IAM

Configuring IAM permissions with gcloud. https://www.qwiklabs.com/focuses/7678?parent=catalog

history command

    1  gcloud
    2  curl https://sdk.cloud.google.com | bash
    3  cat /home/student-03-1688e8cece68/.bashrc
    4  exec -l $SHELL
    5  gcloud init
    6  gcloud components list
    7  gcloud components install beta
    8  gcloud compute instances create lab-1
    9  gcloud config list
   10  gcloud compute zones list
   11  gcloud config set compute/zone us-central1-c
   12  gcloud config list
   13  cat ~/.config/gcloud/configurations/config_default
   14  gcloud init
   15  gcloud compute instances list
   16  gcloud compute instances create lab-2
   17  gcloud init
   18  gcloud config configurations activate default
   19  gcloud iam roles list
   20  gcloud iam roles list | grep "name:"
   21  gcloud iam roles list | grep "name: roles/compute"
   22  gcloud iam roles describe roles/compute.instanceAdmin
   23  gcloud config configurations activate default
   24  sudo yum -y install epel-release
   25  sudo yum -y install jq
   26  echo "export [email protected]" >> ~/.bashrc
   27* 
   28  gcloud config configurations activate user2
   29  echo "export PROJECTID2=qwiklabs-gcp-03-d7214c9b0bb1" >> ~/.bashrc
   30  . ~/.bashrc
   31  gcloud config set project $PROJECTID2
   32  gcloud config configurations activate default
   33  cat ~/.bashrc
   34  gcloud projects add-iam-policy-binding $PROJECTID2 --member user:$USERID2 --role=roles/viewer
   35  echo "export [email protected]" >> ~/.bashrc
   36  echo "export [email protected]" >> ~/.bashrc
   37  echo "export [email protected]" >> ~/.bashrc
   38  gcloud projects add-iam-policy-binding $PROJECTID2 --member user:$USERID2 --role=roles/viewer
   39  . ~/.bashrc
   40  gcloud projects add-iam-policy-binding $PROJECTID2 --member user:$USERID2 --role=roles/viewer
   41  gcloud config configurations activate user2
   42  gcloud config set project $PROJECTID2
   43  gcloud compute instances list
   44  gcloud compute instances create lab-2
   45  gcloud config configurations activate default
   46  gcloud iam roles create devops --project $PROJECTID2 --permissions "compute.instances.create,compute.instances.delete,compute.instances.start,compute.instances.stop,compute.instances.update,compute.disks.create,compute.subnetworks.use,compute.subnetworks.useExternalIp,compute.instances.setMetadata,compute.instances.setServiceAccount"
   47  gcloud projects add-iam-policy-binding $PROJECTID2 --member user:$USERID2 --role=roles/iam.serviceAccountUser
   48  gcloud projects add-iam-policy-binding $PROJECTID2 --member user:$USERID2 --role=projects/$PROJECTID2/roles/devops
   49  gcloud config configurations activate user2
   50  gcloud compute instances create lab-2
   51  gcloud compute instances list
   52  gcloud projects add-iam-policy-binding $PROJECTID2 --member user:$USERID2 --role=projects/$PROJECTID2/roles/devopsgcloud config configurations activate default
   53  gcloud config configurations activate default
   54  gcloud config set project $PROJECTEID2
   55  export PROJECTID2=qwiklabs-gcp-03-d7214c9b0bb1
   56  gcloud config set project $PROJECTEID2
   57  gcloud config set project qwiklabs-gcp-03-d7214c9b0bb1
   58  echo $PROJECTEID2
   59  gcloud iam service-accounts create devops --display-name devops
   60  gcloud iam service-accounts list --filter "displayName=devops"
   61  SA=$(gcloud iam service-accounts list --format="value(email)" --filter "displayName=devops")
   62  gcloud projects add-iam-policy-binding $PROJECTID2 --member serviceAccount:$SA --role=roles/iam.serviceAccountUser
   63  gcloud projects add-iam-policy-binding $PROJECTID2 --member serviceAccount:$SA --role=roles/compute.instanceAdmin
   64  gcloud compute instances create lab-3 --service-account $SA --scopes "https://www.googleapis.com/auth/compute"
   65  gcloud compute ssh lab-3
   66  history

contents of ~/.bashrc

# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

# Uncomment the following line if you don't like systemctl's auto-paging feature:
# export SYSTEMD_PAGER=

# User specific aliases and functions

# The next line updates PATH for the Google Cloud SDK.
if [ -f '/home/student-03-1688e8cece68/google-cloud-sdk/path.bash.inc' ]; then . '/home/student-03-1688e8cece68/google-cloud-sdk/path.bash.inc'; fi

# The next line enables shell command completion for gcloud.
if [ -f '/home/student-03-1688e8cece68/google-cloud-sdk/completion.bash.inc' ]; then . '/home/student-03-1688e8cece68/google-cloud-sdk/completion.bash.inc'; fi
export [email protected]
export PROJECTID2=qwiklabs-gcp-03-d7214c9b0bb1
export [email protected]
export [email protected]

PreviousAssessment questions NextCloud Storage

Last updated 4 years ago

Was this helpful?