Tier
SpecializedCategoria
KubernetesEscopo
project
Privilégios
3
Role ID
roles/container.nodeServiceAccountSpecialized
Narrow-scope role for a specific action or use case
Descrição
Minimum permissions for a GKE node pool service account to function correctly.
Privilégios / Capacidades(3)
Pull container images from Artifact Registry
Write logs and metrics from nodes
Report node health and status
Role Definition (JSON)
{
"name": "roles/container.nodeServiceAccount",
"title": "Kubernetes Engine Node Service Account",
"description": "Minimum permissions for a GKE node pool service account to function correctly.",
"stage": "GA",
"includedPermissions": [
"Pull container images from Artifact Registry",
"Write logs and metrics from nodes",
"Report node health and status"
]
}Roles relacionadasKubernetes
Kubernetes Engine Admin
Full access to all Kubernetes Engine resources, including cluster IAM management.
Kubernetes Engine Cluster Admin
Manage Kubernetes clusters and node pools, without accessing deployed workloads.
Kubernetes Engine Developer
Full access to Kubernetes objects inside clusters. Deploy and manage workloads.
Kubernetes Engine Cluster Viewer
Read-only access to GKE cluster metadata. Cannot access Kubernetes objects inside the cluster.
Kubernetes Engine Viewer
Read-only access to all Kubernetes Engine resources and cluster configuration.