Hello folks,
I was wondering what’s the most idiomatic way to manage IAM groups in GCP. In the best of worlds, I’d be able to create a group, add a few members (mostly real users, not service accounts) and then create either a IAMMembership or IAMBinding resource to grant explicitly the permissions required to use some cloud resources (e.g., database access). I looked into
cloudidentity
, but am not quite sure this is the best way to go. Any thoughts?
Many thanks,