Kubernetes Engine Admin

GCP IAM — detalhes da role

Tier
Admin
Categoria
Kubernetes
Escopo
project
Privilégios
5
Role IDroles/container.admin

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Admin

Administrative control over a service, may include IAM

Descrição

Full access to all Kubernetes Engine resources, including cluster IAM management.

Privilégios / Capacidades(5)

Create, update, and delete GKE clusters
Manage Kubernetes RBAC
Access Kubernetes API
Set IAM policies on clusters
Manage node pools and autoscaling

Role Definition (JSON)

{
  "name": "roles/container.admin",
  "title": "Kubernetes Engine Admin",
  "description": "Full access to all Kubernetes Engine resources, including cluster IAM management.",
  "stage": "GA",
  "includedPermissions": [
    "Create, update, and delete GKE clusters",
    "Manage Kubernetes RBAC",
    "Access Kubernetes API",
    "Set IAM policies on clusters",
    "Manage node pools and autoscaling"
  ]