Access Context Manager 역할 및 권한

이 페이지에는 Access Context Manager의 IAM 역할과 권한이 나와 있습니다. 모든 역할과 권한을 검색하려면 역할 및 권한 색인을 참조하세요.

Access Context Manager 역할

Role Permissions

Role	Permissions
Cloud Access Binding Admin (`roles/accesscontextmanager.gcpAccessAdmin`) Create, edit, and change Cloud access bindings.	`accesscontextmanager.gcpUserAccessBindings.*` `accesscontextmanager.gcpUserAccessBindings.create` `accesscontextmanager.gcpUserAccessBindings.delete` `accesscontextmanager.gcpUserAccessBindings.get` `accesscontextmanager.gcpUserAccessBindings.list` `accesscontextmanager.gcpUserAccessBindings.update`
Cloud Access Binding Reader (`roles/accesscontextmanager.gcpAccessReader`) Read access to Cloud access bindings.	`accesscontextmanager.gcpUserAccessBindings.get` `accesscontextmanager.gcpUserAccessBindings.list`
Access Context Manager Admin (`roles/accesscontextmanager.policyAdmin`) Full access to policies, access levels, access zones and authorized orgs descs.	`accesscontextmanager.accessLevels.` `accesscontextmanager.accessLevels.create` `accesscontextmanager.accessLevels.delete` `accesscontextmanager.accessLevels.get` `accesscontextmanager.accessLevels.list` `accesscontextmanager.accessLevels.replaceAll` `accesscontextmanager.accessLevels.update` `accesscontextmanager.authorizedOrgsDescs.` `accesscontextmanager.authorizedOrgsDescs.create` `accesscontextmanager.authorizedOrgsDescs.delete` `accesscontextmanager.authorizedOrgsDescs.get` `accesscontextmanager.authorizedOrgsDescs.list` `accesscontextmanager.authorizedOrgsDescs.update` `accesscontextmanager.policies.` `accesscontextmanager.policies.create` `accesscontextmanager.policies.delete` `accesscontextmanager.policies.get` `accesscontextmanager.policies.getIamPolicy` `accesscontextmanager.policies.list` `accesscontextmanager.policies.setIamPolicy` `accesscontextmanager.policies.update` `accesscontextmanager.servicePerimeters.` `accesscontextmanager.servicePerimeters.commit` `accesscontextmanager.servicePerimeters.create` `accesscontextmanager.servicePerimeters.delete` `accesscontextmanager.servicePerimeters.get` `accesscontextmanager.servicePerimeters.list` `accesscontextmanager.servicePerimeters.replaceAll` `accesscontextmanager.servicePerimeters.update` `cloudasset.assets.searchAllResources` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Access Context Manager Editor (`roles/accesscontextmanager.policyEditor`) Edit access to policies. Create, edit, and change access levels, access zones and authorized orgs descs.	`accesscontextmanager.accessLevels.` `accesscontextmanager.accessLevels.create` `accesscontextmanager.accessLevels.delete` `accesscontextmanager.accessLevels.get` `accesscontextmanager.accessLevels.list` `accesscontextmanager.accessLevels.replaceAll` `accesscontextmanager.accessLevels.update` `accesscontextmanager.authorizedOrgsDescs.` `accesscontextmanager.authorizedOrgsDescs.create` `accesscontextmanager.authorizedOrgsDescs.delete` `accesscontextmanager.authorizedOrgsDescs.get` `accesscontextmanager.authorizedOrgsDescs.list` `accesscontextmanager.authorizedOrgsDescs.update` `accesscontextmanager.policies.create` `accesscontextmanager.policies.delete` `accesscontextmanager.policies.get` `accesscontextmanager.policies.getIamPolicy` `accesscontextmanager.policies.list` `accesscontextmanager.policies.update` `accesscontextmanager.servicePerimeters.*` `accesscontextmanager.servicePerimeters.commit` `accesscontextmanager.servicePerimeters.create` `accesscontextmanager.servicePerimeters.delete` `accesscontextmanager.servicePerimeters.get` `accesscontextmanager.servicePerimeters.list` `accesscontextmanager.servicePerimeters.replaceAll` `accesscontextmanager.servicePerimeters.update` `cloudasset.assets.searchAllResources` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Access Context Manager Reader (`roles/accesscontextmanager.policyReader`) Read access to policies, access levels, access zones and authorized orgs descs.	`accesscontextmanager.accessLevels.get` `accesscontextmanager.accessLevels.list` `accesscontextmanager.authorizedOrgsDescs.get` `accesscontextmanager.authorizedOrgsDescs.list` `accesscontextmanager.policies.get` `accesscontextmanager.policies.getIamPolicy` `accesscontextmanager.policies.list` `accesscontextmanager.servicePerimeters.get` `accesscontextmanager.servicePerimeters.list` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
VPC Service Controls Troubleshooter Viewer (`roles/accesscontextmanager.vpcScTroubleshooterViewer`)	`accesscontextmanager.accessLevels.get` `accesscontextmanager.accessLevels.list` `accesscontextmanager.authorizedOrgsDescs.get` `accesscontextmanager.authorizedOrgsDescs.list` `accesscontextmanager.policies.get` `accesscontextmanager.policies.getIamPolicy` `accesscontextmanager.policies.list` `accesscontextmanager.servicePerimeters.get` `accesscontextmanager.servicePerimeters.list` `logging.exclusions.get` `logging.exclusions.list` `logging.logEntries.list` `logging.logMetrics.get` `logging.logMetrics.list` `logging.logServiceIndexes.list` `logging.logServices.list` `logging.logs.list` `logging.sinks.get` `logging.sinks.list` `logging.usage.get` `resourcemanager.organizations.get` `resourcemanager.projects.get` `resourcemanager.projects.list`

Cloud Access Binding Admin

(roles/accesscontextmanager.gcpAccessAdmin)

Create, edit, and change Cloud access bindings.

accesscontextmanager.gcpUserAccessBindings.*

accesscontextmanager.gcpUserAccessBindings.create
accesscontextmanager.gcpUserAccessBindings.delete
accesscontextmanager.gcpUserAccessBindings.get
accesscontextmanager.gcpUserAccessBindings.list
accesscontextmanager.gcpUserAccessBindings.update

Cloud Access Binding Reader

(roles/accesscontextmanager.gcpAccessReader)

Read access to Cloud access bindings.

accesscontextmanager.gcpUserAccessBindings.get

accesscontextmanager.gcpUserAccessBindings.list

Access Context Manager Admin

(roles/accesscontextmanager.policyAdmin)

Full access to policies, access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.*

accesscontextmanager.accessLevels.create
accesscontextmanager.accessLevels.delete
accesscontextmanager.accessLevels.get
accesscontextmanager.accessLevels.list
accesscontextmanager.accessLevels.replaceAll
accesscontextmanager.accessLevels.update

accesscontextmanager.authorizedOrgsDescs.*

accesscontextmanager.authorizedOrgsDescs.create
accesscontextmanager.authorizedOrgsDescs.delete
accesscontextmanager.authorizedOrgsDescs.get
accesscontextmanager.authorizedOrgsDescs.list
accesscontextmanager.authorizedOrgsDescs.update

accesscontextmanager.policies.*

accesscontextmanager.policies.create
accesscontextmanager.policies.delete
accesscontextmanager.policies.get
accesscontextmanager.policies.getIamPolicy
accesscontextmanager.policies.list
accesscontextmanager.policies.setIamPolicy
accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

accesscontextmanager.servicePerimeters.commit
accesscontextmanager.servicePerimeters.create
accesscontextmanager.servicePerimeters.delete
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.replaceAll
accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager Editor

(roles/accesscontextmanager.policyEditor)

Edit access to policies. Create, edit, and change access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.*

accesscontextmanager.accessLevels.create
accesscontextmanager.accessLevels.delete
accesscontextmanager.accessLevels.get
accesscontextmanager.accessLevels.list
accesscontextmanager.accessLevels.replaceAll
accesscontextmanager.accessLevels.update

accesscontextmanager.authorizedOrgsDescs.*

accesscontextmanager.authorizedOrgsDescs.create
accesscontextmanager.authorizedOrgsDescs.delete
accesscontextmanager.authorizedOrgsDescs.get
accesscontextmanager.authorizedOrgsDescs.list
accesscontextmanager.authorizedOrgsDescs.update

accesscontextmanager.policies.create

accesscontextmanager.policies.delete

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.policies.update

accesscontextmanager.servicePerimeters.*

accesscontextmanager.servicePerimeters.commit
accesscontextmanager.servicePerimeters.create
accesscontextmanager.servicePerimeters.delete
accesscontextmanager.servicePerimeters.get
accesscontextmanager.servicePerimeters.list
accesscontextmanager.servicePerimeters.replaceAll
accesscontextmanager.servicePerimeters.update

cloudasset.assets.searchAllResources

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager Reader

(roles/accesscontextmanager.policyReader)

Read access to policies, access levels, access zones and authorized orgs descs.

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.authorizedOrgsDescs.get

accesscontextmanager.authorizedOrgsDescs.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

VPC Service Controls Troubleshooter Viewer

(roles/accesscontextmanager.vpcScTroubleshooterViewer)

accesscontextmanager.accessLevels.get

accesscontextmanager.accessLevels.list

accesscontextmanager.authorizedOrgsDescs.get

accesscontextmanager.authorizedOrgsDescs.list

accesscontextmanager.policies.get

accesscontextmanager.policies.getIamPolicy

accesscontextmanager.policies.list

accesscontextmanager.servicePerimeters.get

accesscontextmanager.servicePerimeters.list

logging.exclusions.get

logging.exclusions.list

logging.logEntries.list

logging.logMetrics.get

logging.logMetrics.list

logging.logServiceIndexes.list

logging.logServices.list

logging.logs.list

logging.sinks.get

logging.sinks.list

logging.usage.get

resourcemanager.organizations.get

resourcemanager.projects.get

resourcemanager.projects.list

Access Context Manager 권한

권한	역할에 포함됨
`accesscontextmanager.accessLevels.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.accessLevels.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.accessLevels.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.accessLevels.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`accesscontextmanager.accessLevels.replaceAll`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.accessLevels.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.authorizedOrgsDescs.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.authorizedOrgsDescs.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.authorizedOrgsDescs.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`)
`accesscontextmanager.authorizedOrgsDescs.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`accesscontextmanager.authorizedOrgsDescs.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.gcpUserAccessBindings.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud 액세스 바인딩 관리자(`roles/accesscontextmanager.gcpAccessAdmin`)
`accesscontextmanager.gcpUserAccessBindings.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud 액세스 바인딩 관리자(`roles/accesscontextmanager.gcpAccessAdmin`)
`accesscontextmanager.gcpUserAccessBindings.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud 액세스 바인딩 관리자(`roles/accesscontextmanager.gcpAccessAdmin`) Cloud 액세스 바인딩 리더(`roles/accesscontextmanager.gcpAccessReader`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. 보안 센터 서비스 에이전트(`roles/securitycenter.serviceAgent`) 보안 센터 제어 서비스 에이전트(`roles/securitycenter.controlServiceAgent`)
`accesscontextmanager.gcpUserAccessBindings.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud 액세스 바인딩 관리자(`roles/accesscontextmanager.gcpAccessAdmin`) Cloud 액세스 바인딩 리더(`roles/accesscontextmanager.gcpAccessReader`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. 보안 센터 서비스 에이전트(`roles/securitycenter.serviceAgent`) 보안 센터 제어 서비스 에이전트(`roles/securitycenter.controlServiceAgent`)
`accesscontextmanager.gcpUserAccessBindings.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud 액세스 바인딩 관리자(`roles/accesscontextmanager.gcpAccessAdmin`)
`accesscontextmanager.policies.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.policies.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.policies.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`)
`accesscontextmanager.policies.getIamPolicy`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`accesscontextmanager.policies.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.policies.setIamPolicy`	소유자(`roles/owner`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) 보안 관리자(`roles/iam.securityAdmin`)
`accesscontextmanager.policies.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.servicePerimeters.commit`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.servicePerimeters.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.servicePerimeters.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.servicePerimeters.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) SLZ BQDW Blueprint 조직 수준 조정자(`roles/securedlandingzone.bqdwOrgRemediator`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)
`accesscontextmanager.servicePerimeters.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) Access Context Manager 리더(`roles/accesscontextmanager.policyReader`) VPC 서비스 제어 문제 해결 도구 뷰어(`roles/accesscontextmanager.vpcScTroubleshooterViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) SLZ BQDW Blueprint 조직 수준 조정자(`roles/securedlandingzone.bqdwOrgRemediator`)
`accesscontextmanager.servicePerimeters.replaceAll`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`)
`accesscontextmanager.servicePerimeters.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Access Context Manager 관리자(`roles/accesscontextmanager.policyAdmin`) Access Context Manager 편집자(`roles/accesscontextmanager.policyEditor`) SLZ BQDW Blueprint 조직 수준 조정자(`roles/securedlandingzone.bqdwOrgRemediator`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`)

Access Context Manager 역할 및 권한