数据安全状况管理角色和权限

本页面列出了数据安全状况管理的 IAM 角色和权限。如需搜索所有角色和权限，请参阅角色和权限索引。

数据安全状况管理角色

Role Permissions

Role	Permissions
DSPM Service Agent (`roles/dspm.serviceAgent`) Gives DSPM Service Account access to consumer resources. Warning: Do not grant service agent roles to any principals except service agents.	`aiplatform.artifacts.list` `aiplatform.contexts.list` `aiplatform.dataItems.list` `aiplatform.datasets.get` `aiplatform.datasets.list` `aiplatform.endpoints.list` `aiplatform.entityTypes.list` `aiplatform.executions.list` `aiplatform.metadataSchemas.list` `aiplatform.modelEvaluations.list` `aiplatform.models.list` `aiplatform.trainingPipelines.list` `aiplatform.tuningJobs.list` `bigquery.datasets.createTagBinding` `bigquery.datasets.deleteTagBinding` `bigquery.datasets.listEffectiveTags` `bigquery.datasets.listTagBindings` `bigquery.jobs.create` `bigquery.tables.createTagBinding` `bigquery.tables.deleteTagBinding` `bigquery.tables.getData` `bigquery.tables.list` `bigquery.tables.listEffectiveTags` `bigquery.tables.listTagBindings` `cloudasset.assets.exportResource` `cloudasset.assets.listResource` `cloudasset.assets.queryResource` `cloudasset.assets.searchAllResources` `cloudasset.feeds.create` `cloudasset.feeds.delete` `cloudasset.feeds.update` `resourcemanager.hierarchyNodes.` `resourcemanager.hierarchyNodes.createTagBinding` `resourcemanager.hierarchyNodes.deleteTagBinding` `resourcemanager.hierarchyNodes.listEffectiveTags` `resourcemanager.hierarchyNodes.listTagBindings` `resourcemanager.projects.getIamPolicy` `resourcemanager.tagKeys.create` `resourcemanager.tagKeys.delete` `resourcemanager.tagKeys.get` `resourcemanager.tagKeys.getIamPolicy` `resourcemanager.tagKeys.list` `resourcemanager.tagKeys.update` `resourcemanager.tagValueBindings.` `resourcemanager.tagValueBindings.create` `resourcemanager.tagValueBindings.delete` `resourcemanager.tagValues.create` `resourcemanager.tagValues.delete` `resourcemanager.tagValues.get` `resourcemanager.tagValues.getIamPolicy` `resourcemanager.tagValues.list` `resourcemanager.tagValues.update` `securitycenter.securityhealthanalyticssettings.*` `securitycenter.securityhealthanalyticssettings.calculate` `securitycenter.securityhealthanalyticssettings.get` `securitycenter.securityhealthanalyticssettings.update` `securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get` `securitycentermanagement.securityCenterServices.get` `securitycentermanagement.securityCenterServices.update` `securitycentermanagement.securityHealthAnalyticsCustomModules.create` `securitycentermanagement.securityHealthAnalyticsCustomModules.get` `securityposture.operations.get` `securityposture.postureDeployments.create` `securityposture.postureDeployments.delete` `securityposture.postureDeployments.get` `securityposture.postureDeployments.list` `securityposture.postures.create` `securityposture.postures.get` `serviceusage.services.enable` `serviceusage.services.get` `serviceusage.services.list` `storage.buckets.createTagBinding` `storage.buckets.deleteTagBinding` `storage.buckets.listEffectiveTags` `storage.buckets.listTagBindings`

DSPM Service Agent

(roles/dspm.serviceAgent)

Gives DSPM Service Account access to consumer resources.

aiplatform.artifacts.list

aiplatform.contexts.list

aiplatform.dataItems.list

aiplatform.datasets.get

aiplatform.datasets.list

aiplatform.endpoints.list

aiplatform.entityTypes.list

aiplatform.executions.list

aiplatform.metadataSchemas.list

aiplatform.modelEvaluations.list

aiplatform.models.list

aiplatform.trainingPipelines.list

aiplatform.tuningJobs.list

bigquery.datasets.createTagBinding

bigquery.datasets.deleteTagBinding

bigquery.datasets.listEffectiveTags

bigquery.datasets.listTagBindings

bigquery.jobs.create

bigquery.tables.createTagBinding

bigquery.tables.deleteTagBinding

bigquery.tables.getData

bigquery.tables.list

bigquery.tables.listEffectiveTags

bigquery.tables.listTagBindings

cloudasset.assets.exportResource

cloudasset.assets.listResource

cloudasset.assets.queryResource

cloudasset.assets.searchAllResources

cloudasset.feeds.create

cloudasset.feeds.delete

cloudasset.feeds.update

resourcemanager.hierarchyNodes.*

resourcemanager.hierarchyNodes.createTagBinding
resourcemanager.hierarchyNodes.deleteTagBinding
resourcemanager.hierarchyNodes.listEffectiveTags
resourcemanager.hierarchyNodes.listTagBindings

resourcemanager.projects.getIamPolicy

resourcemanager.tagKeys.create

resourcemanager.tagKeys.delete

resourcemanager.tagKeys.get

resourcemanager.tagKeys.getIamPolicy

resourcemanager.tagKeys.list

resourcemanager.tagKeys.update

resourcemanager.tagValueBindings.*

resourcemanager.tagValueBindings.create
resourcemanager.tagValueBindings.delete

resourcemanager.tagValues.create

resourcemanager.tagValues.delete

resourcemanager.tagValues.get

resourcemanager.tagValues.getIamPolicy

resourcemanager.tagValues.list

resourcemanager.tagValues.update

securitycenter.securityhealthanalyticssettings.*

securitycenter.securityhealthanalyticssettings.calculate
securitycenter.securityhealthanalyticssettings.get
securitycenter.securityhealthanalyticssettings.update

securitycentermanagement.effectiveSecurityHealthAnalyticsCustomModules.get

securitycentermanagement.securityCenterServices.get

securitycentermanagement.securityCenterServices.update

securitycentermanagement.securityHealthAnalyticsCustomModules.create

securitycentermanagement.securityHealthAnalyticsCustomModules.get

securityposture.operations.get

securityposture.postureDeployments.create

securityposture.postureDeployments.delete

securityposture.postureDeployments.get

securityposture.postureDeployments.list

securityposture.postures.create

securityposture.postures.get

serviceusage.services.enable

serviceusage.services.get

serviceusage.services.list

storage.buckets.createTagBinding

storage.buckets.deleteTagBinding

storage.buckets.listEffectiveTags

storage.buckets.listTagBindings

数据安全状况管理权限

此服务没有 IAM 权限。

数据安全状况管理角色和权限 使用集合让一切井井有条 根据您的偏好保存内容并对其进行分类。