区块链节点本身会公开一个 API 端点。Google 并未定义此 API,但它是我们运行的第三方软件的一部分。您可以在 Ethereum 的 JSON-RPC 服务器中查看此示例。您需要 API 密钥才能访问此端点。API 密钥在 Google Cloud中进行管理,因此使用使用 IAM 进行访问权限控制中定义的权限。这些权限已添加到“管理员”角色中。
角色
本部分列出了 Blockchain Node Engine 服务提供的所有精选角色。
查看者
授予对所有 Blockchain Node Engine 资源的读取权限。适用于使用但不管理节点的工程师。API 密钥应由管理员提供。查看者无权直接查找 API 密钥。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-08-18。"],[[["\u003cp\u003eThis page outlines the permissions and roles necessary for interacting with Blockchain Node Engine.\u003c/p\u003e\n"],["\u003cp\u003eBlockchain nodes expose an API endpoint that requires API keys for access, managed through Google Cloud's IAM system.\u003c/p\u003e\n"],["\u003cp\u003eThe Viewer role provides read access to Blockchain Node Engine resources, without direct access to API keys.\u003c/p\u003e\n"],["\u003cp\u003eThe Admin role offers full access to all Blockchain Node Engine resources, including managing API keys and creating/deleting blockchain nodes.\u003c/p\u003e\n"],["\u003cp\u003eIAM is the access control system and various links are provided to learn more about it, including links for access with API keys, and service usage.\u003c/p\u003e\n"]]],[],null,["# Permissions and roles\n\nThis page describes the permissions and roles that are required to use and\nconfigure Blockchain Node Engine.\n\nThe blockchain nodes themselves expose an API endpoint. Google does not define\nthis API, but is part of the third party software we run. You can see an example\nof this at\n[Ethereum's JSON-RPC Server](https://geth.ethereum.org/docs/rpc/server). This\nendpoint requires an API\nkey to access. API keys are managed in Google Cloud, and as such use the\npermissions defined on [Access control with IAM](/api-keys/docs/access-control).\nThese permissions have been added to the admin role.\n\nRoles\n-----\n\nThis section lists all curated roles provided by Blockchain Node Engine service.\n\n\n### Viewer\n\nGrants read access to all Blockchain Node Engine resources. Intended for\nengineers who use but do not manage nodes. API keys are expected to be provided\nfrom an admin. The viewer does not have direct access to look up\nAPI keys.\n\n[Blockchain Node Engine actions](/blockchain-node-engine/docs/reference/rest):\n\n- `blockchainnodeengine.googleapis.com/blockchainNodes.get`\n- `blockchainnodeengine.googleapis.com/blockchainNodes.list`\n- `blockchainnodeengine.googleapis.com/locations.get`\n- `blockchainnodeengine.googleapis.com/locations.list`\n- `blockchainnodeengine.googleapis.com/operations.get`\n- `blockchainnodeengine.googleapis.com/operations.list`\n\n[Retrieve project information](/resource-manager/reference/rest):\n\n- `cloudresourcemanager.googleapis.com/projects.get`\n- `cloudresourcemanager.googleapis.com/projects.list`\n\n[Return APIs information](/service-usage/docs/reference/rest):\n\n- `serviceusage.googleapis.com/services.get`\n\n### Admin\n\nGrants full access to all Blockchain Node Engine resources. Intended for\nblockchain node administrators.\n\nAdministrators have all permissions available to\n`blockchainnodeengine.googleapis.com/viewer` plus:\n\n\u003cbr /\u003e\n\n[API keys management](/api-keys/docs/reference/rest):\n\n- `apikeys.googleapis.com/keys.update`\n- `apikeys.googleapis.com/keys.create`\n- `apikeys.googleapis.com/keys.delete`\n- `apikeys.googleapis.com/keys.get`\n- `apikeys.googleapis.com/keys.getKeyString`\n- `apikeys.googleapis.com/keys.list`\n- `apikeys.googleapis.com/keys.undelete`\n\n[Blockchain Node Engine actions](/blockchain-node-engine/docs/reference/rest):\n\n- `blockchainnodeengine.googleapis.com/blockchainNodes.create`\n- `blockchainnodeengine.googleapis.com/blockchainNodes.delete`\n- `blockchainnodeengine.googleapis.com/operations.cancel`\n- `blockchainnodeengine.googleapis.com/operations.delete`\n\n[Enable APIs](/service-usage/docs/reference/rest):\n\n- `serviceusage.googleapis.com/services.enable`\n\nSee also\n--------\n\n- [Access control with IAM - API keys](/api-keys/docs/access-control)\n- [Access Control with IAM - Service usage](/service-usage/docs/access-control)\n- [IAM basic and predefined roles reference](/iam/docs/understanding-roles)\n- [IAM permissions reference](/iam/docs/permissions-reference)\n- [Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access)\n- [Roles and permissions](/iam/docs/roles-overview)"]]
