What is Google Cloud IAM? Google Cloud IAM is Google’s identity management solution for Google Cloud Platform. It enables Google administrators to authorize who can access specific Google resources, namely those in their Infrastructure-as-a-Service platform. Think of Google Cloud IAM as similar to AWS IAM – it is a web based access management console for who can access the web-based consoles for GCP and AWS, respectively.
In doing so, organizations leveraging Google Cloud IAM can utilize Google Cloud Identities which ties to a number of services like G Suite, GCP, and other Google services. Google’s concept with Cloud IAM is to have centralized control and visibility over their Google Cloud Platform resources and who can provision, modify, and deprovision access to GCP resources on an individual basis.
What is Google Cloud IAM
Google Cloud IAM is a recent addition to Google’s cloud platform. It used to be that Google identities were tightly woven in with G Suite (formerly Google Apps for Work) resources like Gmail, Calendar, Drive, and so on. But, Google’s concept now is to enable you to use any “type” of Google identity and connect it to GCP resources.
In effect, Google identities were built from the apps they regularly used. This approach was effective at managing Google apps. Yet, it starts to break down when you factor in other Google resources – most notably Google Cloud Platform (GCP). Google Cloud IAM effectively detached the core Google user identity from G Suite and now calls it Google Cloud Identity and it cuts across a wide range of Google services.
In doing so, Google administrators gained centralized Google identities. Identities which admins could then provision to an exclusive list of Google resources like G Suite, GCP, and other Google services as well as with Cloud IAM for very specific types of resources within the IaaS platform.
Limitations of Google Cloud IAM
Google Cloud IAM is a great tool for managing Google Cloud Platform identities and connecting them to GCP resources. Hypothetically, if an organization only leveraged GCP resources, Google Cloud IAM would be the only solution they would need..