Permissions for @turbot/gcp-kms
Taking a look at permissions and associated grant levels for each permission for KMS:
| Permission | Grant Level | Help |
|---|---|---|
| cloudkms.cryptoKeyVersions.create | Admin | |
| cloudkms.cryptoKeyVersions.destroy | Admin | |
| cloudkms.cryptoKeyVersions.get | Metadata | |
| cloudkms.cryptoKeyVersions.list | Metadata | |
| cloudkms.cryptoKeyVersions.restore | Admin | |
| cloudkms.cryptoKeyVersions.update | Admin | |
| cloudkms.cryptoKeyVersions.useToDecrypt | Operator | |
| cloudkms.cryptoKeyVersions.useToEncrypt | Operator | |
| cloudkms.cryptoKeyVersions.useToSign | Operator | |
| cloudkms.cryptoKeyVersions.viewPublicKey | Metadata | |
| cloudkms.cryptoKeys.create | Admin | |
| cloudkms.cryptoKeys.get | Metadata | |
| cloudkms.cryptoKeys.getIamPolicy | Metadata | |
| cloudkms.cryptoKeys.list | Metadata | |
| cloudkms.cryptoKeys.setIamPolicy | Admin | |
| cloudkms.cryptoKeys.update | Admin | |
| cloudkms.keyRings.create | Admin | |
| cloudkms.keyRings.get | Metadata | |
| cloudkms.keyRings.getIamPolicy | Metadata | |
| cloudkms.keyRings.list | Metadata | |
| cloudkms.keyRings.setIamPolicy | Admin |