这些角色可授予对特定 Firebase 产品的完整读写或只读权限。
使用 Google Cloud 控制台将这些角色分配给项目成员。
Firebase App Check 个角色
| 角色 |
说明 |
权限 |
Firebase App Check Admin
roles/firebaseappcheck.admin
|
对 App Check 资源的
完整读写权限 |
App Check Admin
权限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.appAttestConfig.update
firebaseappcheck.appCheckTokens.verify
firebaseappcheck.debugTokens.get
firebaseappcheck.debugTokens.update
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.deviceCheckConfig.update
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.playIntegrityConfig.update
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.update
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.recaptchaV3Config.update
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.safetyNetConfig.update
firebaseappcheck.services.get
firebaseappcheck.services.update
|
Firebase App Check Viewer
roles/firebaseappcheck.viewer
|
对 App Check 资源的
只读权限 |
App Check Viewer
权限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.debugTokens.get
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.services.get
|
Firebase App Check Token Verifier
roles/firebaseappcheck.tokenVerifier
|
可以使用 App Check 的令牌验证功能 |
App Check Token Verifier
权限
firebaseappcheck.appCheckTokens.verify
|
Firebase App Distribution 个角色
| 角色 |
说明 |
权限 |
Firebase App Distribution Admin
roles/firebaseappdistro.admin
|
对 App Distribution 资源的
完整读写权限 |
App Distribution Admin
权限
firebaseappdistro.releases.list
firebaseappdistro.releases.update
firebaseappdistro.testers.list
firebaseappdistro.testers.update
firebaseappdistro.groups.list
firebaseappdistro.groups.update
|
Firebase App Distribution Viewer
roles/firebaseappdistro.viewer
|
对 App Distribution 资源的
只读权限 |
App Distribution Viewer
权限
firebaseappdistro.releases.list
firebaseappdistro.testers.list
firebaseappdistro.groups.list
|
Firebase App Hosting 个角色
| 角色 |
说明 |
权限 |
Firebase App Hosting Compute Runner
roles/firebaseapphosting.computeRunner
|
构建和运行 App Hosting 后端所需的最低访问权限。通常授予服务账号。 |
App Hosting Compute Runner
权限
|
Firebase App Hosting Admin
roles/firebaseapphosting.admin
|
对 App Hosting 资源的
完整读写权限 |
App Hosting Admin
权限
firebaseapphosting.backends.create
firebaseapphosting.backends.delete
firebaseapphosting.backends.get
firebaseapphosting.backends.list
firebaseapphosting.backends.update
firebaseapphosting.builds.create
firebaseapphosting.builds.delete
firebaseapphosting.builds.get
firebaseapphosting.builds.list
firebaseapphosting.builds.update
firebaseapphosting.domains.create
firebaseapphosting.domains.delete
firebaseapphosting.domains.get
firebaseapphosting.domains.list
firebaseapphosting.domains.update
firebaseapphosting.locations.get
firebaseapphosting.locations.list
firebaseapphosting.operations.cancel
firebaseapphosting.operations.delete
firebaseapphosting.operations.get
firebaseapphosting.operations.list
firebaseapphosting.rollouts.create
firebaseapphosting.rollouts.delete
firebaseapphosting.rollouts.get
firebaseapphosting.rollouts.list
firebaseapphosting.rollouts.update
firebaseapphosting.traffic.get
firebaseapphosting.traffic.list
firebaseapphosting.traffic.update
|
Firebase App Hosting Viewer
roles/firebaseapphosting.viewer
|
对 App Hosting 资源的
只读权限 |
App Hosting Viewer
权限
firebaseapphosting.backends.get
firebaseapphosting.backends.list
firebaseapphosting.builds.get
firebaseapphosting.builds.list
firebaseapphosting.domains.get
firebaseapphosting.domains.list
firebaseapphosting.locations.get
firebaseapphosting.locations.list
firebaseapphosting.operations.list
firebaseapphosting.operations.get
firebaseapphosting.rollouts.get
firebaseapphosting.rollouts.list
firebaseapphosting.traffic.get
firebaseapphosting.traffic.list
|
Firebase App Hosting Developer
roles/firebaseapphosting.developer
|
拥有对 App Hosting 后端、build 和发布资源的
完整读写权限。 |
App Hosting Developer
权限
firebaseapphosting.backends.update
firebaseapphosting.builds.create
firebaseapphosting.builds.delete
firebaseapphosting.builds.update
firebaseapphosting.operations.delete
firebaseapphosting.operations.cancel
firebaseapphosting.rollouts.create
firebaseapphosting.rollouts.delete
firebaseapphosting.rollouts.update
firebaseapphosting.traffic.update
|
Firebase Authentication 个角色
| 角色 |
说明 |
权限 |
Firebase Authentication Admin
roles/firebaseauth.admin
|
对 Authentication 资源的
完整读写权限 |
Authentication Admin
权限
firebaseauth.configs.create
firebaseauth.configs.get
firebaseauth.configs.getHashConfig
firebaseauth.configs.getSecret
firebaseauth.configs.update
firebaseauth.users.create
firebaseauth.users.createSession
firebaseauth.users.delete
firebaseauth.users.get
firebaseauth.users.sendEmail
firebaseauth.users.update
|
Firebase Authentication Viewer
roles/firebaseauth.viewer
|
对 Authentication 资源的
只读权限 |
Authentication Viewer
权限
firebaseauth.configs.get
firebaseauth.users.get
|
Firebase A/B Testing 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase A/B Testing Admin
roles/firebaseabt.admin
(Beta 版)
|
对 A/B Testing 资源的
完整读写权限 |
A/B Testing Admin
权限
firebaseabt.experimentresults.get
firebaseabt.experiments.create
firebaseabt.experiments.delete
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.experiments.update
firebaseabt.projectmetadata.get
|
Firebase A/B Testing Viewer
roles/firebaseabt.viewer
(Beta 版)
|
对 A/B Testing 资源的
只读权限 |
A/B Testing Viewer
权限
firebaseabt.experimentresults.get
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.projectmetadata.get
|
Cloud Firestore 个角色
在 Google Cloud 文档中查找可用的 Cloud Firestore 角色。
如需允许项目成员在 Firebase 控制台中修改和发布安全规则,或通过 Firebase CLI 部署安全规则,可以为其创建并分配一个自定义角色,其中包含 firebaserules.* 权限。
Cloud Storage 个角色
在 Google Cloud 文档中查找可用的 Cloud Storage 角色。
如需允许项目成员在 Firebase 控制台中修改和发布安全规则,或通过 Firebase CLI 部署安全规则,可以为其创建并分配一个自定义角色,其中包含 firebaserules.* 权限。
Cloud Functions for Firebase 个角色
在 Google Cloud 文档中查找可用的 Cloud Functions for Firebase 角色。
Firebase Messaging 宣传活动角色
这些角色适用于 Firebase Cloud Messaging 和 Firebase In-App Messaging 的宣传活动。
| 角色 |
说明 |
权限 |
Firebase Messaging Campaigns Admin
roles/firebasemessagingcampaigns.admin
|
对 Cloud Messaging 和 In-App Messaging 的
宣传活动资源的完整读写权限 |
Firebase Messaging Campaigns Admin 权限
firebasemessagingcampaigns.campaigns.create
firebasemessagingcampaigns.campaigns.delete
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list
firebasemessagingcampaigns.campaigns.update
firebasemessagingcampaigns.campaigns.start
firebasemessagingcampaigns.campaigns.stop
|
Firebase Messaging Campaigns Viewer
roles/firebasemessagingcampaigns.viewer
|
对 Cloud Messaging 和 In-App Messaging 的宣传活动资源的
只读权限 |
Firebase Messaging Campaigns Viewer 权限
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list
|
Firebase Cloud Messaging 个角色
| 角色 |
说明 |
权限 |
Firebase Cloud Messaging Admin
roles/firebasenotifications.admin
|
对 Cloud Messaging 资源的
完整读写权限 |
Cloud Messaging Admin
权限
firebasenotifications.messages.create
firebasenotifications.messages.delete
firebasenotifications.messages.get
firebasenotifications.messages.list
firebasenotifications.messages.update
|
Firebase Cloud Messaging Viewer
roles/firebasenotifications.viewer
|
对 Cloud Messaging 资源的
只读权限 |
Cloud Messaging Viewer
权限
firebasenotifications.messages.get
firebasenotifications.messages.list
|
Firebase Crashlytics 个角色
| 角色 |
说明 |
权限 |
Firebase Crashlytics Admin
roles/firebasecrashlytics.admin
|
对 Crashlytics 资源的
完整读写权限 |
Crashlytics Admin
权限
firebasecrashlytics.config.get
firebasecrashlytics.config.update
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.issues.update
firebasecrashlytics.sessions.get
|
Firebase Crashlytics Viewer
roles/firebasecrashlytics.viewer
|
对 Crashlytics 资源的
只读权限 |
Crashlytics Viewer
权限
firebasecrashlytics.config.get
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.sessions.get
|
Firebase Dynamic Links 个角色
| 角色 |
说明 |
权限 |
Firebase Dynamic Links Admin
roles/firebasedynamiclinks.admin
|
对 Dynamic Links 资源的
完整读写权限 |
Dynamic Links Admin
权限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.destinations.update
firebasedynamiclinks.domains.create
firebasedynamiclinks.domains.delete
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.domains.update
firebasedynamiclinks.links.create
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.links.update
firebasedynamiclinks.stats.get
|
Firebase Dynamic Links Viewer
roles/firebasedynamiclinks.viewer
|
对 Dynamic Links 资源的
只读权限 |
Dynamic Links Viewer
权限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.stats.get
|
Firebase Extensions Publisher 角色
| 角色 |
说明 |
权限 |
Firebase Extensions Publisher - Extensions Admin
roles/firebaseextensionspublisher.extensionsAdmin
(Beta 版) |
上传、发布和查看
Firebase Extensions 的详细信息和指标 |
Firebase Extensions Publisher - Extensions Admin
权限
firebaseextensionspublisher.extensions.create
firebaseextensionspublisher.extensions.delete
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list
|
Firebase Extensions Publisher - Extensions Viewer
roles/firebaseextensionspublisher.extensionsViewer
(Beta 版)
|
查看此发布者上传的
Firebase Extensions 的详细信息和指标 |
Firebase Extensions Publisher - Extensions Viewer
权限
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list
|
Firebase Hosting 个角色
| 角色 |
说明 |
权限 |
Firebase Hosting Admin
roles/firebasehosting.admin
|
对 Hosting 资源的
完整读写权限 |
Hosting Admin
权限
firebasehosting.sites.create
firebasehosting.sites.delete
firebasehosting.sites.get
firebasehosting.sites.list
firebasehosting.sites.update
|
Firebase Hosting Viewer
roles/firebasehosting.viewer
|
对 Hosting 资源的
只读权限 |
Hosting Viewer
权限
firebasehosting.sites.get
firebasehosting.sites.list
|
Firebase In-App Messaging 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase In-App Messaging Admin
roles/firebaseinappmessaging.admin
(Beta 版)
|
对 In-App Messaging 资源的
完整读写权限 |
In-App Messaging Admin
权限
firebaseinappmessaging.campaigns.create
firebaseinappmessaging.campaigns.delete
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
firebaseinappmessaging.campaigns.update
|
Firebase In-App Messaging Viewer
roles/firebaseinappmessaging.viewer
(Beta 版)
|
对 In-App Messaging 资源的
只读权限 |
In-App Messaging Viewer
权限
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
|
Firebase ML 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase ML Admin
roles/firebaseml.admin
(Beta 版)
|
对 Firebase ML 资源的
完整读写权限 |
Firebase ML Admin
权限
firebaseml.models.create
firebaseml.models.get
firebaseml.models.list
firebaseml.models.update
firebaseml.models.delete
firebaseml.modelversions.create
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.modelversions.update
firebaseml.modelversions.delete
firebaseml.compressionjobs.create
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
firebaseml.compressionjobs.update
firebaseml.compressionjobs.delete
firebaseml.compressionjobs.start
|
Firebase ML Viewer
roles/firebaseml.viewer
(Beta 版)
|
对 Firebase ML 资源的
只读权限 |
Firebase ML Viewer
权限
firebaseml.models.get
firebaseml.models.list
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
|
Firebase AI Logic 个角色
| 角色 |
说明 |
权限 |
Firebase AI Logic Admin
roles/firebasevertexai.admin
|
对 Firebase AI Logic 资源的
完整读写权限 |
Firebase AI Logic Admin
权限
firebasevertexai.configs.update
firebasevertexai.configs.get
|
Firebase AI Logic Viewer
roles/firebasevertexai.viewer
|
对 Firebase AI Logic 资源的
只读权限 |
Firebase AI Logic Viewer
权限
firebasevertexai.configs.get
|
| 角色 |
说明 |
权限 |
Firebase Performance Monitoring Admin
roles/firebaseperformance.admin
|
对 Performance Monitoring 资源的
完整读写权限
配置和接收 Performance Monitoring 提醒 |
Performance Monitoring Admin
权限
firebaseperformance.config.create
firebaseperformance.config.delete
firebaseperformance.config.update
firebaseperformance.data.get
|
Firebase Performance Monitoring Viewer
roles/firebaseperformance.viewer
|
对 Performance Monitoring 资源的
只读权限 |
Performance Monitoring Viewer
权限
firebaseperformance.data.get
|
Firebase Realtime Database 个角色
| 角色 |
说明 |
权限 |
Firebase Realtime Database Admin
roles/firebasedatabase.admin
|
对 Realtime Database 资源的
完整读写权限 |
Realtime Database Admin
权限
firebasedatabase.instances.create
firebasedatabase.instances.get
firebasedatabase.instances.list
firebasedatabase.instances.update
|
Firebase Realtime Database Viewer
roles/firebasedatabase.viewer
|
对 Realtime Database 资源的
只读权限 |
Realtime Database Viewer
权限
firebasedatabase.instances.get
firebasedatabase.instances.list
|
Firebase Remote Config 个角色
| 角色 |
说明 |
权限 |
Firebase Remote Config Admin
roles/cloudconfig.admin
|
对 Remote Config 资源的
完整读写权限 |
Remote Config Admin
权限
cloudconfig.configs.get
cloudconfig.configs.update
|
Firebase Remote Config Viewer
roles/cloudconfig.viewer
|
对 Remote Config 资源的
只读权限 |
Remote Config Viewer
权限
cloudconfig.configs.get
|
Firebase Test Lab 个角色
Firebase Test Lab 需要访问 Cloud Storage 存储桶,因此需要一组特定的权限,而标准 Firebase 预定义角色并未完全拥有这些权限。如需授予对 Test Lab 的访问权限,请使用 Firebase Test Lab 权限部分介绍的任一解决方案。
