Policy Simulator 角色和权限

本页面列出了 Policy Simulator 的 IAM 角色和权限。如需搜索所有角色和权限，请参阅角色和权限索引。

Policy Simulator 角色

Role Permissions

Role	Permissions
Simulator Admin ^Beta (`roles/policysimulator.admin`) Admin user that can run and access replays.	`policysimulator.accessPolicySimulationResults.list` `policysimulator.accessPolicySimulations.` `policysimulator.accessPolicySimulations.create` `policysimulator.accessPolicySimulations.get` `policysimulator.accessPolicySimulations.list` `policysimulator.replayResults.list` `policysimulator.replays.` `policysimulator.replays.create` `policysimulator.replays.get` `policysimulator.replays.list` `policysimulator.replays.run`
OrgPolicy Simulator Admin ^Beta (`roles/policysimulator.orgPolicyAdmin`) OrgPolicy Admin that can run and access simulations.	`cloudasset.assets.analyzeOrgPolicy` `cloudasset.assets.exportResource` `cloudasset.assets.listResource` `cloudasset.assets.searchAllResources` `orgpolicy.customConstraints.get` `orgpolicy.customConstraints.list` `orgpolicy.policies.list` `orgpolicy.policy.get` `policysimulator.orgPolicyViolations.list` `policysimulator.orgPolicyViolationsPreviews.*` `policysimulator.orgPolicyViolationsPreviews.create` `policysimulator.orgPolicyViolationsPreviews.get` `policysimulator.orgPolicyViolationsPreviews.list` `resourcemanager.organizations.get`

Simulator Admin ^Beta

(roles/policysimulator.admin)

Admin user that can run and access replays.

policysimulator.accessPolicySimulationResults.list

policysimulator.accessPolicySimulations.*

policysimulator.accessPolicySimulations.create
policysimulator.accessPolicySimulations.get
policysimulator.accessPolicySimulations.list

policysimulator.replayResults.list

policysimulator.replays.*

policysimulator.replays.create
policysimulator.replays.get
policysimulator.replays.list
policysimulator.replays.run

OrgPolicy Simulator Admin ^Beta

(roles/policysimulator.orgPolicyAdmin)

OrgPolicy Admin that can run and access simulations.

cloudasset.assets.analyzeOrgPolicy

cloudasset.assets.exportResource

cloudasset.assets.listResource

cloudasset.assets.searchAllResources

orgpolicy.customConstraints.get

orgpolicy.customConstraints.list

orgpolicy.policies.list

orgpolicy.policy.get

policysimulator.orgPolicyViolations.list

policysimulator.orgPolicyViolationsPreviews.*

policysimulator.orgPolicyViolationsPreviews.create
policysimulator.orgPolicyViolationsPreviews.get
policysimulator.orgPolicyViolationsPreviews.list

resourcemanager.organizations.get

Policy Simulator 权限

权限	以下角色拥有此权限
`policysimulator.accessPolicySimulationResults.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Deny Admin (`roles/iam.denyAdmin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.accessPolicySimulations.create`	Owner (`roles/owner`) Deny Admin (`roles/iam.denyAdmin`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.accessPolicySimulations.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Deny Admin (`roles/iam.denyAdmin`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.accessPolicySimulations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Deny Admin (`roles/iam.denyAdmin`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.orgPolicyViolations.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Organization Policy Administrator (`roles/orgpolicy.policyAdmin`) OrgPolicy Simulator Admin (`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.orgPolicyViolationsPreviews.create`	Owner (`roles/owner`) Editor (`roles/editor`) Organization Policy Administrator (`roles/orgpolicy.policyAdmin`) OrgPolicy Simulator Admin (`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.orgPolicyViolationsPreviews.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Organization Policy Administrator (`roles/orgpolicy.policyAdmin`) OrgPolicy Simulator Admin (`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.orgPolicyViolationsPreviews.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Organization Policy Administrator (`roles/orgpolicy.policyAdmin`) OrgPolicy Simulator Admin (`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.replayResults.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.replays.create`	Owner (`roles/owner`) Security Admin (`roles/iam.securityAdmin`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.replays.get`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.replays.list`	Owner (`roles/owner`) Editor (`roles/editor`) Viewer (`roles/viewer`) Security Admin (`roles/iam.securityAdmin`) Security Reviewer (`roles/iam.securityReviewer`) Simulator Admin (`roles/policysimulator.admin`)
`policysimulator.replays.run`	Owner (`roles/owner`) Security Admin (`roles/iam.securityAdmin`) Simulator Admin (`roles/policysimulator.admin`)

Policy Simulator 角色和权限