I'm developing an admin page for my webpage. I'm using GAE and security-constraints. I would like to know which role-name are available and how I can define which Google Accounts could access a specific page.
When using Google App Engine, these are the pre-defined roles available:
roles/appengine.appAdmin: The App Engine Admin (read/write/modify access to all the configuration and settings of the app)roles/appengine.serviceAdmin: The App Engine Service Admin (read-only access to app configuration and settings, write/modify access to module/version-level settings, can't deploy new versions)roles/appengine.deployer: The App Engine Deployer (read-only access to app configuration and settings, write access to create new versions only, can't modify versions except for deleting those without traffic)roles/appengine.appViewer: The App Engine Viewer (read-only access to app configuration and settings)roles/appengine.codeViewer: The App Engine Code Viewer (read-only access to app configuration, settings and deployed source code)These roles are explained in more detail here.
In order to establish the permissions for accounts to access the application, Google Cloud relies on IAM (Identity and Access Management), where you can create service accounts for accessing the app (as well as define roles for project members, including service accounts and Google accounts).
There are various ways to define permissions for access control, but I would recommend using the Cloud Console for it. Inside the console, go to the IAM page and select the project you want to define access control rules. These are the operations that you can do inside the IAM page:
You can check this link for further info about how to manage roles and permssions using IAM.