Google Cloud Identity and Access Management Concepts: Difference between revisions
Jump to navigation
Jump to search
| Line 4: | Line 4: | ||
* [[Google_Cloud_Identity_and_Access_Management#Subjects|Google Cloud Identity and Access Management]] | * [[Google_Cloud_Identity_and_Access_Management#Subjects|Google Cloud Identity and Access Management]] | ||
=Overview= | =Overview= | ||
IAM allows granting granular access to [[#Resource|Google Cloud resources]]. It supports the security principle of least privilege, which states that nobody should have more permission that they actually need. IAM manages control by defining who (the [[#Identity_Concepts|identity]]) has what access (the [[#Role|role]]) for which [[#Resource|resource]]. | IAM allows granting granular access to [[#Resource|Google Cloud resources]]. It supports the security principle of least privilege, which states that nobody should have more permission that they actually need. IAM manages control by defining who (the [[#Identity_Concepts|identity]]) has what access (the [[#Role|role]]) for which [[#Resource|resource]]. Permissions to access resources are not granted directed to end users, but to [[#Role|roles]]. [[#Role|Roles]] are granted to [[#Member|authenticated members]]. | ||
=Identity Concepts= | =Identity Concepts= | ||
Revision as of 22:52, 24 August 2021
External
Internal
Overview
IAM allows granting granular access to Google Cloud resources. It supports the security principle of least privilege, which states that nobody should have more permission that they actually need. IAM manages control by defining who (the identity) has what access (the role) for which resource. Permissions to access resources are not granted directed to end users, but to roles. Roles are granted to authenticated members.