How to Share GCP Images with Other Users and Projects - NETSEC

Latest

NETSEC

Learning, Sharing, Creating

Cybersecurity Memo

Monday, August 13, 2018

How to Share GCP Images with Other Users and Projects

We always can share Compute Engine images, snapshots, and disks with other users outside of your project or organization. Basically users with read access to those resources can use them to complete operations in other projects and organizations. For example, if you grant a user read access to an image or snapshot in your project, they can use those resources to create persistent disks in their own projects.

Here is detailed steps how to share GCP (Google Cloud Platform) compute engine image cross user accounts and projects.


1. Log into your GCP






2. Create a new image from Compute Engine 's images menu


3. Share Project with other users in IAM


4. Accept Google Developers Console project invitation


5. Confirm project and image in another GCP account and activate Google Cloud Share.


6. Use Google Cloud Share command to copy image from one project to another project. Actually, you can directly use this image by choosing from custom image to create a boot disk when you create a new VM.

Note: Use project_id in the command , not project name.

johnyan_ca@sec-2-21000:~$ gcloud compute images list --project macro-key-14516
NAME                                                  PROJECT            FAMILY                            DEPRECATED  STATUS
centos-6-v20180716                                    centos-cloud       centos-6                                      READY
centos-7-v20180716                                    centos-cloud       centos-7                                      READY
........................
sql-2017-express-windows-2016-dc-v20180710            windows-sql-cloud  sql-exp-2017-win-2016                         READY
sql-2017-standard-windows-2016-dc-v20180710           windows-sql-cloud  sql-std-2017-win-2016                         READY
sql-2017-web-windows-2016-dc-v20180710                windows-sql-cloud  sql-web-2017-win-2016                         READY
johnyan_ca@sec-2-21000:~$ gcloud projects list
PROJECT_ID        NAME         PROJECT_NUMBER
macro-key-14516  51Sec-GCP-1  1080804179409
sec-2-21000      51sec2       335678927754
johnyan_ca@sec-2-21000:~$ gcloud compute --project=sec-2-21000 images create image-2 --source-image=image-1-51sec-original --source-image-project=macro-key-14516
Created [https://www.googleapis.com/compute/v1/projects/sec-2-213000/global/images/image-2].
NAME     PROJECT       FAMILY  DEPRECATED  STATUS
image-2  sec-2-21000                      READY
johnyan_ca@sec-2-21000:~$






Notes:



Actually, after you shared your project to another user, that user can directly create a VM  by choosing from custom image to create a boot disk.















Youtube Video:



































Read more 














Subscribe via email






















Author Image


About ITProSec


Netsec - Learning, Sharing, Creating! 
























-


























Tags:













      

    






No comments:















Post a Comment



















        

      









Subscribe to:
Post Comments (Atom)