On GKE, there's an interesting overlap between what the IAM roles grant you for Kubernetes clusters. In general, the roles in the tables below line up with each other, but there are some strange exceptions. In each of the tables below are the results of a diff between related IAM roles (only the container.*
permissions are included in these results).
Project Owner | GKE Admin |
---|---|
container.hostServiceAgent.use |
Project Editor | GKE Developer |
---|