Google uses AI technology to translate content into your preferred language. AI translations can contain errors.

制品安全防护角色和权限

制品安全防护使用 Identity and Access Management (IAM) 角色和权限来管理对资源的访问权限。您可以向用户、群组或服务账号授予 IAM 角色。如需了解如何授予角色，请参阅管理对项目、文件夹和组织的访问权限。

制品安全防护角色

制品安全防护提供以下 IAM 角色。

角色	权限
Artifact Scan Guard Admin (`roles/artifactscanguard.admin`) 拥有对制品安全防护资源的完整访问权限。创建政策、评估和直观呈现政策效果。	artifactscanguard.artifactEvaluations.create artifactscanguard.artifactEvaluations.get artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.connectors.create artifactscanguard.connectors.delete artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.connectors.update artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.delete artifactscanguard.operations.get artifactscanguard.operations.list artifactscanguard.policies.create artifactscanguard.policies.delete artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.policies.update artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext
Artifact Scan Guard Evaluation Admin (`roles/artifactscanguard.policyEvaluator`) 拥有对制品评估资源的完整访问权限。	artifactscanguard.artifactEvaluations.create artifactscanguard.artifactEvaluations.get artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext
Artifact Scan Guard Connector Admin (`roles/artifactscanguard.connectorAdmin`) 拥有对连接器资源的完整访问权限。	artifactscanguard.connectors.create artifactscanguard.connectors.delete artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.connectors.update artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Policy Admin (`roles/artifactscanguard.policyAdmin`) 拥有对政策资源的完整访问权限。创建政策和直观呈现政策效果。	artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.create artifactscanguard.policies.delete artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.policies.update resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Policy Evaluation Admin (`roles/artifactscanguard.policyEvaluationAdmin`) 拥有对政策评估资源的完整访问权限。	artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete {10ers.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext
Artifact Scan Guard Report Admin (`roles/artifactscanguard.reportAdmin`) 拥有对报告资源的完整访问权限。	artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Viewer (`roles/artifactscanguard.viewer`) 拥有对制品安全防护资源的只读权限。	artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Connector Viewer (`roles/artifactscanguard.connectorViewer`) 拥有对连接器资源的只读权限。	artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Policy Viewer (`roles/artifactscanguard.policyViewer`) 拥有对政策资源的只读权限。	artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.get artifactscanguard.policies.list resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Policy Evaluation Viewer (`roles/artifactscanguard.policyEvaluationViewer`) 拥有对政策评估资源的只读权限。	artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get
Artifact Scan Guard Report Viewer (`roles/artifactscanguard.reportViewer`) 拥有对报告资源的只读权限。	artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get

如未另行说明，那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可，并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情，请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。

最后更新时间 (UTC)：2026-05-22。