Sign in

This page covers instructions on signing into Google Distributed Cloud Sandbox. You can sign in to your environment using the Console and gdcloud CLI. Before you continue, ensure you have set up your GDC Sandbox environment on your preferred operating system (OS). To set up your environment, see Access the environment.

Also, ensure that you have downloaded the gdcloud CLI. See Download the gdcloud CLI.

Sign in and set up Platform Admin permissions

Console

  1. In your preferred remote desktop client, open a browser window.
  2. In the address bar, enter https://console.org-1.zone1.google.gdch.test/. A Sign in page appears.
  3. Click Continue with fake-oidc-provider. A Fake OIDC Provider page appears.

  4. In the Select a user list, click Platform Admin.

  5. Select Access.

  6. Select fop-platform-admin@example.com and click Edit Roles.

  7. Click Add Another Role to add more roles.

    1. To provide the Platform Admin with the necessary rights to create and test the services, add the following roles:
      • Org Network Policy Admin
      • Organization IAM Admin
      • Bucket Admin
      • Organization DB Admin
      • Organization Firewall Admin
      • Project Creator
      • User Cluster Admin
      • AI Platform Admin
      • Organization Grafana Viewer.
    2. To provide the Custom User with the necessary rights to create and test the services, add roles specific to the service.
    3. Click Save.

  8. Click Submit.

gdcloud

  1. Open your preferred remote desktop client.

  2. Set the default GDC organization, org-1. For more details on GDC organizations, see Organization.

    gdcloud config set core/organization_console_url \
  https://console.org-1.zone1.google.gdch.test

  3. Retrieve the certificates to authorize your sign in operation:

    echo -n | openssl s_client -showcerts -connect \
  console.org-1.zone1.google.gdch.test:443 | \
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
  > /tmp/org-1-web-tls-ca.cert

  4. Authenticate and sign into your GDC Sandbox environment. A browser window opens.

    gdcloud auth login --login-config-cert=/tmp/org-1-web-tls-ca.cert

  5. To continue your operations using the gdcloud CLI, close the browser.

  6. Optional: To continue your sign in through the browser, follow steps three to five in Console.

Add users

Create more users that have more granular access using the GDC console.

  1. Click Add member.
  2. In the Identity provider list, select fake-oidc-provider.
  3. In the Member type list, click User.
  4. In the Username or group alias field, enter your username.
  5. In the Role list, select the role that you want to assign to the user, such as Project Creator.
  6. Click Add.
  7. Click Logout in the menu bar to return to the Fake OIDC Provider page.
  8. Select Custom User.
  9. Enter a custom username.
  10. Click Submit.

What's next

You completed your first sign in, created a user, and assigned roles. You can review Manage identity and access to learn more about role definitions or proceed to Test services to begin creating resources such as projects, virtual machines, and clusters.