AWS承担Google Cloud(GCP)中的角色吗? [英] AWS assume-role equivalent in Google cloud (GCP)?
问题描述
如何在GCP中设置多帐户(项目),是否可以通过使用承担角色在AWS中使用,有人知道如何在Google Cloud(GCP)中做到这一点?
How to setup multi-account(project) in GCP, it is possible in AWS by using assume-role, anyone knows how to do it in Google Cloud (GCP)?
我试图在GCP中探索AWS等效项,但找不到任何文档.
I tried to explore AWS equivalent in GCP, but not able to find any document.
推荐答案
基本答案是服务角色".限时服务角色可用.
The basic answer is "Service Roles". Limited-time service roles are available.
要为跨项目(但仍在同一组织中)分配权限,您可以创建自定义角色.
For assigning permissions across projects (but still in the same organization), you can create a custom role.
要让任何用户承担服务帐户的角色,请使用服务帐户用户角色.
For letting any user assume the role of a service account, use the Service Account user role.
对于限时授权令牌,您具有用于服务器到服务器调用的OAuth 2.0 ,特别是对于JWT(如果有).
For limited-time authorization tokens, you have OAuth 2.0 for server-to-server calls, particularly with JWT where available.
这篇关于AWS承担Google Cloud(GCP)中的角色吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!