GCP Classroom Series – 22/Mar/2021

HOW Identity and Access Managment (IAM) Works

  • GCP IAM is a platform wide access control for providing granular access control over all GCP resources

  • IAM specifies WHO can do WHAT to WHICH Thing

  • WHO:

    • IAM is composed as list of policies that apply to one or more actors
    • Actors are any entity that can take action on Google Cloud Resource which includes both users and service accounts
    • Cloud IAM also supports policies that apply to group of actors which can exist at project level or the organization level to span multiple projects
  • WHAT:

    • In general, policies apply to specific actions an actor can take, creating the concept of permissions
  • WHICH: On which cloud resource you want to apply the IAM Policy

  • Lets navigate to the roles in the IAM and admin section Preview Preview

  • In Cloud IAM there are three primitive roles in addition to lot of curated roles

    • owner
    • editor
    • viewer
  • Every role has associtated set of permissions

  • Now lets explore IAM & Admin section Preview Preview Preview

  • At the enterprise level we need to get the fine grained access control


  • Identity and access management is the practice of granting the right individuals access to right resource for right reason
  • What are different kinds of identities
    • Corporate identities: The identities that you manage for employees of your organization
    • Customer identities: The identities you manage for users inorder to interact with your applications.
    • Service identities: The identities that you manage in order to enable applications interact with other applications or underlying platform
  • Authentication, Authorization and Accounting systems Preview

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin