Project Editor

GCP IAM — detalhes da role

Tier
Editor
Categoria
IAM
Escopo
project
Privilégios
4
Role IDroles/editor

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Editor

Read and write access to all resources in a service

Descrição

Full edit access to all resources, excluding IAM policy management and billing.

Privilégios / Capacidades(4)

Create and modify all resources
Read all resources
Cannot manage IAM policies
Cannot manage billing

Permissions(12)

resourcemanager.projects.get
resourcemanager.projects.update
compute.instances.create
compute.instances.delete
storage.buckets.create
storage.buckets.delete
bigquery.datasets.create
bigquery.jobs.create
pubsub.topics.create
pubsub.subscriptions.create
logging.logEntries.create
monitoring.timeSeries.create

Role Definition (JSON)

{
  "name": "roles/editor",
  "title": "Project Editor",
  "description": "Full edit access to all resources, excluding IAM policy management and billing.",
  "stage": "GA",
  "includedPermissions": [
    "resourcemanager.projects.get",
    "resourcemanager.projects.update",
    "compute.instances.create",
    "compute.instances.delete",
    "storage.buckets.create",
    "storage.buckets.delete",