Console
    Start free

    Binary Authorization roles and permissions

    This page lists the IAM roles and permissions for Binary Authorization. To search through all roles and permissions, see the role and permission index .

    Binary Authorization roles

    Role
    Permissions

    ( roles/ binaryauthorization.admin )

    Admin role for binaryauthorization

    binaryauthorization.*

    • binaryauthorization. attestors. create
    • binaryauthorization. attestors. delete
    • binaryauthorization. attestors. get
    • binaryauthorization. attestors. getIamPolicy
    • binaryauthorization. attestors. list
    • binaryauthorization. attestors. setIamPolicy
    • binaryauthorization. attestors. update
    • binaryauthorization. attestors. verifyImageAttested
    • binaryauthorization. continuousValidationConfig. get
    • binaryauthorization. continuousValidationConfig. getIamPolicy
    • binaryauthorization. continuousValidationConfig. setIamPolicy
    • binaryauthorization. continuousValidationConfig. update
    • binaryauthorization. platformPolicies. create
    • binaryauthorization. platformPolicies. delete
    • binaryauthorization. platformPolicies. evaluatePolicy
    • binaryauthorization. platformPolicies. get
    • binaryauthorization. platformPolicies. list
    • binaryauthorization. platformPolicies. replace
    • binaryauthorization. policy. evaluatePolicy
    • binaryauthorization.policy.get
    • binaryauthorization. policy. getIamPolicy
    • binaryauthorization. policy. setIamPolicy
    • binaryauthorization. policy. update

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.attestorsAdmin )

    Administrator of Binary Authorization Attestors

    binaryauthorization. attestors.*

    • binaryauthorization. attestors. create
    • binaryauthorization. attestors. delete
    • binaryauthorization. attestors. get
    • binaryauthorization. attestors. getIamPolicy
    • binaryauthorization. attestors. list
    • binaryauthorization. attestors. setIamPolicy
    • binaryauthorization. attestors. update
    • binaryauthorization. attestors. verifyImageAttested

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.attestorsEditor )

    Editor of Binary Authorization Attestors

    binaryauthorization. attestors. create

    binaryauthorization. attestors. delete

    binaryauthorization. attestors. get

    binaryauthorization. attestors. list

    binaryauthorization. attestors. update

    binaryauthorization. attestors. verifyImageAttested

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.attestorsVerifier )

    Caller of Binary Authorization Attestors VerifyImageAttested

    binaryauthorization. attestors. get

    binaryauthorization. attestors. list

    binaryauthorization. attestors. verifyImageAttested

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.attestorsViewer )

    Viewer of Binary Authorization Attestors

    binaryauthorization. attestors. get

    binaryauthorization. attestors. list

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.editor )

    Editor role for binaryauthorization

    binaryauthorization. attestors. create

    binaryauthorization. attestors. delete

    binaryauthorization. attestors. get

    binaryauthorization. attestors. getIamPolicy

    binaryauthorization. attestors. list

    binaryauthorization. attestors. update

    binaryauthorization. attestors. verifyImageAttested

    binaryauthorization. continuousValidationConfig. get

    binaryauthorization. continuousValidationConfig. getIamPolicy

    binaryauthorization. continuousValidationConfig. update

    binaryauthorization. platformPolicies.*

    • binaryauthorization. platformPolicies. create
    • binaryauthorization. platformPolicies. delete
    • binaryauthorization. platformPolicies. evaluatePolicy
    • binaryauthorization. platformPolicies. get
    • binaryauthorization. platformPolicies. list
    • binaryauthorization. platformPolicies. replace

    binaryauthorization. policy. evaluatePolicy

    binaryauthorization.policy.get

    binaryauthorization. policy. getIamPolicy

    binaryauthorization. policy. update

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.policyAdmin )

    Administrator of Binary Authorization Policy

    binaryauthorization. continuousValidationConfig.*

    • binaryauthorization. continuousValidationConfig. get
    • binaryauthorization. continuousValidationConfig. getIamPolicy
    • binaryauthorization. continuousValidationConfig. setIamPolicy
    • binaryauthorization. continuousValidationConfig. update

    binaryauthorization. platformPolicies.*

    • binaryauthorization. platformPolicies. create
    • binaryauthorization. platformPolicies. delete
    • binaryauthorization. platformPolicies. evaluatePolicy
    • binaryauthorization. platformPolicies. get
    • binaryauthorization. platformPolicies. list
    • binaryauthorization. platformPolicies. replace

    binaryauthorization.policy.*

    • binaryauthorization. policy. evaluatePolicy
    • binaryauthorization.policy.get
    • binaryauthorization. policy. getIamPolicy
    • binaryauthorization. policy. setIamPolicy
    • binaryauthorization. policy. update

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.policyEditor )

    Editor of Binary Authorization Policy

    binaryauthorization. continuousValidationConfig. get

    binaryauthorization. continuousValidationConfig. update

    binaryauthorization. platformPolicies.*

    • binaryauthorization. platformPolicies. create
    • binaryauthorization. platformPolicies. delete
    • binaryauthorization. platformPolicies. evaluatePolicy
    • binaryauthorization. platformPolicies. get
    • binaryauthorization. platformPolicies. list
    • binaryauthorization. platformPolicies. replace

    binaryauthorization. policy. evaluatePolicy

    binaryauthorization.policy.get

    binaryauthorization. policy. update

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.policyEvaluator )

    Evaluator of Binary Authorization Policy

    binaryauthorization. platformPolicies. evaluatePolicy

    binaryauthorization. platformPolicies. get

    binaryauthorization. platformPolicies. list

    binaryauthorization. policy. evaluatePolicy

    binaryauthorization.policy.get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.policyViewer )

    Viewer of Binary Authorization Policy

    binaryauthorization. continuousValidationConfig. get

    binaryauthorization. platformPolicies. get

    binaryauthorization. platformPolicies. list

    binaryauthorization.policy.get

    resourcemanager.projects.get

    resourcemanager.projects.list

    ( roles/ binaryauthorization.serviceAgent )

    Can read Notes and Occurrences from the Container Analysis Service to find and verify signatures.

    artifactregistry. dockerimages. get

    artifactregistry. repositories. downloadArtifacts

    binaryauthorization. attestors. get

    binaryauthorization. attestors. list

    binaryauthorization. attestors. verifyImageAttested

    binaryauthorization. platformPolicies. evaluatePolicy

    binaryauthorization. policy. evaluatePolicy

    cloudasset. assets. exportResource

    cloudasset.feeds.create

    cloudasset.feeds.delete

    cloudasset.feeds.get

    cloudasset.feeds.update

    containeranalysis.notes.get

    containeranalysis.notes.list

    containeranalysis. notes. listOccurrences

    containeranalysis. occurrences. get

    containeranalysis. occurrences. list

    resourcemanager.projects.get

    resourcemanager.projects.list

    storage.objects.list

    ( roles/ binaryauthorization.viewer )

    Viewer role for binaryauthorization

    binaryauthorization. attestors. get

    binaryauthorization. attestors. getIamPolicy

    binaryauthorization. attestors. list

    binaryauthorization. attestors. verifyImageAttested

    binaryauthorization. continuousValidationConfig. get

    binaryauthorization. continuousValidationConfig. getIamPolicy

    binaryauthorization. platformPolicies. evaluatePolicy

    binaryauthorization. platformPolicies. get

    binaryauthorization. platformPolicies. list

    binaryauthorization. policy. evaluatePolicy

    binaryauthorization.policy.get

    binaryauthorization. policy. getIamPolicy

    resourcemanager.projects.get

    resourcemanager.projects.list

    Binary Authorization permissions

    Permission
    Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binary Authorization Attestor Editor ( roles/ binaryauthorization.attestorsEditor )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binary Authorization Attestor Editor ( roles/ binaryauthorization.attestorsEditor )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binary Authorization Attestor Editor ( roles/ binaryauthorization.attestorsEditor )

    Binary Authorization Attestor Image Verifier ( roles/ binaryauthorization.attestorsVerifier )

    Binary Authorization Attestor Viewer ( roles/ binaryauthorization.attestorsViewer )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binary Authorization Attestor Editor ( roles/ binaryauthorization.attestorsEditor )

    Binary Authorization Attestor Image Verifier ( roles/ binaryauthorization.attestorsVerifier )

    Binary Authorization Attestor Viewer ( roles/ binaryauthorization.attestorsViewer )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Security Admin ( roles/ iam.securityAdmin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binary Authorization Attestor Editor ( roles/ binaryauthorization.attestorsEditor )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Attestor Admin ( roles/ binaryauthorization.attestorsAdmin )

    Binary Authorization Attestor Editor ( roles/ binaryauthorization.attestorsEditor )

    Binary Authorization Attestor Image Verifier ( roles/ binaryauthorization.attestorsVerifier )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Binary Authorization Policy Viewer ( roles/ binaryauthorization.policyViewer )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Dev Ops ( roles/ iam.devOps )

    Security Admin ( roles/ iam.securityAdmin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Dev Ops ( roles/ iam.devOps )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Dev Ops ( roles/ iam.devOps )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Dev Ops ( roles/ iam.devOps )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Binary Authorization Policy Evaluator ( roles/ binaryauthorization.policyEvaluator )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Binary Authorization Policy Evaluator ( roles/ binaryauthorization.policyEvaluator )

    Binary Authorization Policy Viewer ( roles/ binaryauthorization.policyViewer )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Binary Authorization Policy Evaluator ( roles/ binaryauthorization.policyEvaluator )

    Binary Authorization Policy Viewer ( roles/ binaryauthorization.policyViewer )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Dev Ops ( roles/ iam.devOps )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Binary Authorization Policy Evaluator ( roles/ binaryauthorization.policyEvaluator )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Binary Authorization Policy Evaluator ( roles/ binaryauthorization.policyEvaluator )

    Binary Authorization Policy Viewer ( roles/ binaryauthorization.policyViewer )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Support User ( roles/ iam.supportUser )

    Service agent roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binaryauthorization Viewer ( roles/ binaryauthorization.viewer )

    Dev Ops ( roles/ iam.devOps )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Dev Ops ( roles/ iam.devOps )

    Security Admin ( roles/ iam.securityAdmin )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Binaryauthorization Admin ( roles/ binaryauthorization.admin )

    Binaryauthorization Editor ( roles/ binaryauthorization.editor )

    Binary Authorization Policy Administrator ( roles/ binaryauthorization.policyAdmin )

    Binary Authorization Policy Editor ( roles/ binaryauthorization.policyEditor )

    Dev Ops ( roles/ iam.devOps )
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: