IAM in Google Cloud Platform

From Luis Gallego Hurtado - Not Another IT guy
Jump to: navigation, search

It allows you to create accounts with limited access to project:

  • Accounts for Users
  • Accounts for Processes: services, automated processes, etc.

Important Roles

  • Compute Engine Services Engine
  • Kubernetes Engine Services Engine

Service Accounts

Service accounts are created to allow applications, deployed in VMs to access Google Cloud resources. They are used based on secure token.

Types of service accounts

  • Created by user.
  • Built-in for VMs and Google App Engine.
  • Used by Google API internally.