Identity and Access Management (IAM) 角色介绍了如何使用 Managed Service for Microsoft Active Directory (Managed Microsoft AD) API。下面列出了一系列可用于代管式 Microsoft AD 的 IAM 角色及其可用的方法。
此外,服务账号必须具有 servicemanagement.services.bind
权限才能查看和启用托管式 Microsoft AD。详细了解服务管理角色和权限。
Role | Permissions |
---|---|
Google Cloud Managed Identities Admin( Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level. |
|
Google Cloud Managed Identities Backup Admin( Full access to Google Cloud Managed Identities Backup and related resources. Intended to be granted on a project-level |
|
Google Cloud Managed Identities Backup Viewer( Read-only access to Google Cloud Managed Identities Backup and related resources. |
|
Google Cloud Managed Identities Domain Admin( Read-Update-Delete to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a resource (domain) level. |
|
Google Cloud Managed Identities Domain Join Beta( Access to domain join VMs with Cloud AD |
|
Google Cloud Managed Identities Peering Admin( Full access to Google Cloud Managed Identities Domains and related resources. Intended to be granted on a project-level |
|
Google Cloud Managed Identities Peering Viewer( Read-only access to Google Cloud Managed Identities Peering and related resources. |
|
Google Cloud Managed Identities Viewer( Read-only access to Google Cloud Managed Identities Domains and related resources. |
|
如需详细了解 IAM 角色,请参阅 了解角色。