Open in app

Sign in

Write

Sign in

Cloud IAM (Privileges): Google Cloud and its Intricacies V7:

Shola Slick Akinrolie
Shades of Cloud
Published in
4 min readOct 31, 2021

Without a doubt, the principle of least privilege is very important in managing any kind of compute infrastructure, whether it’s in the Cloud or on-premises. This principle says that each user should have “only those privileges needed to do their jobs”.
In a least-privilege environment, people are protected from an entire class of errors and there could be avoidance of a junior developer deleting an entire database of an app in production.

Don’t be unfortunate by mistakenly giving privileges to someone not experienced enough, while working as a root/host user and mistakenly deleted a running database that is in production.

Cloud IAM and you will administer Identity and Access Management for resources.

Cloud Identity:
Cloud Identity is an Identity as a Service (IDaaS) and enterprise mobility management (EMM) product. It offers the identity services and endpoint administration that are available in Google Workspace as a stand-alone product. As an administrator, you can use Cloud Identity to manage your users, apps, and devices from a central location the Google Admin console.

Cloud Identity editions:
Cloud Identity provides managed Google Accounts to users who don’t need certain Google Workspace services, such as Gmail, Google Calendar, and Google Sites. However, users can access Google Drive, Docs, Sheets, Slides, Keep and Meet. You can use Cloud Identity accounts with other Google services, such as Google Cloud, Chrome, Android enterprise, and many third-party applications.

Cloud Identity Premium edition offers all of the features of the Free edition, plus enterprise security, application management, and device management services. These services include features such as automated user provisioning, app whitelisting, and automated mobile device management. Get started!

Google Cloud Admin Privileges(IAM)!

Google Cloud Identity and Access Management (IAM) provides an easy way to manage GCP users and the permissions assigned to them.

Google Cloud (IAM) Admin privileges are fully equipped with awesome features where users accounts, such as personal Gmail accounts or consumer accounts with work email IDs, are unmanaged accounts and are outside of your control.

The senior developers in an organization are responsible for and managing access and controls, assigning organizational privileges and limiting them to what the user needs in Google Cloud resources. Admin creates Cloud Identity accounts to manage these users. Below are the Administrator controls summary

Administrator controls/privileges summary:

Device management

  • Enforce screen locks or passcodes to secure devices.
  • You can Wipe devices remotely.
  • Manage company-owned devices.
  • View events for mobile devices.
  • Define rules to automate mobile device management.
  • Create work profiles on Android devices to separate work and personal data.

Directory management

  • Create and manage users.
  • Create and manage groups.
  • Create and manage Groups for Business.
  • Assign admin roles and privileges.
  • Sync Microsoft Active Directory and LDAP directories with Cloud Identity.

Security

  • Manage account security using 2-Step Verification and security keys
  • View and manage user security settings.
  • Set the session length for users in your domain.
  • Monitor password strength.
  • Google security centre.
  • Self-service password recovery.

SSO and automated user provisioning

  • Set up SSO for cloud apps.
  • Automate user provisioning across cloud apps.

Reporting

  • View overviews of key metrics and trends in your Google Workspace domain.
  • Assess your domain’s overall exposure to the data breach, and discover which particular users pose security risks.
  • Access all the data from the Security, Apps Usage Activity, and Highlights pages in a single master report.
  • View logs of admin activity.

Setup steps for Google Cloud administrators:
As a Google Cloud administrator, get started with Cloud Identity by signing up for the service, creating your Cloud Identity account and first admin user, and verifying your domain for Cloud Identity. You can then create your Cloud Identity user accounts and use the Google Cloud Console to complete your setup steps.

Good luck!

Stay tuned as we continue to give you the best insight and in-depth knowledge of cloud computing.
See you in the cloud!!

Follow Shades of Cloud Publication for more insightful stuff on cloud computing.
YouTube Channel: @Shadesofcloud
Medium: Shades of Cloud Publication.
Twitter: @shadesofcloud
Facebook: @Shadesofcloud
Instagram: @Shadesofcloudcomputing
Blog: Shadesofcloud
Author: Follow @meetslick on all platforms </>
Thank You!!
Stay tuned and see you in the cloud.

Credits: Google Cloud Platform, Essentials and Infrastructure and Cloud Identity.
Image Credit: Google Cloud

Cloud Computing
Google Cloud Platform
Cloud Iam
Cloud Privileges
Cloud

--

--

Shola Slick Akinrolie
Shades of Cloud

Written by Shola Slick Akinrolie

141 Followers
Editor for

Simplifying Products and Technology for Developers and Users Consumption, Adoption and Happiness🔥• Software Engr • Developer Advocate •

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams