如需获得在 GKE 舰队中完全访问 Unified Maintenance 所需的权限,请让管理员向您授予项目的以下 IAM 角色:
- Maintenance API Viewer (
roles/maintenance.viewer) - Monitoring AlertPolicy Editor (
roles/monitoring.alertPolicyEditor) - Logs Configuration Writer (
roles/logging.configWriter) - Monitoring NotificationChannel Viewer (
roles/monitoring.notificationChannelViewer) - Logs Viewer (
roles/logging.viewer) - Monitoring AlertPolicy Editor (
roles/monitoring.alertPolicyEditor) - Monitoring AlertPolicy Editor (
roles/monitoring.alertPolicyEditor)
如需详细了解如何授予角色,请参阅管理对项目、文件夹和组织的访问权限。
这些预定义角色包含完全访问 GKE 舰队中的 Unified Maintenance 所需的权限。如需查看所需的确切权限,请展开所需权限部分:
所需权限
如需在 GKE 舰队中完全访问 Unified Maintenance 功能,您需要具有以下权限:
-
如需查看资源上即将进行、正在进行和已完成的维护,请使用:
Maintenance API Viewer (
roles/maintenance.viewer) -
如需查看日志,请使用以下角色:
Logs Viewer (
roles/logging.viewer) -
如需查看提醒政策,请授予以下角色:
Monitoring AlertPolicy Viewer (
roles/monitoring.alertPolicyViewer) -
如需创建提醒政策,请执行以下操作:
-
Logs Configuration Writer (
roles/logging.configWriter) -
Monitoring AlertPolicy Editor (
roles/monitoring.alertPolicyEditor)
-
Logs Configuration Writer (
-
如需修改提醒政策,您需要具备以下权限:Monitoring AlertPolicy Editor (
roles/monitoring.alertPolicyEditor) -
如需创建包含通知的提醒政策,您需要具备以下角色:Monitoring NotificationChannel Viewer (
roles/monitoring.notificationChannelViewer) *