在 Google Cloud 控制台中執行一般工作所需的權限
如需角色清單及其相關聯的權限,請參閱 Cloud SQL 角色。
| 工作 | 其他所需權限 |
|---|---|
| 顯示執行個體清單頁面 | cloudsql.instances.listresourcemanager.projects.get |
| 建立執行個體 | cloudsql.instances.createcloudsql.instances.getcloudsql.instances.listresourcemanager.projects.getcompute.machineTypes.listcompute.machineTypes.getcompute.projects.get roles/compute.viewer |
| 從 Cloud Shell 連線至執行個體 | cloudsql.instances.getcloudsql.instances.listcloudsql.instances.updateresourcemanager.projects.get |
| 新增使用者 | cloudsql.instances.getcloudsql.instances.listcloudsql.users.createcloudsql.users.listresourcemanager.projects.get |
| 查看執行個體資訊 | cloudsql.databases.listcloudsql.instances.getcloudsql.instances.listcloudsql.users.listmonitoring.timeSeries.listresourcemanager.projects.get |
| 列出執行個體的作業 | cloudsql.instances.list |
| 取得執行個體的作業 | cloudsql.instances.get |
| 取得專案的作業 | cloudsql.instances.get |
| 在 Dataplex Universal Catalog 中查看執行個體中繼資料 | cloudsql.schemas.view |
| 列出最終備份 | cloudsql.backupRuns.list |
| 描述最終備份 | cloudsql.backupRuns.get |
| 更新最終備份 | cloudsql.backupRuns.update |
| 將最終備份還原至新執行個體 | cloudsql.backupRuns.getcloudsql.instances.restoreBackupcloudsql.instances.create |
| 將最終備份還原至現有執行個體 | cloudsql.backupRuns.getcloudsql.instances.restoreBackup |
| 刪除最終備份 | cloudsql.backupRuns.delete |
gcloud sql 指令的所需權限
| 指令 | 所需權限 |
|---|---|
gcloud sql backups create | cloudsql.backupRuns.create |
gcloud sql backups delete | cloudsql.backupRuns.delete |
gcloud sql backups describe | cloudsql.backupRuns.get |
gcloud sql backups list | cloudsql.backupRuns.list |
gcloud sql backups restore | cloudsql.backupRuns.getcloudsql.instances.restoreBackup |
gcloud sql connect | cloudsql.instances.getcloudsql.instances.update |
gcloud sql databases create | cloudsql.databases.create |
gcloud sql databases delete | cloudsql.databases.delete |
gcloud sql databases describe | cloudsql.databases.get |
gcloud sql databases list | cloudsql.databases.list |
gcloud sql databases patch | cloudsql.databases.getcloudsql.databases.update |
gcloud sql export | cloudsql.instances.exportcloudsql.instances.get |
gcloud sql flags list | 無 |
gcloud sql import | cloudsql.instances.import |
gcloud sql instances clone | cloudsql.instances.clone |
gcloud sql instances create | cloudsql.instances.create |
gcloud sql instances delete | cloudsql.instances.delete |
gcloud sql instances describe | cloudsql.instances.get |
gcloud sql instances failover | cloudsql.instances.failover |
gcloud sql instances import | cloudsql.instances.import |
gcloud sql instances list | cloudsql.instances.list |
gcloud sql instances patch | cloudsql.instances.getcloudsql.instances.update |
gcloud sql instances promote-replica | cloudsql.instances.promoteReplica |
gcloud sql instances reset-ssl-config | cloudsql.instances.resetSslConfig |
gcloud sql instances restart | cloudsql.instances.restart |
gcloud sql instances restore-backup | cloudsql.backupRuns.getcloudsql.instances.restoreBackup |
gcloud sql operations describe | cloudsql.instances.get |
gcloud sql operations list | cloudsql.instances.get |
gcloud sql operations wait | cloudsql.instances.get |
gcloud sql ssl client-certs create | cloudsql.sslCerts.create |
gcloud sql ssl client-certs delete | cloudsql.sslCerts.delete |
gcloud sql ssl client-certs describe | cloudsql.sslCerts.list |
gcloud sql ssl client-certs list | cloudsql.sslCerts.list |
gcloud sql tiers list | 無 |
gcloud sql users create | cloudsql.users.create |
gcloud sql users delete | cloudsql.users.delete |
gcloud sql users list | cloudsql.users.list |
gcloud sql users set-password | cloudsql.users.update |
gcloud sql operations list | cloudsql.instances.list |
gcloud sql operations get | cloudsql.instances.get |
Cloud SQL Admin API 方法的必要權限
下表列出呼叫者呼叫 Cloud SQL Admin API 中的各個方法時所需的權限,或者透過使用該 API 的 Google Cloud 工具 (如Google Cloud 主控台或 gcloud 指令列工具) 執行工作時所需的權限。
詳情請參閱「使用 OAuth 2.0 對要求進行授權」。所有權限都會套用至專案,您無法按執行個體或其他較低層級的物件套用不同權限。
| 方法 | 所需權限 |
|---|---|
backups.deleteBackup | cloudsql.backupRuns.delete |
backups.getBackup | cloudsql.backupRuns.get |
backups.updateBackup | cloudsql.backupRuns.update |
backups.listBackups | cloudsql.backupRuns.list |
backups.createBackup | cloudsql.backupRuns.create |
databases.delete | cloudsql.databases.delete |
databases.get | cloudsql.databases.get |
databases.insert | cloudsql.databases.create |
databases.list | cloudsql.databases.list |
databases.patch | cloudsql.databases.update、cloudsql.databases.get |
databases.update | cloudsql.databases.update |
flags.list | 無 |
instances.clone | cloudsql.instances.clone |
instances.delete | cloudsql.instances.delete |
instances.export | cloudsql.instances.export |
instances.failover | cloudsql.instances.failover |
instances.get | cloudsql.instances.get |
instances.import | cloudsql.instances.import |
instances.insert | cloudsql.instances.create |
instances.list | cloudsql.instances.list |
instances.patch | cloudsql.instances.get、cloudsql.instances.update |
instances.promoteReplica | cloudsql.instances.promoteReplica |
instances.resetSslConfig | cloudsql.instances.resetSslConfig |
instances.restart | cloudsql.instances.restart |
instances.restoreBackup | cloudsql.instances.restoreBackup、cloudsql.backupRuns.get |
instances.startReplica | cloudsql.instances.startReplica |
instances.stopReplica | cloudsql.instances.stopReplica |
instances.truncateLog | cloudsql.instances.truncateLog |
instances.update | cloudsql.instances.update |
operations.get | cloudsql.instances.get |
operations.get | cloudsql.instances.get |
operations.list | cloudsql.instances.get |
operations.list | cloudsql.instances.list |
sslCerts.delete | cloudsql.sslCerts.delete |
sslCerts.get | cloudsql.sslCerts.get |
sslCerts.insert | cloudsql.sslCerts.create |
sslCerts.list | cloudsql.sslCerts.list |
users.delete | cloudsql.users.delete |
users.insert | cloudsql.users.create |
users.list | cloudsql.users.list |
users.update | cloudsql.users.update |