Introduction IAM¶
Overview¶
The IAM is shortcut of Google Cloud's Identity and Access Management. It's a system of Google to control access resource.
Source: Google IAM
Specificaiton:
Feature:
-
123123
-
123123123
Pricing: Pricing IAM is available to you at no additional charge.
Conceptural¶
IAM manage access control in Google Cloud Platform by defining who (identity) has what access (role) for which resource (from [1]).
flowchart LR
iam[Google Cloud IAM] --> identity -- by ask --> who[Who]
iam --> role -- by ask --> what[What]
iam --> resource -- by ask --> which[Which]For identity, it's related to construct/or grant access to principals:
flowchart LR
identity[Google Cloud Identity]
identity -- related --> principal[Principal]
principal --> ga[Google Account]
principal --> sa[Service Account]
principal --> gg[Google Group]
principal --> gwa[Google Workspace Account]
principal --> cid[Cloud Identity domain]
principal --> aau[All authenticated users]
principal --> au[All users]For access management:
flowchart LR
am[Access Management]
am --> r[Resource]
am --> perm[Permissions]
am --> roles[Roles]
am --> ap[Allow Policy]
am --> rh[Resource hierarchy]Defined and not-predefined roles:
Specific¶
Terraform module