发送反馈
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
集成连接器的 IAM 角色和权限
预定义角色可授予对特定 Google Cloud 资源的精细访问权限。
这些角色由 Google 创建和维护。Google 会根据需要自动更新其权限,例如 Google Cloud 添加新功能或服务时。
下表列出了集成连接器的所有预定义 IAM 角色:
Cloud Connectors 角色
权限
Connector Admin
(roles/)
拥有对 Connectors 服务的所有资源的完全访问权限。
connectors.actions.*
connectors.connections.create
connectors.connections.delete
connectors.
connectors.
connectors.connections.get
connectors.
connectors.
connectors.
connectors.
connectors.connections.list
connectors.
connectors.connections.update
connectors.connectors.*
connectors.
connectors.customConnectors.*
connectors.
connectors.entities.*
connectors.entityTypes.list
connectors.
connectors.eventtypes.*
connectors.locations.*
connectors.managedZones.*
connectors.operations.*
connectors.providers.*
connectors.regionalSettings.*
connectors.runtimeconfig.get
connectors.
connectors.settings.*
connectors.versions.*
resourcemanager.projects.get
resourcemanager.projects.list
secretmanager.
Custom Connectors Admin
(roles/)
自定义连接器是一种全球性资源,用于在给定目标项目中创建自定义连接器。此角色可授予对自定义连接器资源的管理员访问权限
connectors.
connectors.customConnectors.*
connectors.locations.*
Custom Connector Viewer
(roles/)
自定义连接器是一种全球性资源,用于在给定目标项目中创建自定义连接器。此角色可授予对自定义连接器和自定义连接器版本资源的只读权限。
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.locations.*
Connectors Endpoint Attachment Admin
(roles/)
端点连接 (Endpoint Attachment) 是一种区域级资源,可以为指定的 PSC 服务连接创建 PSC 连接端点。此角色可授予对连接器端点连接资源的管理员访问权限。
connectors.
connectors.locations.*
Connectors Endpoint Attachment Viewer
(roles/)
端点连接 (Endpoint Attachment) 是一种区域级资源,可以为指定的 PSC 服务连接创建 PSC 连接端点。此角色可授予对连接器端点连接资源的只读权限
connectors.
connectors.
connectors.
connectors.locations.*
Connectors Event Subscriptions Admin
(roles/)
事件订阅是一种区域级资源,可以为指定目标项目中的特定连接创建事件订阅。此角色可授予对连接器订阅资源的管理员访问权限
connectors.
Connectors Event Subscriptions Viewer
(roles/)
事件订阅是一种区域级资源,可以为指定目标项目中的特定连接创建事件订阅。此角色可授予对事件订阅资源的只读权限。
connectors.
connectors.
Connector Invoker
(roles/)
拥有在连接上调用所有操作的完整权限。
connectors.actions.*
connectors.
connectors.entities.*
connectors.entityTypes.list
Connector Event Listener
(roles/)
拥有按连接监听事件的完整权限。
connectors.
Connectors Managed Zone Admin
(roles/)
代管式区域 (Managed Zone) 是一种全球性资源,会根据指定的目标项目创建 Cloud DNS 对等互连区域。此角色可授予对连接器代管式区域资源的管理员访问权限。
connectors.locations.*
connectors.managedZones.*
Connectors Managed Zone Viewer
(roles/)
代管式区域 (Managed Zone) 是一种全球性资源,会根据指定的目标项目创建 Cloud DNS 对等互连区域。此角色可授予对连接器代管式区域资源的只读权限。
connectors.locations.*
connectors.managedZones.get
connectors.
connectors.managedZones.list
Connectors Viewer
(roles/)
拥有对 Connectors 的所有资源的只读权限。
connectors.
connectors.connections.get
connectors.
connectors.
connectors.
connectors.
connectors.connections.list
connectors.connectors.*
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.
connectors.eventtypes.*
connectors.locations.*
connectors.managedZones.get
connectors.
connectors.managedZones.list
connectors.operations.get
connectors.operations.list
connectors.providers.*
connectors.
connectors.runtimeconfig.get
connectors.settings.get
connectors.versions.*
resourcemanager.projects.get
resourcemanager.projects.list
如需详细了解预定义角色,请参阅角色和权限 。如需有关选择最合适的预定义角色的帮助,请参阅选择预定义角色 。
发送反馈
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可 获得了许可,并且代码示例已根据 Apache 2.0 许可 获得了许可。有关详情,请参阅 Google 开发者网站政策 。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-03-27。
需要向我们提供更多信息?
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-03-27。"],[[["Predefined IAM roles for Integration Connectors offer granular control over access to Google Cloud resources, and are created and maintained by Google."],["The Connector Admin role (`roles/connectors.admin`) grants full access to all resources within the Connectors Service."],["Custom Connector roles allow for admin or read-only access specifically to Custom Connector and Custom Connector Version resources within a project."],["There are dedicated roles for managing endpoint attachments, event subscriptions, and managed zones, each providing either admin or viewer permissions to their respective resource types."],["Roles such as the Connector Invoker and Connector Event Listener provide permissions for invoking actions on connections and listening to events, respectively."]]],[]]
