Google Cloud ACE Glossary: Compute, IAM, and Ops Terms
March 30, 2026
Google Cloud ACE glossary of compute, storage, IAM, networking, deployment, and operations terms.
Use this glossary when Google Cloud terms start to blur together. Keep it beside the cheat sheet and resources, not as a substitute for them. ACE usually does not punish you because you forgot a label. It punishes you because two nearby boundaries collapsed into one wrong action.
High-value terms
| Term |
What it means on ACE |
Fast anchor |
| organization |
top Google Cloud governance boundary |
highest inheritance scope |
| folder |
administrative grouping between organization and project |
branch of projects |
| project |
main workload, API, IAM, billing, and quota boundary |
primary operator lane |
| service account |
non-human identity used by workloads and automation |
workload principal |
| IAM binding |
assignment of a role to a principal at a scope |
role plus member at scope |
| VPC |
network boundary for subnets, routes, and firewall controls |
network container |
| subnet |
regional IP range segment inside a VPC |
address boundary |
| zonal resource |
resource that lives in one zone |
one failure domain |
| regional resource |
resource that spans or belongs to a region |
broader placement |
| managed instance group |
group of VM instances managed from a template |
repeatable VM fleet |
| Cloud Run |
serverless runtime for containers |
managed container path |
| Cloud Run functions |
event-driven function path on Google Cloud |
function-shaped runtime |
| GKE |
Google Kubernetes Engine |
Kubernetes control lane |
| quota |
service usage limit that can block deployment or scale |
service limit |
| budget alert |
threshold signal for spending visibility |
early cost warning |
| billing export |
detailed billing data path into analysis tooling |
deeper cost analysis |
| Ops Agent |
VM agent for supported metrics and log collection |
VM observability |
| audit log |
record of administrative or data-access activity |
who did what |
| Cloud Logging |
central logs platform |
event detail |
| Cloud Monitoring |
metrics, alerting, dashboards, and observability platform |
trend and alert lane |
gcloud |
Google Cloud command-line interface |
operator CLI |
Commonly confused pairs
| Pair |
Keep this distinction clear |
| project vs folder |
workload boundary versus higher administrative grouping |
| IAM role vs IAM binding |
permission bundle versus assignment |
| zonal vs regional |
single-zone placement versus region-level scope |
| Cloud Run vs GKE |
simpler serverless container hosting versus Kubernetes control need |
| Cloud Run vs Cloud Run functions |
service-shaped managed container versus function-shaped event-driven code |
| API enablement vs IAM permission |
service availability in the project versus permission to use it |
| budget alert vs billing export |
early spend warning versus deeper cost analysis |
| Cloud Logging vs Cloud Monitoring |
logs and events versus metrics and alerting |
| snapshot vs image |
disk recovery copy versus reusable VM template |
| Cloud Storage vs BigQuery |
object storage versus analytical warehouse |
| Cloud SQL vs Firestore |
relational application database versus document database |
If three terms blur together
| Terms |
Fast separation rule |
| project, folder, organization |
ask where the control should inherit |
| Cloud Run, GKE, Compute Engine |
ask how much runtime or infrastructure control you need |
| logging, monitoring, audit logs |
ask whether you need events, metrics, or change history |
| billing account, budget, quota |
ask whether the issue is paying, warning, or service limit |
| service account, user, impersonation |
ask whether the principal is workload, human, or delegated short-lived access |
One-sentence memory hooks
- If the question is about who can act, think IAM scope before runtime.
- If the question is about whether traffic can flow, think DNS, route, firewall, NAT, then peering.
- If the question is about what happened, think Logging.
- If the question is about trend, threshold, or health, think Monitoring.
- If the question is about who changed something, think audit logs.
Route yourself well
| If the confusion is really about… |
Go here next |
| scope, service fit, and quick elimination |
Cheat Sheet |
| current Google Cloud facts and official prep links |
Resources |
| pacing and review order |
Study Plan |
| overall exam framing |
Guide root |
Revised on Sunday, May 10, 2026