[英]Is there a way to group service accounts in Google Cloud Platform?
Within the same Google Cloud Platform organization I'm managing there are several service accounts belonging to different projects that need access to a single (separate) project.在我管理的同一个 Google Cloud Platform 组织中,有多个服务帐户属于需要访问单个(单独)项目的不同项目。
Is there any way to avoid having to individually grant access to each one of the service accounts to resources in the project via role?有什么方法可以避免必须通过角色单独授予对项目中资源的每个服务帐户的访问权限?
With regular user accounts (ie those logging in via @gmail.com or other domain credentials) this can be achieved by putting all of them in a group through Cloud Identity and binding the role, but I do not know if there is a way of doing this for service accounts.使用普通用户帐户(即通过@gmail.com 或其他域凭据登录的用户),可以通过 Cloud Identity 将所有用户放在一个组中并绑定角色来实现,但我不知道是否有办法为服务帐户执行此操作。
您可以使用Google 群组(Google 帐户和服务帐户的集合)将访问策略应用于一组用户,以便您能够一次授予和更改整个群组的访问控制,而不是授予或更改访问控制单个用户或服务帐户一次一个。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.