| roles/accesscontextmanager.gcpAccessAdmin |
Create, edit, and change Cloud access bindings. |
Cloud Access Binding Admin |
['accesscontextmanager.gcpUserAccessBindings.create', 'accesscontextmanager.gcpUserAccessBindings.delete', 'accesscontextmanager.gcpUserAccessBindings.get', 'accesscontextmanager.gcpUserAccessBindings.list', 'accesscontextmanager.gcpUserAccessBindings.update'] |
|
GA |
| roles/accesscontextmanager.policyEditor |
Edit access to policies. Create, edit, and change access levels, access zones and authorized orgs descs. |
Access Context Manager Editor |
['accesscontextmanager.accessLevels.create', 'accesscontextmanager.accessLevels.delete', 'accesscontextmanager.accessLevels.get', 'accesscontextmanager.accessLevels.list', 'accesscontextmanager.accessLevels.replaceAll', 'accesscontextmanager.accessLevels.update', 'accesscontextmanager.authorizedOrgsDescs.create', 'accesscontextmanager.authorizedOrgsDescs.delete', 'accesscontextmanager.authorizedOrgsDescs.get', 'accesscontextmanager.authorizedOrgsDescs.list', 'accesscontextmanager.authorizedOrgsDescs.update', 'accesscontextmanager.policies.create', 'accesscontextmanager.policies.delete', 'accesscontextmanager.policies.get', 'accesscontextmanager.policies.getIamPolicy', 'accesscontextmanager.policies.list', 'accesscontextmanager.policies.update', 'accesscontextmanager.servicePerimeters.commit', 'accesscontextmanager.servicePerimeters.create', 'accesscontextmanager.servicePerimeters.delete', 'accesscontextmanager.servicePerimeters.get', 'accesscontextmanager.servicePerimeters.list', 'accesscontextmanager.servicePerimeters.replaceAll', 'accesscontextmanager.servicePerimeters.update', 'cloudasset.assets.searchAllResources', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/accesscontextmanager.gcpAccessReader |
Read access to Cloud access bindings. |
Cloud Access Binding Reader |
['accesscontextmanager.gcpUserAccessBindings.get', 'accesscontextmanager.gcpUserAccessBindings.list'] |
|
GA |
| roles/accesscontextmanager.policyReader |
Read access to policies, access levels, access zones and authorized orgs descs. |
Access Context Manager Reader |
['accesscontextmanager.accessLevels.get', 'accesscontextmanager.accessLevels.list', 'accesscontextmanager.authorizedOrgsDescs.get', 'accesscontextmanager.authorizedOrgsDescs.list', 'accesscontextmanager.policies.get', 'accesscontextmanager.policies.getIamPolicy', 'accesscontextmanager.policies.list', 'accesscontextmanager.servicePerimeters.get', 'accesscontextmanager.servicePerimeters.list', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/accesscontextmanager.vpcScTroubleshooterViewer |
|
VPC Service Controls Troubleshooter Viewer |
['accesscontextmanager.accessLevels.get', 'accesscontextmanager.accessLevels.list', 'accesscontextmanager.authorizedOrgsDescs.get', 'accesscontextmanager.authorizedOrgsDescs.list', 'accesscontextmanager.policies.get', 'accesscontextmanager.policies.getIamPolicy', 'accesscontextmanager.policies.list', 'accesscontextmanager.servicePerimeters.get', 'accesscontextmanager.servicePerimeters.list', 'logging.exclusions.get', 'logging.exclusions.list', 'logging.logEntries.list', 'logging.logMetrics.get', 'logging.logMetrics.list', 'logging.logServiceIndexes.list', 'logging.logServices.list', 'logging.logs.list', 'logging.sinks.get', 'logging.sinks.list', 'logging.usage.get', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/accesscontextmanager.policyAdmin |
Full access to policies, access levels, access zones and authorized orgs descs. |
Access Context Manager Admin |
['accesscontextmanager.accessLevels.create', 'accesscontextmanager.accessLevels.delete', 'accesscontextmanager.accessLevels.get', 'accesscontextmanager.accessLevels.list', 'accesscontextmanager.accessLevels.replaceAll', 'accesscontextmanager.accessLevels.update', 'accesscontextmanager.authorizedOrgsDescs.create', 'accesscontextmanager.authorizedOrgsDescs.delete', 'accesscontextmanager.authorizedOrgsDescs.get', 'accesscontextmanager.authorizedOrgsDescs.list', 'accesscontextmanager.authorizedOrgsDescs.update', 'accesscontextmanager.policies.create', 'accesscontextmanager.policies.delete', 'accesscontextmanager.policies.get', 'accesscontextmanager.policies.getIamPolicy', 'accesscontextmanager.policies.list', 'accesscontextmanager.policies.setIamPolicy', 'accesscontextmanager.policies.update', 'accesscontextmanager.servicePerimeters.commit', 'accesscontextmanager.servicePerimeters.create', 'accesscontextmanager.servicePerimeters.delete', 'accesscontextmanager.servicePerimeters.get', 'accesscontextmanager.servicePerimeters.list', 'accesscontextmanager.servicePerimeters.replaceAll', 'accesscontextmanager.servicePerimeters.update', 'cloudasset.assets.searchAllResources', 'resourcemanager.organizations.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |