Playing with IAM V2 | Scribe

Playing with IAM V2

  • Hafeez Baig |
  • 22 steps |
  • 2 minutes
  • Google CloudGoogle Cloud
1
Sign in to the **Google Cloud Console**
2
Type "**iam & admin**" in the search bar and and click on the **IAM** option
information ordinal icon
**What is IAM?**\ \ **IAM (Identity and Access Management)** is a Google Cloud service that helps you manage and control access to your cloud resources. It allows you to define and enforce who can access specific resources, what actions they can perform, and under what conditions. IAM uses roles and permissions to grant or restrict access, ensuring that users and services have the appropriate level of access to resources based on their roles and responsibilities.
3
On the **IAM** dashboard, you can view all the Principals and their Names
4
To add a new principal, click on the **GRANT ACCESS** button on the top left side
5
On the right side **Grant access to in28minutes-project-4** wizard will open, scroll to the **New principals** section and add the emails you want for the principals
6
Scroll to the **Role** dropdown section, here you can add the Role for the Permission **Note:** For this demo, we will be adding the **Compute Engine Service Agent** role.
7
If you want to add more roles, click on the **ADD ANOTHER ROLE** button
8
Click on the **SAVE** button to apply the changes
9
On the **IAM** wizard, click on the edit widget of the Principal you want to edit
10
If you want to add more roles for the principal, click on the **ADD ANOTHER ROLE** button
11
Click on the **SAVE** button to apply the changes
information ordinal icon
Congratulations! on exploring the Roles
12
Click on the **Policy Troubleshooter option** from the left bar
information ordinal icon
**What is Policy Troubleshooter?**\ \ **Policy Troubleshooter** is a tool in Google Cloud that helps diagnose and resolve issues related to access control and permissions. It allows you to analyze and troubleshoot IAM policies by simulating access requests and identifying why a user or service account may or may not have access to a particular resource. This tool provides insights into policy conflicts and helps ensure that access controls are configured correctly.
13
**Policy Troubleshooter** wizard will open, give the principal email in the **Principal email** section
14
Scroll to the **Resource permission pair** section and click on the **BROWSE** button
15
**Select a resource** wizard will open, click on the **BROWSE** button
16
**Select a project** wizard will open, click on the Name **in28minutes-project-4**
17
On the **Search for the resources** search bar, type "**compute"**