View source on GitHub |
Permission resource grants user, group or the rest of the world access to the PaLM API resource (e.g.
a tuned model, corpus).
A role is a collection of permitted operations that allows users to perform specific actions on PaLM API resources. To make them available to users, groups, or service accounts, you assign roles. When you assign a role, you grant permissions that the role contains.
There are three concentric roles. Each role is a superset of the previous role's permitted operations:
- reader can use the resource (e.g. tuned model, corpus) for inference
- writer has reader's permissions and additionally can edit and share
- owner has writer's permissions and additionally can delete