Project Owner

GCP IAM — detalhes da role

Tier
Project Owner
Categoria
IAM
Escopo
project
Privilégios
5
Role IDroles/owner

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Project Owner

Full control over the project and all resources

Descrição

Full control of all GCP resources including IAM policies, billing, and all services.

Privilégios / Capacidades(5)

Full access to all Google Cloud services
Manage IAM policies and roles
Manage billing
Delete projects
Invite members

Permissions(13)

resourcemanager.projects.get
resourcemanager.projects.getIamPolicy
resourcemanager.projects.setIamPolicy
resourcemanager.projects.delete
resourcemanager.projects.update
billing.accounts.getIamPolicy
billing.accounts.setIamPolicy
serviceusage.services.enable
serviceusage.services.disable
iam.roles.list
iam.roles.get
iam.serviceAccounts.create
iam.serviceAccounts.delete

Role Definition (JSON)

{
  "name": "roles/owner",
  "title": "Project Owner",
  "description": "Full control of all GCP resources including IAM policies, billing, and all services.",
  "stage": "GA",
  "includedPermissions": [
    "resourcemanager.projects.get",
    "resourcemanager.projects.getIamPolicy",
    "resourcemanager.projects.setIamPolicy",
    "resourcemanager.projects.delete",
    "resourcemanager.projects.update",
    "billing.accounts.getIamPolicy",