Per utilizzare Firebase Data Connect, devi assegnare ruoli IAM che consentano di gestire i connettori, accedere a Cloud SQL e generare SDK. Assicurati che il service account che esegue Data Connect disponga delle autorizzazioni necessarie.
Ruoli IAM granulari per Data Connect
I ruoli di base e predefiniti di Firebase vengono mappati ai ruoli Data Connect di livello inferiore. Consulta la tabella per la mappatura.
Per gestire le singole assegnazioni di ruoli IAM per Data Connect a un livello più granulare, utilizza la console Google Cloud.
| Ruolo IAM | Autorizzazioni |
|---|---|
firebasedataconnect.googleapis.com/adminFirebase Data Connect API Admin Questo ruolo include Firebase Data Connect API Viewer. È equivalente a firebasedataconnect.*.Questo è fornito dai ruoli Proprietario cloud, Editor cloud, Amministratore Firebase e Amministratore Firebase Develop. |
Accesso completo alle risorse dell'API Firebase Data Connect, inclusi i dati.firebasedataconnect.googleapis.com/operations.deletefirebasedataconnect.googleapis.com/operations.cancelfirebasedataconnect.googleapis.com/services.createfirebasedataconnect.googleapis.com/services.updatefirebasedataconnect.googleapis.com/services.deletefirebasedataconnect.googleapis.com/services.executeGraphqlfirebasedataconnect.googleapis.com/services.executeGraphqlReadfirebasedataconnect.googleapis.com/schemas.createfirebasedataconnect.googleapis.com/schemas.updatefirebasedataconnect.googleapis.com/schemas.deletefirebasedataconnect.googleapis.com/schemaRevisions.createfirebasedataconnect.googleapis.com/schemaRevisions.deletefirebasedataconnect.googleapis.com/connectors.createfirebasedataconnect.googleapis.com/connectors.updatefirebasedataconnect.googleapis.com/connectors.deletefirebasedataconnect.googleapis.com/connectorRevisions.createfirebasedataconnect.googleapis.com/connectorRevisions.delete
|
firebasedataconnect.googleapis.com/viewerFirebase Data Connect API Viewer Questo ruolo viene fornito dai ruoli Proprietario progetto, Editor progetto, Visualizzatore progetto, Amministratore Firebase, Visualizzatore Firebase, Amministratore sviluppo Firebase e Visualizzatore sviluppo Firebase. |
Accesso di sola lettura alle risorse dell'API Firebase Data Connect. Il ruolo non concede l'accesso ai dati.cloudresourcemanager.googleapis.com/projects.listcloudresourcemanager.googleapis.com/projects.getfirebasedataconnect.googleapis.com/operations.listfirebasedataconnect.googleapis.com/operations.getfirebasedataconnect.googleapis.com/locations.listfirebasedataconnect.googleapis.com/locations.getfirebasedataconnect.googleapis.com/services.listfirebasedataconnect.googleapis.com/services.getfirebasedataconnect.googleapis.com/schemas.listfirebasedataconnect.googleapis.com/schemas.getfirebasedataconnect.googleapis.com/schemaRevisions.listfirebasedataconnect.googleapis.com/schemaRevisions.getfirebasedataconnect.googleapis.com/connectors.listfirebasedataconnect.googleapis.com/connectors.getfirebasedataconnect.googleapis.com/connectorRevisions.listfirebasedataconnect.googleapis.com/connectorRevisions.get
|
firebasedataconnect.googleapis.com/dataAdminFirebase Data Connect API Data Admin Questo ruolo è fornito dai ruoli Proprietario progetto, Editor progetto, Amministratore Firebase e Amministratore Firebase Develop. |
Accesso completo in lettura e scrittura alle origini dati.firebasedataconnect.googleapis.com/services.executeGraphqlfirebasedataconnect.googleapis.com/services.executeGraphqlRead
|
firebasedataconnect.googleapis.com/dataViewerFirebase Data Connect API Data Viewer Questo ruolo è fornito dai ruoli Proprietario progetto Cloud, Editor progetto Cloud, Amministratore Firebase e Amministratore sviluppo Firebase. |
Accesso in sola lettura alle origini dati.firebasedataconnect.googleapis.com/services.executeGraphqlRead
|