Tier
AdminCategoria
ManagementEscopo
folder
Privilégios
3
Role ID
roles/resourcemanager.folderAdminEsta é uma role privilegiada — concede capacidades de controle elevado. Aplique o princípio do menor privilégio e monitore atribuições via Cloud Audit Logs.
Admin
Administrative control over a service, may include IAM
Descrição
Full control over a folder, including creating subfolders and projects.
Privilégios / Capacidades(3)
Create, update, delete folders
Manage IAM policies on folders
Move folders and projects
Role Definition (JSON)
{
"name": "roles/resourcemanager.folderAdmin",
"title": "Folder Admin",
"description": "Full control over a folder, including creating subfolders and projects.",
"stage": "GA",
"includedPermissions": [
"Create, update, delete folders",
"Manage IAM policies on folders",
"Move folders and projects"
]
}Roles relacionadasManagement
Organization Admin
Full control over an organization resource including IAM and folder management.
Folder Viewer
Read-only access to folder metadata. Can view folder hierarchy and list projects.
Project Creator
Can create new projects within an organization or folder.
Project Deleter
Can delete projects within an organization or folder.
Tag Administrator
Full control over tag keys, tag values, and tag bindings across the organization.