This content guides users through setting up a Google Cloud Platform (GCP) organization, including configuring Cloud Identity, verifying a custom domain, creating a hierarchical folder structure, and establishing projects for logical resource separation and access control.
Mind Map
点击展开
点击探索完整互动思维导图
foreign [Music]
in last two videos we have covered how
to create a gcp free to your account and
configure building
second video was a console walkthrough
where we learned that how to use various
DCP services
today we are going to cover how to
configure gcp organization create folder
structure and projects as per our needs
hit here
wherever you go to a company or when you
start a cloud migration every company
has their own domain for this example we
have a domain booked with godaddy.com
which is cloud Sprint dotted we will be
working with this domain for all our labs
labs
the second thing which we're going to
talk about is Google workspace admin
Google workspace admin helps us to
configure Cloud identity
create our users create our groups for
our corporate
for our Enterprise users we can provide
permissions to you gcp you can attach
Cloud ID to org and gcp
the third thing will the second part of
the lab is all about setting up folders
and projects
well then we will learn that how to set
up an organization how to create folders
how to divide that in environments and
how are we going to create projects that
the last layer which is resources
so we'll be discussing this in detail on
doing the lab as well
before we move to the
next segment let's understand how gcp
work looks like
so organization is the First Resource
which represents your company
any I am row granted at this level are
inherited by all resources under the organization
organization
second is the folder limit
folders can contain projects other
folders or a combination of both roles
granted at the highest folder level will
be inherited by projects and other
folders that are contained in the parent
folder for example if you apply any
permission on devops folder it will be
applied to both the folders Tab and
production and all the projects Within
These two folders because
policies are inherited from top to
bottom so the third layer is the project
label project represents a trust
boundary within your company and it is
logical separation of resources
the fourth is resource layer which is
the minimum level of the permissions
that's the so far uh decent enough
Enterprise level start which we're gonna
do in our Labs now without any further
delay let's try to create our
organization setup users
folders structure project label and
for this you need to click on IM
identity and organization here you can
clearly see that you can manage your
user accounts groups for employees you
can create organizational structure
which is centrally controlled you can
create projects resources you can
configure security guidelines
we'll click on go to the checklist when
you come here the checklist you'll see
that your current account Cloud Sprint
31 gmail.com is not associated with any
organization now if you want to have
your own domain and attach this Google Cloud
Cloud
projects with your your organization you
need to enable Cloud identity and create
the organization so without any further
delays we'll begin the setup once you
click on begin the setup you'll be
redirected to this page where you'll be
asked that what kind of workspace user
are you
the first step is are you a new customer
are you a workspace customer or you
already have a cloud identity since we
don't have anything we will say I am a
new customer
after that I'll click on the sign up for
cloud identity because DBS we are
suggesting for the first time in this
window it will just ask you some basic
details like your business name your
country your email address
and your domain as we have already book
domain with
GoDaddy will copy and paste it there
yeah we'll use the domain
will put out the username which we want
to show in the admin so here we are
creating the admin user push current cloudspin.in
cloudspin.in
educating the user is fine will submit
the capture after submitting a captcha
our Cloud entity
account has been created
once you log in from this account
you will be asked to accept the terms
and conditions once you accept the terms
and conditions
you'll be thrown to the admin console
which is
a place where you control all users
groups identity domain ownership everything
everything
now the second step is to verify your
Cloud Sprint dot in we have created the
Cloud identity now we are going to
verify the domain you have to ask you
have to sign in into godaddy.com but
since I have already signed in another
window it will not ask me so I'm just
gonna click on connect
and that will verify my ownership that
yes I am the owner of this domain that
that basically takes four to five
minutes to verify yeah after five
minutes it got verified
now my domain is verified
now on the screen you can see
it is verified by Cloud identity it is
satisfied that I am the owner of this
domain the second step is to create new users
users
this admin panel helps you to create
users in bulk you can make any kind of
changes you can create groups for now
let's create a test user test dot user
at the cloudspring.in
we have added that user you will be
getting the username password
or add an email address of that
particular user if you want to see you
go to directory users and you can see
you have the
user created we can also create group
because while working on gcp we will be
only working with groups it's not a best
practice to give you know the rights to
an individual this is how
we can create groups we can also assign
owners like we it for now in our
operation we have to use as pusher and
another one is test users so both of
them either of them can be owner of it
all all of them maybe
that's how you create groups in here
right so
as now we have created a cloud identity
so for now we have created Cloud
identity our admin account and a test user
user
now we have to login from that
particular account which is our
organization admin to move further
because that's that's that was the point
of creating that identity now I'll click
on continue and I'll switch account so
far we were logging in through our Gmail
ID but now we will change it to pushkar
additive Cloud Sprint dot in that is our
Cloud identity which we have created
I'll click on select
it will redirect ask me to enter my
password once I enter my password I
delete it should take me to consolid.cloud.google.com
