Google Cloud offers Identity and Access Management (IAM), which lets you give more granular access to specific Google Cloud resources, and prevent unwanted access to other resources. For information about IAM, see Identity and Access Management documentation.
This page shows how you can control Cloud Speech-to-Text access and permissions by using Identity and Access Management (IAM) roles and permissions.
Overview
Cloud Speech-to-Text (STT) provides a set of predefined roles that help you control access to your Cloud STT resources. You can also create your own custom roles, if the predefined roles don't provide the sets of permissions you need.
The basic roles of Editor, Viewer, and Owner are also available, though they don't provide fine-grained control like the Cloud STT roles. In particular, the basic roles provide access to resources across Google Cloud. The roles specific to Cloud STT provide only Cloud STT permissions. For more information, see the IAM roles and permissions index.
Predefined roles
Predefined roles provide finer-grained permissions to principals (individuals, groups, or service accounts). The role you grant to a principal controls what actions the principal can take. You can grant multiple roles to the same principal, and you can change the roles granted to a principal at any time, provided you have the permissions to do so.
Broader roles encompass the more narrowly defined roles. For example, the Cloud STT Editor role includes all Cloud STT Editor role permissions and the Cloud STT Viewer role permissions. Likewise, the Cloud STT Admin role includes all Cloud STT Admin role permissions and the Cloud STT Editor role permissions.
| Name | Cloud STT permissions ( speech.) |
Description |
|---|---|---|
| Project > Owner | All speech permissions |
Full access and control for all Google Cloud resources including user access and billing for a project |
| Project > Editor | All speech permissions except:config.update |
Read/write access to all Google Cloud and Cloud STT
resources except config.update and the ability to modify
permissions and billing |
| Project > Viewer |
*.get*.listrecognizers.recognize |
Read-only access to all Google Cloud resources, including Cloud Speech-to-Text resources, and permission to make recognition requests |
| Cloud Speech Administrator | All speech permissions |
Full control for all Cloud Speech-to-Text resources |
| Cloud Speech Editor |
customClasses.*locations.*operations.*phraseSets.*recognizers.* |
Read/write access to all Cloud STT resources except config |
| Cloud Speech Client |
customClasses.getcustomClasses.listlocations.getlocations.listoperations.getoperations.listphraseSets.getphraseSets.listrecognizers.getrecognizers.listrecognizers.recognize |
Read access to all Cloud STT resources |
Manage Cloud STT IAM
You can get and set IAM policies and roles by using the Google Cloud console. For more information, see Manage access to projects, folders, and organizations .
What's next
- Learn how to grant and revoke access.
- Learn more about IAM.
- Learn more about basic roles.
- Learn more about custom roles.