| roles/workloadcertificate.serviceAgent |
Gives the Workload Certificate service agent access to Cloud Platform resources. |
Workload Certificate Service Agent |
['container.clusterRoleBindings.get', 'container.clusterRoleBindings.list', 'container.clusters.get', 'container.clusters.update', 'container.customResourceDefinitions.create', 'container.customResourceDefinitions.get', 'container.customResourceDefinitions.list', 'container.operations.get', 'container.thirdPartyObjects.update', 'gkehub.features.get', 'gkehub.fleet.create', 'gkehub.fleet.get', 'gkehub.locations.get', 'gkehub.locations.list', 'gkehub.memberships.get', 'gkehub.memberships.list', 'gkehub.operations.get', 'serviceconsumermanagement.tenancyu.addResource', 'serviceconsumermanagement.tenancyu.create', 'serviceconsumermanagement.tenancyu.delete', 'serviceconsumermanagement.tenancyu.removeResource', 'serviceusage.services.use', 'workloadcertificate.workloadCertificateFeature.get', 'workloadcertificate.workloadRegistrations.list'] |
|
GA |
| roles/workloadcertificate.registrationViewer |
Read-only access to WorkloadRegistration resources. |
Workload Certificate Registration Viewer |
['resourcemanager.projects.get', 'resourcemanager.projects.list', 'workloadcertificate.locations.get', 'workloadcertificate.locations.list', 'workloadcertificate.operations.get', 'workloadcertificate.operations.list', 'workloadcertificate.workloadRegistrations.get', 'workloadcertificate.workloadRegistrations.list'] |
|
BETA |
| roles/workloadcertificate.viewer |
Read-only access to Workload Certificate all resources. |
Workload Certificate Viewer |
['resourcemanager.projects.get', 'resourcemanager.projects.list', 'workloadcertificate.locations.get', 'workloadcertificate.locations.list', 'workloadcertificate.operations.get', 'workloadcertificate.operations.list', 'workloadcertificate.workloadCertificateFeature.get', 'workloadcertificate.workloadRegistrations.get', 'workloadcertificate.workloadRegistrations.list'] |
|
BETA |
| roles/workloadcertificate.registrationAdmin |
Full access to WorkloadRegistration resources. |
Workload Certificate Registration Admin |
['resourcemanager.projects.get', 'resourcemanager.projects.list', 'workloadcertificate.locations.get', 'workloadcertificate.locations.list', 'workloadcertificate.operations.cancel', 'workloadcertificate.operations.delete', 'workloadcertificate.operations.get', 'workloadcertificate.operations.list', 'workloadcertificate.workloadRegistrations.create', 'workloadcertificate.workloadRegistrations.delete', 'workloadcertificate.workloadRegistrations.get', 'workloadcertificate.workloadRegistrations.list', 'workloadcertificate.workloadRegistrations.update'] |
|
BETA |
| roles/workloadcertificate.admin |
Full access to all Workload Certificate API resources. |
Workload Certificate Admin |
['resourcemanager.projects.get', 'resourcemanager.projects.list', 'workloadcertificate.locations.get', 'workloadcertificate.locations.list', 'workloadcertificate.operations.cancel', 'workloadcertificate.operations.delete', 'workloadcertificate.operations.get', 'workloadcertificate.operations.list', 'workloadcertificate.workloadCertificateFeature.get', 'workloadcertificate.workloadCertificateFeature.update', 'workloadcertificate.workloadRegistrations.create', 'workloadcertificate.workloadRegistrations.delete', 'workloadcertificate.workloadRegistrations.get', 'workloadcertificate.workloadRegistrations.list', 'workloadcertificate.workloadRegistrations.update'] |
|
BETA |