Storage Admin

GCP IAM — detalhes da role

Tier
Admin
Categoria
Storage
Escopo
project
Privilégios
5
Role IDroles/storage.admin

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Admin

Administrative control over a service, may include IAM

Descrição

Full control of Cloud Storage: buckets, objects, and IAM policies.

Privilégios / Capacidades(5)

Create, update, and delete buckets
Manage objects in all buckets
Set IAM policies on buckets
Configure bucket retention and lifecycle
Manage HMAC keys

Role Definition (JSON)

{
  "name": "roles/storage.admin",
  "title": "Storage Admin",
  "description": "Full control of Cloud Storage: buckets, objects, and IAM policies.",
  "stage": "GA",
  "includedPermissions": [
    "Create, update, and delete buckets",
    "Manage objects in all buckets",
    "Set IAM policies on buckets",
    "Configure bucket retention and lifecycle",
    "Manage HMAC keys"
  ]