Google Cloud Platform Service Accounts
It seems like I'm looking for some general overview of how roles are managed, viewed, compared, and inherited.
How can you tell if a users (or a service accounts) roles are adequate, or too much or too little for a particular task? And what's the difference between a user having some roles, and a user using a service account that has those roles.
It would also be nice to have some kind of adversarial test, that would identify how/if users or service accounts can create identities with more flexible permissions that their own.
These short videos are good, but they're not a complete solution. I'm not sure where to look next.
Based on Jeff Geerlings book. There are 15 episodes. Jeff seems like a great guy. I'm going to try listen to one of these each day.
This is also a very useful article. I made notes from it in another post.
- Good for local development. (Especially when on aeroplanes?)
- Not as good for cloud providers as Terraform.
- No more snowflake servers.