| roles/binaryauthorization.attestorsEditor |
Editor of Binary Authorization Attestors |
Binary Authorization Attestor Editor |
['binaryauthorization.attestors.create', 'binaryauthorization.attestors.delete', 'binaryauthorization.attestors.get', 'binaryauthorization.attestors.list', 'binaryauthorization.attestors.update', 'binaryauthorization.attestors.verifyImageAttested', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.policyViewer |
Viewer of Binary Authorization Policy |
Binary Authorization Policy Viewer |
['binaryauthorization.continuousValidationConfig.get', 'binaryauthorization.platformPolicies.get', 'binaryauthorization.platformPolicies.list', 'binaryauthorization.policy.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.policyEditor |
Editor of Binary Authorization Policy |
Binary Authorization Policy Editor |
['binaryauthorization.continuousValidationConfig.get', 'binaryauthorization.continuousValidationConfig.update', 'binaryauthorization.platformPolicies.create', 'binaryauthorization.platformPolicies.delete', 'binaryauthorization.platformPolicies.evaluatePolicy', 'binaryauthorization.platformPolicies.get', 'binaryauthorization.platformPolicies.list', 'binaryauthorization.platformPolicies.replace', 'binaryauthorization.policy.evaluatePolicy', 'binaryauthorization.policy.get', 'binaryauthorization.policy.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.attestorsViewer |
Viewer of Binary Authorization Attestors |
Binary Authorization Attestor Viewer |
['binaryauthorization.attestors.get', 'binaryauthorization.attestors.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.policyAdmin |
Administrator of Binary Authorization Policy |
Binary Authorization Policy Administrator |
['binaryauthorization.continuousValidationConfig.get', 'binaryauthorization.continuousValidationConfig.getIamPolicy', 'binaryauthorization.continuousValidationConfig.setIamPolicy', 'binaryauthorization.continuousValidationConfig.update', 'binaryauthorization.platformPolicies.create', 'binaryauthorization.platformPolicies.delete', 'binaryauthorization.platformPolicies.evaluatePolicy', 'binaryauthorization.platformPolicies.get', 'binaryauthorization.platformPolicies.list', 'binaryauthorization.platformPolicies.replace', 'binaryauthorization.policy.evaluatePolicy', 'binaryauthorization.policy.get', 'binaryauthorization.policy.getIamPolicy', 'binaryauthorization.policy.setIamPolicy', 'binaryauthorization.policy.update', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.serviceAgent |
Can read Notes and Occurrences from the Container Analysis Service to find and verify signatures. |
Binary Authorization Service Agent |
['artifactregistry.dockerimages.get', 'artifactregistry.repositories.downloadArtifacts', 'binaryauthorization.attestors.get', 'binaryauthorization.attestors.list', 'binaryauthorization.attestors.verifyImageAttested', 'binaryauthorization.platformPolicies.evaluatePolicy', 'binaryauthorization.policy.evaluatePolicy', 'cloudasset.assets.exportResource', 'cloudasset.feeds.create', 'cloudasset.feeds.delete', 'cloudasset.feeds.get', 'cloudasset.feeds.update', 'containeranalysis.notes.get', 'containeranalysis.notes.list', 'containeranalysis.notes.listOccurrences', 'containeranalysis.occurrences.get', 'containeranalysis.occurrences.list', 'resourcemanager.projects.get', 'resourcemanager.projects.list', 'storage.objects.list'] |
|
GA |
| roles/binaryauthorization.attestorsVerifier |
Caller of Binary Authorization Attestors VerifyImageAttested |
Binary Authorization Attestor Image Verifier |
['binaryauthorization.attestors.get', 'binaryauthorization.attestors.list', 'binaryauthorization.attestors.verifyImageAttested', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.policyEvaluator |
Evaluator of Binary Authorization Policy |
Binary Authorization Policy Evaluator |
['binaryauthorization.platformPolicies.evaluatePolicy', 'binaryauthorization.platformPolicies.get', 'binaryauthorization.platformPolicies.list', 'binaryauthorization.policy.evaluatePolicy', 'binaryauthorization.policy.get', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |
| roles/binaryauthorization.attestorsAdmin |
Adminstrator of Binary Authorization Attestors |
Binary Authorization Attestor Admin |
['binaryauthorization.attestors.create', 'binaryauthorization.attestors.delete', 'binaryauthorization.attestors.get', 'binaryauthorization.attestors.getIamPolicy', 'binaryauthorization.attestors.list', 'binaryauthorization.attestors.setIamPolicy', 'binaryauthorization.attestors.update', 'binaryauthorization.attestors.verifyImageAttested', 'resourcemanager.projects.get', 'resourcemanager.projects.list'] |
|
GA |