Tier
ViewerCategoria
IAMEscopo
project
Privilégios
3
Role ID
roles/iam.securityReviewerViewer
Read-only access to resources
Descrição
Can get IAM policies and read security configurations. Read-only security auditor.
Privilégios / Capacidades(3)
Get IAM policies on all resources
View security configurations
Audit access controls without modification
Permissions(8)
resourcemanager.projects.getIamPolicyresourcemanager.organizations.getIamPolicyresourcemanager.folders.getIamPolicyiam.serviceAccounts.getIamPolicyiam.roles.listiam.roles.getiam.serviceAccounts.listiam.serviceAccounts.getRole Definition (JSON)
{
"name": "roles/iam.securityReviewer",
"title": "Security Reviewer",
"description": "Can get IAM policies and read security configurations. Read-only security auditor.",
"stage": "GA",
"includedPermissions": [
"resourcemanager.projects.getIamPolicy",
"resourcemanager.organizations.getIamPolicy",
"resourcemanager.folders.getIamPolicy",
"iam.serviceAccounts.getIamPolicy",
"iam.roles.list",
"iam.roles.get",Roles relacionadasIAM
Project Owner
Full control of all GCP resources including IAM policies, billing, and all services.
Project Editor
Full edit access to all resources, excluding IAM policy management and billing.
Project Viewer
Read-only access to all resources. Cannot create, modify, or delete.
IAM Admin
Full administrative access to IAM service accounts, roles, and policies.
Security Admin
Can get and set any IAM policy. Used by security teams to audit and configure access.