Organization Policy Administrator

GCP IAM — detalhes da role

Tier
Admin
Categoria
Management
Escopo
org
Privilégios
3
Role IDroles/orgpolicy.policyAdmin

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Admin

Administrative control over a service, may include IAM

Descrição

Set and manage organization policies that govern resource configurations.

Privilégios / Capacidades(3)

Set and delete organization policies
View all organization policies
Override policies at folder and project level

Role Definition (JSON)

{
  "name": "roles/orgpolicy.policyAdmin",
  "title": "Organization Policy Administrator",
  "description": "Set and manage organization policies that govern resource configurations.",
  "stage": "GA",
  "includedPermissions": [
    "Set and delete organization policies",
    "View all organization policies",
    "Override policies at folder and project level"
  ]
}