适用于 Apache Flink 的 BigQuery 引擎角色和权限

本页面列出了适用于 Apache Flink 的 BigQuery 引擎的 IAM 角色和权限。如需搜索所有角色和权限，请参阅角色和权限索引。

适用于 Apache Flink 的 BigQuery 引擎角色

Role Permissions

Role	Permissions
Managed Flink Admin ^Beta (`roles/managedflink.admin`) Full access to Managed Flink resources.	`managedflink.*` `managedflink.deployments.create` `managedflink.deployments.delete` `managedflink.deployments.get` `managedflink.deployments.list` `managedflink.deployments.update` `managedflink.jobs.create` `managedflink.jobs.delete` `managedflink.jobs.get` `managedflink.jobs.list` `managedflink.jobs.update` `managedflink.locations.get` `managedflink.locations.list` `managedflink.operations.cancel` `managedflink.operations.delete` `managedflink.operations.get` `managedflink.operations.list` `managedflink.sessions.create` `managedflink.sessions.delete` `managedflink.sessions.get` `managedflink.sessions.list` `managedflink.sessions.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Managed Flink Developer ^Beta (`roles/managedflink.developer`) Full access to Managed Flink Jobs and Sessions and read access to Deployments.	`managedflink.deployments.get` `managedflink.deployments.list` `managedflink.jobs.` `managedflink.jobs.create` `managedflink.jobs.delete` `managedflink.jobs.get` `managedflink.jobs.list` `managedflink.jobs.update` `managedflink.locations.` `managedflink.locations.get` `managedflink.locations.list` `managedflink.operations.get` `managedflink.operations.list` `managedflink.sessions.*` `managedflink.sessions.create` `managedflink.sessions.delete` `managedflink.sessions.get` `managedflink.sessions.list` `managedflink.sessions.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Managed Flink Service Agent (`roles/managedflink.serviceAgent`) Gives Managed Flink Service Agent access to Cloud Platform resources. Warning: Do not grant service agent roles to any principals except service agents.	`compute.networkAttachments.create` `compute.networkAttachments.delete` `compute.networkAttachments.get` `compute.networkAttachments.list` `compute.networkAttachments.update` `compute.networks.get` `compute.networks.list` `compute.regionOperations.get` `compute.subnetworks.get` `compute.subnetworks.list` `compute.subnetworks.use` `dns.networks.targetWithPeeringZone` `managedkafka.clusters.get` `managedkafka.clusters.list` `managedkafka.clusters.update` `monitoring.metricDescriptors.create` `monitoring.metricDescriptors.get` `monitoring.metricDescriptors.list` `monitoring.monitoredResourceDescriptors.*` `monitoring.monitoredResourceDescriptors.get` `monitoring.monitoredResourceDescriptors.list` `monitoring.timeSeries.create` `serviceusage.services.use` `storage.objects.get`
Managed Flink Viewer ^Beta (`roles/managedflink.viewer`) Readonly access to Managed Flink resources.	`managedflink.deployments.get` `managedflink.deployments.list` `managedflink.jobs.get` `managedflink.jobs.list` `managedflink.locations.*` `managedflink.locations.get` `managedflink.locations.list` `managedflink.operations.get` `managedflink.operations.list` `managedflink.sessions.get` `managedflink.sessions.list` `resourcemanager.projects.get` `resourcemanager.projects.list`

Managed Flink Admin ^Beta

(roles/managedflink.admin)

Full access to Managed Flink resources.

managedflink.*

managedflink.deployments.create
managedflink.deployments.delete
managedflink.deployments.get
managedflink.deployments.list
managedflink.deployments.update
managedflink.jobs.create
managedflink.jobs.delete
managedflink.jobs.get
managedflink.jobs.list
managedflink.jobs.update
managedflink.locations.get
managedflink.locations.list
managedflink.operations.cancel
managedflink.operations.delete
managedflink.operations.get
managedflink.operations.list
managedflink.sessions.create
managedflink.sessions.delete
managedflink.sessions.get
managedflink.sessions.list
managedflink.sessions.update

resourcemanager.projects.get

resourcemanager.projects.list

Managed Flink Developer ^Beta

(roles/managedflink.developer)

Full access to Managed Flink Jobs and Sessions and read access to Deployments.

managedflink.deployments.get

managedflink.deployments.list

managedflink.jobs.*

managedflink.jobs.create
managedflink.jobs.delete
managedflink.jobs.get
managedflink.jobs.list
managedflink.jobs.update

managedflink.locations.*

managedflink.locations.get
managedflink.locations.list

managedflink.operations.get

managedflink.operations.list

managedflink.sessions.*

managedflink.sessions.create
managedflink.sessions.delete
managedflink.sessions.get
managedflink.sessions.list
managedflink.sessions.update

resourcemanager.projects.get

resourcemanager.projects.list

Managed Flink Service Agent

(roles/managedflink.serviceAgent)

Gives Managed Flink Service Agent access to Cloud Platform resources.

compute.networkAttachments.create

compute.networkAttachments.delete

compute.networkAttachments.get

compute.networkAttachments.list

compute.networkAttachments.update

compute.networks.get

compute.networks.list

compute.regionOperations.get

compute.subnetworks.get

compute.subnetworks.list

compute.subnetworks.use

dns.networks.targetWithPeeringZone

managedkafka.clusters.get

managedkafka.clusters.list

managedkafka.clusters.update

monitoring.metricDescriptors.create

monitoring.metricDescriptors.get

monitoring.metricDescriptors.list

monitoring.monitoredResourceDescriptors.*

monitoring.monitoredResourceDescriptors.get
monitoring.monitoredResourceDescriptors.list

monitoring.timeSeries.create

serviceusage.services.use

storage.objects.get

Managed Flink Viewer ^Beta

(roles/managedflink.viewer)

Readonly access to Managed Flink resources.

managedflink.deployments.get

managedflink.deployments.list

managedflink.jobs.get

managedflink.jobs.list

managedflink.locations.*

managedflink.locations.get
managedflink.locations.list

managedflink.operations.get

managedflink.operations.list

managedflink.sessions.get

managedflink.sessions.list

resourcemanager.projects.get

resourcemanager.projects.list

适用于 Apache Flink 的 BigQuery 引擎权限

权限	以下角色拥有此权限
`managedflink.deployments.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`)
`managedflink.deployments.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`)
`managedflink.deployments.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.deployments.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.deployments.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`)
`managedflink.jobs.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`)
`managedflink.jobs.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`)
`managedflink.jobs.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.jobs.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.jobs.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`)
`managedflink.locations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.locations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`)
`managedflink.operations.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`)
`managedflink.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.sessions.create`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`)
`managedflink.sessions.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`)
`managedflink.sessions.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.sessions.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`) Managed Flink Viewer (`roles/managedflink.viewer`)
`managedflink.sessions.update`	Owner (`roles/owner`) Editor (`roles/editor`) Managed Flink Admin (`roles/managedflink.admin`) Managed Flink Developer (`roles/managedflink.developer`)

适用于 Apache Flink 的 BigQuery 引擎角色和权限