API – Authentication Methods
There are various techniques for authentication of compute engine API under:
- OAuth 2.0
- Through client library
- With an entrance token (gsutil authentication)
OAuth 2.0
Step 1: In a Visit Google API console to reap OAuth 2.Zero credentials together with consumer ID and customer secret which are known to Google and your utility.
Step 2: Obtain get right of entry to token from Google authorization server. A JavaScript application can request an access token using a browser redirect to Google. After logging into google account the user is requested if they’re willing to grant one or more permission that application is requesting. (User consent). If person offers at least one permission the authorization server will ship an get right of entry to token and a list of scope of get entry to granted to that token
Step 3: Examine the scope of get admission to granted through consumer compare the scope included in get admission to token to the scope required to get entry to software features and functionality.
Step 4: Send get entry to token to an API – Token is dispatched to Google API in an HTTP authorization request header. Access tokens are legitimate handiest for the set of operations and sources defined in scope of token request.
Step 5: Refresh Access token – Access tokens have confined lifetime. Refresh tokens may be wished if an software needs get right of entry to to Google API past the life of get entry to token.
Client Library Authentication
In a Google Cloud Client Library is a configured to get entry to the Google Cloud Platform offerings and the authenticate to (OAuth 2.Zero) routinely in your behalf.
Authentication using entrance token (gsutil authentication)
With gsutil hooked up from the Cloud SDK, you have to authenticate with carrier account credentials.
Use an current provider account or create a brand new one, and download to the associated personal key. However, you can handiest download the personal key information for a provider account key while the secret is first created. Use gcloud auth prompt-provider-account to authenticate with the service account:
In the KEY_FILE is the call of the record that incorporates your service account credentials. gcloud auth uses to the cloud-platform scope while getting an get entry to token.
gcloud auth activate-service-account –key-file KEY_FILE
What is Compute Enginee API
Types of Cloud Computing fashions: Different models of cloud computing offer different services like IaaS, PaaS, SaaS, etc. Infrastructure as a Service (IaaS): The term IaaS (Infrastructure as a Service) is used to describe computer offerings to the cloud offerings consumers. It means that there is no want to buy, maintain, or upgrade steeply-priced physical infrastructure which is managed through cloud vendors and cloud customers use the cloud as virtual server resources.
Today we look more in detail at Google’s compute Engine offering, its benefits, authentication mechanisms employed by Google cloud compute engine, and so on.