| Vertex AI |
Vertex AI Viewer 角色 (roles/aiplatform.viewer) 将添加以下权限:
aiplatform.endpoints.explain
aiplatform.endpoints.getIamPolicy
aiplatform.endpoints.predict
aiplatform.entityTypes.exportFeatureValues
aiplatform.entityTypes.getIamPolicy
aiplatform.entityTypes.readFeatureValues
aiplatform.entityTypes.streamingReadFeatureValues
aiplatform.featureGroups.getIamPolicy
aiplatform.featureOnlineStores.getIamPolicy
aiplatform.featureViews.getIamPolicy
aiplatform.featurestores.batchReadFeatureValues
aiplatform.featurestores.getIamPolicy
aiplatform.featurestores.readFeatures
aiplatform.humanInTheLoops.queryAnnotationStats
aiplatform.locations.evaluateInstances
aiplatform.memories.retrieve
aiplatform.migratableResources.search
aiplatform.notebookRuntimeTemplates.apply
aiplatform.notebookRuntimeTemplates.getIamPolicy
|
| BigQuery Sharing |
以下权限将添加到 Analytics Hub Admin 角色 (roles/analyticshub.admin):
analyticshub.dataExchanges.subscribe
analyticshub.listings.subscribe
|
| BigQuery Sharing |
以下权限将添加到 Analytics Hub Viewer 角色 (roles/analyticshub.viewer):
analyticshub.subscriptions.get
analyticshub.subscriptions.list
|
| Apigee Connect |
以下权限将添加到 Apigee Connect Admin 角色 (roles/apigeeconnect.Admin):
apigeeconnect.endpoints.connect
|
| App Hub |
以下权限将添加到 App Hub 编辑者角色 (roles/apphub.editor):
apphub.applications.getIamPolicy
apphub.serviceProjectAttachments.create
apphub.serviceProjectAttachments.delete
apphub.serviceProjectAttachments.get
apphub.serviceProjectAttachments.list
|
| App Hub |
以下权限将添加到 App Hub Viewer 角色 (roles/apphub.viewer):
apphub.applications.getIamPolicy
apphub.serviceProjectAttachments.get
apphub.serviceProjectAttachments.list
|
| Artifact Registry |
Artifact Registry Administrator 角色 (roles/artifactregistry.admin) 将新增以下权限:
artifactregistry.repositories.createOnPush
|
| 备份和灾难恢复 |
Backup and DR Admin 角色 (roles/backupdr.admin) 将添加以下权限:
backupdr.resourceBackupConfigs.get
backupdr.resourceBackupConfigs.list
|
| 备份和灾难恢复 |
Backup and DR Viewer 角色 (roles/backupdr.viewer) 将新增以下权限:
backupdr.resourceBackupConfigs.get
backupdr.resourceBackupConfigs.list
|
| 裸金属解决方案 |
以下权限将添加到 Bare Metal Solution Admin 角色 (roles/baremetalsolution.admin):
baremetalsolution.procurements.create
|
| 裸金属解决方案 |
以下权限将添加到 Bare Metal Solution 编辑者角色 (roles/baremetalsolution.editor):
baremetalsolution.procurements.create
|
| 批量 |
Batch Administrator 角色 (roles/batch.admin) 将新增以下权限:
batch.states.report
|
| BigLake |
BigLake 编辑者角色 (roles/biglake.editor) 将新增以下权限:
biglake.databases.create
biglake.databases.delete
biglake.databases.get
biglake.databases.list
biglake.databases.update
biglake.locks.check
biglake.locks.create
biglake.locks.delete
biglake.locks.list
biglake.tables.lock
|
| BigQuery Migration API |
以下权限将添加到 MigrationWorkflow Editor 角色 (roles/bigquerymigration.editor):
bigquerymigration.translation.translate
|
| Bigtable |
Bigtable Viewer 角色 (roles/bigtable.viewer) 将新增以下权限:
bigtable.authorizedViews.getIamPolicy
bigtable.authorizedViews.listEffectiveTags
bigtable.authorizedViews.listTagBindings
bigtable.authorizedViews.readRows
bigtable.authorizedViews.sampleRowKeys
bigtable.backups.getIamPolicy
bigtable.backups.read
bigtable.instances.executeQuery
bigtable.instances.getIamPolicy
bigtable.instances.ping
bigtable.keyvisualizer.get
bigtable.keyvisualizer.list
bigtable.logicalViews.getIamPolicy
bigtable.logicalViews.readRows
bigtable.materializedViews.getIamPolicy
bigtable.materializedViews.readRows
bigtable.materializedViews.sampleRowKeys
bigtable.schemaBundles.getIamPolicy
bigtable.tables.getIamPolicy
bigtable.tables.readRows
bigtable.tables.sampleRowKeys
|
| Cloud Billing |
以下权限将添加到 Billing Account Administrator 角色 (roles/billing.admin):
billing.costRecommendations.listScoped
billing.resourceCosts.get
billing.resourcebudgets.read
billing.resourcebudgets.write
|
| Cloud Billing |
Billing Account Viewer 角色 (roles/billing.viewer) 将新增以下权限:
billing.costRecommendations.listScoped
billing.resourceCosts.get
billing.resourcebudgets.read
|
| Certificate Manager |
以下权限将添加到 Certificate Manager 编辑者角色 (roles/certificatemanager.editor):
certificatemanager.certissuanceconfigs.delete
certificatemanager.certmapentries.delete
certificatemanager.certmaps.delete
certificatemanager.certs.delete
certificatemanager.dnsauthorizations.delete
certificatemanager.operations.cancel
certificatemanager.operations.delete
certificatemanager.trustconfigs.delete
|
| Google Security Operations |
以下权限将添加到 Chronicle API Admin 角色 (roles/chronicle.admin):
chronicle.federationGroups.create
chronicle.federationGroups.delete
chronicle.federationGroups.get
chronicle.federationGroups.list
chronicle.federationGroups.update
chronicle.instances.delete
chronicle.instances.permitFederationAccess
chronicle.instances.soarThreatManager
chronicle.instances.soarVulnerabilityManager
chronicle.instances.undelete
|
| Google Security Operations |
以下权限将添加到 Chronicle API Editor 角色 (roles/chronicle.editor):
chronicle.calculatedFieldDefinitions.update
chronicle.collectors.create
chronicle.collectors.delete
chronicle.collectors.update
chronicle.connectors.delete
chronicle.connectors.get
chronicle.connectors.update
chronicle.customFields.update
chronicle.enrichmentControls.delete
chronicle.entitiesBlocklists.delete
chronicle.entitiesBlocklists.update
chronicle.errorNotificationConfigs.create
chronicle.errorNotificationConfigs.delete
chronicle.errorNotificationConfigs.update
chronicle.federationGroups.get
chronicle.federationGroups.list
chronicle.formDynamicParameters.update
chronicle.forwarders.create
chronicle.forwarders.delete
chronicle.forwarders.update
chronicle.instances.permitFederationAccess
chronicle.instances.verifyNonce
chronicle.integrationActions.delete
chronicle.integrations.delete
chronicle.jobs.delete
chronicle.legacyCaseFederationPlatforms.delete
chronicle.legacyCaseFederationPlatforms.get
chronicle.legacyCaseFederationPlatforms.update
chronicle.logProcessingPipelines.associateStreams
chronicle.logProcessingPipelines.create
chronicle.logProcessingPipelines.delete
chronicle.logProcessingPipelines.dissociateStreams
chronicle.logProcessingPipelines.update
chronicle.moduleSettingsProperties.get
chronicle.rules.delete
chronicle.shareConfigs.get
chronicle.shareConfigs.update
chronicle.systemNotifications.get
chronicle.systemNotifications.update
chronicle.tenants.create
chronicle.tenants.list
chronicle.tenants.update
|
| Google Security Operations |
以下权限将添加到 Chronicle API Viewer 角色 (roles/chronicle.viewer):
chronicle.caseWallRecords.get
chronicle.connectorInstanceLogs.get
chronicle.connectorInstances.get
chronicle.connectorRevisions.get
chronicle.connectors.get
chronicle.contentPacks.export
chronicle.customLists.get
chronicle.emailTemplates.get
chronicle.entitiesBlocklists.get
chronicle.federationGroups.get
chronicle.federationGroups.list
chronicle.instances.permitFederationAccess
chronicle.instances.verifyNonce
chronicle.integrationActionRevisions.get
chronicle.integrationInstances.get
chronicle.integrationLogicalOperatorRevisions.get
chronicle.integrationLogicalOperators.get
chronicle.integrations.get
chronicle.jobInstanceLogs.get
chronicle.jobInstances.get
chronicle.jobRevisions.get
chronicle.jobs.get
chronicle.legacyCaseFederationPlatforms.get
chronicle.legacyPlaybooks.get
chronicle.managerRevisions.get
chronicle.managers.get
chronicle.moduleSettingsProperties.get
chronicle.notificationSettings.get
chronicle.remoteAgents.get
chronicle.shareConfigs.get
chronicle.systemNotifications.get
chronicle.tasks.get
chronicle.tenants.list
chronicle.transformerDefinitions.get
chronicle.transformerDefinitions.list
chronicle.transformerRevisions.get
chronicle.uniqueEntities.get
chronicle.userLocalizations.get
chronicle.userNotifications.get
chronicle.workdeskContacts.get
chronicle.workdeskLinks.get
chronicle.workdeskNotes.get
|
| Cloud Asset Inventory |
Cloud Asset Viewer 角色 (roles/cloudasset.viewer) 将新增以下权限:
cloudasset.savedqueries.get
cloudasset.savedqueries.list
|
| Cloud Run functions |
Cloud Functions viewer 角色 (roles/cloudfunctions.viewer) 将新增以下权限:
cloudfunctions.functions.sourceCodeGet
|
| Talent Solution |
以下权限将添加到 Cloud Talent Solution Admin 角色 (roles/cloudjobdiscovery.admin):
cloudjobdiscovery.companies.create
cloudjobdiscovery.companies.delete
cloudjobdiscovery.companies.get
cloudjobdiscovery.companies.list
cloudjobdiscovery.companies.update
cloudjobdiscovery.events.create
cloudjobdiscovery.jobs.create
cloudjobdiscovery.jobs.delete
cloudjobdiscovery.jobs.get
cloudjobdiscovery.jobs.search
cloudjobdiscovery.jobs.update
cloudjobdiscovery.profiles.create
cloudjobdiscovery.profiles.delete
cloudjobdiscovery.profiles.get
cloudjobdiscovery.profiles.search
cloudjobdiscovery.profiles.update
cloudjobdiscovery.tenants.create
cloudjobdiscovery.tenants.delete
cloudjobdiscovery.tenants.get
cloudjobdiscovery.tenants.update
|
| Cloud Key Management Service |
以下权限将添加到 Cloud KMS Admin 角色 (roles/cloudkms.admin):
cloudkms.cryptoKeyVersions.manageRawAesCbcKeys
cloudkms.cryptoKeyVersions.manageRawAesCtrKeys
cloudkms.cryptoKeyVersions.manageRawPKCS1Keys
cloudkms.cryptoKeyVersions.useToDecapsulate
cloudkms.cryptoKeyVersions.useToDecrypt
cloudkms.cryptoKeyVersions.useToEncrypt
cloudkms.cryptoKeyVersions.useToSign
cloudkms.cryptoKeyVersions.useToVerify
cloudkms.cryptoKeyVersions.viewPublicKey
cloudkms.locations.generateRandomBytes
cloudkms.protectedResources.search
cloudkms.singleTenantHsmInstanceProposals.approve
cloudkms.singleTenantHsmInstanceProposals.create
cloudkms.singleTenantHsmInstanceProposals.execute
|
| Cloud Key Management Service |
Cloud KMS Viewer 角色 (roles/cloudkms.viewer) 将新增以下权限:
cloudkms.cryptoKeys.getIamPolicy
cloudkms.ekmConfigs.getIamPolicy
cloudkms.ekmConnections.getIamPolicy
cloudkms.ekmConnections.verifyConnectivity
cloudkms.importJobs.getIamPolicy
cloudkms.keyRings.getIamPolicy
cloudkms.keyRings.listEffectiveTags
cloudkms.keyRings.listTagBindings
cloudkms.locations.generateRandomBytes
cloudkms.projects.showEffectiveAutokeyConfig
cloudkms.projects.showEffectiveKajEnrollmentConfig
cloudkms.projects.showEffectiveKajPolicyConfig
cloudkms.protectedResources.search
|
| Cloud SQL |
以下权限将添加到 Cloud SQL 编辑者角色 (roles/cloudsql.editor):
cloudsql.backupRuns.delete
cloudsql.databases.delete
cloudsql.instances.clone
cloudsql.instances.create
cloudsql.instances.createBackupDrBackup
cloudsql.instances.delete
cloudsql.instances.demoteMaster
cloudsql.instances.executeSql
cloudsql.instances.import
cloudsql.instances.login
cloudsql.instances.promoteReplica
cloudsql.instances.resetSslConfig
cloudsql.instances.restoreBackup
cloudsql.instances.startReplica
cloudsql.instances.stopReplica
cloudsql.instances.updateBackupDrConfig
cloudsql.sslCerts.create
cloudsql.sslCerts.delete
cloudsql.users.create
cloudsql.users.delete
cloudsql.users.update
|
| Cloud SQL |
以下权限将添加到 Cloud SQL Viewer 角色 (roles/cloudsql.viewer):
cloudsql.instances.createBackupDrBackup
cloudsql.schemas.view
|
| Google Cloud 支持 |
以下权限将添加到 Support Account Administrator 角色 (roles/cloudsupport.admin):
cloudsupport.techCases.create
cloudsupport.techCases.escalate
cloudsupport.techCases.get
cloudsupport.techCases.list
cloudsupport.techCases.update
|
| Google Cloud 支持 |
以下权限将添加到 Support Account Viewer 角色 (roles/cloudsupport.viewer):
cloudsupport.accounts.getIamPolicy
cloudsupport.operations.get
cloudsupport.techCases.get
cloudsupport.techCases.list
|
| 翻译 |
Cloud Translation API Viewer 角色 (roles/cloudtranslate.viewer) 将添加以下权限:
cloudtranslate.adaptiveMtDatasets.predict
cloudtranslate.customModels.predict
cloudtranslate.datasets.export
cloudtranslate.generalModels.batchDocPredict
cloudtranslate.generalModels.batchPredict
cloudtranslate.generalModels.docPredict
cloudtranslate.generalModels.predict
cloudtranslate.glossaries.batchDocPredict
cloudtranslate.glossaries.batchPredict
cloudtranslate.glossaries.docPredict
cloudtranslate.glossaries.predict
cloudtranslate.languageDetectionModels.predict
|
| Compute Engine |
以下权限将添加到 Compute Viewer 角色 (roles/compute.viewer):
compute.disks.createSnapshot
compute.disks.useReadOnly
compute.healthChecks.useReadOnly
compute.httpHealthChecks.useReadOnly
compute.httpsHealthChecks.useReadOnly
compute.images.useReadOnly
compute.instanceTemplates.useReadOnly
compute.instances.useReadOnly
compute.instantSnapshots.useReadOnly
compute.machineImages.useReadOnly
compute.regionHealthChecks.useReadOnly
compute.resourcePolicies.useReadOnly
compute.snapshots.useReadOnly
|
| 连接器 |
以下权限将添加到 Connector Admin 角色 (roles/connectors.admin):
connectors.connections.listenEvent
|
| 连接器 |
以下权限将添加到连接器查看者角色 (roles/connectors.viewer):
connectors.actions.list
connectors.entities.get
connectors.entities.list
connectors.entityTypes.list
|
| Google Cloud Contact Center as a Service |
以下权限将添加到 Contact Center AI 平台管理员角色 (roles/contactcenteraiplatform.admin):
contactcenteraiplatform.locations.generateShifts
|
| Google Cloud Contact Center as a Service |
以下权限将添加到 Contact Center AI Platform Viewer 角色 (roles/contactcenteraiplatform.viewer):
contactcenteraiplatform.contactCenters.queryQuota
|
| 客户体验分析洞见 |
以下权限将添加到 Contact Center AI Insights 编辑者角色 (roles/contactcenterinsights.editor):
contactcenterinsights.authorizedViews.getIamPolicy
|
| 客户体验分析洞见 |
以下权限将添加到 Contact Center AI Insights viewer 角色 (roles/contactcenterinsights.viewer):
contactcenterinsights.authorizedViews.getIamPolicy
|
| Google Kubernetes Engine |
以下权限将添加到 Kubernetes Engine Cluster Viewer 角色 (roles/container.clusterViewer):
container.clusters.listEffectiveTags
container.clusters.listTagBindings
container.pods.getLogs
container.selfSubjectAccessReviews.create
container.selfSubjectRulesReviews.create
container.volumeSnapshots.getStatus
|
| Content Warehouse |
以下权限将添加到 Content Warehouse Admin 角色 (roles/contentwarehouse.admin):
contentwarehouse.links.create
contentwarehouse.links.delete
contentwarehouse.links.get
contentwarehouse.links.update
|
| 数据库分析 |
以下权限将添加到 Database Insights 查看者角色 (roles/databaseinsights.viewer):
databaseinsights.aggregatedEvents.query
databaseinsights.clusterEvents.query
databaseinsights.instanceEvents.query
|
| Data Catalog |
Data Catalog Viewer 角色 (roles/datacatalog.viewer) 将新增以下权限:
datacatalog.categories.getIamPolicy
datacatalog.taxonomies.getIamPolicy
|
| Dataflow |
Dataflow Admin 角色 (roles/dataflow.admin) 将新增以下权限:
dataflow.shuffle.read
dataflow.shuffle.write
dataflow.streamingWorkItems.ImportState
dataflow.streamingWorkItems.commitWork
dataflow.streamingWorkItems.getData
dataflow.streamingWorkItems.getWork
dataflow.streamingWorkItems.getWorkerMetadata
dataflow.workItems.lease
dataflow.workItems.sendMessage
dataflow.workItems.update
|
| Dataform |
Dataform 编辑者角色 (roles/dataform.editor) 将新增以下权限:
dataform.commentThreads.create
dataform.commentThreads.delete
dataform.commentThreads.update
dataform.comments.create
dataform.comments.delete
dataform.comments.update
dataform.config.update
dataform.folders.addContents
dataform.folders.create
dataform.folders.delete
dataform.folders.move
dataform.folders.update
dataform.operations.cancel
dataform.operations.delete
dataform.releaseConfigs.create
dataform.releaseConfigs.delete
dataform.releaseConfigs.update
dataform.repositories.commit
dataform.repositories.create
dataform.repositories.delete
dataform.repositories.move
dataform.repositories.scheduleRelease
dataform.repositories.scheduleWorkflow
dataform.repositories.update
dataform.teamFolders.create
dataform.teamFolders.delete
dataform.teamFolders.update
dataform.workflowConfigs.create
dataform.workflowConfigs.delete
dataform.workflowConfigs.update
|
| Data Lineage API |
以下权限将添加到数据沿袭编辑者角色 (roles/datalineage.editor):
datalineage.configs.get
datalineage.configs.update
datalineage.processes.delete
datalineage.runs.delete
|
| Data Lineage API |
Data Lineage Viewer 角色 (roles/datalineage.viewer) 将新增以下权限:
datalineage.configs.get
datalineage.operations.get
|
| Dataplex Universal Catalog |
以下权限将添加到 Dataplex Administrator 角色 (roles/dataplex.admin):
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.setIamPolicy
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.assets.ownData
dataplex.assets.readData
dataplex.assets.writeData
dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.list
dataplex.entryGroups.setIamPolicy
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useDataProfileAspect
dataplex.entryGroups.useDataQualityScorecardAspect
dataplex.entryGroups.useDescriptionsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useQueriesAspect
dataplex.entryGroups.useRefreshCadenceAspect
dataplex.entryGroups.useSchemaAspect
dataplex.entryGroups.useStorageAspect
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.setIamPolicy
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.projects.search
|
| Dataplex Universal Catalog |
Dataplex Editor 角色 (roles/dataplex.editor) 将新增以下权限:
dataplex.aspectTypes.create
dataplex.aspectTypes.delete
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.aspectTypes.update
dataplex.aspectTypes.use
dataplex.assets.readData
dataplex.assets.writeData
dataplex.content.create
dataplex.content.update
dataplex.datascans.getData
dataplex.encryptionConfig.create
dataplex.encryptionConfig.delete
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.encryptionConfig.update
dataplex.entities.create
dataplex.entities.delete
dataplex.entities.get
dataplex.entities.list
dataplex.entities.update
dataplex.entries.create
dataplex.entries.delete
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.link
dataplex.entries.list
dataplex.entries.update
dataplex.entryGroups.create
dataplex.entryGroups.delete
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.import
dataplex.entryGroups.list
dataplex.entryGroups.update
dataplex.entryGroups.useContactsAspect
dataplex.entryGroups.useDataProfileAspect
dataplex.entryGroups.useDataQualityScorecardAspect
dataplex.entryGroups.useDefinitionEntryLink
dataplex.entryGroups.useDescriptionsAspect
dataplex.entryGroups.useGenericAspect
dataplex.entryGroups.useGenericEntry
dataplex.entryGroups.useOverviewAspect
dataplex.entryGroups.useQueriesAspect
dataplex.entryGroups.useRefreshCadenceAspect
dataplex.entryGroups.useRelatedEntryLink
dataplex.entryGroups.useSchemaAspect
dataplex.entryGroups.useStorageAspect
dataplex.entryGroups.useSynonymEntryLink
dataplex.entryLinks.create
dataplex.entryLinks.delete
dataplex.entryLinks.get
dataplex.entryLinks.reference
dataplex.entryTypes.create
dataplex.entryTypes.delete
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.entryTypes.update
dataplex.entryTypes.use
dataplex.environments.execute
dataplex.glossaries.create
dataplex.glossaries.delete
dataplex.glossaries.get
dataplex.glossaries.getIamPolicy
dataplex.glossaries.import
dataplex.glossaries.list
dataplex.glossaries.update
dataplex.glossaryCategories.create
dataplex.glossaryCategories.delete
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryCategories.update
dataplex.glossaryTerms.create
dataplex.glossaryTerms.delete
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.glossaryTerms.update
dataplex.glossaryTerms.use
dataplex.locations.get
dataplex.locations.list
dataplex.metadataJobs.cancel
dataplex.metadataJobs.create
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.partitions.create
dataplex.partitions.delete
dataplex.partitions.get
dataplex.partitions.list
dataplex.partitions.update
dataplex.projects.search
|
| Dataplex Universal Catalog |
Dataplex Viewer 角色 (roles/dataplex.viewer) 将新增以下权限:
dataplex.aspectTypes.get
dataplex.aspectTypes.getIamPolicy
dataplex.aspectTypes.list
dataplex.assets.readData
dataplex.datascans.getData
dataplex.encryptionConfig.get
dataplex.encryptionConfig.list
dataplex.entities.get
dataplex.entities.list
dataplex.entries.get
dataplex.entries.getData
dataplex.entries.list
dataplex.entryGroups.export
dataplex.entryGroups.get
dataplex.entryGroups.getIamPolicy
dataplex.entryGroups.list
dataplex.entryLinks.get
dataplex.entryTypes.get
dataplex.entryTypes.getIamPolicy
dataplex.entryTypes.list
dataplex.glossaries.get
dataplex.glossaries.getIamPolicy
dataplex.glossaries.list
dataplex.glossaryCategories.get
dataplex.glossaryCategories.list
dataplex.glossaryTerms.get
dataplex.glossaryTerms.list
dataplex.locations.get
dataplex.locations.list
dataplex.metadataJobs.get
dataplex.metadataJobs.list
dataplex.partitions.get
dataplex.partitions.list
dataplex.projects.search
|
| Dataproc |
Dataproc 管理员角色 (roles/dataproc.admin) 将添加以下权限:
dataproc.agents.create
dataproc.agents.delete
dataproc.agents.get
dataproc.agents.list
dataproc.agents.update
dataproc.tasks.lease
dataproc.tasks.listInvalidatedLeases
dataproc.tasks.reportStatus
|
| Dataproc |
Dataproc Editor 角色 (roles/dataproc.editor) 将新增以下权限:
dataproc.agents.create
dataproc.agents.delete
dataproc.agents.get
dataproc.agents.list
dataproc.agents.update
dataproc.autoscalingPolicies.getIamPolicy
dataproc.clusters.getIamPolicy
dataproc.jobs.getIamPolicy
dataproc.operations.getIamPolicy
dataproc.tasks.lease
dataproc.tasks.listInvalidatedLeases
dataproc.tasks.reportStatus
dataproc.workflowTemplates.getIamPolicy
|
| Dataproc |
Dataproc Viewer 角色 (roles/dataproc.viewer) 将新增以下权限:
dataproc.agents.get
dataproc.agents.list
dataproc.autoscalingPolicies.getIamPolicy
dataproc.autoscalingPolicies.use
dataproc.clusters.getIamPolicy
dataproc.jobs.getIamPolicy
dataproc.operations.getIamPolicy
dataproc.tasks.listInvalidatedLeases
dataproc.workflowTemplates.getIamPolicy
|
| Firestore |
Cloud Datastore Viewer 角色 (roles/datastore.viewer) 将新增以下权限:
datastore.backupSchedules.get
datastore.backupSchedules.list
datastore.backups.get
datastore.backups.list
datastore.databases.listEffectiveTags
datastore.databases.listTagBindings
datastore.keyVisualizerScans.get
datastore.keyVisualizerScans.list
datastore.operations.get
datastore.operations.list
datastore.userCreds.get
datastore.userCreds.list
|
| Discovery Engine |
Discovery Engine Admin 角色 (roles/discoveryengine.admin) 将新增以下权限:
discoveryengine.accounts.create
discoveryengine.audioOverviews.create
discoveryengine.audioOverviews.delete
discoveryengine.audioOverviews.get
discoveryengine.audioOverviews.getIceConfig
discoveryengine.audioOverviews.sendSdpOffer
discoveryengine.notebooks.create
discoveryengine.notebooks.generateGuide
discoveryengine.notebooks.get
discoveryengine.notebooks.getAnalytics
discoveryengine.notebooks.getIamPolicy
discoveryengine.notebooks.interactSources
discoveryengine.notebooks.list
discoveryengine.notebooks.removeSelf
discoveryengine.notebooks.setIamPolicy
discoveryengine.notebooks.update
discoveryengine.notes.create
discoveryengine.notes.delete
discoveryengine.notes.get
discoveryengine.notes.update
discoveryengine.podcasts.create
discoveryengine.sources.checkFreshness
discoveryengine.sources.create
discoveryengine.sources.delete
discoveryengine.sources.generateDocumentGuide
discoveryengine.sources.get
discoveryengine.sources.refresh
discoveryengine.sources.update
|
| Discovery Engine |
Discovery Engine 编辑者角色 (roles/discoveryengine.editor) 将新增以下权限:
discoveryengine.accounts.create
discoveryengine.aclConfigs.update
discoveryengine.alertPolicies.create
discoveryengine.alertPolicies.update
discoveryengine.assistants.create
discoveryengine.assistants.delete
discoveryengine.assistants.update
discoveryengine.audioOverviews.create
discoveryengine.audioOverviews.delete
discoveryengine.audioOverviews.get
discoveryengine.audioOverviews.getIceConfig
discoveryengine.audioOverviews.sendSdpOffer
discoveryengine.cmekConfigs.update
discoveryengine.collections.delete
discoveryengine.completionConfigs.update
discoveryengine.controls.create
discoveryengine.controls.delete
discoveryengine.controls.update
discoveryengine.dataConnectors.startConnectorRun
discoveryengine.dataConnectors.update
discoveryengine.dataStores.create
discoveryengine.dataStores.delete
discoveryengine.dataStores.enrollSolutions
discoveryengine.dataStores.update
discoveryengine.documentProcessingConfigs.update
discoveryengine.documents.purge
discoveryengine.engines.create
discoveryengine.engines.delete
discoveryengine.engines.getIamPolicy
discoveryengine.engines.update
discoveryengine.evaluations.create
discoveryengine.licenseConfigs.create
discoveryengine.licenseConfigs.update
discoveryengine.locations.estimateDataSize
discoveryengine.locations.exchangeAuthCredentials
discoveryengine.locations.getConnectorSource
discoveryengine.locations.listConnectorSources
discoveryengine.locations.setUpDataConnector
discoveryengine.notebooks.create
discoveryengine.notebooks.generateGuide
discoveryengine.notebooks.get
discoveryengine.notebooks.getAnalytics
discoveryengine.notebooks.getIamPolicy
discoveryengine.notebooks.interactSources
discoveryengine.notebooks.list
discoveryengine.notebooks.removeSelf
discoveryengine.notebooks.update
discoveryengine.notes.create
discoveryengine.notes.delete
discoveryengine.notes.get
discoveryengine.notes.update
discoveryengine.podcasts.create
discoveryengine.projects.provision
discoveryengine.projects.reportConsentChange
discoveryengine.schemas.create
discoveryengine.schemas.delete
discoveryengine.schemas.update
discoveryengine.servingConfigs.create
discoveryengine.servingConfigs.delete
discoveryengine.servingConfigs.update
discoveryengine.siteSearchEngines.batchVerifyTargetSites
discoveryengine.siteSearchEngines.disableAdvancedSiteSearch
discoveryengine.siteSearchEngines.enableAdvancedSiteSearch
discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
discoveryengine.siteSearchEngines.recrawlUris
discoveryengine.sitemaps.create
discoveryengine.sitemaps.delete
discoveryengine.sitemaps.fetch
discoveryengine.sources.checkFreshness
discoveryengine.sources.create
discoveryengine.sources.delete
discoveryengine.sources.generateDocumentGuide
discoveryengine.sources.get
discoveryengine.sources.refresh
discoveryengine.sources.update
discoveryengine.suggestionDenyListEntries.import
discoveryengine.suggestionDenyListEntries.purge
discoveryengine.targetSites.batchCreate
discoveryengine.targetSites.create
discoveryengine.targetSites.delete
discoveryengine.targetSites.update
discoveryengine.userEvents.purge
discoveryengine.userStores.batchUpdateUserLicenses
discoveryengine.userStores.listUserLicenses
|
| Discovery Engine |
Discovery Engine Viewer 角色 (roles/discoveryengine.viewer) 将新增以下权限:
discoveryengine.audioOverviews.get
discoveryengine.audioOverviews.getIceConfig
discoveryengine.audioOverviews.sendSdpOffer
discoveryengine.engines.getIamPolicy
discoveryengine.licenseConfigs.get
discoveryengine.licenseConfigs.list
discoveryengine.locations.estimateDataSize
discoveryengine.locations.exchangeAuthCredentials
discoveryengine.locations.getConnectorSource
discoveryengine.locations.listConnectorSources
discoveryengine.notebooks.generateGuide
discoveryengine.notebooks.get
discoveryengine.notebooks.getAnalytics
discoveryengine.notebooks.getIamPolicy
discoveryengine.notebooks.interactSources
discoveryengine.notebooks.list
discoveryengine.notes.get
discoveryengine.sessions.search
discoveryengine.siteSearchEngines.fetchDomainVerificationStatus
discoveryengine.sitemaps.fetch
discoveryengine.sources.checkFreshness
discoveryengine.sources.generateDocumentGuide
discoveryengine.sources.get
discoveryengine.userStores.listUserLicenses
|
| Cloud DNS |
系统会将以下权限添加到 DNS 管理员角色 (roles/dns.admin):
dns.managedZones.setIamPolicy
|
| Firebase 安全规则 |
Firebase Rules Viewer 角色 (roles/firebaserules.viewer) 将新增以下权限:
firebaserules.releases.getExecutable
firebaserules.rulesets.test
|
| GKE Hub |
以下权限将添加到 Fleet Admin(以前称为 GKE Hub Admin)角色 (roles/gkehub.admin):
gkehub.endpoints.connect
gkehub.gateway.delete
gkehub.gateway.generateCredentials
gkehub.gateway.get
gkehub.gateway.patch
gkehub.gateway.post
gkehub.gateway.put
gkehub.gateway.stream
|
| GKE Hub |
以下权限将添加到 Fleet Editor(以前称为 GKE Hub Editor)角色 (roles/gkehub.editor):
gkehub.gateway.delete
gkehub.gateway.generateCredentials
gkehub.gateway.get
gkehub.gateway.patch
gkehub.gateway.post
gkehub.gateway.put
gkehub.gateway.stream
|
| GKE Hub |
以下权限将添加到 Fleet Viewer(以前称为 GKE Hub Viewer)角色 (roles/gkehub.viewer):
gkehub.gateway.generateCredentials
gkehub.gateway.get
gkehub.scopes.getIamPolicy
|
| Identity-Aware Proxy |
以下权限将添加到 IAP Policy Admin 角色 (roles/iap.admin):
iap.projects.getSettings
iap.projects.updateSettings
iap.tunnelDestGroups.accessViaIAP
iap.tunnelDestGroups.create
iap.tunnelDestGroups.delete
iap.tunnelDestGroups.get
iap.tunnelDestGroups.list
iap.tunnelDestGroups.remediate
iap.tunnelDestGroups.update
iap.tunnelInstances.accessViaIAP
iap.tunnelinstances.remediate
iap.web.getSettings
iap.web.updateSettings
iap.webServiceVersions.getSettings
iap.webServiceVersions.remediate
iap.webServiceVersions.updateSettings
iap.webServices.getSettings
iap.webServices.updateSettings
iap.webTypes.getSettings
iap.webTypes.updateSettings
|
| Cloud License Manager |
以下权限将添加到 Cloud License Manager Viewer 角色 (roles/licensemanager.viewer):
licensemanager.configurations.aggregateUsage
licensemanager.configurations.queryLicenseUsage
|
| Cloud Logging |
Logs Viewer 角色 (roles/logging.viewer) 将新增以下权限:
logging.buckets.copyLogEntries
logging.buckets.listEffectiveTags
logging.buckets.listTagBindings
logging.logEntries.download
logging.notificationRules.get
logging.notificationRules.list
logging.settings.get
logging.views.getIamPolicy
logging.views.listLogs
logging.views.listResourceKeys
logging.views.listResourceValues
|
| Managed Service for Microsoft Active Directory |
以下权限将添加到 Google Cloud Managed Identities Viewer 角色 (roles/managedidentities.viewer):
managedidentities.domains.checkMigrationPermission
managedidentities.domains.validateTrust
|
| Memorystore for Memcached |
Cloud Memorystore Memcached Editor 角色 (roles/memcache.editor) 将新增以下权限:
memcache.instances.applySoftwareUpdate
memcache.instances.create
memcache.instances.delete
memcache.instances.rescheduleMaintenance
memcache.instances.upgrade
|
| Memorystore for Memcached |
Cloud Memorystore Memcached Viewer 角色 (roles/memcache.viewer) 将新增以下权限:
memcache.instances.listEffectiveTags
memcache.instances.listTagBindings
|
| Dataproc Metastore |
以下权限将添加到 Dataproc Metastore Admin 角色 (roles/metastore.admin):
metastore.databases.create
metastore.databases.delete
metastore.databases.get
metastore.databases.getIamPolicy
metastore.databases.list
metastore.databases.setIamPolicy
metastore.databases.update
metastore.services.mutateMetadata
metastore.services.queryMetadata
metastore.services.use
metastore.tables.create
metastore.tables.delete
metastore.tables.get
metastore.tables.getIamPolicy
metastore.tables.list
metastore.tables.setIamPolicy
metastore.tables.update
|
| Dataproc Metastore |
以下权限将添加到 Dataproc Metastore 编辑者角色 (roles/metastore.editor):
metastore.backups.getIamPolicy
metastore.databases.create
metastore.databases.delete
metastore.databases.get
metastore.databases.getIamPolicy
metastore.databases.list
metastore.databases.update
metastore.federations.getIamPolicy
metastore.federations.use
metastore.services.use
metastore.tables.create
metastore.tables.delete
metastore.tables.get
metastore.tables.getIamPolicy
metastore.tables.list
metastore.tables.update
|
| AI Platform |
AI Platform Viewer 角色 (roles/ml.viewer) 将新增以下权限:
ml.jobs.getIamPolicy
ml.models.getIamPolicy
ml.models.predict
ml.versions.predict
|
| Model Armor |
以下权限将添加到 Model Armor Admin 角色 (roles/modelarmor.admin):
modelarmor.callouts.invoke
modelarmor.floorSettings.get
modelarmor.floorSettings.update
|
| Model Armor |
以下权限将添加到 Model Armor Viewer 角色 (roles/modelarmor.viewer):
modelarmor.floorSettings.get
|
| Oracle Database@Google Cloud |
以下权限将添加到 Oracle Database@Google Cloud viewer 角色 (roles/oracledatabase.viewer):
oracledatabase.dbSystemInitialStorageSizes.list
oracledatabase.dbVersions.list
oracledatabase.systemVersions.list
|
| Pub/Sub |
以下权限将添加到 Pub/Sub Editor 角色 (roles/pubsub.editor):
pubsub.schemas.getIamPolicy
|
| Pub/Sub |
Pub/Sub Viewer 角色 (roles/pubsub.viewer) 将新增以下权限:
pubsub.schemas.attach
pubsub.schemas.getIamPolicy
pubsub.snapshots.seek
|
| Pub/Sub Lite |
以下权限将添加到 Pub/Sub Lite Viewer 角色 (roles/pubsublite.viewer):
pubsublite.locations.openKafkaStream
pubsublite.subscriptions.subscribe
pubsublite.topics.computeHeadCursor
pubsublite.topics.computeMessageStats
pubsublite.topics.computeTimeCursor
pubsublite.topics.subscribe
|
| reCAPTCHA |
以下权限将添加到 reCAPTCHA Enterprise Admin 角色 (roles/recaptchaenterprise.admin):
recaptchaenterprise.assessments.annotate
recaptchaenterprise.assessments.create
recaptchaenterprise.relatedaccountgroupmemberships.list
recaptchaenterprise.relatedaccountgroups.list
|
| reCAPTCHA |
以下权限将添加到 reCAPTCHA Enterprise Viewer 角色 (roles/recaptchaenterprise.viewer):
recaptchaenterprise.relatedaccountgroupmemberships.list
recaptchaenterprise.relatedaccountgroups.list
|
| Recommender |
以下权限将添加到 Recommender Viewer 角色 (roles/recommender.viewer):
recommender.costRecommendations.listAll
recommender.costRecommendations.summarizeAll
|
| Memorystore for Redis |
Cloud Memorystore Redis Editor 角色 (roles/redis.editor) 将新增以下权限:
redis.backupCollections.create
redis.backupCollections.delete
redis.backups.create
redis.backups.delete
redis.backups.export
redis.clusters.connect
redis.clusters.create
redis.clusters.delete
redis.clusters.rescheduleMaintenance
redis.instances.create
redis.instances.delete
redis.instances.export
redis.instances.getAuthString
redis.instances.import
redis.instances.listEffectiveTags
redis.instances.listTagBindings
redis.instances.rescheduleMaintenance
redis.instances.updateAuth
redis.instances.upgrade
|
| Memorystore for Redis |
以下权限将添加到 Cloud Memorystore Redis Viewer 角色 (roles/redis.viewer):
redis.backups.export
|
| Retail API |
零售编辑者角色 (roles/retail.editor) 将新增以下权限:
retail.attributesConfigs.batchRemoveCatalogAttributes
retail.attributesConfigs.removeCatalogAttribute
retail.products.purge
retail.products.setSponsorship
retail.userEvents.purge
retail.userEvents.rejoin
|
| Retail API |
以下权限将添加到 Retail Viewer 角色 (roles/retail.viewer):
retail.merchantControls.creatorGet
retail.merchantControls.creatorList
retail.models.pause
retail.models.resume
retail.models.tune
|
| Route Optimization |
以下权限将添加到 Route Optimization Viewer 角色 (roles/routeoptimization.viewer):
routeoptimization.locations.use
|
| Security Center Management API |
以下权限将添加到 Security Center Management Viewer 角色 (roles/securitycentermanagement.viewer):
securitycentermanagement.securityCommandCenter.checkEligibility
|
| Security Posture API |
以下权限将添加到“安全状况查看者”角色 (roles/securityposture.viewer):
securityposture.locations.get
securityposture.locations.list
securityposture.operations.list
securityposture.reports.get
securityposture.reports.list
|
| Spanner |
以下权限将添加到 Cloud Spanner Viewer 角色 (roles/spanner.viewer):
spanner.backupOperations.get
spanner.backupOperations.list
spanner.backupSchedules.get
spanner.backupSchedules.getIamPolicy
spanner.backupSchedules.list
spanner.backups.get
spanner.backups.getIamPolicy
spanner.backups.list
spanner.databaseOperations.get
spanner.databaseOperations.list
spanner.databaseRoles.list
spanner.databases.beginReadOnlyTransaction
spanner.databases.getDdl
spanner.databases.getIamPolicy
spanner.databases.partitionQuery
spanner.databases.partitionRead
spanner.databases.read
spanner.databases.select
spanner.databases.useDataBoost
spanner.instanceConfigOperations.get
spanner.instanceConfigOperations.list
spanner.instanceOperations.get
spanner.instanceOperations.list
spanner.instancePartitionOperations.get
spanner.instancePartitionOperations.list
spanner.instances.getIamPolicy
spanner.sessions.create
spanner.sessions.delete
spanner.sessions.get
spanner.sessions.list
|
| Speaker ID |
以下权限将添加到 Speaker ID 编辑者角色 (roles/speakerid.editor):
speakerid.settings.get
|
| Speaker ID |
以下权限将添加到 Speaker ID Viewer 角色 (roles/speakerid.viewer):
speakerid.settings.get
|
| Speech-to-Text |
Cloud Speech Editor 角色 (roles/speech.editor) 将新增以下权限:
speech.config.get
|
| Cloud Storage |
Storage Admin 角色 (roles/storage.admin) 将新增以下权限:
storage.hmacKeys.create
storage.hmacKeys.delete
storage.hmacKeys.get
storage.hmacKeys.list
storage.hmacKeys.update
|
| 视觉检测 AI |
以下权限将添加到 Visual Inspection AI Solution Editor 角色 (roles/visualinspection.editor):
visualinspection.locations.reportUsageMetrics
|
| 无服务器 VPC 访问通道 |
以下权限将添加到 Serverless VPC Access Viewer 角色 (roles/vpcaccess.viewer):
vpcaccess.connectors.use
|
