Cons of Custom Roles
Custom roles can only be used to grant permissions in policies for the same project or organization that owns the roles or resources under them. You cannot grant custom roles from one project or organization on a resource owned by a different project or organization.
How to Use Cloud Identity and Access Management (IAM) For Access Control on GCP?
IAM defines “who can do what on which resource”. Cloud IAM (Identity Access Management) offers a standardized set of functions and integrates access management for Google Cloud services into a single solution. You can create and manage permissions for Google Cloud resources using the Identity and Access Management (IAM) service provided by Google Cloud. The appropriate tools are provided by Cloud IAM to efficiently and highly automate the management of resource rights. Users do not receive permissions directly from you, you give them roles instead, that combine one or more permissions. You can use this to relate jobs and groups within your organization to specific job responsibilities. Users only have access to the information they require to do their tasks, and administrators can easily give default permissions to huge groups of users.
Contact Us