Certified Google Cloud Architect

Author Archives: anuj - Page 4

Database Credentials in Google Cloud?

anuj January 22, 2024 Database Credentials in Google Cloud?2024-01-22T04:35:49+00:00 Secrets Manager No Comment

How and where do you store db Credentials in Google Cloud? Secrets manager allows you to store and retrieve credentials in either binary form (blob) or as plain text.

Firewall Rules in GCP – Service Accounts versus Tags

anuj January 22, 2024 Firewall Rules in GCP – Service Accounts versus Tags2024-01-22T04:21:06+00:00 GCP Networking No Comment

Both - network tags - and Service accounts - are viable options (for target instances) when defining firewall rules. However, if both these exist for a certain VM, it is…

Private Google access

anuj January 22, 2024 Private Google access2024-01-22T04:10:51+00:00 No Comment

Private Google access allows your instances to reach Google APIs and services using an internal IP address rather than a public IP address. ... You can enable Private Google access on a subnet level and…

Account Level IAM versus Application Level IAM access

anuj January 22, 2024 Account Level IAM versus Application Level IAM access2024-01-22T02:48:34+00:00 GCP IAM No Comment

Use Case A - You need to implement a central authorization mechanism for users of your App (say hosted on App engine) Use Case B - You need to implement…

Cloud Storage – Granting access to external users – e.g. Auditors

anuj January 20, 2024 Cloud Storage – Granting access to external users – e.g. Auditors2024-01-20T01:38:15+00:00 GCP Cloud Storage No Comment

The simplest thing to do is to create signed URLs (same as what you would do on AWS S3 buckets). The URL can be for the entire bucket or for…

Google App Engine Flex versus Standard

anuj January 19, 2024 Google App Engine Flex versus Standard2024-01-19T01:24:17+00:00 Google App Engine No Comment

GAE Flex lets you access the underlying OS.

Cloud Identity versus Google Workspace

anuj January 19, 2024 Cloud Identity versus Google Workspace2024-01-19T01:00:48+00:00 GCP IAM No Comment

User management in Workspace occurs through (not a cloud console) However, with cloud identity, you can now manage users directly from the GCP console. This means that there are two…

Synchronizing Users versus Federating Users in GCP

anuj January 19, 2024 Synchronizing Users versus Federating Users in GCP2024-01-19T01:12:18+00:00 GCP IAM No Comment

From your Corporate AD, you have two options to bring your users into GCP Federation = Use Cloud Identity to accomplish this Synchronization = Use GCP Cloud Directory Sync Service…

Customer supplied keys and cloud storage

anuj January 19, 2024 Customer supplied keys and cloud storage2024-01-19T00:51:02+00:00 No Comment

There is often a data compliance requirement - to use your own corporate provided encryption keys. If you want to user your own supplied encryption keys, you HAVE to use…

Organizations in GCP versus Organizations in AWS

anuj January 19, 2024 Organizations in GCP versus Organizations in AWS2024-01-23T19:05:48+00:00 GCP IAM No Comment

What are organizations in GCP used for? Organizations in GCP are used to group resources - not to federate identities ( AWS Control Tower). You can connect VPCs in two…

«‹2 345 6 ›»