Tier
AdminCategoria
ComputeEscopo
project
Privilégios
5
Role ID
roles/compute.adminEsta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.
Admin
Administrative control over a service, may include IAM
Descrição
Full control of all Compute Engine resources including VMs, disks, networks, and images.
Privilégios / Capacidades(5)
Create, update, delete VMs
Manage disks and snapshots
Configure networks and firewalls
Manage images and machine types
Set IAM policies on Compute resources
Role Definition (JSON)
{
"name": "roles/compute.admin",
"title": "Compute Admin",
"description": "Full control of all Compute Engine resources including VMs, disks, networks, and images.",
"stage": "GA",
"includedPermissions": [
"Create, update, delete VMs",
"Manage disks and snapshots",
"Configure networks and firewalls",
"Manage images and machine types",
"Set IAM policies on Compute resources"
]Roles relacionadasCompute
Compute Instance Admin (v1)
Full control of Compute Engine instances, instance groups, and related configurations.
Compute Viewer
Read-only access to all Compute Engine resources. Cannot read data stored on disks.
Compute OS Admin Login
Log in to a Compute Engine instance as an administrator via OS Login with sudo.
Compute OS Login
Log in to a Compute Engine instance as a non-administrator user via OS Login.
Compute Image User
List and read images. Required to use a custom image when creating VMs.