Mantenha tudo organizado com as coleções
Salve e categorize o conteúdo com base nas suas preferências.
Nesta página, descrevemos como conceder papéis no nível do repositório a usuários, grupos e contas de serviço na interface da Web do Secure Source Manager.
Para receber as permissões necessárias para conceder aos usuários papéis no nível do repositório,
peça ao administrador para conceder a você os
seguintes papéis do IAM:
Conceder funções no nível do repositório aos usuários
Os usuários, grupos e contas de serviço precisam receber o papel de Acessor de instâncias (roles/securesourcemanager.instanceAccessor) ou Criador de repositórios de instâncias (roles.securesourcemanager.instanceRepositoryCreator) antes de receber papéis de repositório. Para informações sobre como conceder papéis de instância, consulte
Conceder ou revogar papéis de instância com a API Secure Source Manager.
Se você estiver fazendo a autenticação no Secure Source Manager usando um provedor de identidade terceirizado e a Federação de identidade de colaboradores, os principais precisarão ser adicionados ao pool de identidade de colaboradores e receber pelo menos a função de Leitor de acesso à instância (roles/securesourcemanager.instanceAccessor). Para informações sobre como gerenciar pools de identidade de colaboradores, consulte Gerenciar pools e provedores de identidade de colaboradores.
É possível usar a API ou a interface da Web do Secure Source Manager para conceder
papéis no nível do repositório a usuários, grupos e contas de serviço. Para mais informações, consulte
Controle de acesso com o IAM.
Para conceder papéis no nível do repositório a usuários ou contas de serviço usando a interface da Web:
Para acessar a instância do Secure Source Manager pela interface da Web, copie o seguinte URL
na barra de endereço do navegador.
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],["Última atualização 2025-09-02 UTC."],[],[],null,["# Grant users repository access\n\nThis page describes how to grant repository-level roles to users, groups, and\nservice accounts in the Secure Source Manager web interface.\n\nFor information on which roles to grant for a certain use-case, see\n[Repository role management](/secure-source-manager/docs/access-control#repository_role_management).\n\nRequired roles\n--------------\n\n\nTo get the permissions that\nyou need to grant users repository-level roles,\n\nask your administrator to grant you the\nfollowing IAM roles:\n\n- [Secure Source Manager Instance Accessor](/iam/docs/roles-permissions/securesourcemanager#securesourcemanager.instanceAccessor) (`roles/securesourcemanager.instanceAccessor`) on the Secure Source Manager instance\n- [Secure Source Manager Repo Admin](/iam/docs/roles-permissions/securesourcemanager#securesourcemanager.repoAdmin) (`roles/securesourcemanager.repoAdmin`) on the repository\n\n\nFor more information about granting roles, see [Manage access to projects, folders, and organizations](/iam/docs/granting-changing-revoking-access).\n\n\nYou might also be able to get\nthe required permissions through [custom\nroles](/iam/docs/creating-custom-roles) or other [predefined\nroles](/iam/docs/roles-overview#predefined).\n\nFor information on granting Secure Source Manager roles,\nsee [Access control with IAM](/secure-source-manager/docs/access-control) and\n[Grant users instance access](/secure-source-manager/docs/grant-users-instance-access).\n\nGrant users repository-level roles\n----------------------------------\n\nUsers, groups, and service accounts must be granted the Instance Accessor role\n(`roles/securesourcemanager.instanceAccessor`) or Instance Repository Creator\nrole (`roles.securesourcemanager.instanceRepositoryCreator`) before they can be\ngranted repository roles. For information on granting instance roles, see\n[Grant or revoke instance roles with Secure Source Manager API](/secure-source-manager/docs/grant-iam-roles#grant-revoke-instance-roles).\n\nIf you're authenticating to Secure Source Manager using a third-party\nidentity provider and Workforce Identity Federation, then principals must be added\nto your workforce identity pool, and granted at least the Instance Accessor role\n(`roles/securesourcemanager.instanceAccessor`). For information about managing\nworkforce identity pools, see\n[Manage workforce identity pools and providers](/iam/docs/manage-workforce-identity-pools-providers).\n\nYou can use the Secure Source Manager API or the Secure Source Manager web interface to grant\nusers, groups, and service accounts repository-level roles. For more\ninformation, see\n[Access control with IAM](/secure-source-manager/docs/access-control).\n\nTo grant users or service accounts repository-level roles using the web\ninterface:\n\n1. To access the Secure Source Manager instance through its web interface, copy the following URL\n into your browser address bar.\n\n\n \u003cvar translate=\"no\"\u003eINSTANCE_ID\u003c/var\u003e-\u003cvar translate=\"no\"\u003ePROJECT_NUMBER\u003c/var\u003e.\u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e.sourcemanager.dev\n\n \u003cbr /\u003e\n\n\n Replace the following:\n\n\n - \u003cvar translate=\"no\"\u003eINSTANCE_ID\u003c/var\u003e with the instance name.\n - \u003cvar translate=\"no\"\u003ePROJECT_NUMBER\u003c/var\u003e with the instance's Google Cloud project number. For information on identifying projects, see [Identifying projects](/resource-manager/docs/creating-managing-projects#identifying_projects).\n - \u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e with the instance's region.\n\n \u003cbr /\u003e\n\n2. From the **My repositories** page, Select your repository.\n3. Click the **Permissions** tab.\n4. In the **People and permissions** section, click **Add users**.\n5. In the **Add principal** field, enter the email of the user or service account you want to grant the role to.\n6. In the **Assign a role** menu, select the role to assign.\n7. Click **Save**.\n\nTo add additional roles click the\nedit **Edit** icon and add the\nroles using the **Assign a role** menu.\n\nWhat's next\n-----------\n\n- [Use Git source code management](/secure-source-manager/docs/use-git) with Secure Source Manager.\n- Learn more about [access control with IAM](/secure-source-manager/docs/access-control).\n- [Grant and revoke IAM roles](/secure-source-manager/docs/update-iam-policy)."]]
