Basic Info

Three main components of Google Cloud are:

  1. Cloud Identity:

  • Identity Provider: Cloud Identity is an Identity as a Service (IDaaS) solution managing users and groups centrally.

  • Features: Federated identities configuration between Google and other providers like Active Directory.

  • API: Managed via Cloud Identity API for organization administration.

  1. Google Workspace (formerly G Suite):

  • Identity Provider: Offers built-in IDaaS solution for accessing SAAS Applications and GCP Resources.

  • Collaboration Tools: Includes Gmail, Calendar, Meet, Chat, Drive, Docs, Sheets, Slides, Forms, Sites, etc.

  • APIs: Provides APIs for Mail, Drive, Calendar, and other services.

  1. Google Cloud Platform (GCP):

  • Description: A suite of cloud computing services running on Google's infrastructure.

  • Features: Various services such as Compute Engine, Kubernetes Engine (GKE), Cloud Functions, Cloud Storage, etc.

  • Architecture: Based on regions, which are collections of zones.

Other key components include:

  • Service Account: A special Google account for non-human users accessing Google APIs.

  • Cloud IAM (Identity & Access Management): Controls authorization for specific resources through roles and permissions.

    • IAM Structure JSON:

{
  "bindings": [
    {
      "role": "roles/storage.objectAdmin",
      "members": [
        "user:user1@example.com",
        "user:user2@example.com",
        "serviceAccount:my-other-app@appspot.gserviceaccount.com",
        "group:admins@example.com",
        "Domain:google.com"
      ]
    },
    {
      "role": "roles/storage.objectViewer",
      "members": [
        "user:user3@example.com"
      ]
    }
  ]
}

  • Identity (Members): Represents Google Accounts, Service Accounts, Google Groups, Google Workspace, or Cloud Identity domains.

  • Types of Members in GCP:

    • Google Account

    • Service Account

    • Google Group

    • Google Workspace Domain

    • Cloud Identity Domain

    • All Authenticated Users

    • All Users

  • Roles: Collections of permissions determining operations allowed on a resource.

    • Types of Roles in GCP:

      • Basic roles: Owner, Editor, and Viewer.

      • Predefined roles: Offer finer-grained access control.

      • Custom roles: Tailored permissions for organizational needs.

  • Permissions: Represented as service.resource.verb, specifying allowed operations.

  • Policy: Binds members to roles, defining access on a resource.

PreviousGoogle CloudNextInitial Access

Last updated