Security Reviewer

GCP IAM — detalhes da role

Tier
Viewer
Categoria
IAM
Escopo
project
Privilégios
3
Role IDroles/iam.securityReviewer

Viewer

Read-only access to resources

Descrição

Can get IAM policies and read security configurations. Read-only security auditor.

Privilégios / Capacidades(3)

Get IAM policies on all resources
View security configurations
Audit access controls without modification

Permissions(8)

resourcemanager.projects.getIamPolicy
resourcemanager.organizations.getIamPolicy
resourcemanager.folders.getIamPolicy
iam.serviceAccounts.getIamPolicy
iam.roles.list
iam.roles.get
iam.serviceAccounts.list
iam.serviceAccounts.get

Role Definition (JSON)

{
  "name": "roles/iam.securityReviewer",
  "title": "Security Reviewer",
  "description": "Can get IAM policies and read security configurations. Read-only security auditor.",
  "stage": "GA",
  "includedPermissions": [
    "resourcemanager.projects.getIamPolicy",
    "resourcemanager.organizations.getIamPolicy",
    "resourcemanager.folders.getIamPolicy",
    "iam.serviceAccounts.getIamPolicy",
    "iam.roles.list",
    "iam.roles.get",