這些角色可授予特定 Firebase 產品的完整讀取/寫入或唯讀存取權。
使用 Google Cloud 控制台為專案成員指派這些角色。
Firebase App Check 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase App Check 管理員roles/firebaseappcheck.admin
|
具備 App Check資源的完整讀取/寫入權限 |
App Check 管理員權限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.appAttestConfig.update firebaseappcheck.appCheckTokens.verify firebaseappcheck.debugTokens.get firebaseappcheck.debugTokens.update firebaseappcheck.deviceCheckConfig.get firebaseappcheck.deviceCheckConfig.update firebaseappcheck.playIntegrityConfig.get firebaseappcheck.playIntegrityConfig.update firebaseappcheck.recaptchaEnterpriseConfig.get firebaseappcheck.recaptchaEnterpriseConfig.update firebaseappcheck.recaptchaV3Config.get firebaseappcheck.recaptchaV3Config.update firebaseappcheck.safetyNetConfig.get firebaseappcheck.safetyNetConfig.update firebaseappcheck.services.get firebaseappcheck.services.update |
Firebase App Check 檢視者roles/firebaseappcheck.viewer
|
具備 App Check 資源的唯讀存取權 |
App Check Viewer 權限
firebaseappcheck.appAttestConfig.get
firebaseappcheck.debugTokens.get firebaseappcheck.deviceCheckConfig.get firebaseappcheck.playIntegrityConfig.get firebaseappcheck.recaptchaEnterpriseConfig.get firebaseappcheck.recaptchaV3Config.get firebaseappcheck.safetyNetConfig.get firebaseappcheck.safetyNetConfig.get |
Firebase App Check 權杖驗證器roles/firebaseappcheck.tokenVerifier
|
可存取 App Check 的權杖驗證功能 |
App Check 權杖驗證工具 權限
firebaseappcheck.appCheckTokens.verify
|
Firebase App Distribution 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase App Distribution 管理員roles/firebaseappdistro.admin |
具備 App Distribution 資源的完整讀取/寫入權限 |
App Distribution 管理員權限
firebaseappdistro.releases.list
firebaseappdistro.releases.update firebaseappdistro.testers.list firebaseappdistro.testers.update firebaseappdistro.groups.list firebaseappdistro.groups.update |
Firebase App Distribution 檢視者roles/firebaseappdistro.viewer |
具備 App Distribution資源的唯讀存取權 |
App Distribution 檢視者權限
firebaseappdistro.releases.list
firebaseappdistro.testers.list firebaseappdistro.groups.list |
Firebase App Hosting 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase App Hosting Compute 執行器roles/firebaseapphosting.computeRunner |
建構及執行 App Hosting 後端所需的最低權限。通常會授予服務帳戶。 |
App Hosting Compute Runner 權限 |
Firebase App Hosting 管理員roles/firebaseapphosting.admin |
具備 App Hosting 資源的完整讀取/寫入權限 |
App Hosting 管理員權限
firebaseapphosting.backends.create
firebaseapphosting.backends.delete firebaseapphosting.backends.get firebaseapphosting.backends.list firebaseapphosting.backends.update firebaseapphosting.builds.create firebaseapphosting.builds.delete firebaseapphosting.builds.get firebaseapphosting.builds.list firebaseapphosting.builds.update firebaseapphosting.domains.create firebaseapphosting.domains.delete firebaseapphosting.domains.get firebaseapphosting.domains.list firebaseapphosting.domains.update firebaseapphosting.locations.get firebaseapphosting.locations.list firebaseapphosting.operations.cancel firebaseapphosting.operations.delete firebaseapphosting.operations.get firebaseapphosting.operations.list firebaseapphosting.rollouts.create firebaseapphosting.rollouts.delete firebaseapphosting.rollouts.get firebaseapphosting.rollouts.list firebaseapphosting.rollouts.update firebaseapphosting.traffic.get firebaseapphosting.traffic.list firebaseapphosting.traffic.update |
Firebase App Hosting Viewer
roles/firebaseapphosting.viewer |
具備 App Hosting 資源的唯讀存取權 |
App Hosting Viewer 權限 |
Firebase App Hosting開發人員roles/firebaseapphosting.developer |
具備 App Hosting 後端、建構作業和發布資源的完整讀取/寫入權限。 |
App Hosting 開發人員權限
firebaseapphosting.backends.update
firebaseapphosting.builds.create firebaseapphosting.builds.delete firebaseapphosting.builds.update firebaseapphosting.operations.delete firebaseapphosting.operations.cancel firebaseapphosting.rollouts.create firebaseapphosting.rollouts.delete firebaseapphosting.rollouts.update firebaseapphosting.traffic.update |
Firebase Authentication 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Authentication 管理員roles/firebaseauth.admin
|
具備 Authentication資源的完整讀取/寫入權限 |
Authentication 管理員權限
firebaseauth.configs.create
firebaseauth.configs.get firebaseauth.configs.getHashConfig firebaseauth.configs.getSecret firebaseauth.configs.update firebaseauth.users.create firebaseauth.users.createSession firebaseauth.users.delete firebaseauth.users.get firebaseauth.users.sendEmail firebaseauth.users.update |
Firebase Authentication 檢視者roles/firebaseauth.viewer
|
具備 Authentication 資源的唯讀存取權 |
Authentication Viewer 權限
firebaseauth.configs.get
firebaseauth.users.get |
Firebase A/B Testing 角色(Beta 版)
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase A/B Testing 管理員roles/firebaseabt.admin(Beta 版) |
具備 A/B Testing資源的完整讀取/寫入權限 |
A/B Testing 管理員權限
firebaseabt.experimentresults.get
firebaseabt.experiments.create firebaseabt.experiments.delete firebaseabt.experiments.get firebaseabt.experiments.list firebaseabt.experiments.update firebaseabt.projectmetadata.get |
Firebase A/B Testing 檢視者roles/firebaseabt.viewer(Beta 版) |
具備 A/B Testing 資源的唯讀存取權 |
A/B Testing Viewer 權限
firebaseabt.experimentresults.get
firebaseabt.experiments.get firebaseabt.experiments.list firebaseabt.projectmetadata.get |
Cloud Firestore 個角色
請參閱 Google Cloud 說明文件,瞭解可用的 Cloud Firestore 角色。
如要允許專案成員在 Firebase 主控台中編輯及發布安全性規則,或透過 Firebase CLI 部署安全性規則,您可以建立並指派自訂角色,其中包含firebaserules.* 權限。
Cloud Storage 個角色
您可以在 Google Cloud 說明文件中找到可用的 Cloud Storage 角色。
如要允許專案成員在 Firebase 主控台中編輯及發布安全性規則,或透過 Firebase CLI 部署安全性規則,您可以建立並指派自訂角色,其中包含firebaserules.* 權限。
Cloud Functions for Firebase 個角色
您可以在 Google Cloud 說明文件中找到可用的 Cloud Functions for Firebase 角色。
Firebase 通訊廣告活動角色
這些角色適用於 Firebase Cloud Messaging 和 Firebase In-App Messaging 的廣告活動。
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase 通訊廣告活動管理員roles/firebasemessagingcampaigns.admin
|
具備 Cloud Messaging 和 In-App Messaging campaigns 資源的完整讀取/寫入權限 |
Firebase 通訊廣告活動管理員權限
firebasemessagingcampaigns.campaigns.create
firebasemessagingcampaigns.campaigns.delete firebasemessagingcampaigns.campaigns.get firebasemessagingcampaigns.campaigns.list firebasemessagingcampaigns.campaigns.update firebasemessagingcampaigns.campaigns.start firebasemessagingcampaigns.campaigns.stop |
Firebase 訊息廣告活動檢視者roles/firebasemessagingcampaigns.viewer
|
具備 Cloud Messaging 和 In-App Messaging campaigns 資源的唯讀存取權 |
Firebase 通訊廣告活動檢視者權限
firebasemessagingcampaigns.campaigns.get
firebasemessagingcampaigns.campaigns.list |
Firebase Cloud Messaging 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Cloud Messaging 管理員roles/firebasenotifications.admin
|
具備 Cloud Messaging 資源的完整讀取/寫入權限 |
Cloud Messaging 管理員權限
firebasenotifications.messages.create
firebasenotifications.messages.delete firebasenotifications.messages.get firebasenotifications.messages.list firebasenotifications.messages.update |
Firebase Cloud Messaging 檢視者roles/firebasenotifications.viewer
|
具備 Cloud Messaging 資源的唯讀存取權 |
Cloud Messaging Viewer 權限
firebasenotifications.messages.get
firebasenotifications.messages.list |
Firebase Crashlytics 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Crashlytics 管理員roles/firebasecrashlytics.admin
|
具備 Crashlytics 資源的完整讀取/寫入權限 |
Crashlytics 管理員權限
firebasecrashlytics.config.get
firebasecrashlytics.config.update firebasecrashlytics.data.get firebasecrashlytics.issues.get firebasecrashlytics.issues.list firebasecrashlytics.issues.update firebasecrashlytics.sessions.get |
Firebase Crashlytics 檢視者roles/firebasecrashlytics.viewer
|
具備 Crashlytics 資源的唯讀存取權 |
Crashlytics 檢視者權限
firebasecrashlytics.config.get
firebasecrashlytics.data.get firebasecrashlytics.issues.get firebasecrashlytics.issues.list firebasecrashlytics.sessions.get |
Firebase Dynamic Links 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Dynamic Links 管理員roles/firebasedynamiclinks.admin
|
具備 Dynamic Links 資源的完整讀取/寫入權限 |
Dynamic Links 管理員權限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.destinations.update firebasedynamiclinks.domains.create firebasedynamiclinks.domains.delete firebasedynamiclinks.domains.get firebasedynamiclinks.domains.list firebasedynamiclinks.domains.update firebasedynamiclinks.links.create firebasedynamiclinks.links.get firebasedynamiclinks.links.list firebasedynamiclinks.links.update firebasedynamiclinks.stats.get |
Firebase Dynamic Links 檢視者roles/firebasedynamiclinks.viewer
|
具備 Dynamic Links資源的唯讀存取權 |
Dynamic Links Viewer 權限
firebasedynamiclinks.destinations.list
firebasedynamiclinks.domains.get firebasedynamiclinks.domains.list firebasedynamiclinks.links.get firebasedynamiclinks.links.list firebasedynamiclinks.stats.get |
Firebase Extensions 發布商角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Extensions 發布商 - 擴充功能管理員roles/firebaseextensionspublisher.extensionsAdmin(Beta 版) |
上傳、發布及查看以下項目的詳細資料和指標: Firebase Extensions |
Firebase Extensions 發布者 - 擴充功能管理員 權限
firebaseextensionspublisher.extensions.create
firebaseextensionspublisher.extensions.delete firebaseextensionspublisher.extensions.get firebaseextensionspublisher.extensions.list |
Firebase Extensions發布商 - 擴充功能檢視器roles/firebaseextensionspublisher.extensionsViewer(Beta 版) |
查看由這位發布商上傳的 Firebase Extensions 詳細資料和指標 |
Firebase Extensions 發布者 - 擴充功能檢視者 權限
firebaseextensionspublisher.extensions.get
firebaseextensionspublisher.extensions.list |
Firebase Hosting 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Hosting 管理員roles/firebasehosting.admin
|
具備 Hosting 資源的完整讀取/寫入權限 |
Hosting 管理員權限
firebasehosting.sites.create
firebasehosting.sites.delete firebasehosting.sites.get firebasehosting.sites.list firebasehosting.sites.update |
Firebase Hosting 檢視者roles/firebasehosting.viewer
|
具備 Hosting 資源的唯讀存取權 |
Hosting Viewer 權限
firebasehosting.sites.get
firebasehosting.sites.list |
Firebase In-App Messaging 角色(Beta 版)
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase In-App Messaging 管理員roles/firebaseinappmessaging.admin(Beta 版) |
具備 In-App Messaging 資源的完整讀取/寫入權限 |
In-App Messaging 管理員權限
firebaseinappmessaging.campaigns.create
firebaseinappmessaging.campaigns.delete firebaseinappmessaging.campaigns.get firebaseinappmessaging.campaigns.list firebaseinappmessaging.campaigns.update |
Firebase In-App Messaging Viewerroles/firebaseinappmessaging.viewer(Beta 版) |
具備 In-App Messaging 資源的唯讀存取權 |
In-App Messaging Viewer 權限
firebaseinappmessaging.campaigns.get
firebaseinappmessaging.campaigns.list |
Firebase ML 角色(Beta 版)
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase ML 管理員roles/firebaseml.admin(Beta 版) |
具備 Firebase ML 資源的完整讀取/寫入權限 |
Firebase ML 管理員 權限
firebaseml.models.create
firebaseml.models.get firebaseml.models.list firebaseml.models.update firebaseml.models.delete firebaseml.modelversions.create firebaseml.modelversions.get firebaseml.modelversions.list firebaseml.modelversions.update firebaseml.modelversions.delete firebaseml.compressionjobs.create firebaseml.compressionjobs.get firebaseml.compressionjobs.list firebaseml.compressionjobs.update firebaseml.compressionjobs.delete firebaseml.compressionjobs.start |
Firebase ML Viewerroles/firebaseml.viewer(Beta 版) |
具備 Firebase ML 資源的唯讀存取權 |
Firebase ML Viewer 權限
firebaseml.models.get
firebaseml.models.list firebaseml.modelversions.get firebaseml.modelversions.list firebaseml.compressionjobs.get firebaseml.compressionjobs.list |
Firebase Performance Monitoring 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Performance Monitoring 管理員roles/firebaseperformance.admin
|
具備 Performance Monitoring 資源的完整讀取/寫入權限 設定並接收 Performance Monitoring 快訊 |
Performance Monitoring 管理員權限
firebaseperformance.config.create
firebaseperformance.config.delete firebaseperformance.config.update firebaseperformance.data.get |
Firebase Performance Monitoring 檢視者roles/firebaseperformance.viewer
|
具備 Performance Monitoring 資源的唯讀存取權 |
Performance Monitoring Viewer 權限
firebaseperformance.data.get
|
Firebase Realtime Database 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Realtime Database 管理員roles/firebasedatabase.admin
|
具備 Realtime Database 資源的完整讀取/寫入權限 |
Realtime Database 管理員權限
firebasedatabase.instances.create
firebasedatabase.instances.get firebasedatabase.instances.list firebasedatabase.instances.update |
Firebase Realtime Database 檢視者roles/firebasedatabase.viewer
|
具備 Realtime Database 資源的唯讀存取權 |
Realtime Database Viewer 權限
firebasedatabase.instances.get
firebasedatabase.instances.list |
Firebase Remote Config 個角色
| 角色 | 說明 | 權限 |
|---|---|---|
Firebase Remote Config 管理員roles/cloudconfig.admin
|
具備 Remote Config 資源的完整讀取/寫入權限 |
Remote Config 管理員 權限
cloudconfig.configs.get
cloudconfig.configs.update
|
Firebase Remote Config 檢視者roles/cloudconfig.viewer
|
具備 Remote Config 資源的唯讀存取權 |
Remote Config Viewer 權限
cloudconfig.configs.get
|
Firebase Test Lab 個角色
Firebase Test Lab 需要存取 Cloud Storage 儲存桶,因此需要一組非常特定的權限,而這些權限並非全部包含在標準 Firebase 預先定義角色中。如要授予 Test Lab 的存取權,請使用 Firebase Test Lab 權限一節中所述的其中一種解決方案。