这些角色可授予对特定 Firebase 产品的完整读写或只读权限。
您可以使用 Google Cloud 控制台将这些角色分配给项目成员。
Firebase App Check 角色
| 角色 |
说明 |
权限 |
Firebase App Check Admin
roles/firebaseappcheck.admin
|
对 App Check 资源的
完整读写权限 |
App Check Admin 权限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.appAttestConfig.update
firebaseappcheck.debugTokens.get
firebaseappcheck.debugTokens.update
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.deviceCheckConfig.update
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.playIntegrityConfig.update
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.update
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.recaptchaV3Config.update
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.safetyNetConfig.update
firebaseappcheck.services.get
firebaseappcheck.services.update
|
Firebase App Check Viewer
roles/firebaseappcheck.viewer
|
对 App Check 资源的
只读权限 |
App Check Viewer 权限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.debugTokens.get
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.services.get
|
Firebase App Distribution 角色
| 角色 |
说明 |
权限 |
Firebase App Distribution Admin
roles/firebaseappdistro.admin
|
对 App Distribution 资源的
完整读写权限
|
App Distribution Admin 权限
firebaseappdistro.releases.list
firebaseappdistro.releases.update
firebaseappdistro.testers.list
firebaseappdistro.testers.update
firebaseappdistro.groups.list
firebaseappdistro.groups.update
|
Firebase App Distribution Viewer
roles/firebaseappdistro.viewer
|
对 App Distribution 资源的
只读权限
|
App Distribution Viewer 权限
firebaseappdistro.releases.list
firebaseappdistro.testers.list
firebaseappdistro.groups.list
|
Firebase Authentication 角色
| 角色 |
说明 |
权限 |
Firebase Authentication Admin
roles/firebaseauth.admin
|
对 Authentication 资源的
完整读写权限
|
Authentication Admin 权限
firebaseauth.configs.create
firebaseauth.configs.get
firebaseauth.configs.getHashConfig
firebaseauth.configs.update
firebaseauth.users.create
firebaseauth.users.createSession
firebaseauth.users.delete
firebaseauth.users.get
firebaseauth.users.sendEmail
firebaseauth.users.update
|
Firebase Authentication Viewer
roles/firebaseauth.viewer
|
对 Authentication 资源的
只读权限
|
Authentication Viewer 权限
firebaseauth.configs.get
firebaseauth.users.get
|
Firebase A/B Testing 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase A/B Testing Admin
roles/firebaseabt.admin
(Beta 版)
|
对 A/B Testing 资源的
完整读写权限
|
A/B Testing Admin 权限
firebaseabt.experimentresults.get
firebaseabt.experiments.create
firebaseabt.experiments.delete
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.experiments.update
firebaseabt.projectmetadata.get
|
Firebase A/B Testing Viewer
roles/firebaseabt.viewer
(Beta 版)
|
对 A/B Testing 资源
的只读权限
|
A/B Testing Viewer 权限
firebaseabt.experimentresults.get
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.projectmetadata.get
|
Cloud Firestore 角色
在 Google Cloud 文档中查找适用的 Cloud Firestore 角色。
如需允许项目成员在 Firebase 控制台中修改和发布安全规则,或通过 Firebase CLI 部署安全规则,可以为其创建并分配一个自定义角色,其中包含 firebaserules.* 权限。
Cloud Storage 角色
在 Google Cloud 文档中查找适用的 Cloud Storage 角色。
如需允许项目成员在 Firebase 控制台中修改和发布安全规则,或通过 Firebase CLI 部署安全规则,可以为其创建并分配一个自定义角色,其中包含 firebaserules.* 权限。
Cloud Functions for Firebase 角色
在 Google Cloud 文档中查找适用的 Cloud Functions for Firebase 角色。
Firebase Cloud Messaging 角色
| 角色 |
说明 |
权限 |
Firebase Cloud Messaging Admin
roles/firebasenotifications.admin
|
对 Cloud Messaging 资源的
完整读写权限
|
Cloud Messaging Admin 权限
firebasenotifications.messages.create
firebasenotifications.messages.delete
firebasenotifications.messages.get
firebasenotifications.messages.list
firebasenotifications.messages.update
|
Firebase Cloud Messaging Viewer
roles/firebasenotifications.viewer
|
对 Cloud Messaging 资源的
只读权限
|
Cloud Messaging Viewer 权限
firebasenotifications.messages.get
firebasenotifications.messages.list
|
Firebase Crashlytics 角色
| 角色 |
说明 |
权限 |
Firebase Crashlytics Admin
roles/firebasecrashlytics.admin
|
对 Crashlytics 资源的
完整读写权限
|
Crashlytics Admin 权限
firebasecrashlytics.config.get
firebasecrashlytics.config.update
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.issues.update
firebasecrashlytics.sessions.get
|
Firebase Crashlytics Viewer
roles/firebasecrashlytics.viewer
|
对 Crashlytics 资源的
只读权限
|
Crashlytics Viewer 权限
firebasecrashlytics.config.get
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.sessions.get
|
Firebase Dynamic Links 角色
| 角色 |
说明 |
权限 |
Firebase Dynamic Links Admin
roles/firebasedynamiclinks.admin
|
对 Dynamic Links 资源的
完整读写权限
|
Dynamic Links Admin 权限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.destinations.update
firebasedynamiclinks.domains.create
firebasedynamiclinks.domains.delete
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.domains.update
firebasedynamiclinks.links.create
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.links.update
firebasedynamiclinks.stats.get
|
Firebase Dynamic Links Viewer
roles/firebasedynamiclinks.viewer
|
对 Dynamic Links 资源的
只读权限
|
Dynamic Links Viewer 权限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.stats.get
|
Firebase Hosting 角色
| 角色 |
说明 |
权限 |
Firebase Hosting Admin
roles/firebasehosting.admin
|
对 Hosting 资源的
完整读写权限
|
Hosting Admin 权限
firebasehosting.sites.create
firebasehosting.sites.delete
firebasehosting.sites.get
firebasehosting.sites.list
firebasehosting.sites.update
|
Firebase Hosting Viewer
roles/firebasehosting.viewer
|
对 Hosting 资源的
只读权限
|
Hosting Viewer 权限
firebasehosting.sites.get
firebasehosting.sites.list
|
Firebase In-App Messaging 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase In-App Messaging Admin
roles/firebaseinappmessaging.admin
(Beta 版)
|
对 In-App Messaging 资源的
完整读写权限
|
In-App Messaging Admin 权限
firebaseinappmessaging.campaigns.create
firebaseinappmessaging.campaigns.delete
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
firebaseinappmessaging.campaigns.update
|
Firebase In-App Messaging Viewer
roles/firebaseinappmessaging.viewer
(Beta 版)
|
对 In-App Messaging 资源的
只读权限
|
In-App Messaging Viewer 权限
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
|
Firebase ML 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase ML Admin
roles/firebaseml.admin
(Beta 版)
|
对 Firebase ML 资源的
完整读写权限
|
Firebase ML Admin 权限
firebaseml.models.create
firebaseml.models.get
firebaseml.models.list
firebaseml.models.update
firebaseml.models.delete
firebaseml.modelversions.create
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.modelversions.update
firebaseml.modelversions.delete
firebaseml.compressionjobs.create
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
firebaseml.compressionjobs.update
firebaseml.compressionjobs.delete
firebaseml.compressionjobs.start
|
Firebase ML Viewer
roles/firebaseml.viewer
(Beta 版)
|
对 Firebase ML 资源的
只读权限
|
Firebase ML Viewer 权限
firebaseml.models.get
firebaseml.models.list
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
|
| 角色 |
说明 |
权限 |
Firebase Performance Monitoring Admin
roles/firebaseperformance.admin
|
对 Performance Monitoring 资源的
完整读写权限
配置和接收 Performance Monitoring 提醒
|
Performance Monitoring Admin 权限
firebaseperformance.config.create
firebaseperformance.config.delete
firebaseperformance.config.update
firebaseperformance.data.get
|
Firebase Performance Monitoring Viewer
roles/firebaseperformance.viewer
|
对 Performance Monitoring 资源的
只读权限
|
Performance Monitoring Viewer
权限
firebaseperformance.data.get
|
Firebase Realtime Database 角色
| 角色 |
说明 |
权限 |
Firebase Realtime Database Admin
roles/firebasedatabase.admin
|
对 Realtime Database 资源的
完整读写权限
|
Realtime Database Admin 权限
firebasedatabase.instances.create
firebasedatabase.instances.get
firebasedatabase.instances.list
firebasedatabase.instances.update
|
Firebase Realtime Database Viewer
roles/firebasedatabase.viewer
|
对 Realtime Database 资源的
只读权限
|
Realtime Database Viewer 权限
firebasedatabase.instances.get
firebasedatabase.instances.list
|
Firebase Remote Config 角色
| 角色 |
说明 |
权限 |
Firebase Remote Config Admin
roles/cloudconfig.admin
|
对 Remote Config 资源的
完整读写权限
|
Remote Config Admin 权限
cloudconfig.configs.get
cloudconfig.configs.update
|
Firebase Remote Config Viewer
roles/cloudconfig.viewer
|
对 Remote Config 资源的
只读权限
|
Remote Config Viewer 权限
cloudconfig.configs.get
|
Firebase Test Lab 角色
Firebase Test Lab 需要访问 Cloud Storage 存储桶,因此需要一组特定的权限,而标准 Firebase 预定义角色并未完全拥有这些权限。如需授予 Test Lab 访问权限,请使用 Firebase Test Lab 权限部分介绍的解决方案。
