Certified Google Cloud Architect

Author Archives: anuj - Page 5

Cloud Storage – Granting access to external users – e.g. Auditors

anuj January 20, 2024 Cloud Storage – Granting access to external users – e.g. Auditors2024-01-20T01:38:15+00:00 GCP Cloud Storage No Comment

The simplest thing to do is to create signed URLs (same as what you would do on AWS S3 buckets). The URL can be for the entire bucket or for…

Google App Engine Flex versus Standard

anuj January 19, 2024 Google App Engine Flex versus Standard2024-01-19T01:24:17+00:00 Google App Engine No Comment

GAE Flex lets you access the underlying OS.

Cloud Identity versus Google Workspace

anuj January 19, 2024 Cloud Identity versus Google Workspace2024-01-19T01:00:48+00:00 GCP IAM No Comment

User management in Workspace occurs through (not a cloud console) However, with cloud identity, you can now manage users directly from the GCP console. This means that there are two…

Synchronizing Users versus Federating Users in GCP

anuj January 19, 2024 Synchronizing Users versus Federating Users in GCP2024-01-19T01:12:18+00:00 GCP IAM No Comment

From your Corporate AD, you have two options to bring your users into GCP Federation = Use Cloud Identity to accomplish this Synchronization = Use GCP Cloud Directory Sync Service…

Customer supplied keys and cloud storage

anuj January 19, 2024 Customer supplied keys and cloud storage2024-01-19T00:51:02+00:00 No Comment

There is often a data compliance requirement - to use your own corporate provided encryption keys. If you want to user your own supplied encryption keys, you HAVE to use…

Organizations in GCP versus Organizations in AWS

anuj January 19, 2024 Organizations in GCP versus Organizations in AWS2024-01-23T19:05:48+00:00 GCP IAM No Comment

What are organizations in GCP used for? Organizations in GCP are used to group resources - not to federate identities ( AWS Control Tower). You can connect VPCs in two…

Object level permissions in GCP Storage

anuj January 19, 2024 Object level permissions in GCP Storage2024-01-19T00:45:37+00:00 No Comment

How do you ensure that individual Object level permissions can be set in GCP Storage? Disable Uniform Access (set Fine Grained Access to true). This will allow you to use…

Scopes and GCP Service Accounts

anuj January 18, 2024 Scopes and GCP Service Accounts2024-01-18T17:16:41+00:00 No Comment

Scopes let you control what services / APIs can be called from DEFAULT service accounts. Only Default SAs get to be defined by scopes (since their default scope can be…

Centralized Logging in GCP – Log Analytics Buckets

anuj January 17, 2024 Centralized Logging in GCP – Log Analytics Buckets2024-01-17T16:41:40+00:00 Logging and Monitoring No Comment

Logs - Platform Logs, Application Logs and Networking Logs Platform Logs - are three types of auditable activities: Data Access, Admin Activity, and System Event activity. And thus, there are…

VM Instance Level Metrics in GCP

anuj January 17, 2024 VM Instance Level Metrics in GCP2024-01-17T16:19:20+00:00 No Comment

GCP VM Level Monitoring metrics Active Metric Categories Firewall Metrics - Remember that FW rules are applied at the instance level in GCP. So Ingress Bytes and Egress Bytes are…

«‹3 456 7 ›»