Firebase 安全规则角色和权限

本页面列出了 Firebase 安全规则的 IAM 角色和权限。如需搜索所有角色和权限，请参阅角色和权限索引。

Firebase 安全规则角色

Role Permissions

Role	Permissions
Firebase Rules Admin (`roles/firebaserules.admin`) Full management of Firebase Rules.	`firebaserules.*` `firebaserules.releases.create` `firebaserules.releases.delete` `firebaserules.releases.get` `firebaserules.releases.getExecutable` `firebaserules.releases.list` `firebaserules.releases.update` `firebaserules.rulesets.create` `firebaserules.rulesets.delete` `firebaserules.rulesets.get` `firebaserules.rulesets.list` `firebaserules.rulesets.test` `resourcemanager.projects.get` `resourcemanager.projects.list`
Firebase Rules Firestore Service Agent (`roles/firebaserules.firestoreServiceAgent`) Grants Firebase Security Rules access to Firestore for providing cross-service Rules. Warning: Do not grant service agent roles to any principals except service agents.	`datastore.entities.get`
Firebase Rules System (`roles/firebaserules.system`) Read/write/list access for Datastore entities and Cloud Storage objects, as well as get/list/publish access for PubSub topics.	`datastore.databases.get` `datastore.entities.*` `datastore.entities.allocateIds` `datastore.entities.create` `datastore.entities.delete` `datastore.entities.get` `datastore.entities.list` `datastore.entities.update` `pubsub.topics.get` `pubsub.topics.list` `pubsub.topics.publish` `resourcemanager.projects.get` `resourcemanager.projects.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Firebase Rules Viewer (`roles/firebaserules.viewer`) Read-only access on all resources with the ability to test Rulesets.	`firebaserules.releases.get` `firebaserules.releases.list` `firebaserules.rulesets.get` `firebaserules.rulesets.list` `resourcemanager.projects.get` `resourcemanager.projects.list`

Firebase Rules Admin

(roles/firebaserules.admin)

Full management of Firebase Rules.

firebaserules.*

firebaserules.releases.create
firebaserules.releases.delete
firebaserules.releases.get
firebaserules.releases.getExecutable
firebaserules.releases.list
firebaserules.releases.update
firebaserules.rulesets.create
firebaserules.rulesets.delete
firebaserules.rulesets.get
firebaserules.rulesets.list
firebaserules.rulesets.test

resourcemanager.projects.get

resourcemanager.projects.list

Firebase Rules Firestore Service Agent

(roles/firebaserules.firestoreServiceAgent)

Grants Firebase Security Rules access to Firestore for providing cross-service Rules.

datastore.entities.get

Firebase Rules System

(roles/firebaserules.system)

Read/write/list access for Datastore entities and Cloud Storage objects, as well as get/list/publish access for PubSub topics.

datastore.databases.get

datastore.entities.*

datastore.entities.allocateIds
datastore.entities.create
datastore.entities.delete
datastore.entities.get
datastore.entities.list
datastore.entities.update

pubsub.topics.get

pubsub.topics.list

pubsub.topics.publish

resourcemanager.projects.get

resourcemanager.projects.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Firebase Rules Viewer

(roles/firebaserules.viewer)

Read-only access on all resources with the ability to test Rulesets.

firebaserules.releases.get

firebaserules.releases.list

firebaserules.rulesets.get

firebaserules.rulesets.list

resourcemanager.projects.get

resourcemanager.projects.list

Firebase 安全规则权限

权限	以下角色拥有此权限
`firebaserules.releases.create`	Owner (`roles/owner`) Editor (`roles/editor`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Rules Admin (`roles/firebaserules.admin`) 服务代理角色警告：请勿向服务代理以外的任何主账号授予服务代理角色。 Firebase Service Management Service Agent (`roles/firebase.managementServiceAgent`)
`firebaserules.releases.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Rules Admin (`roles/firebaserules.admin`) 服务代理角色警告：请勿向服务代理以外的任何主账号授予服务代理角色。 Firebase Service Management Service Agent (`roles/firebase.managementServiceAgent`)
`firebaserules.releases.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Develop Viewer (`roles/firebase.developViewer`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Viewer (`roles/firebase.viewer`) Firebase Rules Admin (`roles/firebaserules.admin`) Firebase Rules Viewer (`roles/firebaserules.viewer`) 服务代理角色警告：请勿向服务代理以外的任何主账号授予服务代理角色。 Firebase Service Management Service Agent (`roles/firebase.managementServiceAgent`)
`firebaserules.releases.getExecutable`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Rules Admin (`roles/firebaserules.admin`)
`firebaserules.releases.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Develop Viewer (`roles/firebase.developViewer`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Viewer (`roles/firebase.viewer`) Firebase Rules Admin (`roles/firebaserules.admin`) Firebase Rules Viewer (`roles/firebaserules.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`firebaserules.releases.update`	Owner (`roles/owner`) Editor (`roles/editor`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Rules Admin (`roles/firebaserules.admin`)
`firebaserules.rulesets.create`	Owner (`roles/owner`) Editor (`roles/editor`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Rules Admin (`roles/firebaserules.admin`) 服务代理角色警告：请勿向服务代理以外的任何主账号授予服务代理角色。 Firebase Service Management Service Agent (`roles/firebase.managementServiceAgent`)
`firebaserules.rulesets.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Rules Admin (`roles/firebaserules.admin`)
`firebaserules.rulesets.get`	Owner (`roles/owner`) Editor (`roles/editor`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Develop Viewer (`roles/firebase.developViewer`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Viewer (`roles/firebase.viewer`) Firebase Rules Admin (`roles/firebaserules.admin`) Firebase Rules Viewer (`roles/firebaserules.viewer`)
`firebaserules.rulesets.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Develop Viewer (`roles/firebase.developViewer`) Firebase Admin SDK Administrator Service Agent (`roles/firebase.sdkAdminServiceAgent`) Firebase Viewer (`roles/firebase.viewer`) Firebase Rules Admin (`roles/firebaserules.admin`) Firebase Rules Viewer (`roles/firebaserules.viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`)
`firebaserules.rulesets.test`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Firebase Admin (`roles/firebase.admin`) Firebase Develop Admin (`roles/firebase.developAdmin`) Firebase Rules Admin (`roles/firebaserules.admin`)

Firebase 安全规则角色和权限