IAM Role: GCP/KMS/Operator
| Permission | Grant |
|---|---|
| cloudkms.cryptoKeyVersions.useToDecrypt | Operator |
| cloudkms.cryptoKeyVersions.useToEncrypt | Operator |
| cloudkms.cryptoKeyVersions.useToSign | Operator |
| cloudkms.cryptoKeyVersions.get | Metadata |
| cloudkms.cryptoKeyVersions.list | Metadata |
| cloudkms.cryptoKeyVersions.viewPublicKey | Metadata |
| cloudkms.cryptoKeys.get | Metadata |
| cloudkms.cryptoKeys.getIamPolicy | Metadata |
| cloudkms.cryptoKeys.list | Metadata |
| cloudkms.keyRings.get | Metadata |
| cloudkms.keyRings.getIamPolicy | Metadata |
| cloudkms.keyRings.list | Metadata |