Configuring IAM Permissions with gcloud
GSP647
Overview
People new to Google Cloud Platform need to understand IAM to fully understand how to configure the necessary permissions for their workloads. This lab looks at three common areas learners should understand with regards to IAM and gcloud. These are the installation and configuration of the gcloud environment, the use of multiple gloud configurations, and the use of services accounts.
In this lab you will use the gcloud CLI tool to setup and configure command features of Cloud Identity and Access Management (IAM).
What you'll do
-
Install and configure the
gcloudclient -
Create and switch between multiple IAM configurations
-
Identify and assign correct IAM permissions
-
Create and use a service account
Starting Environment
You start with two user accounts and two projects; user1 is the "owner" of both projects and user2 is the "viewer" of only the first project. There is a Linux virtual machine (vm) running in the first project.
Qwiklabs に参加してこのラボの残りの部分や他のラボを確認しましょう。
- Google Cloud Console への一時的なアクセス権を取得します。
- 初心者レベルから上級者レベルまで 200 を超えるラボが用意されています。
- ご自分のペースで学習できるように詳細に分割されています。
スコア
—/100
Download and install Google Cloud SDK
/ 5
Initialize Google Cloud SDK
/ 5
Install Google Cloud SDK beta component
/ 5
Create an instance with name as lab-1 in Project 1
/ 5
Update the default zone
/ 5
Create a configuration for Username 2 and name it as user2
/ 10
Restricting Username 2 to roles/viewer in Project 2
/ 5
Create a new role with permissions for the devops team
/ 10
Bound Username 2 to devops role
/ 5
Create an instance with name as lab-2 in Project 1
/ 5
Check binding to roles/iam.serviceAccountUser
/ 5
Check the created service account
/ 5
Check the binding for the service account to roles/iam.serviceAccountUser
/ 10
Check the binding for the service account to roles/compute.instanceAdmin
/ 10
Check lab-3 has the service account attached
/ 10