Scribd Logo
Upload

Welcome to Scribd!

  • GCP IAM Roles - Grant Least Privilege with Custom, Predefined & Primitive Roles

    Uploaded by

    Gaurav Nayak
    17 views1 page

    Original Title

    GCP_notes

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views1 page

    GCP IAM Roles - Grant Least Privilege with Custom, Predefined & Primitive Roles

    Uploaded by

    Gaurav Nayak

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    GCP uses principle of least privilege – grant no more (and no less) privileges to a user/account than is

    required to do the job/task

    If you provide too few privileges job cannot be completed and too many privileges is a security concern

    GCP has 3 types of IAM roles available –

    Primitive roles, which include owner, editor and viewer that are more coarse grained

    Predefined roles, which provide granular access for a specific service and are managed by google cloud

    Custom roles, which provide granular access according to a user-specified list of permissions

    To create a custom role you begin with a predefined role and add or remove access to suit the custom
    access requirements

    ROLE ACCESS
    OWNER Add/Remove members, delete project
    EDITOR Deploy applications, modify code, configure services
    VIEWER View/Read access
    BILLING ADMINISTRATOR Manage Billing, Add/Remove billing admins

    You might also like