Cloud Build 역할 및 권한

이 페이지에는 Cloud Build의 IAM 역할과 권한이 나와 있습니다. 모든 역할과 권한을 검색하려면 역할 및 권한 색인을 참조하세요.

Cloud Build 역할

Role Permissions

Role	Permissions
Cloud Build Approver (`roles/cloudbuild.builds.approver`) Can approve or reject pending builds.	`cloudbuild.builds.approve` `cloudbuild.builds.get` `cloudbuild.builds.list` `cloudbuild.locations.` `cloudbuild.locations.get` `cloudbuild.locations.list` `cloudbuild.operations.` `cloudbuild.operations.get` `cloudbuild.operations.list` `remotebuildexecution.blobs.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Service Account (`roles/cloudbuild.builds.builder`) Provides access to perform builds.	`artifactregistry.aptartifacts.create` `artifactregistry.attachments.create` `artifactregistry.attachments.get` `artifactregistry.attachments.list` `artifactregistry.dockerimages.` `artifactregistry.dockerimages.get` `artifactregistry.dockerimages.list` `artifactregistry.files.download` `artifactregistry.files.get` `artifactregistry.files.list` `artifactregistry.files.update` `artifactregistry.files.upload` `artifactregistry.kfpartifacts.create` `artifactregistry.locations.` `artifactregistry.locations.get` `artifactregistry.locations.list` `artifactregistry.mavenartifacts.` `artifactregistry.mavenartifacts.get` `artifactregistry.mavenartifacts.list` `artifactregistry.npmpackages.` `artifactregistry.npmpackages.get` `artifactregistry.npmpackages.list` `artifactregistry.packages.get` `artifactregistry.packages.list` `artifactregistry.packages.update` `artifactregistry.projectsettings.get` `artifactregistry.pythonpackages.` `artifactregistry.pythonpackages.get` `artifactregistry.pythonpackages.list` `artifactregistry.repositories.createOnPush` `artifactregistry.repositories.deleteArtifacts` `artifactregistry.repositories.downloadArtifacts` `artifactregistry.repositories.get` `artifactregistry.repositories.list` `artifactregistry.repositories.listEffectiveTags` `artifactregistry.repositories.listTagBindings` `artifactregistry.repositories.readViaVirtualRepository` `artifactregistry.repositories.uploadArtifacts` `artifactregistry.rules.get` `artifactregistry.rules.list` `artifactregistry.tags.create` `artifactregistry.tags.get` `artifactregistry.tags.list` `artifactregistry.tags.update` `artifactregistry.versions.get` `artifactregistry.versions.list` `artifactregistry.yumartifacts.create` `cloudbuild.builds.create` `cloudbuild.builds.get` `cloudbuild.builds.list` `cloudbuild.builds.update` `cloudbuild.locations.` `cloudbuild.locations.get` `cloudbuild.locations.list` `cloudbuild.operations.*` `cloudbuild.operations.get` `cloudbuild.operations.list` `cloudbuild.workerpools.use` `containeranalysis.occurrences.create` `containeranalysis.occurrences.delete` `containeranalysis.occurrences.get` `containeranalysis.occurrences.list` `containeranalysis.occurrences.update` `logging.logEntries.create` `logging.logEntries.list` `logging.views.access` `pubsub.topics.create` `pubsub.topics.publish` `remotebuildexecution.blobs.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `source.repos.get` `source.repos.list` `storage.buckets.create` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Cloud Build Editor (`roles/cloudbuild.builds.editor`) Provides access to create and cancel builds. Lowest-level resources where you can grant this role: Project	`cloudbuild.builds.create` `cloudbuild.builds.get` `cloudbuild.builds.list` `cloudbuild.builds.update` `cloudbuild.locations.` `cloudbuild.locations.get` `cloudbuild.locations.list` `cloudbuild.operations.` `cloudbuild.operations.get` `cloudbuild.operations.list` `remotebuildexecution.blobs.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Viewer (`roles/cloudbuild.builds.viewer`) Provides access to view builds. Lowest-level resources where you can grant this role: Project	`cloudbuild.builds.get` `cloudbuild.builds.list` `cloudbuild.locations.` `cloudbuild.locations.get` `cloudbuild.locations.list` `cloudbuild.operations.` `cloudbuild.operations.get` `cloudbuild.operations.list` `remotebuildexecution.blobs.get` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Connection Admin (`roles/cloudbuild.connectionAdmin`) Can manage connections and repositories.	`cloudbuild.connections.` `cloudbuild.connections.create` `cloudbuild.connections.delete` `cloudbuild.connections.fetchLinkableRepositories` `cloudbuild.connections.get` `cloudbuild.connections.getIamPolicy` `cloudbuild.connections.list` `cloudbuild.connections.setIamPolicy` `cloudbuild.connections.update` `cloudbuild.operations.` `cloudbuild.operations.get` `cloudbuild.operations.list` `cloudbuild.repositories.create` `cloudbuild.repositories.delete` `cloudbuild.repositories.fetchGitRefs` `cloudbuild.repositories.get` `cloudbuild.repositories.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Connection Viewer (`roles/cloudbuild.connectionViewer`) Can view and list connections and repositories.	`cloudbuild.connections.fetchLinkableRepositories` `cloudbuild.connections.get` `cloudbuild.connections.getIamPolicy` `cloudbuild.connections.list` `cloudbuild.repositories.fetchGitRefs` `cloudbuild.repositories.get` `cloudbuild.repositories.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Integrations Editor (`roles/cloudbuild.integrationsEditor`) Can update Integrations	`cloudbuild.integrations.get` `cloudbuild.integrations.list` `cloudbuild.integrations.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Integrations Owner (`roles/cloudbuild.integrationsOwner`) Can create/delete Integrations	`cloudbuild.integrations.*` `cloudbuild.integrations.create` `cloudbuild.integrations.delete` `cloudbuild.integrations.get` `cloudbuild.integrations.list` `cloudbuild.integrations.update` `compute.firewalls.create` `compute.firewalls.get` `compute.firewalls.list` `compute.networks.get` `compute.networks.updatePolicy` `compute.regions.get` `compute.subnetworks.get` `compute.subnetworks.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Integrations Viewer (`roles/cloudbuild.integrationsViewer`) Can view Integrations	`cloudbuild.integrations.get` `cloudbuild.integrations.list` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build Logging Service Agent (`roles/cloudbuild.loggingServiceAgent`) Gives the Cloud Build logging-specific service account access to write logs. Warning: Do not grant service agent roles to any principals except service agents.	`logging.buckets.write`
Cloud Build Read Only Token Accessor (`roles/cloudbuild.readTokenAccessor`) Can view the connection and access its read-only token.	`cloudbuild.connections.get` `cloudbuild.repositories.accessReadToken` `cloudbuild.repositories.get`
Cloud Build Service Agent (`roles/cloudbuild.serviceAgent`) Gives Cloud Build service account access to managed resources. Warning: Do not grant service agent roles to any principals except service agents.	`artifactregistry.aptartifacts.create` `artifactregistry.attachments.create` `artifactregistry.attachments.get` `artifactregistry.attachments.list` `artifactregistry.dockerimages.` `artifactregistry.dockerimages.get` `artifactregistry.dockerimages.list` `artifactregistry.files.download` `artifactregistry.files.get` `artifactregistry.files.list` `artifactregistry.files.update` `artifactregistry.files.upload` `artifactregistry.kfpartifacts.create` `artifactregistry.locations.` `artifactregistry.locations.get` `artifactregistry.locations.list` `artifactregistry.mavenartifacts.` `artifactregistry.mavenartifacts.get` `artifactregistry.mavenartifacts.list` `artifactregistry.npmpackages.` `artifactregistry.npmpackages.get` `artifactregistry.npmpackages.list` `artifactregistry.packages.get` `artifactregistry.packages.list` `artifactregistry.packages.update` `artifactregistry.projectsettings.get` `artifactregistry.pythonpackages.` `artifactregistry.pythonpackages.get` `artifactregistry.pythonpackages.list` `artifactregistry.repositories.createOnPush` `artifactregistry.repositories.deleteArtifacts` `artifactregistry.repositories.downloadArtifacts` `artifactregistry.repositories.get` `artifactregistry.repositories.list` `artifactregistry.repositories.listEffectiveTags` `artifactregistry.repositories.listTagBindings` `artifactregistry.repositories.readViaVirtualRepository` `artifactregistry.repositories.uploadArtifacts` `artifactregistry.rules.get` `artifactregistry.rules.list` `artifactregistry.tags.create` `artifactregistry.tags.get` `artifactregistry.tags.list` `artifactregistry.tags.update` `artifactregistry.versions.get` `artifactregistry.versions.list` `artifactregistry.yumartifacts.create` `binaryauthorization.attestors.create` `binaryauthorization.attestors.delete` `binaryauthorization.attestors.get` `binaryauthorization.attestors.list` `binaryauthorization.attestors.update` `binaryauthorization.attestors.verifyImageAttested` `cloudbuild.builds.create` `cloudbuild.builds.get` `cloudbuild.builds.list` `cloudbuild.builds.update` `cloudbuild.connections.get` `cloudbuild.locations.` `cloudbuild.locations.get` `cloudbuild.locations.list` `cloudbuild.operations.` `cloudbuild.operations.get` `cloudbuild.operations.list` `cloudbuild.repositories.accessReadToken` `cloudbuild.repositories.accessReadWriteToken` `cloudbuild.repositories.get` `cloudbuild.repositories.list` `cloudbuild.workerpools.use` `compute.firewalls.get` `compute.firewalls.list` `compute.networkAttachments.get` `compute.networkAttachments.update` `compute.networks.get` `compute.regionOperations.get` `compute.subnetworks.get` `containeranalysis.notes.attachOccurrence` `containeranalysis.notes.create` `containeranalysis.notes.delete` `containeranalysis.notes.get` `containeranalysis.notes.list` `containeranalysis.notes.update` `containeranalysis.occurrences.create` `containeranalysis.occurrences.delete` `containeranalysis.occurrences.get` `containeranalysis.occurrences.list` `containeranalysis.occurrences.update` `developerconnect.connections.get` `developerconnect.gitRepositoryLinks.fetchReadToken` `developerconnect.gitRepositoryLinks.fetchReadWriteToken` `developerconnect.gitRepositoryLinks.get` `iam.serviceAccounts.get` `iam.serviceAccounts.getAccessToken` `iam.serviceAccounts.getOpenIdToken` `logging.buckets.create` `logging.buckets.get` `logging.buckets.list` `logging.logEntries.create` `logging.logEntries.list` `logging.views.access` `pubsub.subscriptions.create` `pubsub.subscriptions.delete` `pubsub.subscriptions.get` `pubsub.subscriptions.update` `pubsub.topics.attachSubscription` `pubsub.topics.create` `pubsub.topics.get` `pubsub.topics.publish` `remotebuildexecution.blobs.get` `resourcemanager.projects.get` `resourcemanager.projects.list` `servicedirectory.endpoints.get` `servicedirectory.endpoints.getIamPolicy` `servicedirectory.endpoints.list` `servicedirectory.locations.` `servicedirectory.locations.get` `servicedirectory.locations.list` `servicedirectory.namespaces.get` `servicedirectory.namespaces.getIamPolicy` `servicedirectory.namespaces.list` `servicedirectory.networks.access` `servicedirectory.services.get` `servicedirectory.services.getIamPolicy` `servicedirectory.services.list` `servicedirectory.services.resolve` `serviceusage.services.use` `source.repos.get` `source.repos.list` `storage.buckets.create` `storage.buckets.get` `storage.buckets.list` `storage.objects.create` `storage.objects.delete` `storage.objects.get` `storage.objects.list` `storage.objects.update`
Cloud Build Token Accessor (`roles/cloudbuild.tokenAccessor`) Can view the connection and access its read/write and read-only tokens.	`cloudbuild.connections.get` `cloudbuild.repositories.accessReadToken` `cloudbuild.repositories.accessReadWriteToken` `cloudbuild.repositories.get` `cloudbuild.repositories.list`
Cloud Build WorkerPool Editor (`roles/cloudbuild.workerPoolEditor`) Can update and view WorkerPools	`cloudbuild.workerpools.get` `cloudbuild.workerpools.list` `cloudbuild.workerpools.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build WorkerPool Owner (`roles/cloudbuild.workerPoolOwner`) Can create, delete, update, and view WorkerPools	`cloudbuild.workerpools.create` `cloudbuild.workerpools.delete` `cloudbuild.workerpools.get` `cloudbuild.workerpools.list` `cloudbuild.workerpools.update` `resourcemanager.projects.get` `resourcemanager.projects.list`
Cloud Build WorkerPool User (`roles/cloudbuild.workerPoolUser`) Can run builds in the WorkerPool	`cloudbuild.workerpools.use`
Cloud Build WorkerPool Viewer (`roles/cloudbuild.workerPoolViewer`) Can view WorkerPools	`cloudbuild.workerpools.get` `cloudbuild.workerpools.list` `resourcemanager.projects.get` `resourcemanager.projects.list`

Cloud Build Approver

(roles/cloudbuild.builds.approver)

Can approve or reject pending builds.

cloudbuild.builds.approve

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.locations.*

cloudbuild.locations.get
cloudbuild.locations.list

cloudbuild.operations.*

cloudbuild.operations.get
cloudbuild.operations.list

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Service Account

(roles/cloudbuild.builds.builder)

Provides access to perform builds.

artifactregistry.aptartifacts.create

artifactregistry.attachments.create

artifactregistry.attachments.get

artifactregistry.attachments.list

artifactregistry.dockerimages.*

artifactregistry.dockerimages.get
artifactregistry.dockerimages.list

artifactregistry.files.download

artifactregistry.files.get

artifactregistry.files.list

artifactregistry.files.update

artifactregistry.files.upload

artifactregistry.kfpartifacts.create

artifactregistry.locations.*

artifactregistry.locations.get
artifactregistry.locations.list

artifactregistry.mavenartifacts.*

artifactregistry.mavenartifacts.get
artifactregistry.mavenartifacts.list

artifactregistry.npmpackages.*

artifactregistry.npmpackages.get
artifactregistry.npmpackages.list

artifactregistry.packages.get

artifactregistry.packages.list

artifactregistry.packages.update

artifactregistry.projectsettings.get

artifactregistry.pythonpackages.*

artifactregistry.pythonpackages.get
artifactregistry.pythonpackages.list

artifactregistry.repositories.createOnPush

artifactregistry.repositories.deleteArtifacts

artifactregistry.repositories.downloadArtifacts

artifactregistry.repositories.get

artifactregistry.repositories.list

artifactregistry.repositories.listEffectiveTags

artifactregistry.repositories.listTagBindings

artifactregistry.repositories.readViaVirtualRepository

artifactregistry.repositories.uploadArtifacts

artifactregistry.rules.get

artifactregistry.rules.list

artifactregistry.tags.create

artifactregistry.tags.get

artifactregistry.tags.list

artifactregistry.tags.update

artifactregistry.versions.get

artifactregistry.versions.list

artifactregistry.yumartifacts.create

cloudbuild.builds.create

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.builds.update

cloudbuild.locations.*

cloudbuild.locations.get
cloudbuild.locations.list

cloudbuild.operations.*

cloudbuild.operations.get
cloudbuild.operations.list

cloudbuild.workerpools.use

containeranalysis.occurrences.create

containeranalysis.occurrences.delete

containeranalysis.occurrences.get

containeranalysis.occurrences.list

containeranalysis.occurrences.update

logging.logEntries.create

logging.logEntries.list

logging.views.access

pubsub.topics.create

pubsub.topics.publish

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

source.repos.get

source.repos.list

storage.buckets.create

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Cloud Build Editor

(roles/cloudbuild.builds.editor)

Provides access to create and cancel builds.

Lowest-level resources where you can grant this role:

Project

cloudbuild.builds.create

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.builds.update

cloudbuild.locations.*

cloudbuild.locations.get
cloudbuild.locations.list

cloudbuild.operations.*

cloudbuild.operations.get
cloudbuild.operations.list

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Viewer

(roles/cloudbuild.builds.viewer)

Provides access to view builds.

Lowest-level resources where you can grant this role:

Project

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.locations.*

cloudbuild.locations.get
cloudbuild.locations.list

cloudbuild.operations.*

cloudbuild.operations.get
cloudbuild.operations.list

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Connection Admin

(roles/cloudbuild.connectionAdmin)

Can manage connections and repositories.

cloudbuild.connections.*

cloudbuild.connections.create
cloudbuild.connections.delete
cloudbuild.connections.fetchLinkableRepositories
cloudbuild.connections.get
cloudbuild.connections.getIamPolicy
cloudbuild.connections.list
cloudbuild.connections.setIamPolicy
cloudbuild.connections.update

cloudbuild.operations.*

cloudbuild.operations.get
cloudbuild.operations.list

cloudbuild.repositories.create

cloudbuild.repositories.delete

cloudbuild.repositories.fetchGitRefs

cloudbuild.repositories.get

cloudbuild.repositories.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Connection Viewer

(roles/cloudbuild.connectionViewer)

Can view and list connections and repositories.

cloudbuild.connections.fetchLinkableRepositories

cloudbuild.connections.get

cloudbuild.connections.getIamPolicy

cloudbuild.connections.list

cloudbuild.repositories.fetchGitRefs

cloudbuild.repositories.get

cloudbuild.repositories.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Integrations Editor

(roles/cloudbuild.integrationsEditor)

Can update Integrations

cloudbuild.integrations.get

cloudbuild.integrations.list

cloudbuild.integrations.update

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Integrations Owner

(roles/cloudbuild.integrationsOwner)

Can create/delete Integrations

cloudbuild.integrations.*

cloudbuild.integrations.create
cloudbuild.integrations.delete
cloudbuild.integrations.get
cloudbuild.integrations.list
cloudbuild.integrations.update

compute.firewalls.create

compute.firewalls.get

compute.firewalls.list

compute.networks.get

compute.networks.updatePolicy

compute.regions.get

compute.subnetworks.get

compute.subnetworks.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Integrations Viewer

(roles/cloudbuild.integrationsViewer)

Can view Integrations

cloudbuild.integrations.get

cloudbuild.integrations.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build Logging Service Agent

(roles/cloudbuild.loggingServiceAgent)

Gives the Cloud Build logging-specific service account access to write logs.

logging.buckets.write

Cloud Build Read Only Token Accessor

(roles/cloudbuild.readTokenAccessor)

Can view the connection and access its read-only token.

cloudbuild.connections.get

cloudbuild.repositories.accessReadToken

cloudbuild.repositories.get

Cloud Build Service Agent

(roles/cloudbuild.serviceAgent)

Gives Cloud Build service account access to managed resources.

artifactregistry.aptartifacts.create

artifactregistry.attachments.create

artifactregistry.attachments.get

artifactregistry.attachments.list

artifactregistry.dockerimages.*

artifactregistry.dockerimages.get
artifactregistry.dockerimages.list

artifactregistry.files.download

artifactregistry.files.get

artifactregistry.files.list

artifactregistry.files.update

artifactregistry.files.upload

artifactregistry.kfpartifacts.create

artifactregistry.locations.*

artifactregistry.locations.get
artifactregistry.locations.list

artifactregistry.mavenartifacts.*

artifactregistry.mavenartifacts.get
artifactregistry.mavenartifacts.list

artifactregistry.npmpackages.*

artifactregistry.npmpackages.get
artifactregistry.npmpackages.list

artifactregistry.packages.get

artifactregistry.packages.list

artifactregistry.packages.update

artifactregistry.projectsettings.get

artifactregistry.pythonpackages.*

artifactregistry.pythonpackages.get
artifactregistry.pythonpackages.list

artifactregistry.repositories.createOnPush

artifactregistry.repositories.deleteArtifacts

artifactregistry.repositories.downloadArtifacts

artifactregistry.repositories.get

artifactregistry.repositories.list

artifactregistry.repositories.listEffectiveTags

artifactregistry.repositories.listTagBindings

artifactregistry.repositories.readViaVirtualRepository

artifactregistry.repositories.uploadArtifacts

artifactregistry.rules.get

artifactregistry.rules.list

artifactregistry.tags.create

artifactregistry.tags.get

artifactregistry.tags.list

artifactregistry.tags.update

artifactregistry.versions.get

artifactregistry.versions.list

artifactregistry.yumartifacts.create

binaryauthorization.attestors.create

binaryauthorization.attestors.delete

binaryauthorization.attestors.get

binaryauthorization.attestors.list

binaryauthorization.attestors.update

binaryauthorization.attestors.verifyImageAttested

cloudbuild.builds.create

cloudbuild.builds.get

cloudbuild.builds.list

cloudbuild.builds.update

cloudbuild.connections.get

cloudbuild.locations.*

cloudbuild.locations.get
cloudbuild.locations.list

cloudbuild.operations.*

cloudbuild.operations.get
cloudbuild.operations.list

cloudbuild.repositories.accessReadToken

cloudbuild.repositories.accessReadWriteToken

cloudbuild.repositories.get

cloudbuild.repositories.list

cloudbuild.workerpools.use

compute.firewalls.get

compute.firewalls.list

compute.networkAttachments.get

compute.networkAttachments.update

compute.networks.get

compute.regionOperations.get

compute.subnetworks.get

containeranalysis.notes.attachOccurrence

containeranalysis.notes.create

containeranalysis.notes.delete

containeranalysis.notes.get

containeranalysis.notes.list

containeranalysis.notes.update

containeranalysis.occurrences.create

containeranalysis.occurrences.delete

containeranalysis.occurrences.get

containeranalysis.occurrences.list

containeranalysis.occurrences.update

developerconnect.connections.get

developerconnect.gitRepositoryLinks.fetchReadToken

developerconnect.gitRepositoryLinks.fetchReadWriteToken

developerconnect.gitRepositoryLinks.get

iam.serviceAccounts.get

iam.serviceAccounts.getAccessToken

iam.serviceAccounts.getOpenIdToken

logging.buckets.create

logging.buckets.get

logging.buckets.list

logging.logEntries.create

logging.logEntries.list

logging.views.access

pubsub.subscriptions.create

pubsub.subscriptions.delete

pubsub.subscriptions.get

pubsub.subscriptions.update

pubsub.topics.attachSubscription

pubsub.topics.create

pubsub.topics.get

pubsub.topics.publish

remotebuildexecution.blobs.get

resourcemanager.projects.get

resourcemanager.projects.list

servicedirectory.endpoints.get

servicedirectory.endpoints.getIamPolicy

servicedirectory.endpoints.list

servicedirectory.locations.*

servicedirectory.locations.get
servicedirectory.locations.list

servicedirectory.namespaces.get

servicedirectory.namespaces.getIamPolicy

servicedirectory.namespaces.list

servicedirectory.networks.access

servicedirectory.services.get

servicedirectory.services.getIamPolicy

servicedirectory.services.list

servicedirectory.services.resolve

serviceusage.services.use

source.repos.get

source.repos.list

storage.buckets.create

storage.buckets.get

storage.buckets.list

storage.objects.create

storage.objects.delete

storage.objects.get

storage.objects.list

storage.objects.update

Cloud Build Token Accessor

(roles/cloudbuild.tokenAccessor)

Can view the connection and access its read/write and read-only tokens.

cloudbuild.connections.get

cloudbuild.repositories.accessReadToken

cloudbuild.repositories.accessReadWriteToken

cloudbuild.repositories.get

cloudbuild.repositories.list

Cloud Build WorkerPool Editor

(roles/cloudbuild.workerPoolEditor)

Can update and view WorkerPools

cloudbuild.workerpools.get

cloudbuild.workerpools.list

cloudbuild.workerpools.update

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build WorkerPool Owner

(roles/cloudbuild.workerPoolOwner)

Can create, delete, update, and view WorkerPools

cloudbuild.workerpools.create

cloudbuild.workerpools.delete

cloudbuild.workerpools.get

cloudbuild.workerpools.list

cloudbuild.workerpools.update

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build WorkerPool User

(roles/cloudbuild.workerPoolUser)

Can run builds in the WorkerPool

cloudbuild.workerpools.use

Cloud Build WorkerPool Viewer

(roles/cloudbuild.workerPoolViewer)

Can view WorkerPools

cloudbuild.workerpools.get

cloudbuild.workerpools.list

resourcemanager.projects.get

resourcemanager.projects.list

Cloud Build 권한

권한	역할에 포함됨
`cloudbuild.builds.approve`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`)
`cloudbuild.builds.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 서비스 에이전트(`roles/serverless.serviceAgent`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`) Infrastructure Manager 서비스 에이전트(`roles/cloudconfig.serviceAgent`) Cloud Deploy 서비스 에이전트(`roles/clouddeploy.serviceAgent`) Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`) Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Config Delivery 서비스 에이전트(`roles/configdelivery.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Cloud Run 서비스 에이전트(`roles/run.serviceAgent`) 서버리스 통합 서비스 에이전트(`roles/runapps.serviceAgent`) App Engine 가변형 환경 서비스 에이전트(`roles/appengineflex.serviceAgent`)
`cloudbuild.builds.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Cloud Build 뷰어(`roles/cloudbuild.builds.viewer`) Cloud Functions 관리자(`roles/cloudfunctions.admin`) Cloud Functions 개발자(`roles/cloudfunctions.developer`) Cloud Functions 뷰어(`roles/cloudfunctions.viewer`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Firebase 관리자(`roles/firebase.admin`) Firebase 개발 관리자(`roles/firebase.developAdmin`) Firebase 개발 뷰어(`roles/firebase.developViewer`) Firebase 뷰어(`roles/firebase.viewer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 소스 뷰어(`roles/run.sourceViewer`) Cloud Run 서비스 에이전트(`roles/serverless.serviceAgent`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`) Infrastructure Manager 서비스 에이전트(`roles/cloudconfig.serviceAgent`) Cloud Deploy 서비스 에이전트(`roles/clouddeploy.serviceAgent`) Cloud Deployment Manager 서비스 에이전트(`roles/clouddeploymentmanager.serviceAgent`) Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Config Delivery 서비스 에이전트(`roles/configdelivery.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Cloud Run 서비스 에이전트(`roles/run.serviceAgent`) 서버리스 통합 서비스 에이전트(`roles/runapps.serviceAgent`) App Engine 가변형 환경 서비스 에이전트(`roles/appengineflex.serviceAgent`)
`cloudbuild.builds.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Cloud Build 뷰어(`roles/cloudbuild.builds.viewer`) Cloud Functions 관리자(`roles/cloudfunctions.admin`) Cloud Functions 개발자(`roles/cloudfunctions.developer`) Cloud Functions 뷰어(`roles/cloudfunctions.viewer`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Firebase 관리자(`roles/firebase.admin`) Firebase 개발 관리자(`roles/firebase.developAdmin`) Firebase 개발 뷰어(`roles/firebase.developViewer`) Firebase 뷰어(`roles/firebase.viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 소스 뷰어(`roles/run.sourceViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Infrastructure Manager 서비스 에이전트(`roles/cloudconfig.serviceAgent`) Cloud Deploy 서비스 에이전트(`roles/clouddeploy.serviceAgent`) Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Config Delivery 서비스 에이전트(`roles/configdelivery.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.builds.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Infrastructure Manager 서비스 에이전트(`roles/cloudconfig.serviceAgent`) Cloud Deploy 서비스 에이전트(`roles/clouddeploy.serviceAgent`) Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Config Delivery 서비스 에이전트(`roles/configdelivery.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.connections.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`)
`cloudbuild.connections.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`)
`cloudbuild.connections.fetchLinkableRepositories`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`)
`cloudbuild.connections.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`) Cloud Build 읽기 전용 토큰 접근자(`roles/cloudbuild.readTokenAccessor`) Cloud Build 토큰 접근자(`roles/cloudbuild.tokenAccessor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Google Cloud를 위한 Gemini 서비스 에이전트(`roles/cloudaicompanion.serviceAgent`)
`cloudbuild.connections.getIamPolicy`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`cloudbuild.connections.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`) Cloud Infrastructure Manager 에이전트(`roles/config.agent`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`cloudbuild.connections.setIamPolicy`	소유자(`roles/owner`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) 보안 관리자(`roles/iam.securityAdmin`)
`cloudbuild.connections.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`)
`cloudbuild.integrations.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 통합 소유자(`roles/cloudbuild.integrationsOwner`)
`cloudbuild.integrations.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 통합 소유자(`roles/cloudbuild.integrationsOwner`)
`cloudbuild.integrations.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 통합 편집자(`roles/cloudbuild.integrationsEditor`) Cloud Build 통합 소유자(`roles/cloudbuild.integrationsOwner`) Cloud Build 통합 뷰어(`roles/cloudbuild.integrationsViewer`)
`cloudbuild.integrations.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 통합 편집자(`roles/cloudbuild.integrationsEditor`) Cloud Build 통합 소유자(`roles/cloudbuild.integrationsOwner`) Cloud Build 통합 뷰어(`roles/cloudbuild.integrationsViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`cloudbuild.integrations.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 통합 편집자(`roles/cloudbuild.integrationsEditor`) Cloud Build 통합 소유자(`roles/cloudbuild.integrationsOwner`)
`cloudbuild.locations.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Cloud Build 뷰어(`roles/cloudbuild.builds.viewer`) Cloud Functions 관리자(`roles/cloudfunctions.admin`) Cloud Functions 개발자(`roles/cloudfunctions.developer`) Cloud Functions 뷰어(`roles/cloudfunctions.viewer`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Firebase 관리자(`roles/firebase.admin`) Firebase 개발 관리자(`roles/firebase.developAdmin`) Firebase 개발 뷰어(`roles/firebase.developViewer`) Firebase 뷰어(`roles/firebase.viewer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 소스 뷰어(`roles/run.sourceViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.locations.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Cloud Build 뷰어(`roles/cloudbuild.builds.viewer`) Cloud Functions 관리자(`roles/cloudfunctions.admin`) Cloud Functions 개발자(`roles/cloudfunctions.developer`) Cloud Functions 뷰어(`roles/cloudfunctions.viewer`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Firebase 관리자(`roles/firebase.admin`) Firebase 개발 관리자(`roles/firebase.developAdmin`) Firebase 개발 뷰어(`roles/firebase.developViewer`) Firebase 뷰어(`roles/firebase.viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 소스 뷰어(`roles/run.sourceViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.operations.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Cloud Build 뷰어(`roles/cloudbuild.builds.viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Functions 관리자(`roles/cloudfunctions.admin`) Cloud Functions 개발자(`roles/cloudfunctions.developer`) Cloud Functions 뷰어(`roles/cloudfunctions.viewer`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Firebase 관리자(`roles/firebase.admin`) Firebase 개발 관리자(`roles/firebase.developAdmin`) Firebase 개발 뷰어(`roles/firebase.developViewer`) Firebase 뷰어(`roles/firebase.viewer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 소스 뷰어(`roles/run.sourceViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.operations.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 승인 담당자(`roles/cloudbuild.builds.approver`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build 편집자(`roles/cloudbuild.builds.editor`) Cloud Build 뷰어(`roles/cloudbuild.builds.viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Functions 관리자(`roles/cloudfunctions.admin`) Cloud Functions 개발자(`roles/cloudfunctions.developer`) Cloud Functions 뷰어(`roles/cloudfunctions.viewer`) Composer 작업자(`roles/composer.worker`) Dataflow 관리자(`roles/dataflow.admin`) Dataflow 개발자(`roles/dataflow.developer`) Firebase 관리자(`roles/firebase.admin`) Firebase 개발 관리자(`roles/firebase.developAdmin`) Firebase 개발 뷰어(`roles/firebase.developViewer`) Firebase 뷰어(`roles/firebase.viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) Cloud Run 소스 개발자(`roles/run.sourceDeveloper`) Cloud Run 소스 뷰어(`roles/run.sourceViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Datapipelines 서비스 에이전트(`roles/datapipelines.serviceAgent`) Dataprep 서비스 에이전트(`roles/dataprep.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.repositories.accessReadToken`	소유자(`roles/owner`) Cloud Build 읽기 전용 토큰 접근자(`roles/cloudbuild.readTokenAccessor`) Cloud Build 토큰 접근자(`roles/cloudbuild.tokenAccessor`) Cloud Infrastructure Manager 에이전트(`roles/config.agent`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Google Cloud를 위한 Gemini 서비스 에이전트(`roles/cloudaicompanion.serviceAgent`)
`cloudbuild.repositories.accessReadWriteToken`	소유자(`roles/owner`) Cloud Build 토큰 접근자(`roles/cloudbuild.tokenAccessor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)
`cloudbuild.repositories.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`)
`cloudbuild.repositories.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`)
`cloudbuild.repositories.fetchGitRefs`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Google Cloud를 위한 Gemini 서비스 에이전트(`roles/cloudaicompanion.serviceAgent`)
`cloudbuild.repositories.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`) Cloud Build 읽기 전용 토큰 접근자(`roles/cloudbuild.readTokenAccessor`) Cloud Build 토큰 접근자(`roles/cloudbuild.tokenAccessor`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`) Config Delivery 서비스 에이전트(`roles/configdelivery.serviceAgent`) Firebase App Hosting 서비스 에이전트(`roles/firebaseapphosting.serviceAgent`) Google Cloud를 위한 Gemini 서비스 에이전트(`roles/cloudaicompanion.serviceAgent`)
`cloudbuild.repositories.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build 연결 관리자(`roles/cloudbuild.connectionAdmin`) Cloud Build 연결 뷰어(`roles/cloudbuild.connectionViewer`) Cloud Build 토큰 접근자(`roles/cloudbuild.tokenAccessor`) Cloud Infrastructure Manager 에이전트(`roles/config.agent`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`) Google Cloud를 위한 Gemini 서비스 에이전트(`roles/cloudaicompanion.serviceAgent`)
`cloudbuild.workerpools.create`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build WorkerPool 소유자(`roles/cloudbuild.workerPoolOwner`)
`cloudbuild.workerpools.delete`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build WorkerPool 소유자(`roles/cloudbuild.workerPoolOwner`)
`cloudbuild.workerpools.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build WorkerPool 편집자(`roles/cloudbuild.workerPoolEditor`) Cloud Build WorkerPool 소유자(`roles/cloudbuild.workerPoolOwner`) Cloud Build WorkerPool 뷰어(`roles/cloudbuild.workerPoolViewer`)
`cloudbuild.workerpools.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) Cloud Build WorkerPool 편집자(`roles/cloudbuild.workerPoolEditor`) Cloud Build WorkerPool 소유자(`roles/cloudbuild.workerPoolOwner`) Cloud Build WorkerPool 뷰어(`roles/cloudbuild.workerPoolViewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`)
`cloudbuild.workerpools.update`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build WorkerPool 편집자(`roles/cloudbuild.workerPoolEditor`) Cloud Build WorkerPool 소유자(`roles/cloudbuild.workerPoolOwner`)
`cloudbuild.workerpools.use`	소유자(`roles/owner`) 편집자(`roles/editor`) Cloud Build 서비스 계정(`roles/cloudbuild.builds.builder`) Cloud Build WorkerPool 사용자(`roles/cloudbuild.workerPoolUser`) Composer 작업자(`roles/composer.worker`) 서비스 에이전트 역할 경고: 서비스 에이전트를 제외하고 주 구성원에 서비스 에이전트 역할을 부여하지 마세요. Infrastructure Manager 서비스 에이전트(`roles/cloudconfig.serviceAgent`) Cloud Deploy 서비스 에이전트(`roles/clouddeploy.serviceAgent`) Cloud Functions 서비스 에이전트(`roles/cloudfunctions.serviceAgent`) Cloud Build 서비스 에이전트(`roles/cloudbuild.serviceAgent`)

Cloud Build 역할 및 권한 컬렉션을 사용해 정리하기 내 환경설정을 기준으로 콘텐츠를 저장하고 분류하세요.