Binary Authorization Policy Administrator

GCP IAM — detalhes da role

Tier
Admin
Categoria
Security
Escopo
project
Privilégios
3
Role IDroles/binaryauthorization.policyAdmin

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Admin

Administrative control over a service, may include IAM

Descrição

Manage Binary Authorization policies that control what container images can be deployed.

Privilégios / Capacidades(3)

Create and update Binary Authorization policies
Manage attestors
Configure deployment controls for GKE and Cloud Run

Role Definition (JSON)

{
  "name": "roles/binaryauthorization.policyAdmin",
  "title": "Binary Authorization Policy Administrator",
  "description": "Manage Binary Authorization policies that control what container images can be deployed.",
  "stage": "GA",
  "includedPermissions": [
    "Create and update Binary Authorization policies",
    "Manage attestors",
    "Configure deployment controls for GKE and Cloud Run"
  ]
}