这些角色可授予对特定 Firebase 产品的完整读写或只读权限。
您可以使用 Google Cloud 控制台将这些角色分配给项目成员。
Firebase App Check 角色
| 角色 |
说明 |
权限 |
Firebase App Check Admin
roles/firebaseappcheck.admin
|
对 App Check 资源的
完整读写权限 |
App Check Admin 权限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.appAttestConfig.update
firebaseappcheck.appCheckTokens.verify
firebaseappcheck.debugTokens.get
firebaseappcheck.debugTokens.update
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.deviceCheckConfig.update
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.playIntegrityConfig.update
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.update
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.recaptchaV3Config.update
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.safetyNetConfig.update
firebaseappcheck.services.get
firebaseappcheck.services.update
|
Firebase App Check Viewer
roles/firebaseappcheck.viewer
|
对 App Check 资源的
只读权限 |
App Check Viewer 权限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.debugTokens.get
firebaseappcheck.deviceCheckConfig.get
firebaseappcheck.playIntegrityConfig.get
firebaseappcheck.recaptchaEnterpriseConfig.get
firebaseappcheck.recaptchaV3Config.get
firebaseappcheck.safetyNetConfig.get
firebaseappcheck.services.get
|
Firebase App Check Token Verifier
roles/firebaseappcheck.tokenVerifier
|
可以使用 App Check 的令牌验证功能 |
App Check Token Verifier 权限
firebaseappcheck.appCheckTokens.verify
|
Firebase App Distribution 角色
| 角色 |
说明 |
权限 |
Firebase App Distribution Admin
roles/firebaseappdistro.admin
|
对 App Distribution 资源的
完整读写权限
|
App Distribution Admin 权限
firebaseappdistro.releases.list
firebaseappdistro.releases.update
firebaseappdistro.testers.list
firebaseappdistro.testers.update
firebaseappdistro.groups.list
firebaseappdistro.groups.update
|
Firebase App Distribution Viewer
roles/firebaseappdistro.viewer
|
对 App Distribution 资源的
只读权限
|
App Distribution Viewer 权限
firebaseappdistro.releases.list
firebaseappdistro.testers.list
firebaseappdistro.groups.list
|
Firebase Authentication 角色
| 角色 |
说明 |
权限 |
Firebase Authentication Admin
roles/firebaseauth.admin
|
对 Authentication 资源的
完整读写权限
|
Authentication Admin 权限
firebaseauth.configs.create
firebaseauth.configs.get
firebaseauth.configs.getHashConfig
firebaseauth.configs.getSecret
firebaseauth.configs.update
firebaseauth.users.create
firebaseauth.users.createSession
firebaseauth.users.delete
firebaseauth.users.get
firebaseauth.users.sendEmail
firebaseauth.users.update
|
Firebase Authentication Viewer
roles/firebaseauth.viewer
|
对 Authentication 资源的
只读权限
|
Authentication Viewer 权限
firebaseauth.configs.get
firebaseauth.users.get
|
Firebase A/B Testing 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase A/B Testing Admin
roles/firebaseabt.admin
(Beta 版)
|
对 A/B Testing 资源的
完整读写权限
|
A/B Testing Admin 权限
firebaseabt.experimentresults.get
firebaseabt.experiments.create
firebaseabt.experiments.delete
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.experiments.update
firebaseabt.projectmetadata.get
|
Firebase A/B Testing Viewer
roles/firebaseabt.viewer
(Beta 版)
|
对 A/B Testing 资源
的只读权限
|
A/B Testing Viewer 权限
firebaseabt.experimentresults.get
firebaseabt.experiments.get
firebaseabt.experiments.list
firebaseabt.projectmetadata.get
|
Cloud Firestore 角色
在 Google Cloud 文档中查找适用的 Cloud Firestore 角色。
如需允许项目成员在 Firebase 控制台中修改和发布安全规则,或通过 Firebase CLI 部署安全规则,可以为其创建并分配一个自定义角色,其中包含 firebaserules.* 权限。
Cloud Storage 角色
在 Google Cloud 文档中查找适用的 Cloud Storage 角色。
如需允许项目成员在 Firebase 控制台中修改和发布安全规则,或通过 Firebase CLI 部署安全规则,可以为其创建并分配一个自定义角色,其中包含 firebaserules.* 权限。
Cloud Functions for Firebase 角色
在 Google Cloud 文档中查找适用的 Cloud Functions for Firebase 角色。
Firebase Messaging 宣传活动角色
这些角色适用于 Firebase Cloud Messaging 和 Firebase In-App Messaging 的宣传活动。
| 角色 |
说明 |
权限 |
Firebase Messaging Campaigns Admin
roles/firebasemessagingcampaigns.admin
|
对 Cloud Messaging 和 In-App Messaging 的宣传活动资源的
完整读写权限
|
Firebase Messaging Campaigns Admin 权限
firebasemessagingcampaigns.campaigns.create
firebasemessagingcampaigns.campaigns.delete
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list
firebasemessagingcampaigns.campaigns.update
firebasemessagingcampaigns.campaigns.start
firebasemessagingcampaigns.campaigns.stop
|
Firebase Messaging Campaigns Viewer
roles/firebasemessagingcampaigns.viewer
|
对 Cloud Messaging 和 In-App Messaging 的宣传活动资源的
只读权限
|
Firebase Messaging Campaigns Viewer 权限
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list
|
Firebase Cloud Messaging 角色
| 角色 |
说明 |
权限 |
Firebase Cloud Messaging Admin
roles/firebasenotifications.admin
|
对 Cloud Messaging 资源的
完整读写权限
|
Cloud Messaging Admin 权限
firebasenotifications.messages.create
firebasenotifications.messages.delete
firebasenotifications.messages.get
firebasenotifications.messages.list
firebasenotifications.messages.update
|
Firebase Cloud Messaging Viewer
roles/firebasenotifications.viewer
|
对 Cloud Messaging 资源的
只读权限
|
Cloud Messaging Viewer 权限
firebasenotifications.messages.get
firebasenotifications.messages.list
|
Firebase Crashlytics 角色
| 角色 |
说明 |
权限 |
Firebase Crashlytics Admin
roles/firebasecrashlytics.admin
|
对 Crashlytics 资源的
完整读写权限
|
Crashlytics Admin 权限
firebasecrashlytics.config.get
firebasecrashlytics.config.update
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.issues.update
firebasecrashlytics.sessions.get
|
Firebase Crashlytics Viewer
roles/firebasecrashlytics.viewer
|
对 Crashlytics 资源的
只读权限
|
Crashlytics Viewer 权限
firebasecrashlytics.config.get
firebasecrashlytics.data.get
firebasecrashlytics.issues.get
firebasecrashlytics.issues.list
firebasecrashlytics.sessions.get
|
Firebase Dynamic Links 角色
| 角色 |
说明 |
权限 |
Firebase Dynamic Links Admin
roles/firebasedynamiclinks.admin
|
对动态链接资源的
完整读写权限
|
Dynamic Links Admin 权限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.destinations.update
firebasedynamiclinks.domains.create
firebasedynamiclinks.domains.delete
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.domains.update
firebasedynamiclinks.links.create
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.links.update
firebasedynamiclinks.stats.get
|
Firebase Dynamic Links Viewer
roles/firebasedynamiclinks.viewer
|
对动态链接资源的
只读权限
|
Dynamic Links Viewer 权限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.domains.get
firebasedynamiclinks.domains.list
firebasedynamiclinks.links.get
firebasedynamiclinks.links.list
firebasedynamiclinks.stats.get
|
Firebase Extensions Publisher 角色
| 角色 |
说明 |
权限 |
Firebase Extensions Publisher - Extensions Admin
roles/firebaseextensionspublisher.extensionsAdmin
(Beta 版)
|
上传、发布和查看 Firebase Extensions
的详细信息和指标
|
Firebase Extensions Publisher - Extensions Admin 权限
firebaseextensionspublisher.extensions.create
firebaseextensionspublisher.extensions.delete
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list
|
Firebase Extensions Publisher - Extensions Viewer
roles/firebaseextensionspublisher.extensionsViewer
(Beta 版)
|
查看此发布者上传的 Firebase Extensions
的详细信息和指标
|
Firebase Extensions Publisher - Extensions Viewer 权限
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list
|
Firebase Hosting 角色
| 角色 |
说明 |
权限 |
Firebase Hosting Admin
roles/firebasehosting.admin
|
对 Hosting 资源的
完整读写权限
|
Hosting Admin 权限
firebasehosting.sites.create
firebasehosting.sites.delete
firebasehosting.sites.get
firebasehosting.sites.list
firebasehosting.sites.update
|
Firebase Hosting Viewer
roles/firebasehosting.viewer
|
对 Hosting 资源的
只读权限
|
Hosting Viewer 权限
firebasehosting.sites.get
firebasehosting.sites.list
|
Firebase In-App Messaging 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase In-App Messaging Admin
roles/firebaseinappmessaging.admin
(Beta 版)
|
对 In-App Messaging 资源的
完整读写权限
|
In-App Messaging Admin 权限
firebaseinappmessaging.campaigns.create
firebaseinappmessaging.campaigns.delete
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
firebaseinappmessaging.campaigns.update
|
Firebase In-App Messaging Viewer
roles/firebaseinappmessaging.viewer
(Beta 版)
|
对 In-App Messaging 资源的
只读权限
|
In-App Messaging Viewer 权限
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list
|
Firebase ML 角色(Beta 版)
| 角色 |
说明 |
权限 |
Firebase ML Admin
roles/firebaseml.admin
(Beta 版)
|
对 Firebase ML 资源的
完整读写权限
|
Firebase ML Admin 权限
firebaseml.models.create
firebaseml.models.get
firebaseml.models.list
firebaseml.models.update
firebaseml.models.delete
firebaseml.modelversions.create
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.modelversions.update
firebaseml.modelversions.delete
firebaseml.compressionjobs.create
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
firebaseml.compressionjobs.update
firebaseml.compressionjobs.delete
firebaseml.compressionjobs.start
|
Firebase ML Viewer
roles/firebaseml.viewer
(Beta 版)
|
对 Firebase ML 资源的
只读权限
|
Firebase ML Viewer 权限
firebaseml.models.get
firebaseml.models.list
firebaseml.modelversions.get
firebaseml.modelversions.list
firebaseml.compressionjobs.get
firebaseml.compressionjobs.list
|
| 角色 |
说明 |
权限 |
Firebase Performance Monitoring Admin
roles/firebaseperformance.admin
|
对 Performance Monitoring 资源的
完整读写权限
配置和接收 Performance Monitoring 提醒
|
Performance Monitoring Admin 权限
firebaseperformance.config.create
firebaseperformance.config.delete
firebaseperformance.config.update
firebaseperformance.data.get
|
Firebase Performance Monitoring Viewer
roles/firebaseperformance.viewer
|
对 Performance Monitoring 资源的
只读权限
|
Performance Monitoring Viewer
权限
firebaseperformance.data.get
|
Firebase Realtime Database 角色
| 角色 |
说明 |
权限 |
Firebase Realtime Database Admin
roles/firebasedatabase.admin
|
对 Realtime Database 资源的
完整读写权限
|
Realtime Database Admin 权限
firebasedatabase.instances.create
firebasedatabase.instances.get
firebasedatabase.instances.list
firebasedatabase.instances.update
|
Firebase Realtime Database Viewer
roles/firebasedatabase.viewer
|
对 Realtime Database 资源的
只读权限
|
Realtime Database Viewer 权限
firebasedatabase.instances.get
firebasedatabase.instances.list
|
Firebase Remote Config 角色
| 角色 |
说明 |
权限 |
Firebase Remote Config Admin
roles/cloudconfig.admin
|
对 Remote Config 资源的
完整读写权限
|
Remote Config Admin 权限
cloudconfig.configs.get
cloudconfig.configs.update
|
Firebase Remote Config Viewer
roles/cloudconfig.viewer
|
对 Remote Config 资源的
只读权限
|
Remote Config Viewer 权限
cloudconfig.configs.get
|
Firebase Test Lab 角色
Firebase Test Lab 需要访问 Cloud Storage 存储桶,因此需要一组特定的权限,而标准 Firebase 预定义角色并未完全拥有这些权限。如需授予 Test Lab 访问权限,请使用 Firebase Test Lab 权限部分介绍的任一解决方案。
