Archives for GCP IAM - Page 2
GCP project id versus project name versus project number
Project ID and Project Number Both the project ID and the project number are unique identifiers for a project - globally unique. However, the project-id is meant to be human…
Granting shared vpc admin access
In order to grant a user the 'Shared VPC Admin' (compute shared vpc admin) role, you will need to be an organizational owner or org IAM admin yourself.
Application default credentials – humans versus service accounts
What is your ADC? (More appropriately, WHERE is your ADC)? Where you store your JSON file (containing the service account credentials) is your Default Location - aka ADC by Google.…
How to test IAM permissions in GCP
How to Test Iam Permissions in GCP - for the current user From cloud shell curl -X POST \ -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \ -H "Content-Type: application/json;…
gcloud iam roles describe
How do you quickly determine the permissions inside a given role - whether a predefined role or a custom role? gcloud iam roles describe rolename --projectname = myproject
Folders and Billing in GCP
Folders in GCP are not billable entities - Projects and Org level billing is all that can be enforced.
Custom Service Account versus Default Service Accounts
Custom Service Account versus Default Service Accounts in GCP Both are programmatic service accounts. In both, you select the list of APIs that the account can access. However, in a…
Active Directory on GCP
This post is about hosting your AD on GCP. It is not about syncing gSuite and AD users. Typically, in Cloud IAM, you would bring over your gSuite (now google…
Service Accounts in GCP – Notes from Production Environments
Need Help with your GCP Project? Contact a certified professional GoogleCloudArchitect today. Why Google Service Accounts? Storing credentials in apps is cumbersome (and insecure). A Service account solves this problem…
Importing Organization from admin.google to cloud console
You have two routes to getting a google identity that can be used for GCP- ordinary Google Workspace accounts and Cloud Identity accounts. Google Workspace Accounts Sign in to your Google Admin…