Tier
AdminCategoria
SecurityEscopo
org
Privilégios
4
Role ID
roles/accesscontextmanager.policyAdminEsta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.
Admin
Administrative control over a service, may include IAM
Descrição
Full control of VPC Service Controls, access policies, and service perimeters.
Privilégios / Capacidades(4)
Create and manage access policies
Define access levels
Create and modify service perimeters
Manage access context for VPC Service Controls
Role Definition (JSON)
{
"name": "roles/accesscontextmanager.policyAdmin",
"title": "Access Context Manager Policy Admin",
"description": "Full control of VPC Service Controls, access policies, and service perimeters.",
"stage": "GA",
"includedPermissions": [
"Create and manage access policies",
"Define access levels",
"Create and modify service perimeters",
"Manage access context for VPC Service Controls"
]
}Roles relacionadasSecurity
Compute Security Admin
Full control of Compute Engine security resources including firewalls and SSL policies.
Compute Security Policies Admin
Create and manage Cloud Armor security policies for DDoS protection and WAF.
Secret Manager Admin
Full control of Secret Manager: create, manage, and access all secrets.
Secret Manager Secret Accessor
Access the payload of Secret Manager secrets. Common role for application workloads.
Secret Manager Secret Version Adder
Add new versions to an existing Secret Manager secret.