IAM in Google Cloud Platform

Introduction to IAM in Google Cloud Platform (GCP)

Introduction

Everyone is familiar with Google. For checking anything, everyone says only a word i.e., “Google it”. Google helps us not only to check something to know about it but also stores the data in the cloud. Also, it has many features like sharing files, storing data, searching something using the internet, sending emails, navigating something using maps, and many more which are used by most of the people throughout the world. IAM in Google Cloud Platform can help you protect your cloud resources by providing granular access controls and auditing capabilities. Google also provides us with some videos which are related to what we searched for in it. Google cloud storage helps us to store many things and can be accessed anywhere using the internet. 

What is IAM in Google Cloud Platform (GCP)?

IAM abbreviates Identity Access Management which is used by the Google Cloud. It is a service which is used to provide the security for the Google Cloud Platforms to take care of the data present in it. It is like a report where the whole identification of the information is present with them. It generally takes full control of the resources to provide a high level security for the data which cannot be hacked by others unless we provide them the access. It is also used to prevent others from seeing the information that is present in it. For example, IAM is like an access card which is used by the employees in their organization which has access only to several systems.

For accessing and identifying the data present in the system, we need some authentication to access the data present in it. If there is any wrong authentication is given then it blocks the access of the storage for sometime or else other two chances will be given to access the data in the system. Hence, it is very important for anyone to focus on the permissions and providing the access to the resources within the Google Cloud. The permissions given by the user are getting managed by the IAM in Google Cloud in order to provide the security for the user.

Structure of the resources

After we start to use the Google Cloud, a resource for your organization will be created. Generally, the important data which is stored in the folders containing files and some other projects will be structured in the form of a hierarchy. It provides us to manage the policies present in this IAM is quite important. For a project, we are going to do and consider many things like the code testing, developing a code, and getting some output based on the requirements and by following these steps. Not only Google, many other softwares provide cloud storage but the security provided by Google is very different compared to others.

Identities

Identity related to Cloud / Google Workspace

Google Workspace or the identity related to the google cloud is used to manage the customers of the google and the groups using it. Initially, we create the objects for both the groups and the users who are using it.It generates the important identity of them with the the help of this google cloud. The major part of this IAM in Google Cloud is related to the security to provide a secure environment for the users who are using it.

Users who are using this are well known about this cloud storage and that does not require any hardware. Only the authentication is very important when the users have to access their data present in this platform. Some of you do not know about this cloud storage but they are familiar with workspace so they have to remember that both are the same and not different.

Groups that are using this Google Cloud are used to manage the access of the resources provided by Google. These groups can be easily known by checking their Email accounts. With the help of these, we can easily design and assign the groups to give the permissions which are very much required for the resources provided by Google. It can be good to provide the access for groups because the people who have access individually may misuse it or they may lose the authentication. 

Domains

Everyone is familiar with the domain because it helps us to check where we are and what we are doing. It also helps us to check the cloud which is related to the data in a different manner that is the domain. Cloud which belongs to Google always has a domain which is known as primary domain that helps us to assign the permissions to the cloud activity in which the google users have been using to know about the storage.

This cloud helps to access and identify the information present in the software in a simple manner. The google cloud users generally get the access in a separate manner yet they do not follow the groups in order to provide the users with access. The access that is given by Google is very difficult to hack by others who are not having any kind of authentication. 

Cloud may have other domains which come under the secondary part, there are more than 500 domains by this google cloud. Google Cloud Platform’s Identity and Access Management (IAM) service provides a centralized way to manage access to cloud infrastructure resources. The access which is provided to the users comes under the secondary domain while the access which is assigned to the users comes under the primary domain. The data which can be accessed by the users must have the permissions to use them in an efficient manner or else it becomes an identity hack.

Accounts needed for service

These accounts come under an identity by proxy which means a false information or data given by the users not to get their data by others. It is very important for every organization to have a proxy identity which helps them not to access their highly confidential information by others. Here, the data can easily be accessed by others because it’s fake data which has no use for others in order to access their data.

These accounts can be simply called “Service Accounts”. These accounts which are used by Google may be a gmail or some other accounts needed for service may use the groups or separate users by getting an identity which is very much required to get the permissions to access the data. Identity and Access Management (IAM) in Google Cloud Platform can be used to control who has access to cloud-based contact management systems and the data they contain. The accounts are generally  tagged to some resources which assign the account to get some access given to the users.

These accounts directly allow the users to get the access by assigning the required permissions which are very much required and needed for them. It also supports the users who are using it by giving them access which is very difficult for others to get.

There are three different types of Service Accounts. They are:

  • Managed by the user

Here, creation of an account and then the management of the account such as adding, removing, and many other things could be done in this Google Cloud.

  • Default

An account which is made for providing the services for the users that is created by Google and it is managed by the administrators of Google itself. Default means which can be defaultly given by the owner in order to fix the data by using their resources. 

  • Managed by the Google

The accounts which are created by Google by  providing the services that are very much needed for the users by using their resources. These accounts are also somewhat similar to the default accounts by having and providing the access in the same manner.

Roles

The roles which are assigned to the employees or workers who are working in Google will be very different compared to others. It is nothing but a document which has several details listed in it by creating an account and must have the permissions to assign the data to which part it belongs to. Also, Roles are classified into three types. They are:

Basic Roles

The basic roles which are given by Google are owner, viewer, and the editor. It is very important that the owner role helps us to have access only for him/her. The viewer role helps only to view the data which is present in the google cloud. And, the last important basic role is the editor who has permissions to edit and view the data present in it.

Predefined Roles

The predefined roles help us by creating accounts before itself and the important things have already been given to the administrators of Google. These roles can have only the least number of permissions as compared to others.

Customized Roles

The customized roles play a vital role in the Google Cloud Platform. They are created for the management of data and also have many permissions by creating and providing the access for the users with the help of user defined roles or customized roles.

Conclusion

In this blog, we have seen about the basic introduction of IAM in Google Cloud, Structure of the resources, several identities like workspace, domains, service accounts, roles like basic, predefined, and customized in a clear manner. IAM in Google Cloud helps us to provide the security for the Google Cloud systems in order to prevent unauthorized access from others. Google cloud Free tier blog may also help you to gain more knowledge on it.

Tags