Certified Google Cloud Architect

Author Archives: anuj - Page 29

Azure Firewall versus NSGs

anuj July 16, 2021 Azure Firewall versus NSGs2021-08-03T16:42:44+00:00 Azure 3 Comments

Also read A Reusable Hub Spoke Network Design on Azure NSGs at instance level and at Subnet Level NSG rules can become difficult to manage in larger VNETs with multiple…

gcloud behind a corporate proxy

anuj July 15, 2021 gcloud behind a corporate proxy2021-07-15T18:46:24+00:00 GCP Operational No Comment

If you are using gcloud from behind a corporate firewall/proxy, you may encounter an SSL validation error. To disable SSL validation for google-cloud-sdk $ gcloud config set auth/disable_ssl_validation True Need…

Incident Response in AWS

anuj July 15, 2021 Incident Response in AWS2021-07-15T18:13:55+00:00 AWS No Comment

Also read Incident Response in GCP What constitutes an incident in AWS? A compromised account is an incident - as is a compromised VM. Each of these merits a different…

Azure Firewall versus NSGs

anuj July 13, 2021 Azure Firewall versus NSGs2021-07-13T02:44:56+00:00 Azure No Comment

NSGs are layer 3 and layer 4 rules - that are also true ALLOW DENY rules, just like in any firewall appliance Azure Firewall - is Layer 3, 4 and…

Incident Response in GCP

anuj July 13, 2021 Incident Response in GCP2021-07-16T04:33:16+00:00 Incident Response 1 Comment

Also read KMS specific alerting and response in GCP as an example to understand how alerts are set in GCP. What exactly constitutes an incident? In GCP, Cloud Monitoring opens…

Agent Based Metrics

anuj June 29, 2021 Agent Based Metrics2021-07-18T02:52:49+00:00 Logging and Monitoring No Comment

See also Custom Metrics and Log Metrics in GCP and Error Reporting in GCP What are Agent Based Metrics? These are metrics reported by the stackdriver agent installed on VMs…

Hub Spoke VPC versus Shared VPC in GCP

anuj June 22, 2021 Hub Spoke VPC versus Shared VPC in GCP2021-08-03T16:38:40+00:00 GCP Networking 1 Comment

See also Shared VPCs - for Production and Non Production and A Reusable Hub Spoke Model in GCP. Why NOT use a Shared VPC as a HUB VPC (in a…

At Rest Encryption GCP

anuj June 19, 2021 At Rest Encryption GCP2021-06-19T17:19:37+00:00 Encryption and Data Protection No Comment

Also read In Transit encryption GCP Cloud Storage? At rest encryption. Google Managed Keys (Native Google or CMEKs) or BYOK (CSEKs) Cloud SQL? Row Level Encryption What if I don't…

Kubnernetes and GKE Basics

anuj June 19, 2021 Kubnernetes and GKE Basics2021-07-10T01:45:23+00:00 GKE No Comment

(This is work in on GKE docs and some quiklabs) Kubernetes only manages nodes - the nodes can be anything (VMs with Kubelet and Kube-Proxy installed) Kubernetes itself does not…

In Transit Encryption in GCP

anuj June 19, 2021 In Transit Encryption in GCP2021-10-21T22:09:04+00:00 Data Protection in GCP 3 Comments

Also read At Rest Encryption in GCP. Overview - Network Layer Automatic Encryption At the network layer, Google Cloud’s virtual network infrastructure automatically encrypts VM to VM traffic if it…

«‹27 282930 31 ›»