CA Service Admin

GCP IAM — detalhes da role

Tier
Admin
Categoria
Security
Escopo
project
Privilégios
4
Role IDroles/privateca.admin

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Admin

Administrative control over a service, may include IAM

Descrição

Full control of Certificate Authority Service: CA pools, CAs, certificates, and IAM.

Privilégios / Capacidades(4)

Create and delete CA pools and CAs
Issue and revoke certificates
Set IAM policies on CA resources
Manage CRL and certificate templates

Role Definition (JSON)

{
  "name": "roles/privateca.admin",
  "title": "CA Service Admin",
  "description": "Full control of Certificate Authority Service: CA pools, CAs, certificates, and IAM.",
  "stage": "GA",
  "includedPermissions": [
    "Create and delete CA pools and CAs",
    "Issue and revoke certificates",
    "Set IAM policies on CA resources",
    "Manage CRL and certificate templates"
  ]
}