角色和權限
透過集合功能整理內容
你可以依據偏好儲存及分類內容。
本頁說明存取 Cloud Network Insights 時所需的 Identity and Access Management (IAM) 角色和權限。如要進一步瞭解 IAM,請參閱「身分與存取權管理說明文件」。
您可以授予使用者或服務帳戶權限或預先定義的角色,也可以建立自訂角色,並使用您指定的權限。
您可能需要在 Google Cloud CLI 中執行 add-iam-policy 指令,將 Cloud Network Insights 角色授予使用者。
系統會在 AppNeta 中複製 Google Cloud 授予使用者的角色。如果您可以在 Google Cloud 控制台中編輯 Cloud Network Insights 資源,就能在 AppNeta 中編輯這些資源。
角色
本節說明授予 Cloud Network Insights 權限時,如何使用預先定義和自訂角色。
Cloud Network Insights 的預先定義角色
Cloud Network Insights 提供下列預先定義的角色,可讓您修改所有 Cloud Network Insights 資源,或查看資源:
- Cloud Network Insights 編輯者 (
roles/networkmanagement.cloudNetworkInsightsEditor)
- Cloud Network Insights 檢視者 (
roles/networkmanagement.cloudNetworkInsightsViewer)
如要授予使用者權限,讓他們在已啟用 Cloud Network Insights 的專案中查看這項服務,可以授予使用者下列其中一個預先定義的角色:
- Cloud Network Management 檢視者 (
roles/networkmanagement.Viewer)
- Cloud Network Insights 檢視者 (
roles/networkmanagement.cloudNetworkInsightsViewer)
如要進一步瞭解如何授予角色,請參閱「管理專案、資料夾和機構的存取權」。
Cloud Network Insights 角色
下表說明 Cloud Network Insights 的 IAM 預先定義角色和相關聯的權限。
詳情請參閱「IAM 權限參考資料」。
| 角色 |
權限 |
Cloud Network Insights 編輯者
(
roles/networkmanagement.cloudNetworkInsightsEditor
)
具備 Cloud Network Insights 資源的完整存取權。
可授予此角色的最低層級資源:
|
- networkmanagement.providers.get
- networkmanagement.providers.list
- networkmanagement.providers.generateProviderAccessToken
- networkmanagement.providers.create
- networkmanagement.providers.delete
- networkmanagement.providers.downloadConfig
- networkmanagement.monitoringPoints.get
- networkmanagement.monitoringPoints.list
- networkmanagement.networkPaths.get
- networkmanagement.networkPaths.list
- networkmanagement.webPaths.get
- networkmanagement.webPaths.list
- productrequirementsservice.requirements.record
- productrequirementsservice.requirements.check
|
Cloud Network Insights 檢視者
(roles/networkmanagement.cloudNetworkInsightsViewer)
具備 Cloud Network Insights 資源的唯讀存取權。
可授予這個角色的最低層級資源:
|
- networkmanagement.providers.get
- networkmanagement.providers.list
- networkmanagement.providers.generateProviderAccessToken
- networkmanagement.monitoringPoints.get
- networkmanagement.monitoringPoints.list
- networkmanagement.networkPaths.get
- networkmanagement.networkPaths.list
- networkmanagement.webPaths.get
- networkmanagement.webPaths.list
- productrequirementsservice.requirements.check
|
快訊和記錄檔角色
下表說明 IAM 預先定義的角色,以及與這些角色相關聯的權限,可根據 Cloud Network Insights 資料查看或管理快訊和記錄。使用者也需要 Cloud Network Insights 檢視者或編輯者角色。
| 角色 |
權限
|
記錄檢視器
(roles/logging.viewer)
提供查看記錄的權限。
可授予這個角色的最低層級資源:
|
- logging.buckets.get
- logging.buckets.list
- logging.exclusions.get
- logging.exclusions.list
- logging.links.get
- logging.links.list
- logging.locations.*
- logging.logEntries.list
- logging.logMetrics.get
- logging.logMetrics.list
- logging.logScopes.get
- logging.logScopes.list
- logging.logServiceIndexes.list
- logging.logServices.list
- logging.logs.list
- logging.operations.get
- logging.operations.list
- logging.queries.getShared
- logging.queries.listShared
- logging.queries.usePrivate
- logging.sinks.get
- logging.sinks.list
- logging.usage.get
- logging.views.get
- logging.views.list
- observability.scopes.get
- resourcemanager.projects.get
|
記錄設定寫入者
(roles/logging.configWriter)
建立快訊政策。
可授予這個角色的最低層級資源:
|
- logging.buckets.create
- logging.buckets.createTagBinding
- logging.buckets.delete
- logging.buckets.deleteTagBinding
- logging.buckets.get
- logging.buckets.list
- logging.buckets.listEffectiveTags
- logging.buckets.listTagBindings
- logging.buckets.undelete
- logging.buckets.update
- logging.exclusions.*
- logging.links.*
- logging.locations.*
- logging.logMetrics.*
- logging.logScopes.*
- logging.logServiceIndexes.list
- logging.logServices.list
- logging.logs.list
- logging.notificationRules.*
- logging.operations.*
- logging.settings.*
- logging.sinks.*
- logging.sqlAlerts.*
- logging.views.create
- logging.views.delete
- logging.views.get
- logging.views.getIamPolicy
- logging.views.list
- logging.views.update
- observability.scopes.get
- resourcemanager.projects.get
- resourcemanager.projects.list
|
Monitoring NotificationChannel 編輯者 Beta 版
(roles/monitoring.notificationChannelEditor)
建立與通知相關聯的快訊政策。 |
- monitoring.notificationChannelDescriptors.*
- monitoring.notificationChannels.create
- monitoring.notificationChannels.delete
- monitoring.notificationChannels.get
- monitoring.notificationChannels.list
- monitoring.notificationChannels.sendVerificationCode
- monitoring.notificationChannels.update
- monitoring.notificationChannels.verify
|
Monitoring AlertPolicy 檢視者
(roles/monitoring.alertPolicyViewer)
查看快訊政策。 |
- monitoring.alertPolicies.get
- monitoring.alertPolicies.list
- monitoring.alertPolicies.listEffectiveTags
- monitoring.alertPolicies.listTagBindings
|
Monitoring AlertPolicy 編輯者
(roles/monitoring.alertPolicyEditor)
編輯快訊政策。 |
- monitoring.alertPolicies.*
|
除非另有註明,否則本頁面中的內容是採用創用 CC 姓名標示 4.0 授權,程式碼範例則為阿帕契 2.0 授權。詳情請參閱《Google Developers 網站政策》。Java 是 Oracle 和/或其關聯企業的註冊商標。
上次更新時間:2026-03-15 (世界標準時間)。
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2026-03-15 (世界標準時間)。"],[],[]]
