Tier
AdminCategoria
SecurityEscopo
project
Privilégios
3
Role ID
roles/binaryauthorization.policyAdminEsta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.
Admin
Administrative control over a service, may include IAM
Descrição
Manage Binary Authorization policies that control what container images can be deployed.
Privilégios / Capacidades(3)
Create and update Binary Authorization policies
Manage attestors
Configure deployment controls for GKE and Cloud Run
Role Definition (JSON)
{
"name": "roles/binaryauthorization.policyAdmin",
"title": "Binary Authorization Policy Administrator",
"description": "Manage Binary Authorization policies that control what container images can be deployed.",
"stage": "GA",
"includedPermissions": [
"Create and update Binary Authorization policies",
"Manage attestors",
"Configure deployment controls for GKE and Cloud Run"
]
}Roles relacionadasSecurity
Compute Security Admin
Full control of Compute Engine security resources including firewalls and SSL policies.
Compute Security Policies Admin
Create and manage Cloud Armor security policies for DDoS protection and WAF.
Secret Manager Admin
Full control of Secret Manager: create, manage, and access all secrets.
Secret Manager Secret Accessor
Access the payload of Secret Manager secrets. Common role for application workloads.
Secret Manager Secret Version Adder
Add new versions to an existing Secret Manager secret.