{"id":"secretmanager-viewer-no-payload-access","text":"The `roles/secretmanager.viewer` role can read secret and version metadata but cannot access secret payloads.","truth_value":"IN","source":"entries/2026/03/11/secretmanager-access-control.md","source_url":"","source_hash":"615e97142262b712","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"secretmanager-viewer-no-payload-access","truth_value":"IN","reason":"premise"}]}}