Kubernetes Engine Node Service Account

GCP IAM — detalhes da role

Tier
Specialized
Categoria
Kubernetes
Escopo
project
Privilégios
3
Role IDroles/container.nodeServiceAccount

Specialized

Narrow-scope role for a specific action or use case

Descrição

Minimum permissions for a GKE node pool service account to function correctly.

Privilégios / Capacidades(3)

Pull container images from Artifact Registry
Write logs and metrics from nodes
Report node health and status

Role Definition (JSON)

{
  "name": "roles/container.nodeServiceAccount",
  "title": "Kubernetes Engine Node Service Account",
  "description": "Minimum permissions for a GKE node pool service account to function correctly.",
  "stage": "GA",
  "includedPermissions": [
    "Pull container images from Artifact Registry",
    "Write logs and metrics from nodes",
    "Report node health and status"
  ]
}