Author Archives: anuj - Page 35
GCP Service Projects – VPC or Not?
First read - Single project versus multiple projects in GCP to better understand what a project boundary really should be used for. The Driver for the Shared VPC Construct Using…
Single GCP Project or Multiple Small GCP Projects?
This content is password protected. To view it please enter your password below: Password:
GCP logs to Splunk
GCP System Level logs and Audit logs are different from the application's own geenrated logs. Both of these categories of logs can be exported out of the Compute Engine /…
Limiting GCP’s blast radius using Projects
When discussing the Project Boundary in GCP, Think Application hosting. Think of a project as the container of all App Resources. A single App - A Single Project. A dozen…
Service Project Admin in GCP
Service Project Admins have control over resources defined in the service projects. They typically have the Instance Admin role in the corresponding service projects. They may have additional IAM roles…
Resource Level Policies versus IAM policies in GCP
In AWS, to control access to a specific resource, there are resource based policies. In GCP, there isn't a direct analog of resource based policies, but existing policy bindings (IAM…
GCP Custom Role for Developers
Also read - Security Admin Role in GCP Developer Roles can be subdivided into two broad categories - Team Leads and Developers (Team Leads are Supersets of Developers) Roles suitable…
Security Readers and Security Admins in GCP
Also read - Built in Security related Managed Policies in AWS and GCP GCP has over a few thousand built in (predefined) roles for a variety of activities. Level 1…
Best Practices around GCP Service Accounts
This content is password protected. To view it please enter your password below: Password:
S3 data protection best practices
Notes from the Field Apart from standard AWS recommendations around s3 data protection, these are some tips from hands on engagements around S3 data backups (from data centers) S3…