아티팩트 보호는 Identity and Access Management (IAM) 역할 및 권한을 사용하여 리소스에 대한 액세스를 관리합니다. 사용자, 그룹 또는 서비스 계정에 IAM 역할을 부여할 수 있습니다. 역할 부여에 대한 상세 설명은 프로젝트, 폴더, 조직에 대한 액세스 관리를 참조하세요.
아티팩트 보호 역할
아티팩트 보호에 사용할 수 있는 IAM 역할은 다음과 같습니다.
| 역할 | 권한 |
|---|---|
| Artifact Scan Guard 관리자 ( roles/artifactscanguard.admin)아티팩트 보호 리소스에 대한 전체 액세스 권한입니다. 정책을 만들고 정책 성능을 평가하고 시각화합니다. |
artifactscanguard.artifactEvaluations.create artifactscanguard.artifactEvaluations.get artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.connectors.create artifactscanguard.connectors.delete artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.connectors.update artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.delete artifactscanguard.operations.get artifactscanguard.operations.list artifactscanguard.policies.create artifactscanguard.policies.delete artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.policies.update artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list {10ancers.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext |
| Artifact Scan Guard 평가 관리자 ( roles/artifactscanguard.policyEvaluator)아티팩트 평가 리소스에 대한 전체 액세스 권한입니다. |
artifactscanguard.artifactEvaluations.create artifactscanguard.artifactEvaluations.get artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext |
| Artifact Scan Guard 커넥터 관리자 ( roles/artifactscanguard.connectorAdmin)커넥터 리소스에 대한 전체 액세스 권한입니다. |
artifactscanguard.connectors.create artifactscanguard.connectors.delete artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.connectors.update artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 정책 관리자 ( roles/artifactscanguard.policyAdmin)정책 리소스에 대한 전체 액세스 권한입니다. 정책을 만들고 정책 성능을 시각화합니다. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.create artifactscanguard.policies.delete artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.policies.update resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 정책 평가 관리자 ( roles/artifactscanguard.policyEvaluationAdmin)정책 평가 리소스에 대한 전체 액세스 권한입니다. |
artifactscanguard.artifactPoliciesEvaluations.create artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get monitoring.timeSeries.create orgpolicy.policy.get resourcemanager.organizations.get resourcemanager.projects.get resourcemanager.projects.list storage.folders.create storage.folders.delete storage.folders.get storage.folders.list storage.folders.rename storage.managedFolders.create storage.managedFolders.delete storage.managedFolders.get storage.managedFolders.list storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.list storage.multipartUploads.listParts storage.objects.create storage.objects.createContext storage.objects.delete storage.objects.deleteContext storage.objects.get storage.objects.list storage.objects.move storage.objects.restore storage.objects.update storage.objects.updateContext |
| Artifact Scan Guard 보고서 관리자 ( roles/artifactscanguard.reportAdmin)보고서 리소스에 대한 전체 액세스 권한입니다. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 뷰어 ( roles/artifactscanguard.viewer)아티팩트 보호 리소스에 대한 읽기 전용 액세스 권한입니다. |
artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.get artifactscanguard.policies.list artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 커넥터 뷰어 ( roles/artifactscanguard.connectorViewer)커넥터 리소스에 대한 읽기 전용 액세스 권한입니다. |
artifactscanguard.connectors.get artifactscanguard.connectors.list artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 정책 뷰어 ( roles/artifactscanguard.policyViewer)정책 리소스에 대한 읽기 전용 액세스 권한입니다. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.policies.get artifactscanguard.policies.list resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 정책 평가 뷰어 ( roles/artifactscanguard.policyEvaluationViewer)정책 평가 리소스에 대한 읽기 전용 액세스 권한입니다. |
artifactscanguard.artifactPoliciesEvaluations.get artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get resourcemanager.organizations.get resourcemanager.projects.get |
| Artifact Scan Guard 보고서 뷰어 ( roles/artifactscanguard.reportViewer)보고서 리소스에 대한 읽기 전용 액세스 권한입니다. |
artifactscanguard.locations.get artifactscanguard.locations.list artifactscanguard.operations.get artifactscanguard.reports.listConnectorEvaluations artifactscanguard.reports.listPolicyEvaluationSummaries resourcemanager.organizations.get resourcemanager.projects.get |