menu
arrow_back

Configuring IAM Permissions with gcloud

Configuring IAM Permissions with gcloud

1時間 30分 クレジット: 5

GSP647

Google Cloud Self-Paced Labs

Overview

People new to Google Cloud Platform need to understand IAM to fully understand how to configure the necessary permissions for their workloads. This lab looks at three common areas learners should understand with regards to IAM and gcloud. These are the installation and configuration of the gcloud environment, the use of multiple gloud configurations, and the use of services accounts.

In this lab you will use the gcloud CLI tool to setup and configure command features of Cloud Identity and Access Management (IAM).

What you'll do

  • Install and configure the gcloud client

  • Create and switch between multiple IAM configurations

  • Identify and assign correct IAM permissions

  • Create and use a service account

Starting Environment

You start with two user accounts and two projects; user1 is the "owner" of both projects and user2 is the "viewer" of only the first project. There is a Linux virtual machine (vm) running in the first project.

lab start

Qwiklabs に参加してこのラボの残りの部分や他のラボを確認しましょう。

  • Google Cloud Console への一時的なアクセス権を取得します。
  • 初心者レベルから上級者レベルまで 200 を超えるラボが用意されています。
  • ご自分のペースで学習できるように詳細に分割されています。
参加してこのラボを開始
スコア

—/100

Download and install Google Cloud SDK

ステップを実行

/ 5

Initialize Google Cloud SDK

ステップを実行

/ 5

Install Google Cloud SDK beta component

ステップを実行

/ 5

Create an instance with name as lab-1 in Project 1

ステップを実行

/ 5

Update the default zone

ステップを実行

/ 5

Create a configuration for Username 2 and name it as user2

ステップを実行

/ 10

Restricting Username 2 to roles/viewer in Project 2

ステップを実行

/ 5

Create a new role with permissions for the devops team

ステップを実行

/ 10

Bound Username 2 to devops role

ステップを実行

/ 5

Create an instance with name as lab-2 in Project 1

ステップを実行

/ 5

Check binding to roles/iam.serviceAccountUser

ステップを実行

/ 5

Check the created service account

ステップを実行

/ 5

Check the binding for the service account to roles/iam.serviceAccountUser

ステップを実行

/ 10

Check the binding for the service account to roles/compute.instanceAdmin

ステップを実行

/ 10

Check lab-3 has the service account attached

ステップを実行

/ 10