Workload Identity Pool Admin

GCP IAM — detalhes da role

Tier
Admin
Categoria
IAM
Escopo
project
Privilégios
3
Role IDroles/iam.workloadIdentityPoolAdmin

Esta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.

Admin

Administrative control over a service, may include IAM

Descrição

Full control over Workload Identity Pools for federating external identities.

Privilégios / Capacidades(3)

Create and manage workload identity pools
Create and manage pool providers
Configure attribute mappings and conditions

Permissions(10)

iam.workloadIdentityPools.create
iam.workloadIdentityPools.delete
iam.workloadIdentityPools.get
iam.workloadIdentityPools.list
iam.workloadIdentityPools.update
iam.workloadIdentityPoolProviders.create
iam.workloadIdentityPoolProviders.delete
iam.workloadIdentityPoolProviders.get
iam.workloadIdentityPoolProviders.list
iam.workloadIdentityPoolProviders.update

Role Definition (JSON)

{
  "name": "roles/iam.workloadIdentityPoolAdmin",
  "title": "Workload Identity Pool Admin",
  "description": "Full control over Workload Identity Pools for federating external identities.",
  "stage": "GA",
  "includedPermissions": [
    "iam.workloadIdentityPools.create",
    "iam.workloadIdentityPools.delete",
    "iam.workloadIdentityPools.get",
    "iam.workloadIdentityPools.list",
    "iam.workloadIdentityPools.update",
    "iam.workloadIdentityPoolProviders.create",