Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Managing users in Cloud Identity

  1. Home
  3. Managing users in Cloud Identity

Go back to GCP Tutorials

In this we will learn and understand about managing users in Cloud Identity.

However, a unified identity, access, app, and endpoint management (IAM/EMM) platform that helps IT and security teams maximize end-user efficiency, protect company data, and transition to a digital workspace.

Setting up Cloud Identity

Setting up Cloud Identity is one of the first steps you’ll take when creating a new Google Cloud organization.

Creating your first user

To create your Cloud Identity account and first admin user using the Setup Wizard:

  • Firstly, in the About you section, enter your first and last name in the Name field.
  • Secondly, in the current email address, you use for the work field, enter the email you used to create your prototype project.
  • Further, this email address will be used as a recovery address. It must be different from the address you create below that you’ll use as your admin account for Cloud Identity.
  • Thirdly, in the About your business section, enter your company name in the Business or organization name field.
  • Then, in the Country/Region field, choose the appropriate country or region from the pulldown list.
  • After that, click Next to set up your domain.
  • Now, in the Your Cloud Identity Domain window, you’ll add the domain you’ve already purchased for your company. You’ll need to verify that you own it by creating a specific CNAME record or uploading an HTML file.
  • Lastly, in the Create your Cloud Identity account window, enter a username and password. This account is your Cloud Identity administrator account and must be different from the email address you entered in step 2 above.

Migrate projects and billing accounts and set permissions

To migrate content from a previous account, follow these steps:

Grant access to billing accounts

  • Firstly, log in to the Google Cloud Platform account that has the existing billing account you want to connect to.
  • Secondly, grant your organization admin from Cloud Identity access to this billing account.
    • Go to the left nav and open Billing.
    • Navigate to the billing account you want to connect to.
    • Add the Organization Admin of your Cloud Identity as a Billing Administrator.
Google Associate Cloud Engineer free practice tests
Grant access to projects
  • Firstly, grant your organization admin Owner access to projects.
    • Navigate to the IAM & Admin page for the projects you want to migrate, and add your organization admin’s account as Owner.
  • Secondly, set Bulk permissions (optional).
    • Navigate to the IAM & Admin section and click Manage Resources or All projects from the left navigation. From the Manage Resources view, select all the projects you want to migrate and use the IAM panel to add your new account as Owner to these projects.

Log in to your Cloud Identity account, and accept the project invitations

Log in to your Cloud Identity account and check your email. Next, for the projects you’re migrating, you must accept the project invitation sent via email to your new account. You must click the link in each email for each project that you’re migrating.

Go to GCP, log in with your Cloud Identity account, and remove access
  • Firstly, remove access to the billing account.
    • Navigate to the billing account you connected from your old account, and remove access for any user accounts that are not within your company’s domain, including your @gmail.com account.
  • Secondly, remove access to projects.
    • Navigate to the IAM & Admin page, and click Manage Resources.
    • From the Manage Resources page, select No organization from the dropdown next to the filter control.
    • The projects from the old account are displayed with a yellow warning icon. Select these projects and use the IAM panel to remove access for any accounts that are not within your company’s domain, including your @gmail.com account.
Migrate projects
  • Firstly, navigate to the IAM & Admin section, and click Manage Resources.
  • Secondly, from the Manage Resources page, click No organization from the dropdown list next to the filter control. The projects from your old account are displayed with a yellow warning icon.
  • Lastly, select these projects from your old account, and click Migrate from the top bar, or click the icon for each project.

Set permissions

  • Firstly, navigate to the IAM & Admin section, and select your organization from the top bar dropdown. This will allow you to set IAM permissions that will affect all projects under your organization.
  • Then, from the IAM page, add your Admin users and grant them the appropriate roles. Examples are Organization Admin, Billing Admin, and App Engine Admin.
Managing users in Cloud Identity Google Associate Cloud Engineer Online course

Reference: Google Documentation

Go back to GCP Tutorials

Menu