Certified Google Cloud Architect

Author Archives: anuj - Page 13

Prisma versus Native CSPM Alerting on GCP and AWS

anuj July 21, 2022 Prisma versus Native CSPM Alerting on GCP and AWS2022-07-21T18:37:23+00:00 AWS No Comment

Native Vulnerability and Misconfiguration Monitoring Tools run for a longer period of time - and capture account level events that may not be captured by Prisma and external CSPM tools.…

AWS SSO Groups and Root Users

anuj July 13, 2022 AWS SSO Groups and Root Users2022-07-13T20:09:51+00:00 AWS 1 Comment

Discourage use of local accounts and encourage SSO Groups. With SSO Groups, access can be granted either across multiple accounts or to individual accounts, using Permission Sets. SSO Groups and…

No Ingress EC2 Instances, Public IPs on EC2s

anuj July 13, 2022 No Ingress EC2 Instances, Public IPs on EC2s2022-07-13T15:17:04+00:00 No Comment

AWS allows for a no-ingress EC2 instance, that can only be accessed via Systems Manager. This is the recommended best practice. Also read - Identity Aware Proxy on GCP for…

Use Firewall Policies in GCP along with Firewall Rules

anuj July 11, 2022 Use Firewall Policies in GCP along with Firewall Rules2022-08-27T16:11:14+00:00 GCP Networking No Comment

Default Firewall Rules exist at the VPC level and are applied to any VM created in a default VPC. In addition to the firewall rules, GCP has something called Firewall…

How Google Load Balancers are different

anuj June 26, 2022 How Google Load Balancers are different2024-01-19T17:48:43+00:00 GCP Networking No Comment

Google's Global Load Balancer vs. DNS Load Balancing DNS Load Balancing is tricky. For an app hosted in multiple regions, each region essentially gets an IP address that is unique…

Finding resources in GCP using gCloud

anuj June 23, 2022 Finding resources in GCP using gCloud2022-06-23T15:10:58+00:00 GCP Operational No Comment

To quickly find all resources within a project or even a parent org, we can use asset manager and resource manager API in GCP. Passing in a Project name gcloud…

Moving Projects and Billing Accounts under an Organization

anuj June 21, 2022 Moving Projects and Billing Accounts under an Organization2022-06-21T23:37:31+00:00 GCP IAM No Comment

It is common to end up with projects that are NOT under a specific org. Same for the billing for those projects. In order to move them under an organization,…

GCP Firewall Rules Best Practices

anuj June 21, 2022 GCP Firewall Rules Best Practices2022-10-03T18:29:23+00:00 GCP Networking No Comment

Also read : Service Accounts as a superior way to do Firewall Rules in GCP and Firewall Policies in GCP Which Rules apply where? For Load Balancers? Cloud Armor is…

Hosting a website with CDN on GCP Cloud Storage

anuj June 6, 2022 Hosting a website with CDN on GCP Cloud Storage2022-09-15T17:22:09+00:00 No Comment

Also read, external backends for Cloud CDN To host a website using GCP's Cloud CDN, here are the steps - as well as some gotchas. Only an IAM action (Add…

«‹11 121314 15 ›»