine.notificationMessages.list

discoveryengine.operations.*

  • discoveryengine.operations.get
  • discoveryengine.operations.list

discoveryengine.projects.get

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.get

discoveryengine.sampleQueries.list

discoveryengine.sampleQuerySets.get

discoveryengine.sampleQuerySets.list

discoveryengine.schemas.get

discoveryengine.schemas.list

discoveryengine.schemas.preview

discoveryengine.schemas.validate

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.get

discoveryengine.servingConfigs.list

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.downloadFile

discoveryengine.sessions.generateSummary

discoveryengine.sessions.get

discoveryengine.sessions.list

discoveryengine.sessions.listSessionFileMetadata

discoveryengine.sessions.recommendQuestions

discoveryengine.sharedContents.get

discoveryengine.sharedContents.list

discoveryengine.siteSearchEngines.get

discoveryengine.targetSites.get

discoveryengine.targetSites.list

discoveryengine.userEvents.fetchStats

discoveryengine.userStores.get

discoveryengine.widgetConfigs.get

resourcemanager.projects.get

resourcemanager.projects.list

Mengelola IAM Penelusuran Agen

Anda dapat memperoleh dan menetapkan kebijakan izinkan IAM dan peran IAM menggunakan Konsol Google Cloud. Untuk mengetahui informasi selengkapnya, lihat Mengelola akses ke project, folder, dan organisasi.

Langkah berikutnya