Note: Vertex AI Search is being renamed to Agent Search. We are in the process of updating content to reflect the new branding.

Google uses AI technology to translate content into your preferred language. AI translations can contain errors.

בקרת גישה באמצעות IAM

בדף הזה מוסבר איך אפשר לשלוט בגישה ל-Discovery Engine API ובהרשאות למשאבי חיפוש מבוסס סוכנים באמצעות ניהול זהויות והרשאות גישה (IAM).

סקירה כללית

‫Google Cloud כולל את הממשק לניהול זהויות והרשאות גישה (IAM), שבאמצעותו אתם יכולים לתת גישה פרטנית יותר למשאבים ספציפיים ב- Google Cloud ולמנוע גישה לא רצויה למשאבים אחרים. בדף הזה מוסבר על התפקידים וההרשאות של Agent Search ב-IAM. למידע מפורט על Google CloudIAM, תוכלו לעיין במסמכי העזרה של IAM.

התכונה 'חיפוש באמצעות סוכן' מספקת קבוצה של תפקידים מוגדרים מראש שנועדו לעזור לכם לשלוט בגישה למשאבים של התכונה 'חיפוש באמצעות סוכן'. אם התפקידים המוגדרים מראש לא מספקים את קבוצות ההרשאות שאתם צריכים, אתם יכולים גם ליצור תפקידים בהתאמה אישית. בנוסף, התפקידים הבסיסיים הישנים (עריכה, צפייה ובעלים) עדיין זמינים לכם, אבל הם לא מספקים את אותה רמת שליטה מפורטת כמו התפקידים של חיפוש מבוסס סוכנים. בפרט, התפקידים הבסיסיים מספקים גישה למשאבים ב- Google Cloud ולא רק לחיפוש מבוסס סוכנים. מידע נוסף מופיע במאמר בנושא תפקידים בסיסיים.

תפקידים מוגדרים מראש

בחיפוש באמצעות סוכן יש כמה תפקידים מוגדרים מראש שבהם אפשר להשתמש כדי לתת הרשאות מפורטות יותר לחשבונות משתמשים. התפקיד שאתם מקצים לחשבון משתמש קובע אילו פעולות הוא יכול לבצע. חשבונות משתמשים יכולים להיות אנשים, קבוצות או חשבונות שירות.

אתם יכולים להקצות לאותו חשבון משתמש כמה תפקידים, ואתם יכולים לשנות את התפקידים שהוקצו לחשבון משתמש בכל שלב, בתנאי שיש לכם את ההרשאות לעשות זאת.

התפקידים הרחבים יותר כוללים את התפקידים המוגדרים בצורה מצומצמת יותר. לדוגמה, התפקיד Discovery Engine Editor כולל את כל ההרשאות של התפקיד Discovery Engine Viewer, בנוסף להרשאות הנוספות של התפקיד Discovery Engine Editor. באופן דומה, התפקיד 'אדמין של מנוע Discovery' כולל את כל ההרשאות של התפקיד 'עורך של מנוע Discovery', בנוסף להרשאות הנוספות שלו.

התפקידים הבסיסיים (בעלים, עריכה, צפייה) מספקים הרשאות ב- Google Cloud. התפקידים הספציפיים לחיפוש בסוכן מספקים רק הרשאות לחיפוש בסוכן, למעט ההרשאות הבאות Google Cloud שנדרשות לשימוש כללי Google Cloud :

resourcemanager.projects.get
resourcemanager.projects.list
serviceusage.services.list
serviceusage.services.get

בטבלה הבאה מפורטים תפקידי ה-IAM של חיפוש מבוסס סוכנים, ורשימה של כל ההרשאות שמשויכות לכל תפקיד.

תפקיד הרשאות

תפקיד	הרשאות
Discovery Engine Admin (`roles/discoveryengine.admin`) מעניקה גישה מלאה לכל המשאבים של discoveryengine.	`cloudaicompanion.aiDevToolsSettings.` `cloudaicompanion.aiDevToolsSettings.create` `cloudaicompanion.aiDevToolsSettings.delete` `cloudaicompanion.aiDevToolsSettings.get` `cloudaicompanion.aiDevToolsSettings.list` `cloudaicompanion.aiDevToolsSettings.update` `cloudaicompanion.codeRepositoryIndexes.` `cloudaicompanion.codeRepositoryIndexes.create` `cloudaicompanion.codeRepositoryIndexes.delete` `cloudaicompanion.codeRepositoryIndexes.get` `cloudaicompanion.codeRepositoryIndexes.list` `cloudaicompanion.codeRepositoryIndexes.update` `cloudaicompanion.codeToolsSettings.` `cloudaicompanion.codeToolsSettings.create` `cloudaicompanion.codeToolsSettings.delete` `cloudaicompanion.codeToolsSettings.get` `cloudaicompanion.codeToolsSettings.list` `cloudaicompanion.codeToolsSettings.update` `cloudaicompanion.dataSharingWithGoogleSettings.` `cloudaicompanion.dataSharingWithGoogleSettings.create` `cloudaicompanion.dataSharingWithGoogleSettings.delete` `cloudaicompanion.dataSharingWithGoogleSettings.get` `cloudaicompanion.dataSharingWithGoogleSettings.list` `cloudaicompanion.dataSharingWithGoogleSettings.update` `cloudaicompanion.geminiGcpEnablementSettings.` `cloudaicompanion.geminiGcpEnablementSettings.create` `cloudaicompanion.geminiGcpEnablementSettings.delete` `cloudaicompanion.geminiGcpEnablementSettings.get` `cloudaicompanion.geminiGcpEnablementSettings.list` `cloudaicompanion.geminiGcpEnablementSettings.update` `cloudaicompanion.instances.queryEffectiveSetting` `cloudaicompanion.instances.queryEffectiveSettingBindings` `cloudaicompanion.loggingSettings.` `cloudaicompanion.loggingSettings.create` `cloudaicompanion.loggingSettings.delete` `cloudaicompanion.loggingSettings.get` `cloudaicompanion.loggingSettings.list` `cloudaicompanion.loggingSettings.update` `cloudaicompanion.operations.` `cloudaicompanion.operations.cancel` `cloudaicompanion.operations.delete` `cloudaicompanion.operations.get` `cloudaicompanion.operations.list` `cloudaicompanion.releaseChannelSettings.` `cloudaicompanion.releaseChannelSettings.create` `cloudaicompanion.releaseChannelSettings.delete` `cloudaicompanion.releaseChannelSettings.get` `cloudaicompanion.releaseChannelSettings.list` `cloudaicompanion.releaseChannelSettings.update` `cloudaicompanion.repositoryGroups.create` `cloudaicompanion.repositoryGroups.delete` `cloudaicompanion.repositoryGroups.get` `cloudaicompanion.repositoryGroups.getIamPolicy` `cloudaicompanion.repositoryGroups.list` `cloudaicompanion.repositoryGroups.setIamPolicy` `cloudaicompanion.repositoryGroups.update` `cloudaicompanion.settingBindings.` `cloudaicompanion.settingBindings.aiDevToolsSettingsCreate` `cloudaicompanion.settingBindings.aiDevToolsSettingsDelete` `cloudaicompanion.settingBindings.aiDevToolsSettingsGet` `cloudaicompanion.settingBindings.aiDevToolsSettingsList` `cloudaicompanion.settingBindings.aiDevToolsSettingsUpdate` `cloudaicompanion.settingBindings.aiDevToolsSettingsUse` `cloudaicompanion.settingBindings.codeToolsSettingsCreate` `cloudaicompanion.settingBindings.codeToolsSettingsDelete` `cloudaicompanion.settingBindings.codeToolsSettingsGet` `cloudaicompanion.settingBindings.codeToolsSettingsList` `cloudaicompanion.settingBindings.codeToolsSettingsUpdate` `cloudaicompanion.settingBindings.codeToolsSettingsUse` `cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsCreate` `cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsDelete` `cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsGet` `cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsList` `cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUpdate` `cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUse` `cloudaicompanion.settingBindings.geminiGcpEnablementSettingsCreate` `cloudaicompanion.settingBindings.geminiGcpEnablementSettingsDelete` `cloudaicompanion.settingBindings.geminiGcpEnablementSettingsGet` `cloudaicompanion.settingBindings.geminiGcpEnablementSettingsList` `cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUpdate` `cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUse` `cloudaicompanion.settingBindings.loggingSettingsCreate` `cloudaicompanion.settingBindings.loggingSettingsDelete` `cloudaicompanion.settingBindings.loggingSettingsGet` `cloudaicompanion.settingBindings.loggingSettingsList` `cloudaicompanion.settingBindings.loggingSettingsUpdate` `cloudaicompanion.settingBindings.loggingSettingsUse` `cloudaicompanion.settingBindings.releaseChannelSettingsCreate` `cloudaicompanion.settingBindings.releaseChannelSettingsDelete` `cloudaicompanion.settingBindings.releaseChannelSettingsGet` `cloudaicompanion.settingBindings.releaseChannelSettingsList` `cloudaicompanion.settingBindings.releaseChannelSettingsUpdate` `cloudaicompanion.settingBindings.releaseChannelSettingsUse` `cloudnotifications.activities.list` `consumerprocurement.entitlements.` `consumerprocurement.entitlements.get` `consumerprocurement.entitlements.list` `discoveryengine.aclConfigs.` `discoveryengine.aclConfigs.get` `discoveryengine.aclConfigs.update` `discoveryengine.agentFiles.` `discoveryengine.agentFiles.delete` `discoveryengine.agentFiles.download` `discoveryengine.agentFiles.import` `discoveryengine.agentFiles.list` `discoveryengine.agentFiles.upload` `discoveryengine.agentIamProposals.` `discoveryengine.agentIamProposals.create` `discoveryengine.agentIamProposals.delete` `discoveryengine.agentIamProposals.get` `discoveryengine.agentIamProposals.list` `discoveryengine.agents.create` `discoveryengine.agents.delete` `discoveryengine.agents.get` `discoveryengine.agents.getAgentView` `discoveryengine.agents.getIamPolicy` `discoveryengine.agents.list` `discoveryengine.agents.listAvailableAgentViews` `discoveryengine.agents.manage` `discoveryengine.agents.setIamPolicy` `discoveryengine.agents.update` `discoveryengine.alertPolicies.` `discoveryengine.alertPolicies.create` `discoveryengine.alertPolicies.get` `discoveryengine.alertPolicies.update` `discoveryengine.analytics.` `discoveryengine.analytics.acquireDashboardSession` `discoveryengine.analytics.refreshDashboardSessionTokens` `discoveryengine.answers.get` `discoveryengine.assistAnswers.get` `discoveryengine.assistants.` `discoveryengine.assistants.assist` `discoveryengine.assistants.create` `discoveryengine.assistants.delete` `discoveryengine.assistants.get` `discoveryengine.assistants.list` `discoveryengine.assistants.update` `discoveryengine.authorizations.` `discoveryengine.authorizations.create` `discoveryengine.authorizations.delete` `discoveryengine.authorizations.get` `discoveryengine.authorizations.list` `discoveryengine.authorizations.storeUserAuthorization` `discoveryengine.authorizations.update` `discoveryengine.billingAccountLicenseConfigs.` `discoveryengine.billingAccountLicenseConfigs.distribute` `discoveryengine.billingAccountLicenseConfigs.get` `discoveryengine.billingAccountLicenseConfigs.list` `discoveryengine.billingAccountLicenseConfigs.retract` `discoveryengine.branches.` `discoveryengine.branches.get` `discoveryengine.branches.list` `discoveryengine.cannedQueries.` `discoveryengine.cannedQueries.create` `discoveryengine.cannedQueries.delete` `discoveryengine.cannedQueries.get` `discoveryengine.cannedQueries.list` `discoveryengine.cannedQueries.listActiveCannedQueryUserViews` `discoveryengine.cannedQueries.update` `discoveryengine.cmekConfigs.` `discoveryengine.cmekConfigs.get` `discoveryengine.cmekConfigs.list` `discoveryengine.cmekConfigs.update` `discoveryengine.collections.` `discoveryengine.collections.delete` `discoveryengine.collections.get` `discoveryengine.collections.list` `discoveryengine.completionConfigs.` `discoveryengine.completionConfigs.completeQuery` `discoveryengine.completionConfigs.get` `discoveryengine.completionConfigs.removeSuggestion` `discoveryengine.completionConfigs.update` `discoveryengine.completionSuggestions.` `discoveryengine.completionSuggestions.import` `discoveryengine.completionSuggestions.purge` `discoveryengine.connectorRuns.` `discoveryengine.connectorRuns.cancel` `discoveryengine.connectorRuns.list` `discoveryengine.controls.` `discoveryengine.controls.create` `discoveryengine.controls.delete` `discoveryengine.controls.get` `discoveryengine.controls.list` `discoveryengine.controls.update` `discoveryengine.conversations.` `discoveryengine.conversations.converse` `discoveryengine.conversations.create` `discoveryengine.conversations.delete` `discoveryengine.conversations.get` `discoveryengine.conversations.list` `discoveryengine.conversations.update` `discoveryengine.dataConnectors.` `discoveryengine.dataConnectors.acquireAccessToken` `discoveryengine.dataConnectors.acquireAndStoreRefreshToken` `discoveryengine.dataConnectors.buildActionInvocation` `discoveryengine.dataConnectors.checkRefreshToken` `discoveryengine.dataConnectors.executeAction` `discoveryengine.dataConnectors.get` `discoveryengine.dataConnectors.queryAvailableActions` `discoveryengine.dataConnectors.startConnectorRun` `discoveryengine.dataConnectors.update` `discoveryengine.dataStores.` `discoveryengine.dataStores.completeQuery` `discoveryengine.dataStores.create` `discoveryengine.dataStores.delete` `discoveryengine.dataStores.enrollSolutions` `discoveryengine.dataStores.get` `discoveryengine.dataStores.list` `discoveryengine.dataStores.listCustomModels` `discoveryengine.dataStores.trainCustomModel` `discoveryengine.dataStores.update` `discoveryengine.documentProcessingConfigs.` `discoveryengine.documentProcessingConfigs.get` `discoveryengine.documentProcessingConfigs.update` `discoveryengine.documents.` `discoveryengine.documents.batchGetDocumentsMetadata` `discoveryengine.documents.create` `discoveryengine.documents.delete` `discoveryengine.documents.get` `discoveryengine.documents.import` `discoveryengine.documents.list` `discoveryengine.documents.purge` `discoveryengine.documents.update` `discoveryengine.engines.` `discoveryengine.engines.create` `discoveryengine.engines.createEngineUserData` `discoveryengine.engines.delete` `discoveryengine.engines.generateMemories` `discoveryengine.engines.generatePersonalContext` `discoveryengine.engines.get` `discoveryengine.engines.getEngineUserData` `discoveryengine.engines.getIamPolicy` `discoveryengine.engines.getPersonalContext` `discoveryengine.engines.list` `discoveryengine.engines.pause` `discoveryengine.engines.resume` `discoveryengine.engines.setIamPolicy` `discoveryengine.engines.tune` `discoveryengine.engines.update` `discoveryengine.engines.updateEngineUserData` `discoveryengine.evaluations.` `discoveryengine.evaluations.create` `discoveryengine.evaluations.get` `discoveryengine.evaluations.list` `discoveryengine.groundingConfigs.check` `discoveryengine.homepageDataConfigs.fetchDocuments` `discoveryengine.ideaForgeIdeas.` `discoveryengine.ideaForgeIdeas.create` `discoveryengine.ideaForgeIdeas.get` `discoveryengine.ideaForgeInstances.` `discoveryengine.ideaForgeInstances.get` `discoveryengine.ideaForgeInstances.start` `discoveryengine.identityMappingStores.` `discoveryengine.identityMappingStores.create` `discoveryengine.identityMappingStores.delete` `discoveryengine.identityMappingStores.get` `discoveryengine.identityMappingStores.importIdentityMappings` `discoveryengine.identityMappingStores.list` `discoveryengine.identityMappingStores.listIdentityMappings` `discoveryengine.identityMappingStores.purgeIdentityMappings` `discoveryengine.licenseConfigs.` `discoveryengine.licenseConfigs.create` `discoveryengine.licenseConfigs.get` `discoveryengine.licenseConfigs.list` `discoveryengine.licenseConfigs.update` `discoveryengine.locations.` `discoveryengine.locations.completeExternalIdentities` `discoveryengine.locations.estimateDataSize` `discoveryengine.locations.exchangeAuthCredentials` `discoveryengine.locations.fetchAgentCards` `discoveryengine.locations.getConnectorSource` `discoveryengine.locations.listConnectorSources` `discoveryengine.locations.setUpDataConnector` `discoveryengine.memories.` `discoveryengine.memories.delete` `discoveryengine.memories.list` `discoveryengine.memories.retrieve` `discoveryengine.memories.update` `discoveryengine.models.` `discoveryengine.models.create` `discoveryengine.models.delete` `discoveryengine.models.get` `discoveryengine.models.list` `discoveryengine.models.pause` `discoveryengine.models.resume` `discoveryengine.models.tune` `discoveryengine.models.update` `discoveryengine.notificationMessages.` `discoveryengine.notificationMessages.ackAll` `discoveryengine.notificationMessages.list` `discoveryengine.notificationMessages.update` `discoveryengine.operations.` `discoveryengine.operations.get` `discoveryengine.operations.list` `discoveryengine.projects.` `discoveryengine.projects.get` `discoveryengine.projects.provision` `discoveryengine.projects.reportConsentChange` `discoveryengine.rankingConfigs.rank` `discoveryengine.sampleQueries.` `discoveryengine.sampleQueries.create` `discoveryengine.sampleQueries.delete` `discoveryengine.sampleQueries.get` `discoveryengine.sampleQueries.import` `discoveryengine.sampleQueries.list` `discoveryengine.sampleQueries.update` `discoveryengine.sampleQuerySets.` `discoveryengine.sampleQuerySets.create` `discoveryengine.sampleQuerySets.delete` `discoveryengine.sampleQuerySets.get` `discoveryengine.sampleQuerySets.list` `discoveryengine.sampleQuerySets.update` `discoveryengine.schemas.` `discoveryengine.schemas.create` `discoveryengine.schemas.delete` `discoveryengine.schemas.get` `discoveryengine.schemas.list` `discoveryengine.schemas.preview` `discoveryengine.schemas.update` `discoveryengine.schemas.validate` `discoveryengine.servingConfigs.` `discoveryengine.servingConfigs.answer` `discoveryengine.servingConfigs.create` `discoveryengine.servingConfigs.delete` `discoveryengine.servingConfigs.get` `discoveryengine.servingConfigs.list` `discoveryengine.servingConfigs.recommend` `discoveryengine.servingConfigs.search` `discoveryengine.servingConfigs.update` `discoveryengine.sessions.` `discoveryengine.sessions.addContextFile` `discoveryengine.sessions.create` `discoveryengine.sessions.delete` `discoveryengine.sessions.downloadFile` `discoveryengine.sessions.generateSummary` `discoveryengine.sessions.get` `discoveryengine.sessions.list` `discoveryengine.sessions.listSessionFileMetadata` `discoveryengine.sessions.recommendQuestions` `discoveryengine.sessions.removeContextFile` `discoveryengine.sessions.search` `discoveryengine.sessions.selectContextFiles` `discoveryengine.sessions.update` `discoveryengine.sessions.uploadFile` `discoveryengine.sharedContents.` `discoveryengine.sharedContents.create` `discoveryengine.sharedContents.delete` `discoveryengine.sharedContents.get` `discoveryengine.sharedContents.list` `discoveryengine.siteSearchEngines.` `discoveryengine.siteSearchEngines.batchVerifyTargetSites` `discoveryengine.siteSearchEngines.disableAdvancedSiteSearch` `discoveryengine.siteSearchEngines.enableAdvancedSiteSearch` `discoveryengine.siteSearchEngines.fetchDomainVerificationStatus` `discoveryengine.siteSearchEngines.get` `discoveryengine.siteSearchEngines.recrawlUris` `discoveryengine.sitemaps.` `discoveryengine.sitemaps.create` `discoveryengine.sitemaps.delete` `discoveryengine.sitemaps.fetch` `discoveryengine.suggestionDenyListEntries.` `discoveryengine.suggestionDenyListEntries.import` `discoveryengine.suggestionDenyListEntries.purge` `discoveryengine.targetSites.` `discoveryengine.targetSites.batchCreate` `discoveryengine.targetSites.create` `discoveryengine.targetSites.delete` `discoveryengine.targetSites.get` `discoveryengine.targetSites.list` `discoveryengine.targetSites.update` `discoveryengine.userEvents.` `discoveryengine.userEvents.create` `discoveryengine.userEvents.fetchStats` `discoveryengine.userEvents.import` `discoveryengine.userEvents.purge` `discoveryengine.userStores.` `discoveryengine.userStores.batchUpdateUserLicenses` `discoveryengine.userStores.get` `discoveryengine.userStores.listUserLicenses` `discoveryengine.userStores.update` `discoveryengine.users.` `discoveryengine.users.get` `discoveryengine.users.update` `discoveryengine.widgetConfigs.` `discoveryengine.widgetConfigs.get` `discoveryengine.widgetConfigs.update` `monitoring.alertPolicies.get` `monitoring.alertPolicies.list` `monitoring.alertPolicies.listEffectiveTags` `monitoring.alertPolicies.listTagBindings` `monitoring.alerts.` `monitoring.alerts.get` `monitoring.alerts.list` `monitoring.dashboards.get` `monitoring.dashboards.list` `monitoring.dashboards.listEffectiveTags` `monitoring.dashboards.listTagBindings` `monitoring.groups.get` `monitoring.groups.list` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.notificationChannelDescriptors.` `monitoring.notificationChannelDescriptors.get` `monitoring.notificationChannelDescriptors.list` `monitoring.notificationChannels.get` `monitoring.notificationChannels.list` `monitoring.services.get` `monitoring.services.list` `monitoring.slos.get` `monitoring.slos.list` `monitoring.snoozes.get` `monitoring.snoozes.list` `monitoring.timeSeries.list` `monitoring.uptimeCheckConfigs.get` `monitoring.uptimeCheckConfigs.list` `opsconfigmonitoring.resourceMetadata.list` `resourcemanager.projects.get` `resourcemanager.projects.list` `stackdriver.projects.get` `stackdriver.resourceMetadata.list`
Discovery Engine Editor (`roles/discoveryengine.editor`) מעניק הרשאת קריאה וכתיבה לכל משאבי מנוע הגילוי.	`discoveryengine.aclConfigs.get` `discoveryengine.agentFiles.` `discoveryengine.agentFiles.delete` `discoveryengine.agentFiles.download` `discoveryengine.agentFiles.import` `discoveryengine.agentFiles.list` `discoveryengine.agentFiles.upload` `discoveryengine.agents.create` `discoveryengine.agents.delete` `discoveryengine.agents.get` `discoveryengine.agents.getAgentView` `discoveryengine.agents.getIamPolicy` `discoveryengine.agents.list` `discoveryengine.agents.listAvailableAgentViews` `discoveryengine.agents.manage` `discoveryengine.agents.update` `discoveryengine.alertPolicies.get` `discoveryengine.analytics.` `discoveryengine.analytics.acquireDashboardSession` `discoveryengine.analytics.refreshDashboardSessionTokens` `discoveryengine.answers.get` `discoveryengine.assistAnswers.get` `discoveryengine.assistants.assist` `discoveryengine.assistants.get` `discoveryengine.assistants.list` `discoveryengine.authorizations.storeUserAuthorization` `discoveryengine.branches.` `discoveryengine.branches.get` `discoveryengine.branches.list` `discoveryengine.cannedQueries.get` `discoveryengine.cannedQueries.list` `discoveryengine.cannedQueries.listActiveCannedQueryUserViews` `discoveryengine.cmekConfigs.get` `discoveryengine.cmekConfigs.list` `discoveryengine.collections.get` `discoveryengine.collections.list` `discoveryengine.completionConfigs.completeQuery` `discoveryengine.completionConfigs.get` `discoveryengine.completionConfigs.removeSuggestion` `discoveryengine.connectorRuns.list` `discoveryengine.controls.get` `discoveryengine.controls.list` `discoveryengine.conversations.` `discoveryengine.conversations.converse` `discoveryengine.conversations.create` `discoveryengine.conversations.delete` `discoveryengine.conversations.get` `discoveryengine.conversations.list` `discoveryengine.conversations.update` `discoveryengine.dataConnectors.acquireAccessToken` `discoveryengine.dataConnectors.acquireAndStoreRefreshToken` `discoveryengine.dataConnectors.buildActionInvocation` `discoveryengine.dataConnectors.checkRefreshToken` `discoveryengine.dataConnectors.executeAction` `discoveryengine.dataConnectors.get` `discoveryengine.dataConnectors.queryAvailableActions` `discoveryengine.dataStores.completeQuery` `discoveryengine.dataStores.get` `discoveryengine.dataStores.list` `discoveryengine.dataStores.listCustomModels` `discoveryengine.dataStores.trainCustomModel` `discoveryengine.documentProcessingConfigs.get` `discoveryengine.documents.batchGetDocumentsMetadata` `discoveryengine.documents.create` `discoveryengine.documents.delete` `discoveryengine.documents.get` `discoveryengine.documents.import` `discoveryengine.documents.list` `discoveryengine.documents.update` `discoveryengine.engines.createEngineUserData` `discoveryengine.engines.generateMemories` `discoveryengine.engines.generatePersonalContext` `discoveryengine.engines.get` `discoveryengine.engines.getEngineUserData` `discoveryengine.engines.getPersonalContext` `discoveryengine.engines.list` `discoveryengine.engines.pause` `discoveryengine.engines.resume` `discoveryengine.engines.tune` `discoveryengine.engines.updateEngineUserData` `discoveryengine.evaluations.get` `discoveryengine.evaluations.list` `discoveryengine.groundingConfigs.check` `discoveryengine.homepageDataConfigs.fetchDocuments` `discoveryengine.ideaForgeIdeas.` `discoveryengine.ideaForgeIdeas.create` `discoveryengine.ideaForgeIdeas.get` `discoveryengine.ideaForgeInstances.` `discoveryengine.ideaForgeInstances.get` `discoveryengine.ideaForgeInstances.start` `discoveryengine.identityMappingStores.` `discoveryengine.identityMappingStores.create` `discoveryengine.identityMappingStores.delete` `discoveryengine.identityMappingStores.get` `discoveryengine.identityMappingStores.importIdentityMappings` `discoveryengine.identityMappingStores.list` `discoveryengine.identityMappingStores.listIdentityMappings` `discoveryengine.identityMappingStores.purgeIdentityMappings` `discoveryengine.licenseConfigs.get` `discoveryengine.licenseConfigs.list` `discoveryengine.locations.completeExternalIdentities` `discoveryengine.locations.fetchAgentCards` `discoveryengine.memories.` `discoveryengine.memories.delete` `discoveryengine.memories.list` `discoveryengine.memories.retrieve` `discoveryengine.memories.update` `discoveryengine.models.` `discoveryengine.models.create` `discoveryengine.models.delete` `discoveryengine.models.get` `discoveryengine.models.list` `discoveryengine.models.pause` `discoveryengine.models.resume` `discoveryengine.models.tune` `discoveryengine.models.update` `discoveryengine.notificationMessages.` `discoveryengine.notificationMessages.ackAll` `discoveryengine.notificationMessages.list` `discoveryengine.notificationMessages.update` `discoveryengine.operations.` `discoveryengine.operations.get` `discoveryengine.operations.list` `discoveryengine.projects.get` `discoveryengine.rankingConfigs.rank` `discoveryengine.sampleQueries.` `discoveryengine.sampleQueries.create` `discoveryengine.sampleQueries.delete` `discoveryengine.sampleQueries.get` `discoveryengine.sampleQueries.import` `discoveryengine.sampleQueries.list` `discoveryengine.sampleQueries.update` `discoveryengine.sampleQuerySets.` `discoveryengine.sampleQuerySets.create` `discoveryengine.sampleQuerySets.delete` `discoveryengine.sampleQuerySets.get` `discoveryengine.sampleQuerySets.list` `discoveryengine.sampleQuerySets.update` `discoveryengine.schemas.get` `discoveryengine.schemas.list` `discoveryengine.schemas.preview` `discoveryengine.schemas.validate` `discoveryengine.servingConfigs.answer` `discoveryengine.servingConfigs.get` `discoveryengine.servingConfigs.list` `discoveryengine.servingConfigs.recommend` `discoveryengine.servingConfigs.search` `discoveryengine.sessions.` `discoveryengine.sessions.addContextFile` `discoveryengine.sessions.create` `discoveryengine.sessions.delete` `discoveryengine.sessions.downloadFile` `discoveryengine.sessions.generateSummary` `discoveryengine.sessions.get` `discoveryengine.sessions.list` `discoveryengine.sessions.listSessionFileMetadata` `discoveryengine.sessions.recommendQuestions` `discoveryengine.sessions.removeContextFile` `discoveryengine.sessions.search` `discoveryengine.sessions.selectContextFiles` `discoveryengine.sessions.update` `discoveryengine.sessions.uploadFile` `discoveryengine.sharedContents.` `discoveryengine.sharedContents.create` `discoveryengine.sharedContents.delete` `discoveryengine.sharedContents.get` `discoveryengine.sharedContents.list` `discoveryengine.siteSearchEngines.get` `discoveryengine.targetSites.get` `discoveryengine.targetSites.list` `discoveryengine.userEvents.create` `discoveryengine.userEvents.fetchStats` `discoveryengine.userEvents.import` `discoveryengine.userStores.get` `discoveryengine.widgetConfigs.` `discoveryengine.widgetConfigs.get` `discoveryengine.widgetConfigs.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
משתמש ב-Discovery Engine (`roles/discoveryengine.user`) נותנת גישה ברמת המשתמש למשאבים של Discovery Engine.	`businessaicode.` `businessaicode.locations.generateContent` `businessaicode.locations.queryConfiguration` `businessaicode.locations.sendTelemetry` `cloudaicompanion.companions.` `cloudaicompanion.companions.generateChat` `cloudaicompanion.companions.generateCode` `cloudaicompanion.entitlements.get` `cloudaicompanion.instances.` `cloudaicompanion.instances.completeCode` `cloudaicompanion.instances.completeTask` `cloudaicompanion.instances.exportMetrics` `cloudaicompanion.instances.generateCode` `cloudaicompanion.instances.generateText` `cloudaicompanion.instances.queryEffectiveSetting` `cloudaicompanion.instances.queryEffectiveSettingBindings` `cloudaicompanion.licenses.selfAssign` `cloudaicompanion.operations.get` `cloudaicompanion.topics.create` `discoveryengine.accounts.create` `discoveryengine.agentFiles.` `discoveryengine.agentFiles.delete` `discoveryengine.agentFiles.download` `discoveryengine.agentFiles.import` `discoveryengine.agentFiles.list` `discoveryengine.agentFiles.upload` `discoveryengine.agentIamProposals.` `discoveryengine.agentIamProposals.create` `discoveryengine.agentIamProposals.delete` `discoveryengine.agentIamProposals.get` `discoveryengine.agentIamProposals.list` `discoveryengine.agents.create` `discoveryengine.agents.delete` `discoveryengine.agents.get` `discoveryengine.agents.getAgentView` `discoveryengine.agents.list` `discoveryengine.agents.listAvailableAgentViews` `discoveryengine.agents.requestReview` `discoveryengine.agents.update` `discoveryengine.answers.get` `discoveryengine.assistAnswers.get` `discoveryengine.assistants.assist` `discoveryengine.authorizations.storeUserAuthorization` `discoveryengine.cannedQueries.listActiveCannedQueryUserViews` `discoveryengine.completionConfigs.completeQuery` `discoveryengine.completionConfigs.removeSuggestion` `discoveryengine.dataConnectors.acquireAccessToken` `discoveryengine.dataConnectors.acquireAndStoreRefreshToken` `discoveryengine.dataConnectors.buildActionInvocation` `discoveryengine.dataConnectors.checkRefreshToken` `discoveryengine.dataConnectors.executeAction` `discoveryengine.dataConnectors.queryAvailableActions` `discoveryengine.engines.createEngineUserData` `discoveryengine.engines.generateMemories` `discoveryengine.engines.generatePersonalContext` `discoveryengine.engines.get` `discoveryengine.engines.getEngineUserData` `discoveryengine.engines.getPersonalContext` `discoveryengine.engines.updateEngineUserData` `discoveryengine.homepageDataConfigs.fetchDocuments` `discoveryengine.ideaForgeIdeas.` `discoveryengine.ideaForgeIdeas.create` `discoveryengine.ideaForgeIdeas.get` `discoveryengine.ideaForgeInstances.` `discoveryengine.ideaForgeInstances.get` `discoveryengine.ideaForgeInstances.start` `discoveryengine.locations.completeExternalIdentities` `discoveryengine.locations.fetchAgentCards` `discoveryengine.memories.` `discoveryengine.memories.delete` `discoveryengine.memories.list` `discoveryengine.memories.retrieve` `discoveryengine.memories.update` `discoveryengine.notebooks.create` `discoveryengine.notebooks.list` `discoveryengine.notificationMessages.` `discoveryengine.notificationMessages.ackAll` `discoveryengine.notificationMessages.list` `discoveryengine.notificationMessages.update` `discoveryengine.servingConfigs.answer` `discoveryengine.servingConfigs.recommend` `discoveryengine.servingConfigs.search` `discoveryengine.sessions.` `discoveryengine.sessions.addContextFile` `discoveryengine.sessions.create` `discoveryengine.sessions.delete` `discoveryengine.sessions.downloadFile` `discoveryengine.sessions.generateSummary` `discoveryengine.sessions.get` `discoveryengine.sessions.list` `discoveryengine.sessions.listSessionFileMetadata` `discoveryengine.sessions.recommendQuestions` `discoveryengine.sessions.removeContextFile` `discoveryengine.sessions.search` `discoveryengine.sessions.selectContextFiles` `discoveryengine.sessions.update` `discoveryengine.sessions.uploadFile` `discoveryengine.sharedContents.` `discoveryengine.sharedContents.create` `discoveryengine.sharedContents.delete` `discoveryengine.sharedContents.get` `discoveryengine.sharedContents.list` `discoveryengine.userEvents.create` `discoveryengine.users.` `discoveryengine.users.get` `discoveryengine.users.update` `discoveryengine.widgetConfigs.get` `geminicloudassist.agents.invoke` `resourcemanager.projects.get` `resourcemanager.projects.list`
בעל הרשאת צפייה ב-Discovery Engine (`roles/discoveryengine.viewer`) מעניק הרשאת קריאה לכל המשאבים של מנוע הגילוי.	`discoveryengine.aclConfigs.get` `discoveryengine.agentFiles.list` `discoveryengine.agents.get` `discoveryengine.agents.getAgentView` `discoveryengine.agents.getIamPolicy` `discoveryengine.agents.list` `discoveryengine.agents.listAvailableAgentViews` `discoveryengine.alertPolicies.get` `discoveryengine.analytics.` `discoveryengine.analytics.acquireDashboardSession` `discoveryengine.analytics.refreshDashboardSessionTokens` `discoveryengine.answers.get` `discoveryengine.assistAnswers.get` `discoveryengine.assistants.get` `discoveryengine.assistants.list` `discoveryengine.branches.` `discoveryengine.branches.get` `discoveryengine.branches.list` `discoveryengine.cannedQueries.get` `discoveryengine.cannedQueries.list` `discoveryengine.cannedQueries.listActiveCannedQueryUserViews` `discoveryengine.cmekConfigs.get` `discoveryengine.cmekConfigs.list` `discoveryengine.collections.get` `discoveryengine.collections.list` `discoveryengine.completionConfigs.completeQuery` `discoveryengine.completionConfigs.get` `discoveryengine.connectorRuns.list` `discoveryengine.controls.get` `discoveryengine.controls.list` `discoveryengine.conversations.converse` `discoveryengine.conversations.get` `discoveryengine.conversations.list` `discoveryengine.dataConnectors.buildActionInvocation` `discoveryengine.dataConnectors.checkRefreshToken` `discoveryengine.dataConnectors.get` `discoveryengine.dataConnectors.queryAvailableActions` `discoveryengine.dataStores.completeQuery` `discoveryengine.dataStores.get` `discoveryengine.dataStores.list` `discoveryengine.dataStores.listCustomModels` `discoveryengine.documentProcessingConfigs.get` `discoveryengine.documents.batchGetDocumentsMetadata` `discoveryengine.documents.get` `discoveryengine.documents.list` `discoveryengine.engines.get` `discoveryengine.engines.getPersonalContext` `discoveryengine.engines.list` `discoveryengine.evaluations.get` `discoveryengine.evaluations.list` `discoveryengine.groundingConfigs.check` `discoveryengine.homepageDataConfigs.fetchDocuments` `discoveryengine.ideaForgeIdeas.get` `discoveryengine.ideaForgeInstances.get` `discoveryengine.identityMappingStores.get` `discoveryengine.identityMappingStores.list` `discoveryengine.identityMappingStores.listIdentityMappings` `discoveryengine.locations.completeExternalIdentities` `discoveryengine.locations.fetchAgentCards` `discoveryengine.memories.list` `discoveryengine.memories.retrieve` `discoveryengine.models.get` `discoveryengine.models.list` `discoveryengine.notificationMessages.list` `discoveryengine.operations.*` `discoveryengine.operations.get` `discoveryengine.operations.list` `discoveryengine.projects.get` `discoveryengine.rankingConfigs.rank` `discoveryengine.sampleQueries.get` `discoveryengine.sampleQueries.list` `discoveryengine.sampleQuerySets.get` `discoveryengine.sampleQuerySets.list` `discoveryengine.schemas.get` `discoveryengine.schemas.list` `discoveryengine.schemas.preview` `discoveryengine.schemas.validate` `discoveryengine.servingConfigs.answer` `discoveryengine.servingConfigs.get` `discoveryengine.servingConfigs.list` `discoveryengine.servingConfigs.recommend` `discoveryengine.servingConfigs.search` `discoveryengine.sessions.downloadFile` `discoveryengine.sessions.generateSummary` `discoveryengine.sessions.get` `discoveryengine.sessions.list` `discoveryengine.sessions.listSessionFileMetadata` `discoveryengine.sessions.recommendQuestions` `discoveryengine.sharedContents.get` `discoveryengine.sharedContents.list` `discoveryengine.siteSearchEngines.get` `discoveryengine.targetSites.get` `discoveryengine.targetSites.list` `discoveryengine.userEvents.fetchStats` `discoveryengine.userStores.get` `discoveryengine.widgetConfigs.get` `resourcemanager.projects.get` `resourcemanager.projects.list`

Discovery Engine Admin

(roles/discoveryengine.admin)

מעניקה גישה מלאה לכל המשאבים של discoveryengine.

cloudaicompanion.aiDevToolsSettings.*

cloudaicompanion.aiDevToolsSettings.create
cloudaicompanion.aiDevToolsSettings.delete
cloudaicompanion.aiDevToolsSettings.get
cloudaicompanion.aiDevToolsSettings.list
cloudaicompanion.aiDevToolsSettings.update

cloudaicompanion.codeRepositoryIndexes.*

cloudaicompanion.codeRepositoryIndexes.create
cloudaicompanion.codeRepositoryIndexes.delete
cloudaicompanion.codeRepositoryIndexes.get
cloudaicompanion.codeRepositoryIndexes.list
cloudaicompanion.codeRepositoryIndexes.update

cloudaicompanion.codeToolsSettings.*

cloudaicompanion.codeToolsSettings.create
cloudaicompanion.codeToolsSettings.delete
cloudaicompanion.codeToolsSettings.get
cloudaicompanion.codeToolsSettings.list
cloudaicompanion.codeToolsSettings.update

cloudaicompanion.dataSharingWithGoogleSettings.*

cloudaicompanion.dataSharingWithGoogleSettings.create
cloudaicompanion.dataSharingWithGoogleSettings.delete
cloudaicompanion.dataSharingWithGoogleSettings.get
cloudaicompanion.dataSharingWithGoogleSettings.list
cloudaicompanion.dataSharingWithGoogleSettings.update

cloudaicompanion.geminiGcpEnablementSettings.*

cloudaicompanion.geminiGcpEnablementSettings.create
cloudaicompanion.geminiGcpEnablementSettings.delete
cloudaicompanion.geminiGcpEnablementSettings.get
cloudaicompanion.geminiGcpEnablementSettings.list
cloudaicompanion.geminiGcpEnablementSettings.update

cloudaicompanion.instances.queryEffectiveSetting

cloudaicompanion.instances.queryEffectiveSettingBindings

cloudaicompanion.loggingSettings.*

cloudaicompanion.loggingSettings.create
cloudaicompanion.loggingSettings.delete
cloudaicompanion.loggingSettings.get
cloudaicompanion.loggingSettings.list
cloudaicompanion.loggingSettings.update

cloudaicompanion.operations.*

cloudaicompanion.operations.cancel
cloudaicompanion.operations.delete
cloudaicompanion.operations.get
cloudaicompanion.operations.list

cloudaicompanion.releaseChannelSettings.*

cloudaicompanion.releaseChannelSettings.create
cloudaicompanion.releaseChannelSettings.delete
cloudaicompanion.releaseChannelSettings.get
cloudaicompanion.releaseChannelSettings.list
cloudaicompanion.releaseChannelSettings.update

cloudaicompanion.repositoryGroups.create

cloudaicompanion.repositoryGroups.delete

cloudaicompanion.repositoryGroups.get

cloudaicompanion.repositoryGroups.getIamPolicy

cloudaicompanion.repositoryGroups.list

cloudaicompanion.repositoryGroups.setIamPolicy

cloudaicompanion.repositoryGroups.update

cloudaicompanion.settingBindings.*

cloudaicompanion.settingBindings.aiDevToolsSettingsCreate
cloudaicompanion.settingBindings.aiDevToolsSettingsDelete
cloudaicompanion.settingBindings.aiDevToolsSettingsGet
cloudaicompanion.settingBindings.aiDevToolsSettingsList
cloudaicompanion.settingBindings.aiDevToolsSettingsUpdate
cloudaicompanion.settingBindings.aiDevToolsSettingsUse
cloudaicompanion.settingBindings.codeToolsSettingsCreate
cloudaicompanion.settingBindings.codeToolsSettingsDelete
cloudaicompanion.settingBindings.codeToolsSettingsGet
cloudaicompanion.settingBindings.codeToolsSettingsList
cloudaicompanion.settingBindings.codeToolsSettingsUpdate
cloudaicompanion.settingBindings.codeToolsSettingsUse
cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsCreate
cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsDelete
cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsGet
cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsList
cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUpdate
cloudaicompanion.settingBindings.dataSharingWithGoogleSettingsUse
cloudaicompanion.settingBindings.geminiGcpEnablementSettingsCreate
cloudaicompanion.settingBindings.geminiGcpEnablementSettingsDelete
cloudaicompanion.settingBindings.geminiGcpEnablementSettingsGet
cloudaicompanion.settingBindings.geminiGcpEnablementSettingsList
cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUpdate
cloudaicompanion.settingBindings.geminiGcpEnablementSettingsUse
cloudaicompanion.settingBindings.loggingSettingsCreate
cloudaicompanion.settingBindings.loggingSettingsDelete
cloudaicompanion.settingBindings.loggingSettingsGet
cloudaicompanion.settingBindings.loggingSettingsList
cloudaicompanion.settingBindings.loggingSettingsUpdate
cloudaicompanion.settingBindings.loggingSettingsUse
cloudaicompanion.settingBindings.releaseChannelSettingsCreate
cloudaicompanion.settingBindings.releaseChannelSettingsDelete
cloudaicompanion.settingBindings.releaseChannelSettingsGet
cloudaicompanion.settingBindings.releaseChannelSettingsList
cloudaicompanion.settingBindings.releaseChannelSettingsUpdate
cloudaicompanion.settingBindings.releaseChannelSettingsUse

cloudnotifications.activities.list

consumerprocurement.entitlements.*

consumerprocurement.entitlements.get
consumerprocurement.entitlements.list

discoveryengine.aclConfigs.*

discoveryengine.aclConfigs.get
discoveryengine.aclConfigs.update

discoveryengine.agentFiles.*

discoveryengine.agentFiles.delete
discoveryengine.agentFiles.download
discoveryengine.agentFiles.import
discoveryengine.agentFiles.list
discoveryengine.agentFiles.upload

discoveryengine.agentIamProposals.*

discoveryengine.agentIamProposals.create
discoveryengine.agentIamProposals.delete
discoveryengine.agentIamProposals.get
discoveryengine.agentIamProposals.list

discoveryengine.agents.create

discoveryengine.agents.delete

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.getIamPolicy

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.agents.manage

discoveryengine.agents.setIamPolicy

discoveryengine.agents.update

discoveryengine.alertPolicies.*

discoveryengine.alertPolicies.create
discoveryengine.alertPolicies.get
discoveryengine.alertPolicies.update

discoveryengine.analytics.*

discoveryengine.analytics.acquireDashboardSession
discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.*

discoveryengine.assistants.assist
discoveryengine.assistants.create
discoveryengine.assistants.delete
discoveryengine.assistants.get
discoveryengine.assistants.list
discoveryengine.assistants.update

discoveryengine.authorizations.*

discoveryengine.authorizations.create
discoveryengine.authorizations.delete
discoveryengine.authorizations.get
discoveryengine.authorizations.list
discoveryengine.authorizations.storeUserAuthorization
discoveryengine.authorizations.update

discoveryengine.billingAccountLicenseConfigs.*

discoveryengine.billingAccountLicenseConfigs.distribute
discoveryengine.billingAccountLicenseConfigs.get
discoveryengine.billingAccountLicenseConfigs.list
discoveryengine.billingAccountLicenseConfigs.retract

discoveryengine.branches.*

discoveryengine.branches.get
discoveryengine.branches.list

discoveryengine.cannedQueries.*

discoveryengine.cannedQueries.create
discoveryengine.cannedQueries.delete
discoveryengine.cannedQueries.get
discoveryengine.cannedQueries.list
discoveryengine.cannedQueries.listActiveCannedQueryUserViews
discoveryengine.cannedQueries.update

discoveryengine.cmekConfigs.*

discoveryengine.cmekConfigs.get
discoveryengine.cmekConfigs.list
discoveryengine.cmekConfigs.update

discoveryengine.collections.*

discoveryengine.collections.delete
discoveryengine.collections.get
discoveryengine.collections.list

discoveryengine.completionConfigs.*

discoveryengine.completionConfigs.completeQuery
discoveryengine.completionConfigs.get
discoveryengine.completionConfigs.removeSuggestion
discoveryengine.completionConfigs.update

discoveryengine.completionSuggestions.*

discoveryengine.completionSuggestions.import
discoveryengine.completionSuggestions.purge

discoveryengine.connectorRuns.*

discoveryengine.connectorRuns.cancel
discoveryengine.connectorRuns.list

discoveryengine.controls.*

discoveryengine.controls.create
discoveryengine.controls.delete
discoveryengine.controls.get
discoveryengine.controls.list
discoveryengine.controls.update

discoveryengine.conversations.*

discoveryengine.conversations.converse
discoveryengine.conversations.create
discoveryengine.conversations.delete
discoveryengine.conversations.get
discoveryengine.conversations.list
discoveryengine.conversations.update

discoveryengine.dataConnectors.*

discoveryengine.dataConnectors.acquireAccessToken
discoveryengine.dataConnectors.acquireAndStoreRefreshToken
discoveryengine.dataConnectors.buildActionInvocation
discoveryengine.dataConnectors.checkRefreshToken
discoveryengine.dataConnectors.executeAction
discoveryengine.dataConnectors.get
discoveryengine.dataConnectors.queryAvailableActions
discoveryengine.dataConnectors.startConnectorRun
discoveryengine.dataConnectors.update

discoveryengine.dataStores.*

discoveryengine.dataStores.completeQuery
discoveryengine.dataStores.create
discoveryengine.dataStores.delete
discoveryengine.dataStores.enrollSolutions
discoveryengine.dataStores.get
discoveryengine.dataStores.list
discoveryengine.dataStores.listCustomModels
discoveryengine.dataStores.trainCustomModel
discoveryengine.dataStores.update

discoveryengine.documentProcessingConfigs.*

discoveryengine.documentProcessingConfigs.get
discoveryengine.documentProcessingConfigs.update

discoveryengine.documents.*

discoveryengine.documents.batchGetDocumentsMetadata
discoveryengine.documents.create
discoveryengine.documents.delete
discoveryengine.documents.get
discoveryengine.documents.import
discoveryengine.documents.list
discoveryengine.documents.purge
discoveryengine.documents.update

discoveryengine.engines.*

discoveryengine.engines.create
discoveryengine.engines.createEngineUserData
discoveryengine.engines.delete
discoveryengine.engines.generateMemories
discoveryengine.engines.generatePersonalContext
discoveryengine.engines.get
discoveryengine.engines.getEngineUserData
discoveryengine.engines.getIamPolicy
discoveryengine.engines.getPersonalContext
discoveryengine.engines.list
discoveryengine.engines.pause
discoveryengine.engines.resume
discoveryengine.engines.setIamPolicy
discoveryengine.engines.tune
discoveryengine.engines.update
discoveryengine.engines.updateEngineUserData

discoveryengine.evaluations.*

discoveryengine.evaluations.create
discoveryengine.evaluations.get
discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.*

discoveryengine.ideaForgeIdeas.create
discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.*

discoveryengine.ideaForgeInstances.get
discoveryengine.ideaForgeInstances.start

discoveryengine.identityMappingStores.*

discoveryengine.identityMappingStores.create
discoveryengine.identityMappingStores.delete
discoveryengine.identityMappingStores.get
discoveryengine.identityMappingStores.importIdentityMappings
discoveryengine.identityMappingStores.list
discoveryengine.identityMappingStores.listIdentityMappings
discoveryengine.identityMappingStores.purgeIdentityMappings

discoveryengine.licenseConfigs.*

discoveryengine.licenseConfigs.create
discoveryengine.licenseConfigs.get
discoveryengine.licenseConfigs.list
discoveryengine.licenseConfigs.update

discoveryengine.locations.*

discoveryengine.locations.completeExternalIdentities
discoveryengine.locations.estimateDataSize
discoveryengine.locations.exchangeAuthCredentials
discoveryengine.locations.fetchAgentCards
discoveryengine.locations.getConnectorSource
discoveryengine.locations.listConnectorSources
discoveryengine.locations.setUpDataConnector

discoveryengine.memories.*

discoveryengine.memories.delete
discoveryengine.memories.list
discoveryengine.memories.retrieve
discoveryengine.memories.update

discoveryengine.models.*

discoveryengine.models.create
discoveryengine.models.delete
discoveryengine.models.get
discoveryengine.models.list
discoveryengine.models.pause
discoveryengine.models.resume
discoveryengine.models.tune
discoveryengine.models.update

discoveryengine.notificationMessages.*

discoveryengine.notificationMessages.ackAll
discoveryengine.notificationMessages.list
discoveryengine.notificationMessages.update

discoveryengine.operations.*

discoveryengine.operations.get
discoveryengine.operations.list

discoveryengine.projects.*

discoveryengine.projects.get
discoveryengine.projects.provision
discoveryengine.projects.reportConsentChange

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.*

discoveryengine.sampleQueries.create
discoveryengine.sampleQueries.delete
discoveryengine.sampleQueries.get
discoveryengine.sampleQueries.import
discoveryengine.sampleQueries.list
discoveryengine.sampleQueries.update

discoveryengine.sampleQuerySets.*

discoveryengine.sampleQuerySets.create
discoveryengine.sampleQuerySets.delete
discoveryengine.sampleQuerySets.get
discoveryengine.sampleQuerySets.list
discoveryengine.sampleQuerySets.update

discoveryengine.schemas.*

discoveryengine.schemas.create
discoveryengine.schemas.delete
discoveryengine.schemas.get
discoveryengine.schemas.list
discoveryengine.schemas.preview
discoveryengine.schemas.update
discoveryengine.schemas.validate

discoveryengine.servingConfigs.*

discoveryengine.servingConfigs.answer
discoveryengine.servingConfigs.create
discoveryengine.servingConfigs.delete
discoveryengine.servingConfigs.get
discoveryengine.servingConfigs.list
discoveryengine.servingConfigs.recommend
discoveryengine.servingConfigs.search
discoveryengine.servingConfigs.update

discoveryengine.sessions.*

discoveryengine.sessions.addContextFile
discoveryengine.sessions.create
discoveryengine.sessions.delete
discoveryengine.sessions.downloadFile
discoveryengine.sessions.generateSummary
discoveryengine.sessions.get
discoveryengine.sessions.list
discoveryengine.sessions.listSessionFileMetadata
discoveryengine.sessions.recommendQuestions
discoveryengine.sessions.removeContextFile
discoveryengine.sessions.search
discoveryengine.sessions.selectContextFiles
discoveryengine.sessions.update
discoveryengine.sessions.uploadFile

discoveryengine.sharedContents.*

discoveryengine.sharedContents.create
discoveryengine.sharedContents.delete
discoveryengine.sharedContents.get
discoveryengine.sharedContents.list

discoveryengine.siteSearchEngines.*

discoveryengine.siteSearchEngines.batchVerifyTargetSites
discoveryengine.siteSearchEngines.disableAdvancedSiteSearch
discoveryengine.siteSearchEngines.enableAdvancedSiteSearch
discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
discoveryengine.siteSearchEngines.get
discoveryengine.siteSearchEngines.recrawlUris

discoveryengine.sitemaps.*

discoveryengine.sitemaps.create
discoveryengine.sitemaps.delete
discoveryengine.sitemaps.fetch

discoveryengine.suggestionDenyListEntries.*

discoveryengine.suggestionDenyListEntries.import
discoveryengine.suggestionDenyListEntries.purge

discoveryengine.targetSites.*

discoveryengine.targetSites.batchCreate
discoveryengine.targetSites.create
discoveryengine.targetSites.delete
discoveryengine.targetSites.get
discoveryengine.targetSites.list
discoveryengine.targetSites.update

discoveryengine.userEvents.*

discoveryengine.userEvents.create
discoveryengine.userEvents.fetchStats
discoveryengine.userEvents.import
discoveryengine.userEvents.purge

discoveryengine.userStores.*

discoveryengine.userStores.batchUpdateUserLicenses
discoveryengine.userStores.get
discoveryengine.userStores.listUserLicenses
discoveryengine.userStores.update

discoveryengine.users.*

discoveryengine.users.get
discoveryengine.users.update

discoveryengine.widgetConfigs.*

discoveryengine.widgetConfigs.get
discoveryengine.widgetConfigs.update

monitoring.alertPolicies.get

monitoring.alertPolicies.list

monitoring.alertPolicies.listEffectiveTags

monitoring.alertPolicies.listTagBindings

monitoring.alerts.*

monitoring.alerts.get
monitoring.alerts.list

monitoring.dashboards.get

monitoring.dashboards.list

monitoring.dashboards.listEffectiveTags

monitoring.dashboards.listTagBindings

monitoring.groups.get

monitoring.groups.list

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.notificationChannelDescriptors.*

monitoring.notificationChannelDescriptors.get
monitoring.notificationChannelDescriptors.list

monitoring.notificationChannels.get

monitoring.notificationChannels.list

monitoring.services.get

monitoring.services.list

monitoring.slos.get

monitoring.slos.list

monitoring.snoozes.get

monitoring.snoozes.list

monitoring.timeSeries.list

monitoring.uptimeCheckConfigs.get

monitoring.uptimeCheckConfigs.list

opsconfigmonitoring.resourceMetadata.list

resourcemanager.projects.get

resourcemanager.projects.list

stackdriver.projects.get

stackdriver.resourceMetadata.list

Discovery Engine Editor

(roles/discoveryengine.editor)

מעניק הרשאת קריאה וכתיבה לכל משאבי מנוע הגילוי.

discoveryengine.aclConfigs.get

discoveryengine.agentFiles.*

discoveryengine.agentFiles.delete
discoveryengine.agentFiles.download
discoveryengine.agentFiles.import
discoveryengine.agentFiles.list
discoveryengine.agentFiles.upload

discoveryengine.agents.create

discoveryengine.agents.delete

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.getIamPolicy

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.agents.manage

discoveryengine.agents.update

discoveryengine.alertPolicies.get

discoveryengine.analytics.*

discoveryengine.analytics.acquireDashboardSession
discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.assist

discoveryengine.assistants.get

discoveryengine.assistants.list

discoveryengine.authorizations.storeUserAuthorization

discoveryengine.branches.*

discoveryengine.branches.get
discoveryengine.branches.list

discoveryengine.cannedQueries.get

discoveryengine.cannedQueries.list

discoveryengine.cannedQueries.listActiveCannedQueryUserViews

discoveryengine.cmekConfigs.get

discoveryengine.cmekConfigs.list

discoveryengine.collections.get

discoveryengine.collections.list

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.get

discoveryengine.completionConfigs.removeSuggestion

discoveryengine.connectorRuns.list

discoveryengine.controls.get

discoveryengine.controls.list

discoveryengine.conversations.*

discoveryengine.conversations.converse
discoveryengine.conversations.create
discoveryengine.conversations.delete
discoveryengine.conversations.get
discoveryengine.conversations.list
discoveryengine.conversations.update

discoveryengine.dataConnectors.acquireAccessToken

discoveryengine.dataConnectors.acquireAndStoreRefreshToken

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.executeAction

discoveryengine.dataConnectors.get

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.dataStores.completeQuery

discoveryengine.dataStores.get

discoveryengine.dataStores.list

discoveryengine.dataStores.listCustomModels

discoveryengine.dataStores.trainCustomModel

discoveryengine.documentProcessingConfigs.get

discoveryengine.documents.batchGetDocumentsMetadata

discoveryengine.documents.create

discoveryengine.documents.delete

discoveryengine.documents.get

discoveryengine.documents.import

discoveryengine.documents.list

discoveryengine.documents.update

discoveryengine.engines.createEngineUserData

discoveryengine.engines.generateMemories

discoveryengine.engines.generatePersonalContext

discoveryengine.engines.get

discoveryengine.engines.getEngineUserData

discoveryengine.engines.getPersonalContext

discoveryengine.engines.list

discoveryengine.engines.pause

discoveryengine.engines.resume

discoveryengine.engines.tune

discoveryengine.engines.updateEngineUserData

discoveryengine.evaluations.get

discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.*

discoveryengine.ideaForgeIdeas.create
discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.*

discoveryengine.ideaForgeInstances.get
discoveryengine.ideaForgeInstances.start

discoveryengine.identityMappingStores.*

discoveryengine.identityMappingStores.create
discoveryengine.identityMappingStores.delete
discoveryengine.identityMappingStores.get
discoveryengine.identityMappingStores.importIdentityMappings
discoveryengine.identityMappingStores.list
discoveryengine.identityMappingStores.listIdentityMappings
discoveryengine.identityMappingStores.purgeIdentityMappings

discoveryengine.licenseConfigs.get

discoveryengine.licenseConfigs.list

discoveryengine.locations.completeExternalIdentities

discoveryengine.locations.fetchAgentCards

discoveryengine.memories.*

discoveryengine.memories.delete
discoveryengine.memories.list
discoveryengine.memories.retrieve
discoveryengine.memories.update

discoveryengine.models.*

discoveryengine.models.create
discoveryengine.models.delete
discoveryengine.models.get
discoveryengine.models.list
discoveryengine.models.pause
discoveryengine.models.resume
discoveryengine.models.tune
discoveryengine.models.update

discoveryengine.notificationMessages.*

discoveryengine.notificationMessages.ackAll
discoveryengine.notificationMessages.list
discoveryengine.notificationMessages.update

discoveryengine.operations.*

discoveryengine.operations.get
discoveryengine.operations.list

discoveryengine.projects.get

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.*

discoveryengine.sampleQueries.create
discoveryengine.sampleQueries.delete
discoveryengine.sampleQueries.get
discoveryengine.sampleQueries.import
discoveryengine.sampleQueries.list
discoveryengine.sampleQueries.update

discoveryengine.sampleQuerySets.*

discoveryengine.sampleQuerySets.create
discoveryengine.sampleQuerySets.delete
discoveryengine.sampleQuerySets.get
discoveryengine.sampleQuerySets.list
discoveryengine.sampleQuerySets.update

discoveryengine.schemas.get

discoveryengine.schemas.list

discoveryengine.schemas.preview

discoveryengine.schemas.validate

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.get

discoveryengine.servingConfigs.list

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.*

discoveryengine.sessions.addContextFile
discoveryengine.sessions.create
discoveryengine.sessions.delete
discoveryengine.sessions.downloadFile
discoveryengine.sessions.generateSummary
discoveryengine.sessions.get
discoveryengine.sessions.list
discoveryengine.sessions.listSessionFileMetadata
discoveryengine.sessions.recommendQuestions
discoveryengine.sessions.removeContextFile
discoveryengine.sessions.search
discoveryengine.sessions.selectContextFiles
discoveryengine.sessions.update
discoveryengine.sessions.uploadFile

discoveryengine.sharedContents.*

discoveryengine.sharedContents.create
discoveryengine.sharedContents.delete
discoveryengine.sharedContents.get
discoveryengine.sharedContents.list

discoveryengine.siteSearchEngines.get

discoveryengine.targetSites.get

discoveryengine.targetSites.list

discoveryengine.userEvents.create

discoveryengine.userEvents.fetchStats

discoveryengine.userEvents.import

discoveryengine.userStores.get

discoveryengine.widgetConfigs.*

discoveryengine.widgetConfigs.get
discoveryengine.widgetConfigs.update

resourcemanager.projects.get

resourcemanager.projects.list

משתמש ב-Discovery Engine

(roles/discoveryengine.user)

נותנת גישה ברמת המשתמש למשאבים של Discovery Engine.

businessaicode.*

businessaicode.locations.generateContent
businessaicode.locations.queryConfiguration
businessaicode.locations.sendTelemetry

cloudaicompanion.companions.*

cloudaicompanion.companions.generateChat
cloudaicompanion.companions.generateCode

cloudaicompanion.entitlements.get

cloudaicompanion.instances.*

cloudaicompanion.instances.completeCode
cloudaicompanion.instances.completeTask
cloudaicompanion.instances.exportMetrics
cloudaicompanion.instances.generateCode
cloudaicompanion.instances.generateText
cloudaicompanion.instances.queryEffectiveSetting
cloudaicompanion.instances.queryEffectiveSettingBindings

cloudaicompanion.licenses.selfAssign

cloudaicompanion.operations.get

cloudaicompanion.topics.create

discoveryengine.accounts.create

discoveryengine.agentFiles.*

discoveryengine.agentFiles.delete
discoveryengine.agentFiles.download
discoveryengine.agentFiles.import
discoveryengine.agentFiles.list
discoveryengine.agentFiles.upload

discoveryengine.agentIamProposals.*

discoveryengine.agentIamProposals.create
discoveryengine.agentIamProposals.delete
discoveryengine.agentIamProposals.get
discoveryengine.agentIamProposals.list

discoveryengine.agents.create

discoveryengine.agents.delete

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.agents.requestReview

discoveryengine.agents.update

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.assist

discoveryengine.authorizations.storeUserAuthorization

discoveryengine.cannedQueries.listActiveCannedQueryUserViews

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.removeSuggestion

discoveryengine.dataConnectors.acquireAccessToken

discoveryengine.dataConnectors.acquireAndStoreRefreshToken

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.executeAction

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.engines.createEngineUserData

discoveryengine.engines.generateMemories

discoveryengine.engines.generatePersonalContext

discoveryengine.engines.get

discoveryengine.engines.getEngineUserData

discoveryengine.engines.getPersonalContext

discoveryengine.engines.updateEngineUserData

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.*

discoveryengine.ideaForgeIdeas.create
discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.*

discoveryengine.ideaForgeInstances.get
discoveryengine.ideaForgeInstances.start

discoveryengine.locations.completeExternalIdentities

discoveryengine.locations.fetchAgentCards

discoveryengine.memories.*

discoveryengine.memories.delete
discoveryengine.memories.list
discoveryengine.memories.retrieve
discoveryengine.memories.update

discoveryengine.notebooks.create

discoveryengine.notebooks.list

discoveryengine.notificationMessages.*

discoveryengine.notificationMessages.ackAll
discoveryengine.notificationMessages.list
discoveryengine.notificationMessages.update

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.*

discoveryengine.sessions.addContextFile
discoveryengine.sessions.create
discoveryengine.sessions.delete
discoveryengine.sessions.downloadFile
discoveryengine.sessions.generateSummary
discoveryengine.sessions.get
discoveryengine.sessions.list
discoveryengine.sessions.listSessionFileMetadata
discoveryengine.sessions.recommendQuestions
discoveryengine.sessions.removeContextFile
discoveryengine.sessions.search
discoveryengine.sessions.selectContextFiles
discoveryengine.sessions.update
discoveryengine.sessions.uploadFile

discoveryengine.sharedContents.*

discoveryengine.sharedContents.create
discoveryengine.sharedContents.delete
discoveryengine.sharedContents.get
discoveryengine.sharedContents.list

discoveryengine.userEvents.create

discoveryengine.users.*

discoveryengine.users.get
discoveryengine.users.update

discoveryengine.widgetConfigs.get

geminicloudassist.agents.invoke

resourcemanager.projects.get

resourcemanager.projects.list

בעל הרשאת צפייה ב-Discovery Engine

(roles/discoveryengine.viewer)

מעניק הרשאת קריאה לכל המשאבים של מנוע הגילוי.

discoveryengine.aclConfigs.get

discoveryengine.agentFiles.list

discoveryengine.agents.get

discoveryengine.agents.getAgentView

discoveryengine.agents.getIamPolicy

discoveryengine.agents.list

discoveryengine.agents.listAvailableAgentViews

discoveryengine.alertPolicies.get

discoveryengine.analytics.*

discoveryengine.analytics.acquireDashboardSession
discoveryengine.analytics.refreshDashboardSessionTokens

discoveryengine.answers.get

discoveryengine.assistAnswers.get

discoveryengine.assistants.get

discoveryengine.assistants.list

discoveryengine.branches.*

discoveryengine.branches.get
discoveryengine.branches.list

discoveryengine.cannedQueries.get

discoveryengine.cannedQueries.list

discoveryengine.cannedQueries.listActiveCannedQueryUserViews

discoveryengine.cmekConfigs.get

discoveryengine.cmekConfigs.list

discoveryengine.collections.get

discoveryengine.collections.list

discoveryengine.completionConfigs.completeQuery

discoveryengine.completionConfigs.get

discoveryengine.connectorRuns.list

discoveryengine.controls.get

discoveryengine.controls.list

discoveryengine.conversations.converse

discoveryengine.conversations.get

discoveryengine.conversations.list

discoveryengine.dataConnectors.buildActionInvocation

discoveryengine.dataConnectors.checkRefreshToken

discoveryengine.dataConnectors.get

discoveryengine.dataConnectors.queryAvailableActions

discoveryengine.dataStores.completeQuery

discoveryengine.dataStores.get

discoveryengine.dataStores.list

discoveryengine.dataStores.listCustomModels

discoveryengine.documentProcessingConfigs.get

discoveryengine.documents.batchGetDocumentsMetadata

discoveryengine.documents.get

discoveryengine.documents.list

discoveryengine.engines.get

discoveryengine.engines.getPersonalContext

discoveryengine.engines.list

discoveryengine.evaluations.get

discoveryengine.evaluations.list

discoveryengine.groundingConfigs.check

discoveryengine.homepageDataConfigs.fetchDocuments

discoveryengine.ideaForgeIdeas.get

discoveryengine.ideaForgeInstances.get

discoveryengine.identityMappingStores.get

discoveryengine.identityMappingStores.list

discoveryengine.identityMappingStores.listIdentityMappings

discoveryengine.locations.completeExternalIdentities

discoveryengine.locations.fetchAgentCards

discoveryengine.memories.list

discoveryengine.memories.retrieve

discoveryengine.models.get

discoveryengine.models.list

discoveryengine.notificationMessages.list

discoveryengine.operations.*

discoveryengine.operations.get
discoveryengine.operations.list

discoveryengine.projects.get

discoveryengine.rankingConfigs.rank

discoveryengine.sampleQueries.get

discoveryengine.sampleQueries.list

discoveryengine.sampleQuerySets.get

discoveryengine.sampleQuerySets.list

discoveryengine.schemas.get

discoveryengine.schemas.list

discoveryengine.schemas.preview

discoveryengine.schemas.validate

discoveryengine.servingConfigs.answer

discoveryengine.servingConfigs.get

discoveryengine.servingConfigs.list

discoveryengine.servingConfigs.recommend

discoveryengine.servingConfigs.search

discoveryengine.sessions.downloadFile

discoveryengine.sessions.generateSummary

discoveryengine.sessions.get

discoveryengine.sessions.list

discoveryengine.sessions.listSessionFileMetadata

discoveryengine.sessions.recommendQuestions

discoveryengine.sharedContents.get

discoveryengine.sharedContents.list

discoveryengine.siteSearchEngines.get

discoveryengine.targetSites.get

discoveryengine.targetSites.list

discoveryengine.userEvents.fetchStats

discoveryengine.userStores.get

discoveryengine.widgetConfigs.get

resourcemanager.projects.get

resourcemanager.projects.list

ניהול הרשאות IAM לחיפוש סוכנים

אפשר לקבל ולהגדיר תפקידים ב-IAM וכללי מדיניות הרשאה ב-IAM באמצעות מסוף Google Cloud. מידע נוסף זמין במאמר ניהול הגישה לפרויקטים, לתיקיות ולארגונים.

בקרת גישה באמצעות IAM קל לארגן דפים בעזרת אוספים אפשר לשמור ולסווג תוכן על סמך ההעדפות שלך.

סקירה כללית

תפקידים מוגדרים מראש

Discovery Engine Admin

Discovery Engine Editor

משתמש ב-Discovery Engine

בעל הרשאת צפייה ב-Discovery Engine

ניהול הרשאות IAM לחיפוש סוכנים

המאמרים הבאים

בקרת גישה באמצעות IAM