Artifact guard menggunakan Identity and Access Management (IAM) peran dan izin untuk mengelola akses ke resource. Anda dapat memberikan peran IAM kepada pengguna, grup, atau akun layanan. Untuk mengetahui informasi tentang cara memberikan peran, lihat Mengelola akses ke project, folder, dan organisasi.
Peran artifact guard
Peran IAM berikut tersedia untuk artifact guard.
| Peran | Izin |
|---|---|
| Admin Artifact Scan Guard ( roles/artifactscanguard.admin)Akses penuh ke resource artifact guard. Membuat kebijakan, mengevaluasi, dan memvisualisasikan performa kebijakan. |
artifactscanguard.artifactEvaluations.create artifactscanguard.artifactEvaluations.get artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.connectors.create artifactscanguard.connectors.delete artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.connectors.update artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.delete artifactscanguard.operations.get artifactscanguard.operations.list artifactscanguard.policies.create artifactscanguard.policies.delete artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.policies.update artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list {10ancers.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext |
| Admin Evaluasi Artifact Scan Guard ( roles/artifactscanguard.policyEvaluator)Akses penuh ke resource Evaluasi Artefak. |
artifactscanguard.artifactEvaluations.create artifactscanguard.artifactEvaluations.get artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext |
| Admin Konektor Artifact Scan Guard ( roles/artifactscanguard.connectorAdmin)Akses penuh ke resource Konektor. |
artifactscanguard.connectors.create artifactscanguard.connectors.delete artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.connectors.update artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get |
| Admin Kebijakan Artifact Scan Guard ( roles/artifactscanguard.policyAdmin)Akses penuh ke resource Kebijakan. Membuat kebijakan dan memvisualisasikan performa kebijakan. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.create artifactscanguard.policies.delete artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.policies.update resourcemanager.organizations.get resourcemanager.projects.get |
| Admin Evaluasi Kebijakan Artifact Scan Guard ( roles/artifactscanguard.policyEvaluationAdmin)Akses penuh ke resource Evaluasi Kebijakan. |
artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext |
| Admin Laporan Artifact Scan Guard ( roles/artifactscanguard.reportAdmin)Akses penuh ke resource Laporan. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get |
| Viewer Artifact Scan Guard ( roles/artifactscanguard.viewer)Akses hanya baca ke resource artifact guard. |
artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get |
| Viewer Konektor Artifact Scan Guard ( roles/artifactscanguard.connectorViewer)Akses hanya baca ke resource Konektor. |
artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get |
| Viewer Kebijakan Artifact Scan Guard ( roles/artifactscanguard.policyViewer)Akses hanya baca ke resource Kebijakan. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.get artifactscanguard.policies.list resourcemanager.organizations.get resourcemanager.projects.get |
| Viewer Evaluasi Kebijakan Artifact Scan Guard ( roles/artifactscanguard.policyEvaluationViewer)Akses hanya baca ke resource Evaluasi Kebijakan. |
artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get |
| Viewer Laporan Artifact Scan Guard ( roles/artifactscanguard.reportViewer)Akses hanya baca ke resource Laporan. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get |