{"id":4953,"date":"2020-04-19T20:43:01","date_gmt":"2020-04-19T20:43:01","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=4953"},"modified":"2022-03-10T12:07:03","modified_gmt":"2022-03-10T12:07:03","slug":"cloud-iam-working-google-professional-data-engineer-gcp","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/","title":{"rendered":"Cloud IAM working: Google Professional Data Engineer GCP"},"content":{"rendered":"\n<p>In this, we will learn the Cloud IAM working.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Cloud IAM:<\/strong><\/h4>\n\n\n<ul>\n<li>Can manage access control by defining\n<ul>\n<li>who (identity)<\/li>\n<li>has what access (role)<\/li>\n<li>for which resource.<\/li>\n<\/ul>\n<\/li>\n<li>permission to access a resource isn&#8217;t granted directly to the end user.<\/li>\n<li>permissions are grouped into roles<\/li>\n<li>roles are granted to authenticated members.<\/li>\n<li>IAM policy defines and enforces what roles are granted to which members<\/li>\n<li>policy is attached to a resource.<\/li>\n<li>During attempts to access a resource, Cloud IAM checks the resource&#8217;s policy<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<h6>Permission management in Cloud IAM.<\/h6>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-medium wp-image-4690 aligncenter\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/04\/Professional-Data-Engineer-Google-Cloud-image031-669x400.png\" alt=\"\" width=\"669\" height=\"400\" srcset=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/04\/Professional-Data-Engineer-Google-Cloud-image031-669x400.png 669w, https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/04\/Professional-Data-Engineer-Google-Cloud-image031.png 1472w\" sizes=\"auto, (max-width: 669px) 100vw, 669px\" \/><\/p>\n<p>3 parts in figure<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>can be a Google Account (for end users),<\/li>\n<li>service account (for apps and virtual machines)<\/li>\n<li>Google group<\/li>\n<li>G Suite or Cloud Identity domain that can access a resource.<\/li>\n<\/ul>\n<\/li>\n<li>Role\n<ul>\n<li>A collection of permissions.<\/li>\n<li>Permissions determine what operations have access to the resource.<\/li>\n<li>With role allocation, all permissions with the role are granted<\/li>\n<\/ul>\n<\/li>\n<li>Policy\n<ul>\n<li>binds one or more members to a role.<\/li>\n<li>Defines who (member) has what type of access (role) on a resource,<\/li>\n<li>create a policy and attach it to the resource.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h6>In the above diagram,<\/h6>\n<ul>\n<li>the Cloud IAM policy binds the end user identified by userid@gmail.com to the App Engine Admin role (roles\/appengine.appAdmin).<\/li>\n<li>If the policy is attached to a project, the user userid@gmail.com has the App Engine Admin role within that project.<\/li>\n<li>the user can view, create, and update all project-level app configurations and settings for App Engine.<\/li>\n<\/ul>\n<h6><strong>Members<\/strong><\/h6>\n<p>Members can be of the following types:<\/p>\n<ul>\n<li>Google Account\n<ul>\n<li>represents a developer, an administrator, or person who interacts with Google Cloud.<\/li>\n<li>Any email address that&#8217;s associated with a Google Account can be the identity<\/li>\n<\/ul>\n<\/li>\n<li>Service account\n<ul>\n<li>account for an application.<\/li>\n<li>Apps runs with role you specify.<\/li>\n<li>create as many service accounts as necessary<\/li>\n<\/ul>\n<\/li>\n<li>Google group\n<ul>\n<li>a named collection of Google Accounts and service accounts.<\/li>\n<li>has a unique email address that&#8217;s associate with the group.<\/li>\n<li>convenient way to apply an access policy to a collection of users.<\/li>\n<li>can grant and change access controls for a whole group at once<\/li>\n<li>also easily add or remove members from a Google group instead of updating a Cloud IAM policy.<\/li>\n<li>They don&#8217;t have login credentials<\/li>\n<li>cannot use Google Groups to establish identity to make a request to access a resource.<\/li>\n<\/ul>\n<\/li>\n<li>G Suite domain\n<ul>\n<li>represents a virtual group of all the created Google Accounts in an G Suite account.<\/li>\n<li>G Suite domains represent organization&#8217;s internet domain name<\/li>\n<li>If user add to G Suite domain, a new Google Account is created for the user in it<\/li>\n<li>It cannot establish identity, but they enable convenient permission management.<\/li>\n<\/ul>\n<\/li>\n<li>Cloud Identity domain\n<ul>\n<li>like a G Suite domain<\/li>\n<li>represents a virtual group of all Google Accounts<\/li>\n<li>users don&#8217;t have access to G Suite applications and features.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h6><strong>allAuthenticatedUsers<\/strong><\/h6>\n<ul>\n<li>a special identifier that represents\n<ul>\n<li>all service accounts<\/li>\n<li>all users on the internet who have authenticated with a Google Account.<\/li>\n<\/ul>\n<\/li>\n<li>It accounts that aren&#8217;t connected to a G Suite or Cloud Identity domain,<\/li>\n<li>Users who aren&#8217;t authenticated, like anonymous visitors, aren&#8217;t included.<\/li>\n<\/ul>\n<p><strong>allUsers<\/strong><\/p>\n<ul>\n<li>a special identifier that represents anyone who is on the internet<\/li>\n<li>includes authenticated and unauthenticated users.<\/li>\n<\/ul>\n\n\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/certified-professional-data-engineer-practice-exam\" target=\"_blank\" rel=\"noreferrer noopener\">Pass the GCP Exam Now!<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this, we will learn the Cloud IAM working. Cloud IAM: Can manage access control by defining who (identity) has what access (role) for which resource. permission to access a resource isn&#8217;t granted directly to the end user. permissions are grouped into roles roles are granted to authenticated members. IAM policy defines and enforces what&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[617],"tags":[756,759,619,623,622,618,621],"class_list":["post-4953","page","type-page","status-publish","hentry","category-google-gcp","tag-cloud-iam","tag-cloud-iam-working","tag-data-engineer","tag-gcp","tag-google-certification","tag-google-cloud","tag-professional-data-engineer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cloud IAM working: Google Professional Data Engineer GCP - Testprep Training Tutorials<\/title>\n<meta name=\"description\" content=\"Pass the Google Cloud Certified Professional Data Engineer by learning and understanding the concepts of Cloud IAM Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloud IAM working: Google Professional Data Engineer GCP - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Pass the Google Cloud Certified Professional Data Engineer by learning and understanding the concepts of Cloud IAM Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-10T12:07:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/04\/Professional-Data-Engineer-Google-Cloud-image031-669x400.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/\",\"name\":\"Cloud IAM working: Google Professional Data Engineer GCP - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2020-04-19T20:43:01+00:00\",\"dateModified\":\"2022-03-10T12:07:03+00:00\",\"description\":\"Pass the Google Cloud Certified Professional Data Engineer by learning and understanding the concepts of Cloud IAM Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cloud IAM working: Google Professional Data Engineer GCP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cloud IAM working: Google Professional Data Engineer GCP - Testprep Training Tutorials","description":"Pass the Google Cloud Certified Professional Data Engineer by learning and understanding the concepts of Cloud IAM Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/","og_locale":"en_US","og_type":"article","og_title":"Cloud IAM working: Google Professional Data Engineer GCP - Testprep Training Tutorials","og_description":"Pass the Google Cloud Certified Professional Data Engineer by learning and understanding the concepts of Cloud IAM Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2022-03-10T12:07:03+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2020\/04\/Professional-Data-Engineer-Google-Cloud-image031-669x400.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/","name":"Cloud IAM working: Google Professional Data Engineer GCP - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2020-04-19T20:43:01+00:00","dateModified":"2022-03-10T12:07:03+00:00","description":"Pass the Google Cloud Certified Professional Data Engineer by learning and understanding the concepts of Cloud IAM Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/cloud-iam-working-google-professional-data-engineer-gcp\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"Cloud IAM working: Google Professional Data Engineer GCP"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/4953","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=4953"}],"version-history":[{"count":3,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/4953\/revisions"}],"predecessor-version":[{"id":52573,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/4953\/revisions\/52573"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=4953"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=4953"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=4953"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}