menu
arrow_back

IAM Custom Roles

—/100

Checkpoints

arrow_forward

Create a custom role using a YAML file

Create a custom role using flags

Update a custom role using a YAML file

Update a custom role using flags

Disabling a custom role

Undeleting a custom role

IAM Custom Roles

1 个小时 5 个积分

GSP190

Google Cloud Self-Paced Labs

Overview

Cloud IAM provides the right tools to manage resource permissions with minimum fuss and high automation. You don't directly grant users permissions. Instead, you grant them roles, which bundle one or more permissions. This allows you to map job functions within your company to groups and roles. Users get access only to what they need to get the job done, and admins can easily grant default permissions to entire groups of users.

There are two kinds of roles in Cloud IAM:

  • Predefined Roles
  • Custom Roles

Predefined roles are created and maintained by Google. Their permissions are automatically updated as necessary, such as when new features or services are added to Google Cloud.

Custom roles are user-defined, and allow you to bundle one or more supported permissions to meet your specific needs. Custom roles are not maintained by Google; when new permissions, features, or services are added to Google Cloud, your custom roles will not be updated automatically.You create a custom role by combining one or more of the available Cloud IAM permissions. Permissions allow users to perform specific actions on Google Cloud resources.

What you'll do

  • Create, update, delete, undelete custom roles

Prerequisites

  • Familiarity with IAM Roles

加入 Qwiklabs 即可阅读本实验的剩余内容…以及更多精彩内容!

  • 获取对“Google Cloud Console”的临时访问权限。
  • 200 多项实验,从入门级实验到高级实验,应有尽有。
  • 内容短小精悍,便于您按照自己的节奏进行学习。
加入以开始此实验