Certified Google Cloud Architect

Author Archives: anuj

How to test IAM permissions in GCP

anuj March 12, 2023 How to test IAM permissions in GCP2023-03-12T23:16:57+00:00 No Comment

How to Test Iam Permissions in GCP - for the current user From cloud shell curl -X POST \ -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \ -H "Content-Type: application/json;…

Continue Reading

Arrays in BigQuery

anuj March 12, 2023 Arrays in BigQuery2023-03-12T23:12:07+00:00 GCP BigQuery No Comment

Arrays in BigQuery Create an Array create table as WITH a as ( select ('first','second', 'third') as sequence_num ) select from a Create a dataset CREATE SCHEMA OPTIONS ( default_kms_key_name = 'KMS_KEY_NAME', default_partition_expiration_days = PARTITION_EXPIRATION, default_table_expiration_days = TABLE_EXPIRATION, description = 'test_billing_queries', labels = , location = 'us-central1', max_time_travel_hours = HOURS, storage_billing_model = STORAGE_BILLING_MODEL);…

Continue Reading

State of Cloud Security Report

anuj March 3, 2023 State of Cloud Security Report2023-03-03T16:08:45+00:00 No Comment

State of Cloud Security Report

Continue Reading

Protect Bastion Hosts AWS and GCP

anuj February 24, 2023 Protect Bastion Hosts AWS and GCP2023-03-12T23:11:23+00:00 Compute Engine No Comment

Why secure bastion hosts? Everyone who sets up a bastion host, does so in a public or DMZ subnet. Their reasoning is that it needs to be accessible from anywhere…

Continue Reading

Private Service Connect versus Peered VPCs

anuj February 4, 2023 Private Service Connect versus Peered VPCs2023-03-13T19:37:21+00:00 No Comment

Overview - What is Private Service Connect? How does it differ from Private Google Access? Private Google Access ( on GCP) The idea is exactly the same as the AWS…

Continue Reading

Azure CLI – working with subscriptions

anuj November 2, 2022 Azure CLI – working with subscriptions2022-11-02T16:19:24+00:00 Azure No Comment

List current logged in (in the browser) accounts azure account list Switch Subscriptions az account set --subscription <name or id>

Continue Reading

How do you make a GCP bucket public?

anuj October 5, 2022 How do you make a GCP bucket public?2023-03-12T23:18:15+00:00 GCP Cloud Storage No Comment

Make a Storage Bucket Public The simplest way is to assign the AllUsers IAM role to the bucket. This makes it accessible for All users, regardless of their source. What…

Continue Reading

VPC Service Controls – As Firewall Rules

anuj October 3, 2022 VPC Service Controls – As Firewall Rules2022-10-05T14:51:42+00:00 No Comment

Are like firewalls - Firewall rules allow/block based on IP addresses - VPC service controls allow/block based on a project perimeter For to Ensure that cloud storage buckets can be…

Continue Reading

Compute Engine Restrict Access – restrict service accounts in GCP

anuj September 30, 2022 Compute Engine Restrict Access – restrict service accounts in GCP2023-03-12T23:13:55+00:00 APIs on GCP No Comment

Two relevant roles to assign to IAM user - Compute Instance Admin and Service Account User. , Note the prefixes on these two. The instanceAdmin is related to the COMPUTE…

Continue Reading

Privacy Policy