Topic 2 - Google AI Services Flashcards
(33 cards)
Project
An organizing entity for Google Cloud resources, containing settings, permissions, and metadata. Each project has a name, ID, and number.
Name the five ways listed in the source material to interact with Google services.
- Google Cloud console
- Google Cloud Command Line Interface (CLI)
- Local Terminal
- Cloud Shell
- Client Libraries
Google Cloud console
A web-based graphical interface for interacting with Google Cloud services.
Google Cloud Command Line Interface (CLI)
A tool for managing Google Cloud resources and services from the command line.
Local Terminal
Interacting with Google Cloud services using the gcloud CLI from a local computer’s terminal.
Cloud Shell
A browser-based command-line environment for Google Cloud.
Client Libraries
Code libraries provided by Google to simplify programmatic access to Google Cloud APIs.
Cloud Client Libraries
Recommended client libraries providing idiomatic code and handling low-level communication and authentication details, often using gRPC.
Google API Client Libraries
Older client libraries that provide access to the API’s REST interface only, often used for specific language support or upgrading existing projects
Why might someone choose to use Google API Client Libraries instead of Cloud Client Libraries?
Someone might use Google API Client Libraries if a Cloud Client Library is not available for their preferred programming language or if they are upgrading a project that already uses them. These libraries only access the API’s REST interface.
App APIs
Application Programming Interfaces used by applications to interact with Google services.
Admin APIs
Application Programming Interfaces used for administrative tasks and managing Google Cloud resources.
Principal
An identity (user account or service account) that can be granted access to a Google Cloud resource.
Authentication
The process of verifying the identity of a principal (such as a user account or service account) attempting to access a resource.
Authorization
The process of determining the level of access a principal or application is permitted to have to a resource, after authentication.
Credentials
Digital objects or methods (like passwords, PINs, biometric data) that provide proof of identity for authentication.
Token
A digital object exchanged for proper credentials that proves a caller’s identity and authorized access levels, used for authentication and authorization with Google APIs (except API keys).
User account
A principal representing a human user (developer, administrator) who interacts with Google APIs and services.
Service account
A principal that does not represent a human user, managed by IAM, typically used by applications or services to interact with Google Cloud.
Describe the difference between User accounts and Service accounts as principals.
User accounts represent human users like developers or administrators, while service accounts do not represent human users and are managed by IAM, often used for applications or services to interact with Google Cloud.
API key
A simple credential used to associate a request with a Google Cloud project for billing and quota, typically used for accessing public data. It does not identify a principal.
Why are API keys generally used for accessing public data or resources and not recommended for identifying a principal?
API keys do not identify a specific user or provide authorization information; they primarily associate a request with a Google Cloud project for billing and quota. They are suitable for accessing public data where identifying the caller is not necessary for authorization.
IAM (Identity and Access Management)
The service used to manage principals and their permissions for accessing Google Cloud resources.
Application Default Credentials (ADC)
A strategy used by Google authentication libraries to automatically find credentials based on the application environment, simplifying authentication for client libraries and REST calls.
