IAM (Identity and Access
Management) allows you to
set permissions on individual resources and offers a wider range of roles:
editor, owner, publisher, subscriber, and viewer. This gives you greater
flexibility and allows you to set more fine-grained access control.
- Grant access on a per-topic or per-subscription basis, rather than for
the whole Cloud project.
- Grant access with limited capabilities, such as to only publish messages
to a topic, or to only to consume messages from a subscription, but not
to delete the topic or subscription.
The IAM access control features described in this document are Beta,
including the API methods to get and set IAM policies, and to test IAM
permissions. Cloud Pub/Sub's use of IAM features is not covered by any
SLA or deprecation policy, and may be subject to backward-incompatible