I'm looking over the docs for IAM, and the more I look at them, the more confused I get.
Here is the situation:
We have a GCE instance, launched from the Bitnami Trac image, that's running our Trac and SVN servers, along with experimental MySQL and Tomcat servers. And we have developers who are going to need to open terminal sessions on it.
Now, I was given several kinds of Admin access myself (albeit not anything that allows me to even see the IAM console screens). Among other things, I can access the "ssh over https" terminal portal (and "sudo" in it), change firewall rules, and manually add ssh keys.
But aside from what I've given the other developers in Trac, SVN, and MySQL, and what I'll be giving them in Tomcat, all they need is the ability to open terminal sessions.
I could of course just manually generate user profiles for the developers, have them generate keypairs for whatever ssh clients they have, and send me the public keys to be added under those user profiles, but minimal console access with the "ssh over https" portal is so much more convenient to use.
So what is the minimum that will give these developers so they can sign on to the console, and open a terminal session from their browsers, and how do we grant it?
--
JHHL