Archives for Compute Engine
Using only Trusted Images in GCP Projects
Step 1 - Create a separate project - and store all hardened images in it. Step 2 - Enforce the Org Policy - Define trusted image project. This will ensure…
OS patch management on GCP Compute Engine VMs
VM Manager API is the service to use. Enable a feature called OS Patch Management in there.
Windows Server VMs on GCP Compute Engine
Quick tips for creating and installing a windows server VM on GCP The creation of the instance is straightforward - pick the instance name, the boot disk, any special networking…
Creating a publicly accessible VM in GCP
Step 1 - Create a new VM - While Creating the VM Allow HTTP and HTTPs firewall rule (if you plan to host a web app on there) Pick the…
Disk Level Backups of Criticial Instances – GCP
Use Case - Critical VM Instance with data and software on root disk. Need to be able to recreate instances from this backup, to be used across other projects in…
Private IPs, Public IPs and App Engine
This content is password protected. To view it please enter your password below: Password:
Unmanaged versus Managed Instance Groups
Also read, Load Balancers on GCP Why use Unmanaged Groups at all? If you need to included instances from different families, this is your only option. You would not get…
Google Private Access, Private Instances, Private Subnets
Also read - Private Subnets in GCP and Azure Private Links versus Private EndpointsIn this post, we will create a VPC network (with a custom private subnet), some firewall rules…
Native GCP Firewall and Firewall Rules
Firewalls in GCP vs AWS AWS SGs are only ALLOW rules. For DENY, you need to go to NACLs GCP full blown FW rules -allow and deny, just like on…
Viewing output from startup scripts GCP Compute Engine
Read this post to understand the different ways to pass in a startup script to compute engine (using terraform) To view metadata attributed set on the instance ( foo=bar) View…