While IAM has a stronger focus on permissions at the project and organization level, it does provide several predefined roles specific to GKE:
Create IAM policies | Kubernetes Engine Documentation | Google Cloud
Setup Kubernetes RBAC
This step requires kubectl access.
IAM and Kubernetes RBAC work together to help manage access to your cluster. RBAC controls access on a cluster and namespace level, while IAM works on the project level. An entity must have sufficient permissions at either level to work with resources in your cluster.
Download the manifest based on your preferred cloud access for setting up Kubernetes RBAC and apply it in your cluster:
1. Download the Kubernetes Resource Manifest YAML file: