Get startedGet started for free

Resource Manager

1. Resource Manager

Let's get started with an overview of Resource Manager. The Resource Manager lets you hierarchically manage resources by project, folder, and organization. This should sound familiar because we covered it in the IAM module. Let me refresh your memory. Policies contain a set of roles and members, and policies are set on resources. These resources inherit policies from their parent, as we can see on the left. Therefore, resource policies are a union of parent and resource if an IAM allow policy is associated. However, if an IAM deny policy is associated with the resource, then the policy can prevent certain principals from using certain permissions, regardless of the roles they're granted. Although IAM policies are inherited top-to-bottom, billing is accumulated from the bottom up, as we can see on the right. Resource consumption is measured in quantities, like rate of use or time, number of items, or feature use. Because a resource belongs to only one project, a project accumulates the consumption of all its resources. Each project is associated with one billing account, which means that an organization contains all billing accounts. Let's explore organizations, projects, and resources more. Just to reiterate, an organization node is the root node for all Google Cloud resources. This diagram shows an example where we have an individual, Bob, who is in control of the organizational domain through the Organization Admin role. Bob has delegated privileges and access to the individual projects to Alice by making her a Project Creator. Because a project accumulates the consumption of all its resources, it can be used to track resources and quota usage. Specifically, projects let you enable billing, manage permissions and credentials, and enable services and APIs. To interact with Google Cloud resources, you must provide the identifying project information for every request. A project can be identified by: The Project Name, which is a human- readable way to identify your projects, but it isn't used by any Google APIs. There is also the Project Number, which is automatically generated by the server and assigned to your project. And there is the Project ID, which is a unique ID that is generated from your project name. You can find these three identifying attributes on the dashboard of your Google Cloud console, or by querying the Resource Manager API. Finally, let's talk about the resource hierarchy. From a physical organization standpoint, resources are categorized as global, regional, or zonal. Let's look at some examples: Images, snapshots, and networks are global resources; External IP addresses are regional resources; and instances and disks are zonal resources. However, regardless of the type, each resource is organized into a project. This enables each project to have its own billing and reporting.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.