Identity and Access Management (IAM) Flashcards
How can you create a custom role in IAM?
Using the IAM policy, Cloud Console, or gcloud command-line tool
How can you view IAM policies for a resource?
Using the Cloud Console, gcloud command-line tool, or API
How do you audit IAM policies?
Using the IAM Policy Troubleshooter, Cloud Audit Logs, or third-party tools
What are IAM policies made up of?
Bindings, which include members and roles
What are IAM roles used for?
To assign a set of permissions to a user, group, or service account
What are IAM roles?
A collection of permissions that can be assigned to users or groups
What are basic roles in IAM?
Basic roles are broad roles that include Owner, Editor, and Viewer.
What are custom roles in IAM?
Roles created by users with a specific set of permissions tailored to their needs
What are predefined roles in IAM?
Roles created by Google that provide granular access to specific resources
What are the basic IAM roles?
Owner, Editor, Viewer
What are the levels in the IAM policy hierarchy?
Organization, folder, project, and resource levels
What are the three main components of IAM?
Principals, Roles, and Policies.
What are the three types of IAM roles?
Basic, predefined, and custom roles
What are the types of audit logs in IAM?
Admin Activity, Data Access, and System Event logs.
What does IAM stand for in Google Cloud?
Identity and Access Management
What does the Editor role in IAM allow you to do?
Modify all resources but not manage access
What does the Owner role in IAM allow you to do?
Full control over all resources
What does the Viewer role in IAM allow you to do?
Read-only access to resources
What happens if a role is granted at a higher level in the IAM hierarchy?
It is inherited by all resources under that level
What is a condition in an IAM policy?
A condition is an optional part of a policy binding that specifies when the binding is in effect.
What is a member in IAM?
An entity (user, group, service account) that can be granted access to resources