Policy: GCP > Turbot > Permissions > Levels > Modifiers
A map of GCP API to Guardrails Permission Level used to customize Guardrails' standard permissions. You can add, remove or redefine the mapping of GCP API operations to Guardrails permissions levels here. Modifiers are cumulative - if you add a permission to the metadata level, it is also added to readOnly, operator and admin. Modifier policies set here apply ONLY to the GCP levels (GCP/Admin, GCP/Operator, etc), not to the service levels (GCP/Storage/Admin, GCP/Compute/Operator, etc)
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Policy Specification
Schema Type |
|
---|---|
Default |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/iamPermissions
- tmod:@turbot/gcp-iam#/policy/types/permissionsLevelsModifiers
- turbot graphql policy-type --id "tmod:@turbot/gcp-iam#/policy/types/permissionsLevelsModifiers"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-iam#/policy/types/permissionsLevelsModifiers"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI