這些角色可授予特定 Firebase 產品的完整讀取/寫入或唯讀存取權。
使用 Google Cloud 控制台為專案成員指派這些角色。
Firebase App Check 個角色
| 角色 |
說明 |
權限 |
Firebase App Check 管理員
roles/firebaseappcheck.admin
|
具備
App Check資源的完整讀取/寫入權限 |
App Check 管理員權限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.appAttestConfig.update
firebaseappcheck.appCheckTokens.verify
firebaseappcheck.debugTokens.get
firebaseappcheck.debugTokens.update
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.deviceCheckConfig.update
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.playIntegrityConfig.update
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.update
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.recaptchaV3Config.update
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.safetyNetConfig.update
firebaseappcheck.services.get
firebaseappcheck.services.update
|
Firebase App Check 檢視者
roles/firebaseappcheck.viewer
|
具備
App Check 資源的唯讀存取權 |
App Check Viewer 權限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.debugTokens.get
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.safetyNetConfig.get
|
Firebase App Check 權杖驗證器
roles/firebaseappcheck.tokenVerifier
|
可存取 App Check 的權杖驗證功能 |
App Check 權杖驗證工具 權限
firebaseappcheck.appCheckTokens.verify
|
Firebase App Distribution 個角色
| 角色 |
說明 |
權限 |
Firebase App Distribution 管理員
roles/firebaseappdistro.admin
|
具備
App Distribution 資源的完整讀取/寫入權限 |
App Distribution 管理員權限
firebaseappdistro.releases.list
firebaseappdistro.releases.update
firebaseappdistro.testers.list
firebaseappdistro.testers.update
firebaseappdistro.groups.list
firebaseappdistro.groups.update
|
Firebase App Distribution 檢視者
roles/firebaseappdistro.viewer
|
具備
App Distribution資源的唯讀存取權 |
App Distribution 檢視者權限
firebaseappdistro.releases.list
firebaseappdistro.testers.list
firebaseappdistro.groups.list
|
Firebase App Hosting 個角色
| 角色 |
說明 |
權限 |
Firebase App Hosting Compute 執行器
roles/firebaseapphosting.computeRunner
|
建構及執行 App Hosting 後端所需的最低權限。通常會授予服務帳戶。 |
App Hosting Compute Runner 權限
|
Firebase App Hosting 管理員
roles/firebaseapphosting.admin
|
具備
App Hosting 資源的完整讀取/寫入權限 |
App Hosting 管理員權限
firebaseapphosting.backends.create
firebaseapphosting.backends.delete
firebaseapphosting.backends.get
firebaseapphosting.backends.list
firebaseapphosting.backends.update
firebaseapphosting.builds.create
firebaseapphosting.builds.delete
firebaseapphosting.builds.get
firebaseapphosting.builds.list
firebaseapphosting.builds.update
firebaseapphosting.domains.create
firebaseapphosting.domains.delete
firebaseapphosting.domains.get
firebaseapphosting.domains.list
firebaseapphosting.domains.update
firebaseapphosting.locations.get
firebaseapphosting.locations.list
firebaseapphosting.operations.cancel
firebaseapphosting.operations.delete
firebaseapphosting.operations.get
firebaseapphosting.operations.list
firebaseapphosting.rollouts.create
firebaseapphosting.rollouts.delete
firebaseapphosting.rollouts.get
firebaseapphosting.rollouts.list
firebaseapphosting.rollouts.update
firebaseapphosting.traffic.get
firebaseapphosting.traffic.list
firebaseapphosting.traffic.update
|
Firebase App Hosting Viewer
roles/firebaseapphosting.viewer
|
具備
App Hosting 資源的唯讀存取權 |
|
Firebase App Hosting開發人員
roles/firebaseapphosting.developer
|
具備
App Hosting 後端、建構作業和發布資源的完整讀取/寫入權限。 |
App Hosting 開發人員權限
firebaseapphosting.backends.update
firebaseapphosting.builds.create
firebaseapphosting.builds.delete
firebaseapphosting.builds.update
firebaseapphosting.operations.delete
firebaseapphosting.operations.cancel
firebaseapphosting.rollouts.create
firebaseapphosting.rollouts.delete
firebaseapphosting.rollouts.update
firebaseapphosting.traffic.update
|
Firebase Authentication 個角色
| 角色 |
說明 |
權限 |
Firebase Authentication 管理員
roles/firebaseauth.admin
|
具備
Authentication資源的完整讀取/寫入權限 |
Authentication 管理員權限
firebaseauth.configs.create
firebaseauth.configs.get
firebaseauth.configs.getHashConfig
firebaseauth.configs.getSecret
firebaseauth.configs.update
firebaseauth.users.create
firebaseauth.users.createSession
firebaseauth.users.delete
firebaseauth.users.get
firebaseauth.users.sendEmail
firebaseauth.users.update
|
Firebase Authentication 檢視者
roles/firebaseauth.viewer
|
具備
Authentication 資源的唯讀存取權 |
Authentication Viewer 權限
firebaseauth.configs.get
firebaseauth.users.get
|
Firebase A/B Testing 角色(Beta 版)
| 角色 |
說明 |
權限 |
Firebase A/B Testing 管理員
roles/firebaseabt.admin
(Beta 版)
|
具備
A/B Testing資源的完整讀取/寫入權限 |
A/B Testing 管理員權限
firebaseabt.experimentresults.get
firebaseabt.experiments.create
firebaseabt.experiments.delete
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.experiments.update
firebaseabt.projectmetadata.get
|
Firebase A/B Testing 檢視者
roles/firebaseabt.viewer
(Beta 版)
|
具備
A/B Testing 資源的唯讀存取權 |
A/B Testing Viewer 權限
firebaseabt.experimentresults.get
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.projectmetadata.get
|
Cloud Firestore 個角色
請參閱 Google Cloud 說明文件,瞭解可用的 Cloud Firestore 角色。
如要允許專案成員在 Firebase 主控台中編輯及發布安全性規則,或透過 Firebase CLI 部署安全性規則,您可以建立並指派自訂角色,其中包含firebaserules.* 權限。
Cloud Storage 個角色
您可以在 Google Cloud 說明文件中找到可用的 Cloud Storage 角色。
如要允許專案成員在 Firebase 主控台中編輯及發布安全性規則,或透過 Firebase CLI 部署安全性規則,您可以建立並指派自訂角色,其中包含firebaserules.* 權限。
Cloud Functions for Firebase 個角色
您可以在 Google Cloud 說明文件中找到可用的 Cloud Functions for Firebase 角色。
Firebase 通訊廣告活動角色
這些角色適用於 Firebase Cloud Messaging 和 Firebase In-App Messaging 的廣告活動。
| 角色 |
說明 |
權限 |
Firebase 通訊廣告活動管理員
roles/firebasemessagingcampaigns.admin
|
具備 Cloud Messaging 和 In-App Messaging
campaigns 資源的完整讀取/寫入權限 |
Firebase 通訊廣告活動管理員權限
firebasemessagingcampaigns.campaigns.create
firebasemessagingcampaigns.campaigns.delete
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list
firebasemessagingcampaigns.campaigns.update
firebasemessagingcampaigns.campaigns.start
firebasemessagingcampaigns.campaigns.stop
|
Firebase 訊息廣告活動檢視者
roles/firebasemessagingcampaigns.viewer
|
具備 Cloud Messaging 和 In-App Messaging
campaigns 資源的唯讀存取權
|
Firebase 通訊廣告活動檢視者權限
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list
|
Firebase Cloud Messaging 個角色
| 角色 |
說明 |
權限 |
Firebase Cloud Messaging 管理員
roles/firebasenotifications.admin
|
具備
Cloud Messaging 資源的完整讀取/寫入權限 |
Cloud Messaging 管理員權限
firebasenotifications.messages.create
firebasenotifications.messages.delete
firebasenotifications.messages.get
firebasenotifications.messages.list
firebasenotifications.messages.update
|
Firebase Cloud Messaging 檢視者
roles/firebasenotifications.viewer
|
具備
Cloud Messaging 資源的唯讀存取權 |
Cloud Messaging Viewer 權限
firebasenotifications.messages.get
firebasenotifications.messages.list
|
Firebase Crashlytics 個角色
| 角色 |
說明 |
權限 |
Firebase Crashlytics 管理員
roles/firebasecrashlytics.admin
|
具備
Crashlytics 資源的完整讀取/寫入權限 |
Crashlytics 管理員權限
firebasecrashlytics.config.get
firebasecrashlytics.config.update
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.issues.update
firebasecrashlytics.sessions.get
|
Firebase Crashlytics 檢視者
roles/firebasecrashlytics.viewer
|
具備
Crashlytics 資源的唯讀存取權 |
Crashlytics 檢視者權限
firebasecrashlytics.config.get
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.sessions.get
|
Firebase Dynamic Links 個角色
| 角色 |
說明 |
權限 |
Firebase Dynamic Links 管理員
roles/firebasedynamiclinks.admin
|
具備
Dynamic Links 資源的完整讀取/寫入權限 |
Dynamic Links 管理員權限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.destinations.update
firebasedynamiclinks.domains.create
firebasedynamiclinks.domains.delete
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.domains.update
firebasedynamiclinks.links.create
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.links.update
firebasedynamiclinks.stats.get
|
Firebase Dynamic Links 檢視者
roles/firebasedynamiclinks.viewer
|
具備
Dynamic Links資源的唯讀存取權 |
Dynamic Links Viewer 權限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.stats.get
|
Firebase Extensions 發布商角色
| 角色 |
說明 |
權限 |
Firebase Extensions 發布商 - 擴充功能管理員
roles/firebaseextensionspublisher.extensionsAdmin
(Beta 版)
|
上傳、發布及查看以下項目的詳細資料和指標:
Firebase Extensions
|
Firebase Extensions 發布者 - 擴充功能管理員
權限
firebaseextensionspublisher.extensions.create
firebaseextensionspublisher.extensions.delete
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list
|
Firebase Extensions發布商 - 擴充功能檢視器
roles/firebaseextensionspublisher.extensionsViewer
(Beta 版)
|
查看由這位發布商上傳的
Firebase Extensions 詳細資料和指標
|
Firebase Extensions 發布者 - 擴充功能檢視者
權限
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list
|
Firebase Hosting 個角色
| 角色 |
說明 |
權限 |
Firebase Hosting 管理員
roles/firebasehosting.admin
|
具備
Hosting 資源的完整讀取/寫入權限 |
Hosting 管理員權限
firebasehosting.sites.create
firebasehosting.sites.delete
firebasehosting.sites.get
firebasehosting.sites.list
firebasehosting.sites.update
|
Firebase Hosting 檢視者
roles/firebasehosting.viewer
|
具備
Hosting 資源的唯讀存取權 |
Hosting Viewer 權限
firebasehosting.sites.get
firebasehosting.sites.list
|
Firebase In-App Messaging 角色(Beta 版)
| 角色 |
說明 |
權限 |
Firebase In-App Messaging 管理員
roles/firebaseinappmessaging.admin
(Beta 版)
|
具備
In-App Messaging 資源的完整讀取/寫入權限 |
In-App Messaging 管理員權限
firebaseinappmessaging.campaigns.create
firebaseinappmessaging.campaigns.delete
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
firebaseinappmessaging.campaigns.update
|
Firebase In-App Messaging Viewer
roles/firebaseinappmessaging.viewer
(Beta 版)
|
具備
In-App Messaging 資源的唯讀存取權 |
In-App Messaging Viewer 權限
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
|
Firebase ML 角色(Beta 版)
| 角色 |
說明 |
權限 |
Firebase ML 管理員
roles/firebaseml.admin
(Beta 版)
|
具備
Firebase ML 資源的完整讀取/寫入權限 |
Firebase ML 管理員
權限
firebaseml.models.create
firebaseml.models.get
firebaseml.models.list
firebaseml.models.update
firebaseml.models.delete
firebaseml.modelversions.create
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.modelversions.update
firebaseml.modelversions.delete
firebaseml.compressionjobs.create
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
firebaseml.compressionjobs.update
firebaseml.compressionjobs.delete
firebaseml.compressionjobs.start
|
Firebase ML Viewer
roles/firebaseml.viewer
(Beta 版)
|
具備
Firebase ML 資源的唯讀存取權 |
Firebase ML Viewer 權限
firebaseml.models.get
firebaseml.models.list
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
|
| 角色 |
說明 |
權限 |
Firebase Performance Monitoring 管理員
roles/firebaseperformance.admin
|
具備
Performance Monitoring 資源的完整讀取/寫入權限
設定並接收 Performance Monitoring 快訊
|
Performance Monitoring 管理員權限
firebaseperformance.config.create
firebaseperformance.config.delete
firebaseperformance.config.update
firebaseperformance.data.get
|
Firebase Performance Monitoring 檢視者
roles/firebaseperformance.viewer
|
具備
Performance Monitoring 資源的唯讀存取權 |
Performance Monitoring Viewer 權限
firebaseperformance.data.get
|
Firebase Realtime Database 個角色
| 角色 |
說明 |
權限 |
Firebase Realtime Database 管理員
roles/firebasedatabase.admin
|
具備
Realtime Database 資源的完整讀取/寫入權限 |
Realtime Database 管理員權限
firebasedatabase.instances.create
firebasedatabase.instances.get
firebasedatabase.instances.list
firebasedatabase.instances.update
|
Firebase Realtime Database 檢視者
roles/firebasedatabase.viewer
|
具備
Realtime Database 資源的唯讀存取權 |
Realtime Database Viewer 權限
firebasedatabase.instances.get
firebasedatabase.instances.list
|
Firebase Remote Config 個角色
| 角色 |
說明 |
權限 |
Firebase Remote Config 管理員
roles/cloudconfig.admin
|
具備
Remote Config 資源的完整讀取/寫入權限 |
Remote Config 管理員
權限
cloudconfig.configs.get
cloudconfig.configs.update
|
Firebase Remote Config 檢視者
roles/cloudconfig.viewer
|
具備
Remote Config 資源的唯讀存取權 |
Remote Config Viewer 權限
cloudconfig.configs.get
|
Firebase Test Lab 個角色
Firebase Test Lab 需要存取 Cloud Storage 儲存桶,因此需要一組非常特定的權限,而這些權限並非全部包含在標準 Firebase 預先定義角色中。如要授予 Test Lab 的存取權,請使用 Firebase Test Lab 權限一節中所述的其中一種解決方案。
