Author Archives: anuj - Page 33
Network Admin versus Security Admin in GCP
These can be defined at any level , but the Organization level is the most common. In addition to these network admins, there are also shared VPC admins (and service…
Single Pub Sub Topic for Multiple Projects
Single Pub Sub Topic for Multiple Projects? To create a sink that publishes to a Cloud Pub/Sub topic in a different project (you would need to grant Project A's Service…
Filter what Logs you want to Export in GCP
Configure filters for your cloud log sink On the console, open the export sink for which you wish to create a filter. Click on the export filter and select Convert…
GCP BigQuery and CIS Compliance (CIS Compliance benchmarks)
Certain CIS benchmarks are applicable to BigQuery. Leaving a dataset as PUBLIC (IAM policy allowing ANYONE to access a dataset) is the allUsers -> Represents anyone of the internet allAuthenticatedUsers…
Breakglass Role in GCP
This content is password protected. To view it please enter your password below: Password:
Subnets in GCP
This content is password protected. To view it please enter your password below: Password:
Packet Filtering Options versus Packet Monitoring Options
All public clouds will provide a packet monitoring option in the way of flow logs (VPC Flow Logs) However, packet monitoring is not the same as packet filtering. The closest…
IAM + VPC Service Controls = GCP 2 minute Security Solution
Also read - Identity Aware Proxy in GCP Overview IAM is the most often misconfigured and compromised service. To that end, GCP provides two unique services (boundaries) that go beyond…
F5 Big IP on GCP – Part 2 – Some Advanced Scenarios
HA versus LB Configuration of F5 F5 can be set up on GCP using a High Availability ( HA ) Configuration as well as a Load Balancing Configuration (using GCP's…
Endpoint Protection in GCP
Cloud Armor is the first line of defense for GCP Cloud Endpoint Security