| Vertex AI |
Se agregarán los siguientes permisos al rol de visualizador de Vertex AI (roles/aiplatform.viewer):
aiplatform.endpoints.explain
aiplatform.endpoints.getIamPolicy
aiplatform.endpoints.predict
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.featureGroups.getIamPolicy
aiplatform.featureOnlineStores.getIamPolicy
aiplatform.featureViews.getIamPolicy
aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.readFeatures
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.locations.evaluateInstances
aiplatform.memories.retrieve
aiplatform.migratableResources.search
aiplatform.notebookRuntimeTemplates.apply
aiplatform.notebookRuntimeTemplates.getIamPolicy
|
| BigQuery sharing |
Se agregarán los siguientes permisos al rol de administrador de Analytics Hub (roles/analyticshub.admin):
analyticshub.dataExchanges.subscribe
analyticshub.listings.subscribe
|
| BigQuery sharing |
Se agregarán los siguientes permisos al rol Analytics Hub Viewer (roles/analyticshub.viewer):
analyticshub.subscriptions.get
analyticshub.subscriptions.list
|
| Apigee Connect |
Se agregará el siguiente permiso al rol de administrador de Apigee Connect (roles/apigeeconnect.Admin):
apigeeconnect.endpoints.connect
|
| App Hub |
Se agregarán los siguientes permisos al rol de editor del Centro de aplicaciones (roles/apphub.editor):
apphub.applications.getIamPolicy
apphub.serviceProjectAttachments.create
apphub.serviceProjectAttachments.delete
apphub.serviceProjectAttachments.get
apphub.serviceProjectAttachments.list
|
| App Hub |
Se agregarán los siguientes permisos al rol de visualizador del Centro de aplicaciones (roles/apphub.viewer):
apphub.applications.getIamPolicy
apphub.serviceProjectAttachments.get
apphub.serviceProjectAttachments.list
|
| Artifact Registry |
Se agregará el siguiente permiso al rol de administrador de Artifact Registry (roles/artifactregistry.admin):
artifactregistry.repositories.createOnPush
|
| Copia de seguridad y recuperación ante desastres |
Se agregarán los siguientes permisos al rol de administrador de copias de seguridad y DR (roles/backupdr.admin):
backupdr.resourceBackupConfigs.get
backupdr.resourceBackupConfigs.list
|
| Copia de seguridad y recuperación ante desastres |
Se agregarán los siguientes permisos al rol de visualizador de copias de seguridad y DR (roles/backupdr.viewer):
backupdr.resourceBackupConfigs.get
backupdr.resourceBackupConfigs.list
|
| Solución Bare Metal |
Se agregará el siguiente permiso al rol de administrador de la solución Bare Metal (roles/baremetalsolution.admin):
baremetalsolution.procurements.create
|
| Solución Bare Metal |
Se agregará el siguiente permiso al rol de editor de Bare Metal Solution (roles/baremetalsolution.editor):
baremetalsolution.procurements.create
|
| Lote |
Se agregará el siguiente permiso al rol de administrador de Batch (roles/batch.admin):
batch.states.report
|
| BigLake |
Se agregarán los siguientes permisos al rol de Editor de BigLake (roles/biglake.editor):
biglake.databases.create
biglake.databases.delete
biglake.databases.get
biglake.databases.list
biglake.databases.update
biglake.locks.check
biglake.locks.create
biglake.locks.delete
biglake.locks.list
biglake.tables.lock
|
| API de BigQuery Migration |
Se agregará el siguiente permiso al rol de Editor de MigrationWorkflow (roles/bigquerymigration.editor):
bigquerymigration.translation.translate
|
| Bigtable |
Se agregarán los siguientes permisos al rol de Usuario de Bigtable sin acceso a datos (roles/bigtable.viewer):
bigtable.authorizedViews.getIamPolicy
bigtable.authorizedViews.listEffectiveTags
bigtable.authorizedViews.listTagBindings
bigtable.authorizedViews.readRows
bigtable.authorizedViews.sampleRowKeys
bigtable.backups.getIamPolicy
bigtable.backups.read
bigtable.instances.executeQuery
bigtable.instances.getIamPolicy
bigtable.instances.ping
bigtable.keyvisualizer.get
bigtable.keyvisualizer.list
bigtable.logicalViews.getIamPolicy
bigtable.logicalViews.readRows
bigtable.materializedViews.getIamPolicy
bigtable.materializedViews.readRows
bigtable.materializedViews.sampleRowKeys
bigtable.schemaBundles.getIamPolicy
bigtable.tables.getIamPolicy
bigtable.tables.readRows
bigtable.tables.sampleRowKeys
|
| Facturación de Cloud |
Se agregarán los siguientes permisos al rol de Administrador de cuentas de facturación (roles/billing.admin):
billing.costRecommendations.listScoped
billing.resourceCosts.get
billing.resourcebudgets.read
billing.resourcebudgets.write
|
| Facturación de Cloud |
Se agregarán los siguientes permisos al rol de visualizador de cuentas de facturación (roles/billing.viewer):
billing.costRecommendations.listScoped
billing.resourceCosts.get
billing.resourcebudgets.read
|
| Administrador de certificados |
Se agregarán los siguientes permisos al rol de editor de Certificate Manager (roles/certificatemanager.editor):
certificatemanager.certissuanceconfigs.delete
certificatemanager.certmapentries.delete
certificatemanager.certmaps.delete
certificatemanager.certs.delete
certificatemanager.dnsauthorizations.delete
certificatemanager.operations.cancel
certificatemanager.operations.delete
certificatemanager.trustconfigs.delete
|
| Google Security Operations |
Se agregarán los siguientes permisos al rol de administrador de la API de Chronicle (roles/chronicle.admin):
chronicle.federationGroups.create
chronicle.federationGroups.delete
chronicle.federationGroups.get
chronicle.federationGroups.list
chronicle.federationGroups.update
chronicle.instances.delete
chronicle.instances.permitFederationAccess
chronicle.instances.soarThreatManager
chronicle.instances.soarVulnerabilityManager
chronicle.instances.undelete
|
| Google Security Operations |
Se agregarán los siguientes permisos al rol de editor de la API de Chronicle (roles/chronicle.editor):
chronicle.calculatedFieldDefinitions.update
chronicle.collectors.create
chronicle.collectors.delete
chronicle.collectors.update
chronicle.connectors.delete
chronicle.connectors.get
chronicle.connectors.update
chronicle.customFields.update
chronicle.enrichmentControls.delete
chronicle.entitiesBlocklists.delete
chronicle.entitiesBlocklists.update
chronicle.errorNotificationConfigs.create
chronicle.errorNotificationConfigs.delete
chronicle.errorNotificationConfigs.update
chronicle.federationGroups.get
chronicle.federationGroups.list
chronicle.formDynamicParameters.update
chronicle.forwarders.create
chronicle.forwarders.delete
chronicle.forwarders.update
chronicle.instances.permitFederationAccess
chronicle.instances.verifyNonce
chronicle.integrationActions.delete
chronicle.integrations.delete
chronicle.jobs.delete
chronicle.legacyCaseFederationPlatforms.delete
chronicle.legacyCaseFederationPlatforms.get
chronicle.legacyCaseFederationPlatforms.update
chronicle.logProcessingPipelines.associateStreams
chronicle.logProcessingPipelines.create
chronicle.logProcessingPipelines.delete
chronicle.logProcessingPipelines.dissociateStreams
chronicle.logProcessingPipelines.update
chronicle.moduleSettingsProperties.get
chronicle.rules.delete
chronicle.shareConfigs.get
chronicle.shareConfigs.update
chronicle.systemNotifications.get
chronicle.systemNotifications.update
chronicle.tenants.create
chronicle.tenants.list
chronicle.tenants.update
|
| Google Security Operations |
Se agregarán los siguientes permisos al rol de visualizador de la API de Chronicle (roles/chronicle.viewer):
chronicle.caseWallRecords.get
chronicle.connectorInstanceLogs.get
chronicle.connectorInstances.get
chronicle.connectorRevisions.get
chronicle.connectors.get
chronicle.contentPacks.export
chronicle.customLists.get
chronicle.emailTemplates.get
chronicle.entitiesBlocklists.get
chronicle.federationGroups.get
chronicle.federationGroups.list
chronicle.instances.permitFederationAccess
chronicle.instances.verifyNonce
chronicle.integrationActionRevisions.get
chronicle.integrationInstances.get
chronicle.integrationLogicalOperatorRevisions.get
chronicle.integrationLogicalOperators.get
chronicle.integrations.get
chronicle.jobInstanceLogs.get
chronicle.jobInstances.get
chronicle.jobRevisions.get
chronicle.jobs.get
chronicle.legacyCaseFederationPlatforms.get
chronicle.legacyPlaybooks.get
chronicle.managerRevisions.get
chronicle.managers.get
chronicle.moduleSettingsProperties.get
chronicle.notificationSettings.get
chronicle.remoteAgents.get
chronicle.shareConfigs.get
chronicle.systemNotifications.get
chronicle.tasks.get
chronicle.tenants.list
chronicle.transformerDefinitions.get
chronicle.transformerDefinitions.list
chronicle.transformerRevisions.get
chronicle.uniqueEntities.get
chronicle.userLocalizations.get
chronicle.userNotifications.get
chronicle.workdeskContacts.get
chronicle.workdeskLinks.get
chronicle.workdeskNotes.get
|
| Cloud Asset Inventory |
Se agregarán los siguientes permisos a la función de visualizador de Cloud Asset (roles/cloudasset.viewer):
cloudasset.savedqueries.get
cloudasset.savedqueries.list
|
| Cloud Run Functions |
Se agregará el siguiente permiso al rol de visualizador de Cloud Functions (roles/cloudfunctions.viewer):
cloudfunctions.functions.sourceCodeGet
|
| Talent Solution |
Se agregarán los siguientes permisos a la función de administrador de Cloud Talent Solution (roles/cloudjobdiscovery.admin):
cloudjobdiscovery.companies.create
cloudjobdiscovery.companies.delete
cloudjobdiscovery.companies.get
cloudjobdiscovery.companies.list
cloudjobdiscovery.companies.update
cloudjobdiscovery.events.create
cloudjobdiscovery.jobs.create
cloudjobdiscovery.jobs.delete
cloudjobdiscovery.jobs.get
cloudjobdiscovery.jobs.search
cloudjobdiscovery.jobs.update
cloudjobdiscovery.profiles.create
cloudjobdiscovery.profiles.delete
cloudjobdiscovery.profiles.get
cloudjobdiscovery.profiles.search
cloudjobdiscovery.profiles.update
cloudjobdiscovery.tenants.create
cloudjobdiscovery.tenants.delete
cloudjobdiscovery.tenants.get
cloudjobdiscovery.tenants.update
|
| Cloud Key Management Service |
Se agregarán los siguientes permisos a la función de administrador de Cloud KMS (roles/cloudkms.admin):
cloudkms.cryptoKeyVersions.manageRawAesCbcKeys
cloudkms.cryptoKeyVersions.manageRawAesCtrKeys
cloudkms.cryptoKeyVersions.manageRawPKCS1Keys
cloudkms.cryptoKeyVersions.useToDecapsulate
cloudkms.cryptoKeyVersions.useToDecrypt
cloudkms.cryptoKeyVersions.useToEncrypt
cloudkms.cryptoKeyVersions.useToSign
cloudkms.cryptoKeyVersions.useToVerify
cloudkms.cryptoKeyVersions.viewPublicKey
cloudkms.locations.generateRandomBytes
cloudkms.protectedResources.search
cloudkms.singleTenantHsmInstanceProposals.approve
cloudkms.singleTenantHsmInstanceProposals.create
cloudkms.singleTenantHsmInstanceProposals.execute
|
| Cloud Key Management Service |
Se agregarán los siguientes permisos a la función de visualizador de Cloud KMS (roles/cloudkms.viewer):
cloudkms.cryptoKeys.getIamPolicy
cloudkms.ekmConfigs.getIamPolicy
cloudkms.ekmConnections.getIamPolicy
cloudkms.ekmConnections.verifyConnectivity
cloudkms.importJobs.getIamPolicy
cloudkms.keyRings.getIamPolicy
cloudkms.keyRings.listEffectiveTags
cloudkms.keyRings.listTagBindings
cloudkms.locations.generateRandomBytes
cloudkms.projects.showEffectiveAutokeyConfig
cloudkms.projects.showEffectiveKajEnrollmentConfig
cloudkms.projects.showEffectiveKajPolicyConfig
cloudkms.protectedResources.search
|
| Cloud SQL |
Se agregarán los siguientes permisos al rol de Editor de Cloud SQL (roles/cloudsql.editor):
cloudsql.backupRuns.delete
cloudsql.databases.delete
cloudsql.instances.clone
cloudsql.instances.create
cloudsql.instances.createBackupDrBackup
cloudsql.instances.delete
cloudsql.instances.demoteMaster
cloudsql.instances.executeSql
cloudsql.instances.import
cloudsql.instances.login
cloudsql.instances.promoteReplica
cloudsql.instances.resetSslConfig
cloudsql.instances.restoreBackup
cloudsql.instances.startReplica
cloudsql.instances.stopReplica
cloudsql.instances.updateBackupDrConfig
cloudsql.sslCerts.create
cloudsql.sslCerts.delete
cloudsql.users.create
cloudsql.users.delete
cloudsql.users.update
|
| Cloud SQL |
Se agregarán los siguientes permisos al rol de visualizador de Cloud SQL (roles/cloudsql.viewer):
cloudsql.instances.createBackupDrBackup
cloudsql.schemas.view
|
| Asistencia deGoogle Cloud |
Se agregarán los siguientes permisos al rol de administrador de cuentas de asistencia (roles/cloudsupport.admin):
cloudsupport.techCases.create
cloudsupport.techCases.escalate
cloudsupport.techCases.get
cloudsupport.techCases.list
cloudsupport.techCases.update
|
| Asistencia deGoogle Cloud |
Se agregarán los siguientes permisos a la función de visualizador de cuentas de asistencia (roles/cloudsupport.viewer):
cloudsupport.accounts.getIamPolicy
cloudsupport.operations.get
cloudsupport.techCases.get
cloudsupport.techCases.list
|
| Traducción |
Se agregarán los siguientes permisos al rol de visualizador de la API de Cloud Translation (roles/cloudtranslate.viewer):
cloudtranslate.adaptiveMtDatasets.predict
cloudtranslate.customModels.predict
cloudtranslate.datasets.export
cloudtranslate.generalModels.batchDocPredict
cloudtranslate.generalModels.batchPredict
cloudtranslate.generalModels.docPredict
cloudtranslate.generalModels.predict
cloudtranslate.glossaries.batchDocPredict
cloudtranslate.glossaries.batchPredict
cloudtranslate.glossaries.docPredict
cloudtranslate.glossaries.predict
cloudtranslate.languageDetectionModels.predict
|
| Compute Engine |
Se agregarán los siguientes permisos al rol de visualizador de Compute (roles/compute.viewer):
compute.disks.createSnapshot
compute.disks.useReadOnly
compute.healthChecks.useReadOnly
compute.httpHealthChecks.useReadOnly
compute.httpsHealthChecks.useReadOnly
compute.images.useReadOnly
compute.instanceTemplates.useReadOnly
compute.instances.useReadOnly
compute.instantSnapshots.useReadOnly
compute.machineImages.useReadOnly
compute.regionHealthChecks.useReadOnly
compute.resourcePolicies.useReadOnly
compute.snapshots.useReadOnly
|
| Conectores |
Se agregará el siguiente permiso al rol de administrador de conectores (roles/connectors.admin):
connectors.connections.listenEvent
|
| Conectores |
Se agregarán los siguientes permisos al rol de visualizador de conectores (roles/connectors.viewer):
connectors.actions.list
connectors.entities.get
connectors.entities.list
connectors.entityTypes.list
|
| Centro de contacto como servicio de Google Cloud |
Se agregará el siguiente permiso al rol de administrador de Contact Center AI Platform (roles/contactcenteraiplatform.admin):
contactcenteraiplatform.locations.generateShifts
|
| Centro de contacto como servicio de Google Cloud |
Se agregará el siguiente permiso al rol de visualizador de Contact Center AI Platform (roles/contactcenteraiplatform.viewer):
contactcenteraiplatform.contactCenters.queryQuota
|
| Customer Experience Insights |
Se agregará el siguiente permiso al rol de editor de Contact Center AI Insights (roles/contactcenterinsights.editor):
contactcenterinsights.authorizedViews.getIamPolicy
|
| Customer Experience Insights |
Se agregará el siguiente permiso al rol de visualizador de Contact Center AI Insights (roles/contactcenterinsights.viewer):
contactcenterinsights.authorizedViews.getIamPolicy
|
| Google Kubernetes Engine |
Se agregarán los siguientes permisos al rol de Visualizador de clústeres de Kubernetes Engine (roles/container.clusterViewer):
container.clusters.listEffectiveTags
container.clusters.listTagBindings
container.pods.getLogs
container.selfSubjectAccessReviews.create
container.selfSubjectRulesReviews.create
container.volumeSnapshots.getStatus
|
| Content Warehouse |
Se agregarán los siguientes permisos al rol de administrador de Content Warehouse (roles/contentwarehouse.admin):
contentwarehouse.links.create
contentwarehouse.links.delete
contentwarehouse.links.get
contentwarehouse.links.update
|
| Database Insights |
Se agregarán los siguientes permisos al rol de visualizador de Estadísticas de la base de datos (roles/databaseinsights.viewer):
databaseinsights.aggregatedEvents.query
databaseinsights.clusterEvents.query
databaseinsights.instanceEvents.query
|
| Data Catalog |
Se agregarán los siguientes permisos al rol de visualizador de Data Catalog (roles/datacatalog.viewer):
datacatalog.categories.getIamPolicy
datacatalog.taxonomies.getIamPolicy
|
| Dataflow |
Se agregarán los siguientes permisos al rol de administrador de Dataflow (roles/dataflow.admin):
dataflow.shuffle.read
dataflow.shuffle.write
dataflow.streamingWorkItems.ImportState
dataflow.streamingWorkItems.commitWork
dataflow.streamingWorkItems.getData
dataflow.streamingWorkItems.getWork
dataflow.streamingWorkItems.getWorkerMetadata
dataflow.workItems.lease
dataflow.workItems.sendMessage
dataflow.workItems.update
|
| Dataform |
Se agregarán los siguientes permisos al rol de editor de Dataform (roles/dataform.editor):
dataform.commentThreads.create
dataform.commentThreads.delete
dataform.commentThreads.update
dataform.comments.create
dataform.comments.delete
dataform.comments.update
dataform.config.update
dataform.folders.addContents
dataform.folders.create
dataform.folders.delete
dataform.folders.move
dataform.folders.update
dataform.operations.cancel
dataform.operations.delete
dataform.releaseConfigs.create
dataform.releaseConfigs.delete
dataform.releaseConfigs.update
dataform.repositories.commit
dataform.repositories.create
dataform.repositories.delete
dataform.repositories.move
dataform.repositories.scheduleRelease
dataform.repositories.scheduleWorkflow
dataform.repositories.update
dataform.teamFolders.create
dataform.teamFolders.delete
dataform.teamFolders.update
dataform.workflowConfigs.create
dataform.workflowConfigs.delete
dataform.workflowConfigs.update
|
| API de Data Lineage |
Se agregarán los siguientes permisos al rol de Editor de linaje de datos (roles/datalineage.editor):
datalineage.configs.get
datalineage.configs.update
datalineage.processes.delete
datalineage.runs.delete
|
| API de Data Lineage |
Se agregarán los siguientes permisos al rol de visualizador del linaje de datos (roles/datalineage.viewer):
datalineage.configs.get
datalineage.operations.get
|
| Dataplex Universal Catalog |
Se agregarán los siguientes permisos al rol de administrador de Dataplex (roles/dataplex.admin):
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.setIamPolicy
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.assets.ownData
dataplex.assets.readData
dataplex.assets.writeData
dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.list
dataplex.entryGroups.setIamPolicy
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useDataProfileAspect
dataplex.entryGroups.useDataQualityScorecardAspect
dataplex.entryGroups.useDescriptionsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useQueriesAspect
dataplex.entryGroups.useRefreshCadenceAspect
dataplex.entryGroups.useSchemaAspect
dataplex.entryGroups.useStorageAspect
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.setIamPolicy
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.projects.search
|
| Dataplex Universal Catalog |
Se agregarán los siguientes permisos al rol de Editor de Dataplex (roles/dataplex.editor):
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.assets.readData
dataplex.assets.writeData
dataplex.content.create
dataplex.content.update
dataplex.datascans.getData
dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update
dataplex.entities.create
dataplex.entities.delete
dataplex.entities.get
dataplex.entities.list
dataplex.entities.update
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.link
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.import
dataplex.entryGroups.list
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useDataProfileAspect
dataplex.entryGroups.useDataQualityScorecardAspect
dataplex.entryGroups.useDefinitionEntryLink
dataplex.entryGroups.useDescriptionsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useQueriesAspect
dataplex.entryGroups.useRefreshCadenceAspect
dataplex.entryGroups.useRelatedEntryLink
dataplex.entryGroups.useSchemaAspect
dataplex.entryGroups.useStorageAspect
dataplex.entryGroups.useSynonymEntryLink
dataplex.entryLinks.create
dataplex.entryLinks.delete
dataplex.entryLinks.get
dataplex.entryLinks.reference
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.environments.execute
dataplex.glossaries.create
dataplex.glossaries.delete
dataplex.glossaries.get
dataplex.glossaries.getIamPolicy
dataplex.glossaries.import
dataplex.glossaries.list
dataplex.glossaries.update
dataplex.glossaryCategories.create
dataplex.glossaryCategories.delete
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryCategories.update
dataplex.glossaryTerms.create
dataplex.glossaryTerms.delete
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.glossaryTerms.update
dataplex.glossaryTerms.use
dataplex.locations.get
dataplex.locations.list
dataplex.metadataJobs.cancel
dataplex.metadataJobs.create
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.partitions.create
dataplex.partitions.delete
dataplex.partitions.get
dataplex.partitions.list
dataplex.partitions.update
dataplex.projects.search
|
| Dataplex Universal Catalog |
Se agregarán los siguientes permisos al rol de visualizador de Dataplex (roles/dataplex.viewer):
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.assets.readData
dataplex.datascans.getData
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.entities.get
dataplex.entities.list
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.list
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.list
dataplex.entryLinks.get
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.glossaries.get
dataplex.glossaries.getIamPolicy
dataplex.glossaries.list
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.locations.get
dataplex.locations.list
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.partitions.get
dataplex.partitions.list
dataplex.projects.search
|
| Dataproc |
Se agregarán los siguientes permisos a la función de administrador de Dataproc (roles/dataproc.admin):
dataproc.agents.create
dataproc.agents.delete
dataproc.agents.get
dataproc.agents.list
dataproc.agents.update
dataproc.tasks.lease
dataproc.tasks.listInvalidatedLeases
dataproc.tasks.reportStatus
|
| Dataproc |
Se agregarán los siguientes permisos al rol de Editor de Dataproc (roles/dataproc.editor):
dataproc.agents.create
dataproc.agents.delete
dataproc.agents.get
dataproc.agents.list
dataproc.agents.update
dataproc.autoscalingPolicies.getIamPolicy
dataproc.clusters.getIamPolicy
dataproc.jobs.getIamPolicy
dataproc.operations.getIamPolicy
dataproc.tasks.lease
dataproc.tasks.listInvalidatedLeases
dataproc.tasks.reportStatus
dataproc.workflowTemplates.getIamPolicy
|
| Dataproc |
Se agregarán los siguientes permisos al rol de visualizador de Dataproc (roles/dataproc.viewer):
dataproc.agents.get
dataproc.agents.list
dataproc.autoscalingPolicies.getIamPolicy
dataproc.autoscalingPolicies.use
dataproc.clusters.getIamPolicy
dataproc.jobs.getIamPolicy
dataproc.operations.getIamPolicy
dataproc.tasks.listInvalidatedLeases
dataproc.workflowTemplates.getIamPolicy
|
| Firestore |
Se agregarán los siguientes permisos al rol de visualizador de Cloud Datastore (roles/datastore.viewer):
datastore.backupSchedules.get
datastore.backupSchedules.list
datastore.backups.get
datastore.backups.list
datastore.databases.listEffectiveTags
datastore.databases.listTagBindings
datastore.keyVisualizerScans.get
datastore.keyVisualizerScans.list
datastore.operations.get
datastore.operations.list
datastore.userCreds.get
datastore.userCreds.list
|
| Discovery Engine |
Se agregarán los siguientes permisos al rol de administrador de Discovery Engine (roles/discoveryengine.admin):
discoveryengine.accounts.create
discoveryengine.audioOverviews.create
discoveryengine.audioOverviews.delete
discoveryengine.audioOverviews.get
discoveryengine.audioOverviews.getIceConfig
discoveryengine.audioOverviews.sendSdpOffer
discoveryengine.notebooks.create
discoveryengine.notebooks.generateGuide
discoveryengine.notebooks.get
discoveryengine.notebooks.getAnalytics
discoveryengine.notebooks.getIamPolicy
discoveryengine.notebooks.interactSources
discoveryengine.notebooks.list
discoveryengine.notebooks.removeSelf
discoveryengine.notebooks.setIamPolicy
discoveryengine.notebooks.update
discoveryengine.notes.create
discoveryengine.notes.delete
discoveryengine.notes.get
discoveryengine.notes.update
discoveryengine.podcasts.create
discoveryengine.sources.checkFreshness
discoveryengine.sources.create
discoveryengine.sources.delete
discoveryengine.sources.generateDocumentGuide
discoveryengine.sources.get
discoveryengine.sources.refresh
discoveryengine.sources.update
|
| Discovery Engine |
Se agregarán los siguientes permisos al rol de Editor de Discovery Engine (roles/discoveryengine.editor):
discoveryengine.accounts.create
discoveryengine.aclConfigs.update
discoveryengine.alertPolicies.create
discoveryengine.alertPolicies.update
discoveryengine.assistants.create
discoveryengine.assistants.delete
discoveryengine.assistants.update
discoveryengine.audioOverviews.create
discoveryengine.audioOverviews.delete
discoveryengine.audioOverviews.get
discoveryengine.audioOverviews.getIceConfig
discoveryengine.audioOverviews.sendSdpOffer
discoveryengine.cmekConfigs.update
discoveryengine.collections.delete
discoveryengine.completionConfigs.update
discoveryengine.controls.create
discoveryengine.controls.delete
discoveryengine.controls.update
discoveryengine.dataConnectors.startConnectorRun
discoveryengine.dataConnectors.update
discoveryengine.dataStores.create
discoveryengine.dataStores.delete
discoveryengine.dataStores.enrollSolutions
discoveryengine.dataStores.update
discoveryengine.documentProcessingConfigs.update
discoveryengine.documents.purge
discoveryengine.engines.create
discoveryengine.engines.delete
discoveryengine.engines.getIamPolicy
discoveryengine.engines.update
discoveryengine.evaluations.create
discoveryengine.licenseConfigs.create
discoveryengine.licenseConfigs.update
discoveryengine.locations.estimateDataSize
discoveryengine.locations.exchangeAuthCredentials
discoveryengine.locations.getConnectorSource
discoveryengine.locations.listConnectorSources
discoveryengine.locations.setUpDataConnector
discoveryengine.notebooks.create
discoveryengine.notebooks.generateGuide
discoveryengine.notebooks.get
discoveryengine.notebooks.getAnalytics
discoveryengine.notebooks.getIamPolicy
discoveryengine.notebooks.interactSources
discoveryengine.notebooks.list
discoveryengine.notebooks.removeSelf
discoveryengine.notebooks.update
discoveryengine.notes.create
discoveryengine.notes.delete
discoveryengine.notes.get
discoveryengine.notes.update
discoveryengine.podcasts.create
discoveryengine.projects.provision
discoveryengine.projects.reportConsentChange
discoveryengine.schemas.create
discoveryengine.schemas.delete
discoveryengine.schemas.update
discoveryengine.servingConfigs.create
discoveryengine.servingConfigs.delete
discoveryengine.servingConfigs.update
discoveryengine.siteSearchEngines.batchVerifyTargetSites
discoveryengine.siteSearchEngines.disableAdvancedSiteSearch
discoveryengine.siteSearchEngines.enableAdvancedSiteSearch
discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
discoveryengine.siteSearchEngines.recrawlUris
discoveryengine.sitemaps.create
discoveryengine.sitemaps.delete
discoveryengine.sitemaps.fetch
discoveryengine.sources.checkFreshness
discoveryengine.sources.create
discoveryengine.sources.delete
discoveryengine.sources.generateDocumentGuide
discoveryengine.sources.get
discoveryengine.sources.refresh
discoveryengine.sources.update
discoveryengine.suggestionDenyListEntries.import
discoveryengine.suggestionDenyListEntries.purge
discoveryengine.targetSites.batchCreate
discoveryengine.targetSites.create
discoveryengine.targetSites.delete
discoveryengine.targetSites.update
discoveryengine.userEvents.purge
discoveryengine.userStores.batchUpdateUserLicenses
discoveryengine.userStores.listUserLicenses
|
| Discovery Engine |
Se agregarán los siguientes permisos al rol de visualizador de Discovery Engine (roles/discoveryengine.viewer):
discoveryengine.audioOverviews.get
discoveryengine.audioOverviews.getIceConfig
discoveryengine.audioOverviews.sendSdpOffer
discoveryengine.engines.getIamPolicy
discoveryengine.licenseConfigs.get
discoveryengine.licenseConfigs.list
discoveryengine.locations.estimateDataSize
discoveryengine.locations.exchangeAuthCredentials
discoveryengine.locations.getConnectorSource
discoveryengine.locations.listConnectorSources
discoveryengine.notebooks.generateGuide
discoveryengine.notebooks.get
discoveryengine.notebooks.getAnalytics
discoveryengine.notebooks.getIamPolicy
discoveryengine.notebooks.interactSources
discoveryengine.notebooks.list
discoveryengine.notes.get
discoveryengine.sessions.search
discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
discoveryengine.sitemaps.fetch
discoveryengine.sources.checkFreshness
discoveryengine.sources.generateDocumentGuide
discoveryengine.sources.get
discoveryengine.userStores.listUserLicenses
|
| Cloud DNS |
Se agregarán los siguientes permisos al rol de administrador de DNS (roles/dns.admin):
dns.managedZones.setIamPolicy
|
| Reglas de seguridad de Firebase |
Se agregarán los siguientes permisos al rol de Visualizador de reglas de Firebase (roles/firebaserules.viewer):
firebaserules.releases.getExecutable
firebaserules.rulesets.test
|
| GKE Hub |
Se agregarán los siguientes permisos al rol de administrador de flota (anteriormente, administrador de GKE Hub) (roles/gkehub.admin):
gkehub.endpoints.connect
gkehub.gateway.delete
gkehub.gateway.generateCredentials
gkehub.gateway.get
gkehub.gateway.patch
gkehub.gateway.post
gkehub.gateway.put
gkehub.gateway.stream
|
| GKE Hub |
Se agregarán los siguientes permisos al rol de Editor de flotas (anteriormente, Editor de GKE Hub) (roles/gkehub.editor):
gkehub.gateway.delete
gkehub.gateway.generateCredentials
gkehub.gateway.get
gkehub.gateway.patch
gkehub.gateway.post
gkehub.gateway.put
gkehub.gateway.stream
|
| GKE Hub |
Se agregarán los siguientes permisos al rol de Visualizador de flotas (anteriormente, Visualizador de GKE Hub) (roles/gkehub.viewer):
gkehub.gateway.generateCredentials
gkehub.gateway.get
gkehub.scopes.getIamPolicy
|
| Identity-Aware Proxy |
Se agregarán los siguientes permisos al rol de administrador de políticas de IAP (roles/iap.admin):
iap.projects.getSettings
iap.projects.updateSettings
iap.tunnelDestGroups.accessViaIAP
iap.tunnelDestGroups.create
iap.tunnelDestGroups.delete
iap.tunnelDestGroups.get
iap.tunnelDestGroups.list
iap.tunnelDestGroups.remediate
iap.tunnelDestGroups.update
iap.tunnelInstances.accessViaIAP
iap.tunnelinstances.remediate
iap.web.getSettings
iap.web.updateSettings
iap.webServiceVersions.getSettings
iap.webServiceVersions.remediate
iap.webServiceVersions.updateSettings
iap.webServices.getSettings
iap.webServices.updateSettings
iap.webTypes.getSettings
iap.webTypes.updateSettings
|
| Cloud License Manager |
Se agregarán los siguientes permisos al rol de visualizador de Cloud License Manager (roles/licensemanager.viewer):
licensemanager.configurations.aggregateUsage
licensemanager.configurations.queryLicenseUsage
|
| Cloud Logging |
Se agregarán los siguientes permisos al rol de Visualizador de registros (roles/logging.viewer):
logging.buckets.copyLogEntries
logging.buckets.listEffectiveTags
logging.buckets.listTagBindings
logging.logEntries.download
logging.notificationRules.get
logging.notificationRules.list
logging.settings.get
logging.views.getIamPolicy
logging.views.listLogs
logging.views.listResourceKeys
logging.views.listResourceValues
|
| Servicio administrado para Microsoft Active Directory |
Se agregarán los siguientes permisos al rol de visualizador de identidades administradas de Google Cloud (roles/managedidentities.viewer):
managedidentities.domains.checkMigrationPermission
managedidentities.domains.validateTrust
|
| Memorystore para Memcached |
Se agregarán los siguientes permisos al rol de editor de Cloud Memorystore para Memcached (roles/memcache.editor):
memcache.instances.applySoftwareUpdate
memcache.instances.create
memcache.instances.delete
memcache.instances.rescheduleMaintenance
memcache.instances.upgrade
|
| Memorystore para Memcached |
Se agregarán los siguientes permisos al rol de visualizador de Cloud Memorystore para Memcached (roles/memcache.viewer):
memcache.instances.listEffectiveTags
memcache.instances.listTagBindings
|
| Dataproc Metastore |
Se agregarán los siguientes permisos al rol de administrador de Dataproc Metastore (roles/metastore.admin):
metastore.databases.create
metastore.databases.delete
metastore.databases.get
metastore.databases.getIamPolicy
metastore.databases.list
metastore.databases.setIamPolicy
metastore.databases.update
metastore.services.mutateMetadata
metastore.services.queryMetadata
metastore.services.use
metastore.tables.create
metastore.tables.delete
metastore.tables.get
metastore.tables.getIamPolicy
metastore.tables.list
metastore.tables.setIamPolicy
metastore.tables.update
|
| Dataproc Metastore |
Se agregarán los siguientes permisos al rol de editor de Dataproc Metastore (roles/metastore.editor):
metastore.backups.getIamPolicy
metastore.databases.create
metastore.databases.delete
metastore.databases.get
metastore.databases.getIamPolicy
metastore.databases.list
metastore.databases.update
metastore.federations.getIamPolicy
metastore.federations.use
metastore.services.use
metastore.tables.create
metastore.tables.delete
metastore.tables.get
metastore.tables.getIamPolicy
metastore.tables.list
metastore.tables.update
|
| AI Platform |
Se agregarán los siguientes permisos al rol de visualizador de AI Platform (roles/ml.viewer):
ml.jobs.getIamPolicy
ml.models.getIamPolicy
ml.models.predict
ml.versions.predict
|
| Model Armor |
Se agregarán los siguientes permisos al rol de administrador de Model Armor (roles/modelarmor.admin):
modelarmor.callouts.invoke
modelarmor.floorSettings.get
modelarmor.floorSettings.update
|
| Model Armor |
Se agregará el siguiente permiso al rol de Visualizador de Model Armor (roles/modelarmor.viewer):
modelarmor.floorSettings.get
|
| Oracle Database@Google Cloud |
Se agregarán los siguientes permisos al rol de visualizador de Oracle Database@Google Cloud (roles/oracledatabase.viewer):
oracledatabase.dbSystemInitialStorageSizes.list
oracledatabase.dbVersions.list
oracledatabase.systemVersions.list
|
| Pub/Sub |
Se agregará el siguiente permiso al rol de Editor de Pub/Sub (roles/pubsub.editor):
pubsub.schemas.getIamPolicy
|
| Pub/Sub |
Se agregarán los siguientes permisos al rol de visualizador de Pub/Sub (roles/pubsub.viewer):
pubsub.schemas.attach
pubsub.schemas.getIamPolicy
pubsub.snapshots.seek
|
| Pub/Sub Lite |
Se agregarán los siguientes permisos al rol de Visualizador de Pub/Sub Lite (roles/pubsublite.viewer):
pubsublite.locations.openKafkaStream
pubsublite.subscriptions.subscribe
pubsublite.topics.computeHeadCursor
pubsublite.topics.computeMessageStats
pubsublite.topics.computeTimeCursor
pubsublite.topics.subscribe
|
| reCAPTCHA |
Se agregarán los siguientes permisos al rol de administrador de reCAPTCHA Enterprise (roles/recaptchaenterprise.admin):
recaptchaenterprise.assessments.annotate
recaptchaenterprise.assessments.create
recaptchaenterprise.relatedaccountgroupmemberships.list
recaptchaenterprise.relatedaccountgroups.list
|
| reCAPTCHA |
Se agregarán los siguientes permisos al rol de visualizador de reCAPTCHA Enterprise (roles/recaptchaenterprise.viewer):
recaptchaenterprise.relatedaccountgroupmemberships.list
recaptchaenterprise.relatedaccountgroups.list
|
| Recomendador |
Se agregarán los siguientes permisos al rol de Visualizador de Recommender (roles/recommender.viewer):
recommender.costRecommendations.listAll
recommender.costRecommendations.summarizeAll
|
| Memorystore for Redis |
Se agregarán los siguientes permisos al rol de editor de Redis para Cloud Memorystore (roles/redis.editor):
redis.backupCollections.create
redis.backupCollections.delete
redis.backups.create
redis.backups.delete
redis.backups.export
redis.clusters.connect
redis.clusters.create
redis.clusters.delete
redis.clusters.rescheduleMaintenance
redis.instances.create
redis.instances.delete
redis.instances.export
redis.instances.getAuthString
redis.instances.import
redis.instances.listEffectiveTags
redis.instances.listTagBindings
redis.instances.rescheduleMaintenance
redis.instances.updateAuth
redis.instances.upgrade
|
| Memorystore for Redis |
Se agregará el siguiente permiso al rol de visualizador de Cloud Memorystore Redis (roles/redis.viewer):
redis.backups.export
|
| API de Retail |
Se agregarán los siguientes permisos al rol de editor de Retail (roles/retail.editor):
retail.attributesConfigs.batchRemoveCatalogAttributes
retail.attributesConfigs.removeCatalogAttribute
retail.products.purge
retail.products.setSponsorship
retail.userEvents.purge
retail.userEvents.rejoin
|
| API de Retail |
Se agregarán los siguientes permisos al rol de Visualizador de Retail (roles/retail.viewer):
retail.merchantControls.creatorGet
retail.merchantControls.creatorList
retail.models.pause
retail.models.resume
retail.models.tune
|
| Route Optimization |
Se agregará el siguiente permiso al rol de Visualizador de optimización de rutas (roles/routeoptimization.viewer):
routeoptimization.locations.use
|
| API de Security Center Management |
Se agregará el siguiente permiso al rol de Visualizador de administración del Centro de seguridad (roles/securitycentermanagement.viewer):
securitycentermanagement.securityCommandCenter.checkEligibility
|
| API de Security Posture |
Se agregarán los siguientes permisos al rol de Visualizador de la postura de seguridad (roles/securityposture.viewer):
securityposture.locations.get
securityposture.locations.list
securityposture.operations.list
securityposture.reports.get
securityposture.reports.list
|
| Spanner |
Se agregarán los siguientes permisos al rol de visualizador de Cloud Spanner (roles/spanner.viewer):
spanner.backupOperations.get
spanner.backupOperations.list
spanner.backupSchedules.get
spanner.backupSchedules.getIamPolicy
spanner.backupSchedules.list
spanner.backups.get
spanner.backups.getIamPolicy
spanner.backups.list
spanner.databaseOperations.get
spanner.databaseOperations.list
spanner.databaseRoles.list
spanner.databases.beginReadOnlyTransaction
spanner.databases.getDdl
spanner.databases.getIamPolicy
spanner.databases.partitionQuery
spanner.databases.partitionRead
spanner.databases.read
spanner.databases.select
spanner.databases.useDataBoost
spanner.instanceConfigOperations.get
spanner.instanceConfigOperations.list
spanner.instanceOperations.get
spanner.instanceOperations.list
spanner.instancePartitionOperations.get
spanner.instancePartitionOperations.list
spanner.instances.getIamPolicy
spanner.sessions.create
spanner.sessions.delete
spanner.sessions.get
spanner.sessions.list
|
| Speaker ID |
Se agregará el siguiente permiso al rol de Editor de ID del altavoz (roles/speakerid.editor):
speakerid.settings.get
|
| Speaker ID |
Se agregará el siguiente permiso al rol de visualizador de ID del altavoz (roles/speakerid.viewer):
speakerid.settings.get
|
| Speech‑to‑Text |
Se agregará el siguiente permiso al rol de Editor de Cloud Speech (roles/speech.editor):
speech.config.get
|
| Cloud Storage |
Se agregarán los siguientes permisos al rol de administrador de almacenamiento (roles/storage.admin):
storage.hmacKeys.create
storage.hmacKeys.delete
storage.hmacKeys.get
storage.hmacKeys.list
storage.hmacKeys.update
|
| Visual Inspection AI |
Se agregará el siguiente permiso al rol de editor de soluciones de Visual Inspection AI (roles/visualinspection.editor):
visualinspection.locations.reportUsageMetrics
|
| Acceso a VPC sin servidores |
Se agregará el siguiente permiso al rol de visualizador de Acceso a VPC sin servidores (roles/vpcaccess.viewer):
vpcaccess.connectors.use
|
