Please enable JavaScript.
Coggle requires JavaScript to display documents.
Google Cloud - Coggle Diagram
Google Cloud
IAM
Application Default Credentials
What?
A strategy / algorithm used by Google to check where the credentials for authentication is stored-on.
Why?
First checks the env variable, then check for commonly known place of ADC, lastly check for injected ADC on Google Cloud Platform
Local Dev Guide
Service Account Impersonation
Why?
More secure, it is only an extension of the Service Account itself.
How?
1) setup service account on GCP console
2) use gcloud auth login with the impersonate args, point to the created service account email.
Core Components
Principal
What?
The "who", for example
youremployee@gmail.com
Role will be assigned to the
Principal
Role
What?
Set of permissions
Why?
It's easier to manage fine-grained permissions with roles.
Example
Role: Admin (can view, list, get, delete, etc)
Permission
What?
Google's master data of abilities you can do to a specific
Resource
on Google Cloud Provider
Example
Get, List, Update, Delete, etc.