Enhanced Access Controls on Google Cloud

One of the great things about using ElasticBox is the ability to compare cloud providers to decide which suits your needs the best. We often hear interesting viewpoints from our customers when they try out a cloud provider they hadn’t used before. One such email led us to develop the feature I am going to talk about today: How to give your developers read only access to deploy applications on Google Cloud Platform, with the ability to still track their activity in the Google Developers Console. 

Why Does This Matter?
Currently, you can provide a user 3 levels of access to resources in the Google Developers Console: Can View, Can Edit, and Is Owner. While “Can View” gives a user only the ability to view and not deploy, “Can Edit” gives a user the ability to deploy as well as modify other instances, but does not give you the ability to track their individual activity. If you’ve used Google Compute for a team, you’ve probably experienced the limitation that these access levels provide. While the Google Cloud team works on a more robust identity feature, we’ve added functionality in ElasticBox that can give you more control over users.

A Common Use Case
A common use case we’ve heard from our enterprise customers is one where operations would like to set up a process such that:

  • Developers can deploy applications to Google Compute
  • Developers can only view activity on the Google Developers Console
  • Operations can track all activity for individual developers
  • Developers can’t modify any instances in Google Compute

Currently, this scenario is not possible by using the Google Developers Console alone. But combined with ElasticBox, you can enable this capability easily. Here’s how it works:

  • Add Google Compute as a provider in ElasticBox
  • Share with developers as “View Only” in ElasticBox
  • Add developers to your project in the Google Developers Console with “View Only” access

Developers can now deploy applications on Google Compute using ElasticBox with “View Only” privileges in the Google Developer Console.

While this may seem like a minor enhancement, these are exactly the kind of capabilities that are often hurdles in the path of enterprise cloud adoption. With features like access controls and various levels of sharing, we’re constantly adding features that make it easier for organizations to rapidly deploy applications in the cloud, while maintaining their preferred level of control.

Categories: Cool Features & Tutorials, Google Cloud
Tags: , ,