Coder Social home page Coder Social logo

kaholo-plugin-google-cloud-iam's Introduction

kaholo-plugin-google-cloud-iam

Kaholo plugin for integration with Google Cloud IAM Service. Google Cloud Identity and Access Management (IAM) is used to create and manage permissions for Google Cloud resources.

What you can do with Google Cloud IAM Plugin

  • Set Project IAM Policy: Manage access control and policies for your projects
  • Add Project Role Binding By Email: Add new members to your project’s IAM policy under a specified role by entering their email address
  • Add Project Role Binding To Service Account: Add project roles to service accounts Optionally, you can use IAM Conditions to grant access to project members only if specified conditions are met
  • Get Project IAM Policy: Get the IAM policy for a specified project
  • List Service Accounts: List service accounts for a specified project
  • List Roles: List roles within a specified project

Authentication

This plugin requires Service Account Credentials as provided by GCP in order to authenticate to the Google Cloud services.

Once you have created your Google Cloud Service Account, create and download the Key in JSON format from the Google Cloud Platform.

The Key must be stored as a new entry in the Kaholo Vault and can be used within each Method by selecting the corresponding Vault entry from the Credentials field.

Entire JSON file content needs to be added in the Vault.

You can see more information on how to create service account keys here.

Settings

  1. Service Account Credentials (Vault) Required If Not In Action - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Default Project ID (String) Required If Not In Action - Default project to use in methods. Learn More

Method: Set Project IAM Policy

Set the specified project's IAM Policy.

Parameters

  1. Service Account Credentials (Vault) Required If Not In Settings - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Project (Autocomplete) Required If Not In Settings - Project name. Learn More
  3. Policy JSON (Text) Required - The policy to apply to the project, in JSON format. Can be provided either as a JSON string, a path to a local file on the agent, or as JS object from code. Learn More

Method: Add Project Role Binding By Email

Add new role bindings to the IAM policy of the specified project, using the specified members emails.

Parameters

  1. Service Account Credentials (Vault) Required If Not In Settings - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Project (Autocomplete) Required If Not In Settings - Project name. Learn More
  3. Members Emails (Text) Required - The emails of the new members to add to the project's IAM policy, under the specified role. Email can either refer to a user email or to a service account's email. Can enter multiple values by separating each with a new line. Learn More
  4. Roles (Autocomplete) Required - The roles to apply to specified members. Can enter multiple values by entering roles as an array from code. Learn More
  5. Condition (Text) Optional - Will apply all new bindings with specified condition. You can use IAM Conditions to define and enforce conditional, attribute-based access control for Google Cloud resources. Learn More

Method: Add Project Role Binding To Service Account

Add new role bindings for the specified service account in the IAM policy of specified project.

Parameters

  1. Service Account Credentials (Vault) Required If Not In Settings - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Project (Autocomplete) Required If Not In Settings - Project name. Learn More
  3. Service Account (Autocomplete) Required - Add the role binding for the specified service account. Learn More
  4. Roles (Autocomplete) Required - The roles to apply to the service account. Can enter multiple values by entering roles as an array from code. Learn More
  5. Condition (Text) Optional - Will apply all new bindings with specified condition. You can use IAM Conditions to define and enforce conditional, attribute-based access control for Google Cloud resources. Learn More

Method: Get Project IAM Policy

Get the project's IAM policy.

Parameters

  1. Service Account Credentials (Vault) Required If Not In Settings - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Project (Autocomplete) Required If Not In Settings - Project name. Learn More

Method: List Service Accounts

List all service accounts in the specified project.

Parameters

  1. Service Account Credentials (Vault) Required If Not In Settings - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Project (Autocomplete) Required If Not In Settings - Project name. Learn More

Method: List Roles

List all predefined Google IAM roles and all custom roles in the specified project.

Parameters

  1. Service Account Credentials (Vault) Required If Not In Settings - A Vaulted JSON document containing Google Cloud Service Account credentials as provided by GCP. Learn More
  2. Project (Autocomplete) Required If Not In Settings - Project name. Learn More

kaholo-plugin-google-cloud-iam's People

Contributors

amiton11 avatar kadosh1000 avatar ilanyaniv avatar nerpaula avatar vinfry avatar

Watchers

James Cloos avatar Mateusz avatar Lior Kaplan avatar avatar Dawid Zegar avatar Krzysztof Bernat avatar avatar avatar avatar

Forkers

aravinda6625

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.