Halaman ini diterjemahkan oleh Cloud Translation API.

Mengonfigurasi IAM untuk Solusi Bare Metal

Jika Anda ingin akun utama, seperti Google Cloud pengguna project atau akun layanan, mendapatkan akses ke resource di lingkungan Solusi Bare Metal, Anda harus memberinya peran dan izin yang sesuai. Untuk memberikan akses, Anda dapat membuat kebijakan Identity and Access Management (IAM) dan memberikan peran bawaan khusus untuk Solusi Bare Metal.

Berikan peran dengan izin yang cukup agar akun utama Anda dapat melakukan tugasnya, tetapi tidak lebih, sehingga Anda dapat mengikuti Google Cloud prinsip keamanan dengan hak istimewa terendah.

Peran standar untuk Solusi Bare Metal

Setiap peran IAM untuk Solusi Bare Metal berisi izin yang memberikan akses akun utama ke resource tertentu seperti yang ditunjukkan dalam tabel berikut.

Role Permissions

Role	Permissions
Bare Metal Solution Admin (`roles/baremetalsolution.admin`) Administrator of Bare Metal Solution resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.` `baremetalsolution.instances.attachNetwork` `baremetalsolution.instances.attachVolume` `baremetalsolution.instances.create` `baremetalsolution.instances.detachLun` `baremetalsolution.instances.detachNetwork` `baremetalsolution.instances.detachVolume` `baremetalsolution.instances.disableInteractiveSerialConsole` `baremetalsolution.instances.enableInteractiveSerialConsole` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.instances.rename` `baremetalsolution.instances.reset` `baremetalsolution.instances.start` `baremetalsolution.instances.stop` `baremetalsolution.instances.update` `baremetalsolution.luns.` `baremetalsolution.luns.create` `baremetalsolution.luns.delete` `baremetalsolution.luns.evict` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.luns.update` `baremetalsolution.maintenanceevents.` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list` `baremetalsolution.networkquotas.list` `baremetalsolution.networks.` `baremetalsolution.networks.create` `baremetalsolution.networks.delete` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.networks.rename` `baremetalsolution.networks.update` `baremetalsolution.nfsshares.` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list` `baremetalsolution.snapshotschedulepolicies.` `baremetalsolution.snapshotschedulepolicies.create` `baremetalsolution.snapshotschedulepolicies.delete` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.snapshotschedulepolicies.update` `baremetalsolution.sshKeys.` `baremetalsolution.sshKeys.create` `baremetalsolution.sshKeys.delete` `baremetalsolution.sshKeys.list` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Editor (`roles/baremetalsolution.editor`) Editor of Bare Metal Solution resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.` `baremetalsolution.instances.attachNetwork` `baremetalsolution.instances.attachVolume` `baremetalsolution.instances.create` `baremetalsolution.instances.detachLun` `baremetalsolution.instances.detachNetwork` `baremetalsolution.instances.detachVolume` `baremetalsolution.instances.disableInteractiveSerialConsole` `baremetalsolution.instances.enableInteractiveSerialConsole` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.instances.rename` `baremetalsolution.instances.reset` `baremetalsolution.instances.start` `baremetalsolution.instances.stop` `baremetalsolution.instances.update` `baremetalsolution.luns.` `baremetalsolution.luns.create` `baremetalsolution.luns.delete` `baremetalsolution.luns.evict` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.luns.update` `baremetalsolution.maintenanceevents.` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list` `baremetalsolution.networkquotas.list` `baremetalsolution.networks.` `baremetalsolution.networks.create` `baremetalsolution.networks.delete` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.networks.rename` `baremetalsolution.networks.update` `baremetalsolution.nfsshares.` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list` `baremetalsolution.snapshotschedulepolicies.` `baremetalsolution.snapshotschedulepolicies.create` `baremetalsolution.snapshotschedulepolicies.delete` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.snapshotschedulepolicies.update` `baremetalsolution.sshKeys.` `baremetalsolution.sshKeys.create` `baremetalsolution.sshKeys.delete` `baremetalsolution.sshKeys.list` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Instances Admin (`roles/baremetalsolution.instancesadmin`) Admin of Bare Metal Solution Instance resources	`baremetalsolution.instances.*` `baremetalsolution.instances.attachNetwork` `baremetalsolution.instances.attachVolume` `baremetalsolution.instances.create` `baremetalsolution.instances.detachLun` `baremetalsolution.instances.detachNetwork` `baremetalsolution.instances.detachVolume` `baremetalsolution.instances.disableInteractiveSerialConsole` `baremetalsolution.instances.enableInteractiveSerialConsole` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.instances.rename` `baremetalsolution.instances.reset` `baremetalsolution.instances.start` `baremetalsolution.instances.stop` `baremetalsolution.instances.update` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Instances Viewer (`roles/baremetalsolution.instancesviewer`) Viewer of Bare Metal Solution Instance resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.operations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Luns Admin (`roles/baremetalsolution.lunsadmin`) Administrator of Bare Metal Solution Lun resources	`baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.operations.get`
Luns Viewer (`roles/baremetalsolution.lunsviewer`) Viewer of Bare Metal Solution Lun resources	`baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.operations.get`
Maintenance Events Admin (`roles/baremetalsolution.maintenanceeventsadmin`) Administrator of Bare Metal Solution maintenance events resources	`baremetalsolution.maintenanceevents.*` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list`
Maintenance Events Editor (`roles/baremetalsolution.maintenanceeventseditor`) Editor of Bare Metal Solution maintenance events resources	`baremetalsolution.maintenanceevents.*` `baremetalsolution.maintenanceevents.addProposal` `baremetalsolution.maintenanceevents.approve` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list`
Maintenance Events Viewer (`roles/baremetalsolution.maintenanceeventsviewer`) Viewer of Bare Metal Solution maintenance events resources	`baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list`
Networks Admin (`roles/baremetalsolution.networksadmin`) Admin of Bare Metal Solution networks resources	`baremetalsolution.networkquotas.list` `baremetalsolution.networks.*` `baremetalsolution.networks.create` `baremetalsolution.networks.delete` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.networks.rename` `baremetalsolution.networks.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list`
NFS Shares Admin (`roles/baremetalsolution.nfssharesadmin`) Administrator of Bare Metal Solution NFS Share resources	`baremetalsolution.nfsshares.*` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list`
NFS Shares Editor (`roles/baremetalsolution.nfsshareseditor`) Editor of Bare Metal Solution NFS Share resources	`baremetalsolution.nfsshares.*` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list`
NFS Shares Viewer (`roles/baremetalsolution.nfssharesviewer`) Viewer of Bare Metal Solution NFS Share resources	`baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.operations.get`
OS Images Viewer (`roles/baremetalsolution.osimagesviewer`) Viewer of Bare Metal Solution OS images resources	`baremetalsolution.osimages.list`
Bare Metal Solution Procurements Admin (`roles/baremetalsolution.procurementsadmin`) Administrator of Bare Metal Solution Procurements	`baremetalsolution.pods.list` `baremetalsolution.procurements.*` `baremetalsolution.procurements.create` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list`
Bare Metal Solution Procurements Editor (`roles/baremetalsolution.procurementseditor`) Editor of Bare Metal Solution Procurements	`baremetalsolution.pods.list` `baremetalsolution.procurements.*` `baremetalsolution.procurements.create` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list`
Bare Metal Solution Procurements Viewer (`roles/baremetalsolution.procurementsviewer`) Viewer of Bare Metal Solution Procurements	`baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list`
Bare Metal Solution Service Agent (`roles/baremetalsolution.serviceAgent`) Gives permission to manage network resources such as interconnect pairing keys, required for Bare Metal Solution. Warning: Do not grant service agent roles to any principals except service agents.	`compute.interconnectAttachments.get` `compute.interconnectAttachments.list` `compute.interconnects.get` `compute.interconnects.list` `compute.networks.get` `compute.networks.list` `compute.projects.get` `resourcemanager.projects.get`
Bare Metal Solution Storage Admin (`roles/baremetalsolution.storageadmin`) Administrator of Bare Metal Solution storage resources	`baremetalsolution.luns.` `baremetalsolution.luns.create` `baremetalsolution.luns.delete` `baremetalsolution.luns.evict` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.luns.update` `baremetalsolution.nfsshares.` `baremetalsolution.nfsshares.create` `baremetalsolution.nfsshares.delete` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.nfsshares.rename` `baremetalsolution.nfsshares.update` `baremetalsolution.operations.get` `baremetalsolution.pods.list` `baremetalsolution.snapshotschedulepolicies.` `baremetalsolution.snapshotschedulepolicies.create` `baremetalsolution.snapshotschedulepolicies.delete` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.snapshotschedulepolicies.update` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore` `resourcemanager.projects.get` `resourcemanager.projects.list`
Bare Metal Solution Viewer (`roles/baremetalsolution.viewer`) Viewer of Bare Metal Solution resources	`baremetalsolution.instancequotas.list` `baremetalsolution.instances.get` `baremetalsolution.instances.list` `baremetalsolution.luns.get` `baremetalsolution.luns.list` `baremetalsolution.maintenanceevents.get` `baremetalsolution.maintenanceevents.list` `baremetalsolution.networkquotas.list` `baremetalsolution.networks.get` `baremetalsolution.networks.list` `baremetalsolution.nfsshares.get` `baremetalsolution.nfsshares.list` `baremetalsolution.operations.get` `baremetalsolution.osimages.list` `baremetalsolution.pods.list` `baremetalsolution.procurements.get` `baremetalsolution.procurements.list` `baremetalsolution.skus.list` `baremetalsolution.snapshotschedulepolicies.get` `baremetalsolution.snapshotschedulepolicies.list` `baremetalsolution.sshKeys.list` `baremetalsolution.storageaggregatepools.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Volume Admin (`roles/baremetalsolution.volumesadmin`) Administrator of Bare Metal Solution volume resources	`baremetalsolution.operations.get` `baremetalsolution.pods.list` `baremetalsolution.volumes.*` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.evict` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update`
Volumes Editor (`roles/baremetalsolution.volumeseditor`) Editor of Bare Metal Solution volumes resources	`baremetalsolution.operations.get` `baremetalsolution.pods.list` `baremetalsolution.volumequotas.list` `baremetalsolution.volumes.create` `baremetalsolution.volumes.delete` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list` `baremetalsolution.volumes.rename` `baremetalsolution.volumes.resize` `baremetalsolution.volumes.update`
Snapshots Admin (`roles/baremetalsolution.volumesnapshotsadmin`) Administrator of Bare Metal Solution snapshots resources	`baremetalsolution.operations.get` `baremetalsolution.volumesnapshots.*` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list` `baremetalsolution.volumesnapshots.restore`
Snapshots Editor (`roles/baremetalsolution.volumesnapshotseditor`) Editor of Bare Metal Solution snapshots resources	`baremetalsolution.operations.get` `baremetalsolution.volumesnapshots.create` `baremetalsolution.volumesnapshots.delete` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list`
Snapshots Viewer (`roles/baremetalsolution.volumesnapshotsviewer`) Viewer of Bare Metal Solution snapshots resources	`baremetalsolution.operations.get` `baremetalsolution.volumesnapshots.get` `baremetalsolution.volumesnapshots.list`
Volumes Viewer (`roles/baremetalsolution.volumessviewer`) Viewer of Bare Metal Solution volumes resources	`baremetalsolution.operations.get` `baremetalsolution.volumes.get` `baremetalsolution.volumes.list`

Bare Metal Solution Admin

(roles/baremetalsolution.admin)

Administrator of Bare Metal Solution resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.*

baremetalsolution.instances.attachNetwork
baremetalsolution.instances.attachVolume
baremetalsolution.instances.create
baremetalsolution.instances.detachLun
baremetalsolution.instances.detachNetwork
baremetalsolution.instances.detachVolume
baremetalsolution.instances.disableInteractiveSerialConsole
baremetalsolution.instances.enableInteractiveSerialConsole
baremetalsolution.instances.get
baremetalsolution.instances.list
baremetalsolution.instances.rename
baremetalsolution.instances.reset
baremetalsolution.instances.start
baremetalsolution.instances.stop
baremetalsolution.instances.update

baremetalsolution.luns.*

baremetalsolution.luns.create
baremetalsolution.luns.delete
baremetalsolution.luns.evict
baremetalsolution.luns.get
baremetalsolution.luns.list
baremetalsolution.luns.update

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

baremetalsolution.networkquotas.list

baremetalsolution.networks.*

baremetalsolution.networks.create
baremetalsolution.networks.delete
baremetalsolution.networks.get
baremetalsolution.networks.list
baremetalsolution.networks.rename
baremetalsolution.networks.update

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

baremetalsolution.snapshotschedulepolicies.*

baremetalsolution.snapshotschedulepolicies.create
baremetalsolution.snapshotschedulepolicies.delete
baremetalsolution.snapshotschedulepolicies.get
baremetalsolution.snapshotschedulepolicies.list
baremetalsolution.snapshotschedulepolicies.update

baremetalsolution.sshKeys.*

baremetalsolution.sshKeys.create
baremetalsolution.sshKeys.delete
baremetalsolution.sshKeys.list

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Editor

(roles/baremetalsolution.editor)

Editor of Bare Metal Solution resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.*

baremetalsolution.instances.attachNetwork
baremetalsolution.instances.attachVolume
baremetalsolution.instances.create
baremetalsolution.instances.detachLun
baremetalsolution.instances.detachNetwork
baremetalsolution.instances.detachVolume
baremetalsolution.instances.disableInteractiveSerialConsole
baremetalsolution.instances.enableInteractiveSerialConsole
baremetalsolution.instances.get
baremetalsolution.instances.list
baremetalsolution.instances.rename
baremetalsolution.instances.reset
baremetalsolution.instances.start
baremetalsolution.instances.stop
baremetalsolution.instances.update

baremetalsolution.luns.*

baremetalsolution.luns.create
baremetalsolution.luns.delete
baremetalsolution.luns.evict
baremetalsolution.luns.get
baremetalsolution.luns.list
baremetalsolution.luns.update

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

baremetalsolution.networkquotas.list

baremetalsolution.networks.*

baremetalsolution.networks.create
baremetalsolution.networks.delete
baremetalsolution.networks.get
baremetalsolution.networks.list
baremetalsolution.networks.rename
baremetalsolution.networks.update

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

baremetalsolution.snapshotschedulepolicies.*

baremetalsolution.snapshotschedulepolicies.create
baremetalsolution.snapshotschedulepolicies.delete
baremetalsolution.snapshotschedulepolicies.get
baremetalsolution.snapshotschedulepolicies.list
baremetalsolution.snapshotschedulepolicies.update

baremetalsolution.sshKeys.*

baremetalsolution.sshKeys.create
baremetalsolution.sshKeys.delete
baremetalsolution.sshKeys.list

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Instances Admin

(roles/baremetalsolution.instancesadmin)

Admin of Bare Metal Solution Instance resources

baremetalsolution.instances.*

baremetalsolution.instances.attachNetwork
baremetalsolution.instances.attachVolume
baremetalsolution.instances.create
baremetalsolution.instances.detachLun
baremetalsolution.instances.detachNetwork
baremetalsolution.instances.detachVolume
baremetalsolution.instances.disableInteractiveSerialConsole
baremetalsolution.instances.enableInteractiveSerialConsole
baremetalsolution.instances.get
baremetalsolution.instances.list
baremetalsolution.instances.rename
baremetalsolution.instances.reset
baremetalsolution.instances.start
baremetalsolution.instances.stop
baremetalsolution.instances.update

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Instances Viewer

(roles/baremetalsolution.instancesviewer)

Viewer of Bare Metal Solution Instance resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.get

baremetalsolution.instances.list

baremetalsolution.operations.get

resourcemanager.projects.get

resourcemanager.projects.list

Luns Admin

(roles/baremetalsolution.lunsadmin)

Administrator of Bare Metal Solution Lun resources

baremetalsolution.luns.get

baremetalsolution.luns.list

baremetalsolution.operations.get

Luns Viewer

(roles/baremetalsolution.lunsviewer)

Viewer of Bare Metal Solution Lun resources

baremetalsolution.luns.get

baremetalsolution.luns.list

baremetalsolution.operations.get

Maintenance Events Admin

(roles/baremetalsolution.maintenanceeventsadmin)

Administrator of Bare Metal Solution maintenance events resources

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

Maintenance Events Editor

(roles/baremetalsolution.maintenanceeventseditor)

Editor of Bare Metal Solution maintenance events resources

baremetalsolution.maintenanceevents.*

baremetalsolution.maintenanceevents.addProposal
baremetalsolution.maintenanceevents.approve
baremetalsolution.maintenanceevents.get
baremetalsolution.maintenanceevents.list

Maintenance Events Viewer

(roles/baremetalsolution.maintenanceeventsviewer)

Viewer of Bare Metal Solution maintenance events resources

baremetalsolution.maintenanceevents.get

baremetalsolution.maintenanceevents.list

Networks Admin

(roles/baremetalsolution.networksadmin)

Admin of Bare Metal Solution networks resources

baremetalsolution.networkquotas.list

baremetalsolution.networks.*

baremetalsolution.networks.create
baremetalsolution.networks.delete
baremetalsolution.networks.get
baremetalsolution.networks.list
baremetalsolution.networks.rename
baremetalsolution.networks.update

baremetalsolution.operations.get

baremetalsolution.pods.list

NFS Shares Admin

(roles/baremetalsolution.nfssharesadmin)

Administrator of Bare Metal Solution NFS Share resources

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.pods.list

NFS Shares Editor

(roles/baremetalsolution.nfsshareseditor)

Editor of Bare Metal Solution NFS Share resources

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.pods.list

NFS Shares Viewer

(roles/baremetalsolution.nfssharesviewer)

Viewer of Bare Metal Solution NFS Share resources

baremetalsolution.nfsshares.get

baremetalsolution.nfsshares.list

baremetalsolution.operations.get

OS Images Viewer

(roles/baremetalsolution.osimagesviewer)

Viewer of Bare Metal Solution OS images resources

baremetalsolution.osimages.list

Bare Metal Solution Procurements Admin

(roles/baremetalsolution.procurementsadmin)

Administrator of Bare Metal Solution Procurements

baremetalsolution.pods.list

baremetalsolution.procurements.*

baremetalsolution.procurements.create
baremetalsolution.procurements.get
baremetalsolution.procurements.list

baremetalsolution.skus.list

Bare Metal Solution Procurements Editor

(roles/baremetalsolution.procurementseditor)

Editor of Bare Metal Solution Procurements

baremetalsolution.pods.list

baremetalsolution.procurements.*

baremetalsolution.procurements.create
baremetalsolution.procurements.get
baremetalsolution.procurements.list

baremetalsolution.skus.list

Bare Metal Solution Procurements Viewer

(roles/baremetalsolution.procurementsviewer)

Viewer of Bare Metal Solution Procurements

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

Bare Metal Solution Service Agent

(roles/baremetalsolution.serviceAgent)

Gives permission to manage network resources such as interconnect pairing keys, required for Bare Metal Solution.

compute.interconnectAttachments.get

compute.interconnectAttachments.list

compute.interconnects.get

compute.interconnects.list

compute.networks.get

compute.networks.list

compute.projects.get

resourcemanager.projects.get

Bare Metal Solution Storage Admin

(roles/baremetalsolution.storageadmin)

Administrator of Bare Metal Solution storage resources

baremetalsolution.luns.*

baremetalsolution.luns.create
baremetalsolution.luns.delete
baremetalsolution.luns.evict
baremetalsolution.luns.get
baremetalsolution.luns.list
baremetalsolution.luns.update

baremetalsolution.nfsshares.*

baremetalsolution.nfsshares.create
baremetalsolution.nfsshares.delete
baremetalsolution.nfsshares.get
baremetalsolution.nfsshares.list
baremetalsolution.nfsshares.rename
baremetalsolution.nfsshares.update

baremetalsolution.operations.get

baremetalsolution.pods.list

baremetalsolution.snapshotschedulepolicies.*

baremetalsolution.snapshotschedulepolicies.create
baremetalsolution.snapshotschedulepolicies.delete
baremetalsolution.snapshotschedulepolicies.get
baremetalsolution.snapshotschedulepolicies.list
baremetalsolution.snapshotschedulepolicies.update

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

resourcemanager.projects.get

resourcemanager.projects.list

Bare Metal Solution Viewer

(roles/baremetalsolution.viewer)

Viewer of Bare Metal Solution resources

baremetalsolution.instancequotas.list

baremetalsolution.instances.get

baremetalsolution.instances.list

baremetalsolution.luns.get

baremetalsolution.luns.list

baremetalsolution.maintenanceevents.get

baremetalsolution.maintenanceevents.list

baremetalsolution.networkquotas.list

baremetalsolution.networks.get

baremetalsolution.networks.list

baremetalsolution.nfsshares.get

baremetalsolution.nfsshares.list

baremetalsolution.operations.get

baremetalsolution.osimages.list

baremetalsolution.pods.list

baremetalsolution.procurements.get

baremetalsolution.procurements.list

baremetalsolution.skus.list

baremetalsolution.snapshotschedulepolicies.get

baremetalsolution.snapshotschedulepolicies.list

baremetalsolution.sshKeys.list

baremetalsolution.storageaggregatepools.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.get

baremetalsolution.volumes.list

baremetalsolution.volumesnapshots.get

baremetalsolution.volumesnapshots.list

resourcemanager.projects.get

resourcemanager.projects.list

Volume Admin

(roles/baremetalsolution.volumesadmin)

Administrator of Bare Metal Solution volume resources

baremetalsolution.operations.get

baremetalsolution.pods.list

baremetalsolution.volumes.*

baremetalsolution.volumes.create
baremetalsolution.volumes.delete
baremetalsolution.volumes.evict
baremetalsolution.volumes.get
baremetalsolution.volumes.list
baremetalsolution.volumes.rename
baremetalsolution.volumes.resize
baremetalsolution.volumes.update

Volumes Editor

(roles/baremetalsolution.volumeseditor)

Editor of Bare Metal Solution volumes resources

baremetalsolution.operations.get

baremetalsolution.pods.list

baremetalsolution.volumequotas.list

baremetalsolution.volumes.create

baremetalsolution.volumes.delete

baremetalsolution.volumes.get

baremetalsolution.volumes.list

baremetalsolution.volumes.rename

baremetalsolution.volumes.resize

baremetalsolution.volumes.update

Snapshots Admin

(roles/baremetalsolution.volumesnapshotsadmin)

Administrator of Bare Metal Solution snapshots resources

baremetalsolution.operations.get

baremetalsolution.volumesnapshots.*

baremetalsolution.volumesnapshots.create
baremetalsolution.volumesnapshots.delete
baremetalsolution.volumesnapshots.get
baremetalsolution.volumesnapshots.list
baremetalsolution.volumesnapshots.restore

Snapshots Editor

(roles/baremetalsolution.volumesnapshotseditor)

Editor of Bare Metal Solution snapshots resources

baremetalsolution.operations.get

baremetalsolution.volumesnapshots.create

baremetalsolution.volumesnapshots.delete

baremetalsolution.volumesnapshots.get

baremetalsolution.volumesnapshots.list

Snapshots Viewer

(roles/baremetalsolution.volumesnapshotsviewer)

Viewer of Bare Metal Solution snapshots resources

baremetalsolution.operations.get

baremetalsolution.volumesnapshots.get

baremetalsolution.volumesnapshots.list

Volumes Viewer

(roles/baremetalsolution.volumessviewer)

Viewer of Bare Metal Solution volumes resources

baremetalsolution.operations.get

baremetalsolution.volumes.get

baremetalsolution.volumes.list

Sebaiknya terapkan peran sebagai berikut:

Mengisi formulir informasi
- Peran Solusi Bare Metal: Admin, Editor, atau Admin Instance DAN Compute Network Viewer
- Peran dasar: Pemilik atau Editor
Memulai ulang server Solusi Bare Metal
- Peran Solusi Bare Metal: Admin atau Editor
- Peran dasar: Pemilik atau Editor
Mencantumkan server atau meminta status
- Peran Solusi Bare Metal: Pelihat atau Pelihat Instance
- Peran dasar: Pelihat
Mengelola komponen penyimpanan
- Peran Solusi Bare Metal: Admin, Editor, atau Storage Admin
- Peran dasar: Pemilik atau Editor
Mengelola komponen jaringan
- Peran Solusi Bare Metal: Admin, Editor, atau Admin Jaringan
- Peran dasar: Pemilik atau Editor

Untuk mengetahui daftar lengkap peran Solusi Bare Metal, lihat Peran bawaan dan masukkan baremetalsolution. di kotak penelusuran.

Untuk mengetahui daftar lengkap izin Solusi Bare Metal, lihat Menelusuri izin dan masukkan baremetalsolution. di kotak penelusuran.

Memberikan peran IAM

Tambahkan kebijakan IAM untuk memberikan peran Solusi Bare Metal kepada akun utama. Peran ini berisi izin yang memungkinkan akun utama melakukan tindakan tertentu. Untuk memberikan peran:

Konsol

Pastikan Anda memiliki peran yang berisi izin IAM yang sesuai untuk memberikan peran kepada orang lain, seperti Pemilik, Project IAM Admin, atau Security Admin. Untuk mengetahui informasi selengkapnya tentang persyaratan ini, lihat Peran yang Diperlukan.
Di konsol Google Cloud , buka halaman izin IAM.

Buka IAM
Klik Grant access.
Masukkan informasi sebagai berikut:
- Untuk Tambahkan akun utama, masukkan pengguna Anda. Anda dapat menambahkan pengguna perorangan, grup Google, akun layanan, atau domain Google Workspace.
- Untuk Tetapkan peran, pilih peran dari menu Pilih peran untuk memberikan peran ini kepada akun utama.
- Klik Tambahkan peran lain jika Anda perlu menetapkan beberapa peran ke akun utama.
- Klik Simpan.
Akun utama Anda dan peran yang ditetapkan akan muncul di halaman status izin IAM.

gcloud

Pastikan Anda memiliki peran yang berisi izin IAM yang sesuai untuk memberikan peran kepada orang lain, seperti Pemilik, Project IAM Admin, atau Security Admin. Untuk mengetahui informasi selengkapnya tentang persyaratan ini, lihat Peran yang Diperlukan.
Buka jendela Cloud Shell di Google Cloud project Anda.
Tambahkan Google Cloud project ID, alamat email untuk akun akun utama Google Cloud , dan jalur peran Solusi Bare Metal yang diinginkan ke dalam perintah berikut:
```
gcloud projects add-iam-policy-binding PROJECT_ID \
 --member=user:username@example.com \
 --role=roles/baremetalsolution.admin
 
```
Salin perintah dan tempel ke jendela Cloud Shell Anda.
Tekan tombol Enter atau Return.
Dalam beberapa kasus, jendela Authorize Cloud Shell akan terbuka, meminta Anda untuk mengizinkan panggilan API. Jika Anda melihatnya, klik Authorize.

Setelah Anda berhasil memasukkan perintah, output-nya akan terlihat seperti ini:

Updated IAM policy for project [PROJECT_ID].
  bindings:
  - members:
   - user:username@example.com
   role: roles/baremetalsolution.admin
  - members:
   - serviceAccount:service-PROJECT_NUMBER@compute-system.iam.gserviceaccount.com
   role: roles/compute.serviceAgent
  - members:
   - serviceAccount:PROJECT_NUMBER-compute@developer.gserviceaccount.com
   - serviceAccount:PROJECT_NUMBER@cloudservices.gserviceaccount.com
   role: roles/editor
  - members:
   - user:username@example.com
   role: roles/owner
  etag: ETAG_NUMBER
  version: 1

Untuk mempelajari IAM lebih lanjut, lihat Identity and Access Management.