Archives for GCP IAM - Page 4
Useful organization level roles in GCP
This content is password protected. To view it please enter your password below: Password:
Compute Engine and App Engine – Identity Aware Proxy (IAP)
Also read - IAP equivalent on Azure? and Service Controls and IAM - a 2 minute Security Solution on GCP IAP is a combination of Identity (Access Management) and Networking…
Work Functions mapped to GCP Roles
GCP has over a few thousand built in (predefined) roles for a variety of activities. (Also Read AWS Work functions mapped to policies in AWS) Organizational Level Work Functions Organization…
gCloud projects, gCloud compute, gCloud IAM
These are some useful gCloud commands that I like to keep separate (gCloud compute, gCloud projects, gCloud IAM) - Also read Best Practices around GCP Service Accounts gCloud projects -…
3 Step Recipe for Creating and Interacting with Resources on GCP
This content is password protected. To view it please enter your password below: Password:
Protecting Service Account Keys in GCP
This content is password protected. To view it please enter your password below: Password:
Three useful Admin roles in GCP IAM
Due to the hierarchical nature of resources in GCP (projects are at a lower level - they are always LEAVES , never branches), there are many types of IAM Admins…
Special Identities in GCP
There are two special identies in cloud IAM. These are used for a variety of services that have special needs around auth-N AllUsers and AllAuthenticatedUsers Cloud Storage (ACLs only), API…
Best Practices around Service Accounts
Also read - Service Accounts in GCP and a 2 minute Security Solution for GCP Environments Service Accounts as an alternative to embedding app credentials Service accounts are robo accounts…
Cloud IAP (Identity Aware Proxy)
Also Read Protecting Bastion Hosts on AWS and GCP Cloud IAP - Notes from the field Cloud IAP Overview Cloud IAP allows user identities to be verified over HTTPS. Sample…