Tier
AdminCategoria
SecurityEscopo
project
Privilégios
5
Role ID
roles/secretmanager.adminEsta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.
Admin
Administrative control over a service, may include IAM
Descrição
Full control of Secret Manager: create, manage, and access all secrets.
Privilégios / Capacidades(5)
Create and delete secrets
Add and disable secret versions
Access secret values
Set IAM policies on secrets
View secret metadata
Role Definition (JSON)
{
"name": "roles/secretmanager.admin",
"title": "Secret Manager Admin",
"description": "Full control of Secret Manager: create, manage, and access all secrets.",
"stage": "GA",
"includedPermissions": [
"Create and delete secrets",
"Add and disable secret versions",
"Access secret values",
"Set IAM policies on secrets",
"View secret metadata"
]Roles relacionadasSecurity
Compute Security Admin
Full control of Compute Engine security resources including firewalls and SSL policies.
Compute Security Policies Admin
Create and manage Cloud Armor security policies for DDoS protection and WAF.
Secret Manager Secret Accessor
Access the payload of Secret Manager secrets. Common role for application workloads.
Secret Manager Secret Version Adder
Add new versions to an existing Secret Manager secret.
Secret Manager Secret Version Manager
Enable, disable, and destroy secret versions. Manage secret version lifecycle.