Funções e permissões de API

O GKE no Azure tem permissões específicas de Gerenciamento de Identidade e Acesso (IAM). Essas permissões são descritas nas tabelas a seguir. Para obter instruções sobre como gerenciar permissões, consulte Conceder, alterar e revogar acesso a recursos .

Permissões da API do GKE no Azure

A API do GKE no Azure inclui as funções predefinidas gkemulticloud.viewer e gkemulticloud.admin . Essas funções são descritas na tabela a seguir:

Papel Permissões

( roles/ gkemulticloud.admin )

Acesso de administrador aos recursos do Anthos Multi-cloud.

gkemulticloud.*

  • gkemulticloud. attachedClusters. create
  • gkemulticloud. attachedClusters. delete
  • gkemulticloud. attachedClusters. generateInstallManifest
  • gkemulticloud. attachedClusters. get
  • gkemulticloud. attachedClusters. import
  • gkemulticloud. attachedClusters. list
  • gkemulticloud. attachedClusters. update
  • gkemulticloud. attachedServerConfigs. get
  • gkemulticloud. awsClusters. create
  • gkemulticloud. awsClusters. delete
  • gkemulticloud. awsClusters. generateAccessToken
  • gkemulticloud.awsClusters.get
  • gkemulticloud. awsClusters. getAdminKubeconfig
  • gkemulticloud.awsClusters.list
  • gkemulticloud. awsClusters. update
  • gkemulticloud. awsNodePools. create
  • gkemulticloud. awsNodePools. delete
  • gkemulticloud.awsNodePools.get
  • gkemulticloud. awsNodePools. list
  • gkemulticloud. awsNodePools. update
  • gkemulticloud. awsServerConfigs. get
  • gkemulticloud. azureClients. create
  • gkemulticloud. azureClients. delete
  • gkemulticloud.azureClients.get
  • gkemulticloud. azureClients. list
  • gkemulticloud. azureClusters. create
  • gkemulticloud. azureClusters. delete
  • gkemulticloud. azureClusters. generateAccessToken
  • gkemulticloud. azureClusters. get
  • gkemulticloud. azureClusters. getAdminKubeconfig
  • gkemulticloud. azureClusters. list
  • gkemulticloud. azureClusters. update
  • gkemulticloud. azureNodePools. create
  • gkemulticloud. azureNodePools. delete
  • gkemulticloud. azureNodePools. get
  • gkemulticloud. azureNodePools. list
  • gkemulticloud. azureNodePools. update
  • gkemulticloud. azureServerConfigs. get
  • gkemulticloud. operations. cancel
  • gkemulticloud. operations. delete
  • gkemulticloud.operations.get
  • gkemulticloud.operations.list
  • gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

( roles/ gkemulticloud.viewer )

Acesso de visualizador aos recursos do Anthos Multi-cloud.

gkemulticloud. attachedClusters. generateInstallManifest

gkemulticloud. attachedClusters. get

gkemulticloud. attachedClusters. list

gkemulticloud. attachedServerConfigs. get

gkemulticloud. awsClusters. generateAccessToken

gkemulticloud.awsClusters.get

gkemulticloud.awsClusters.list

gkemulticloud.awsNodePools.get

gkemulticloud. awsNodePools. list

gkemulticloud. awsServerConfigs. get

gkemulticloud.azureClients.get

gkemulticloud. azureClients. list

gkemulticloud. azureClusters. generateAccessToken

gkemulticloud. azureClusters. get

gkemulticloud. azureClusters. list

gkemulticloud. azureNodePools. get

gkemulticloud. azureNodePools. list

gkemulticloud. azureServerConfigs. get

gkemulticloud.operations.get

gkemulticloud.operations.list

gkemulticloud.operations.wait

resourcemanager.projects.get

resourcemanager.projects.list

O que vem a seguir

Funções adicionais do IAM, como proprietário e editor, incluem permissões do GKE no Azure. Para mais informações, consulte a lista de referência completa de permissões do IAM .