Archives for Google Cloud Platform
Compute Engine Restrict Access – restrict service accounts in GCP
Two relevant roles to assign to IAM user - Compute Instance Admin and Service Account User. , Note the prefixes on these two. The instanceAdmin is related to the COMPUTE…
NoOps (No Operations) Spectrum on GCP
From least operations to the most required operations - this is a chart of the various compute services on GCP Cloud Functions (LEAST) --> App Engine Standard --> GKE -->…
Importing Organization from admin.google to cloud console
You have two routes to getting a google identity that can be used for GCP- ordinary Google Workspace accounts and Cloud Identity accounts. Google Workspace Accounts Sign in to your Google Admin…
Prisma versus Native CSPM Alerting on GCP and AWS
Native Vulnerability and Misconfiguration Monitoring Tools run for a longer period of time - and capture account level events that may not be captured by Prisma and external CSPM tools.…
IAP – Notes from the field
IAP can be used to protect web resources (layer 7) as well as TCP resources (layer 4) Layer 4 Use Case VMs are being managed using SSH and RDP. The…
Migrate a VM to Anthos and GKE
This content is password protected. To view it please enter your password below: Password:
How many accounts should your public cloud have?
This content is password protected. To view it please enter your password below: Password:
Helpful gCloud Commands
At the Org Level - LIST all Enabled Org Policies gcloud beta resource-manager org-policies list --organization=blah blah > IAM Bindings at the org level gcloud organizations get-iam-policy org-id To get…
Google Workspace and Google Cloud admins
Organizational Ownership An organization is an entity that exists outside of the cloud context as well (for - when you set up a workspace account). The very same organization can…
VPC Peering versus Private Service Connect
This content is password protected. To view it please enter your password below: Password: