Storage Transfer Service 角色和权限

本页面列出了 Storage Transfer Service 的 IAM 角色和权限。如需搜索所有角色和权限，请参阅角色和权限索引。

Storage Transfer Service 角色

Role Permissions

Role	Permissions
Storage Transfer Admin (`roles/storagetransfer.admin`) Create, update and manage transfer jobs and operations.	`resourcemanager.projects.get` `resourcemanager.projects.list` `storagetransfer.*` `storagetransfer.agentpools.create` `storagetransfer.agentpools.delete` `storagetransfer.agentpools.get` `storagetransfer.agentpools.list` `storagetransfer.agentpools.report` `storagetransfer.agentpools.update` `storagetransfer.jobs.create` `storagetransfer.jobs.delete` `storagetransfer.jobs.get` `storagetransfer.jobs.list` `storagetransfer.jobs.run` `storagetransfer.jobs.update` `storagetransfer.operations.assign` `storagetransfer.operations.cancel` `storagetransfer.operations.get` `storagetransfer.operations.list` `storagetransfer.operations.pause` `storagetransfer.operations.report` `storagetransfer.operations.resume` `storagetransfer.projects.getServiceAccount`
Storage Transfer Service Agent (`roles/storagetransfer.serviceAgent`) Grants Storage Transfer Service Agent permissions required to run transfers Warning: Do not grant service agent roles to any principals except service agents.	`pubsub.subscriptions.consume` `pubsub.subscriptions.create` `pubsub.subscriptions.delete` `pubsub.subscriptions.get` `pubsub.subscriptions.update` `pubsub.topics.attachSubscription` `pubsub.topics.create` `pubsub.topics.delete` `pubsub.topics.get` `pubsub.topics.publish` `pubsub.topics.update`
Storage Transfer Agent (`roles/storagetransfer.transferAgent`) Perform transfers from an agent.	`logging.logEntries.create` `monitoring.timeSeries.create` `pubsub.subscriptions.consume` `pubsub.subscriptions.create` `pubsub.subscriptions.delete` `pubsub.subscriptions.get` `pubsub.topics.attachSubscription` `pubsub.topics.create` `pubsub.topics.get` `pubsub.topics.list` `pubsub.topics.publish` `storagetransfer.agentpools.report` `storagetransfer.operations.assign` `storagetransfer.operations.get` `storagetransfer.operations.report`
Storage Transfer User (`roles/storagetransfer.user`) Create and update storage transfer jobs and operations.	`resourcemanager.projects.get` `resourcemanager.projects.list` `storagetransfer.agentpools.create` `storagetransfer.agentpools.get` `storagetransfer.agentpools.list` `storagetransfer.agentpools.report` `storagetransfer.agentpools.update` `storagetransfer.jobs.create` `storagetransfer.jobs.get` `storagetransfer.jobs.list` `storagetransfer.jobs.run` `storagetransfer.jobs.update` `storagetransfer.operations.*` `storagetransfer.operations.assign` `storagetransfer.operations.cancel` `storagetransfer.operations.get` `storagetransfer.operations.list` `storagetransfer.operations.pause` `storagetransfer.operations.report` `storagetransfer.operations.resume` `storagetransfer.projects.getServiceAccount`
Storage Transfer Viewer (`roles/storagetransfer.viewer`) Read access to storage transfer jobs and operations.	`resourcemanager.projects.get` `resourcemanager.projects.list` `storagetransfer.agentpools.get` `storagetransfer.agentpools.list` `storagetransfer.jobs.get` `storagetransfer.jobs.list` `storagetransfer.operations.get` `storagetransfer.operations.list` `storagetransfer.projects.getServiceAccount`

Storage Transfer Admin

(roles/storagetransfer.admin)

Create, update and manage transfer jobs and operations.

resourcemanager.projects.get

resourcemanager.projects.list

storagetransfer.*

storagetransfer.agentpools.create
storagetransfer.agentpools.delete
storagetransfer.agentpools.get
storagetransfer.agentpools.list
storagetransfer.agentpools.report
storagetransfer.agentpools.update
storagetransfer.jobs.create
storagetransfer.jobs.delete
storagetransfer.jobs.get
storagetransfer.jobs.list
storagetransfer.jobs.run
storagetransfer.jobs.update
storagetransfer.operations.assign
storagetransfer.operations.cancel
storagetransfer.operations.get
storagetransfer.operations.list
storagetransfer.operations.pause
storagetransfer.operations.report
storagetransfer.operations.resume
storagetransfer.projects.getServiceAccount

Storage Transfer Service Agent

(roles/storagetransfer.serviceAgent)

Grants Storage Transfer Service Agent permissions required to run transfers

pubsub.subscriptions.consume

pubsub.subscriptions.create

pubsub.subscriptions.delete

pubsub.subscriptions.get

pubsub.subscriptions.update

pubsub.topics.attachSubscription

pubsub.topics.create

pubsub.topics.delete

pubsub.topics.get

pubsub.topics.publish

pubsub.topics.update

Storage Transfer Agent

(roles/storagetransfer.transferAgent)

Perform transfers from an agent.

logging.logEntries.create

monitoring.timeSeries.create

pubsub.subscriptions.consume

pubsub.subscriptions.create

pubsub.subscriptions.delete

pubsub.subscriptions.get

pubsub.topics.attachSubscription

pubsub.topics.create

pubsub.topics.get

pubsub.topics.list

pubsub.topics.publish

storagetransfer.agentpools.report

storagetransfer.operations.assign

storagetransfer.operations.get

storagetransfer.operations.report

Storage Transfer User

(roles/storagetransfer.user)

Create and update storage transfer jobs and operations.

resourcemanager.projects.get

resourcemanager.projects.list

storagetransfer.agentpools.create

storagetransfer.agentpools.get

storagetransfer.agentpools.list

storagetransfer.agentpools.report

storagetransfer.agentpools.update

storagetransfer.jobs.create

storagetransfer.jobs.get

storagetransfer.jobs.list

storagetransfer.jobs.run

storagetransfer.jobs.update

storagetransfer.operations.*

storagetransfer.operations.assign
storagetransfer.operations.cancel
storagetransfer.operations.get
storagetransfer.operations.list
storagetransfer.operations.pause
storagetransfer.operations.report
storagetransfer.operations.resume

storagetransfer.projects.getServiceAccount

Storage Transfer Viewer

(roles/storagetransfer.viewer)

Read access to storage transfer jobs and operations.

resourcemanager.projects.get

resourcemanager.projects.list

storagetransfer.agentpools.get

storagetransfer.agentpools.list

storagetransfer.jobs.get

storagetransfer.jobs.list

storagetransfer.operations.get

storagetransfer.operations.list

storagetransfer.projects.getServiceAccount

Storage Transfer Service 权限

权限	以下角色拥有此权限
`storagetransfer.agentpools.create`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.agentpools.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`)
`storagetransfer.agentpools.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)
`storagetransfer.agentpools.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)
`storagetransfer.agentpools.report`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer Agent (`roles/storagetransfer.transferAgent`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.agentpools.update`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.jobs.create`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.jobs.delete`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`)
`storagetransfer.jobs.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)
`storagetransfer.jobs.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)
`storagetransfer.jobs.run`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.jobs.update`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.operations.assign`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer Agent (`roles/storagetransfer.transferAgent`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.operations.cancel`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.operations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer Agent (`roles/storagetransfer.transferAgent`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)
`storagetransfer.operations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)
`storagetransfer.operations.pause`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.operations.report`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer Agent (`roles/storagetransfer.transferAgent`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.operations.resume`	Owner (`roles/owner`) Editor (`roles/editor`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`)
`storagetransfer.projects.getServiceAccount`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Storage Transfer Admin (`roles/storagetransfer.admin`) Storage Transfer User (`roles/storagetransfer.user`) Storage Transfer Viewer (`roles/storagetransfer.viewer`)

Storage Transfer Service 角色和权限