Google Cloud Platform Archives - Page 11 of 18 - Multi Cloud Architect, Security Specialist

Archives for Google Cloud Platform - Page 11

Multi Zone and Multi Region Deployments in GCP (and their Egress charges on GCP)

anuj June 14, 2021 Multi Zone and Multi Region Deployments in GCP (and their Egress charges on GCP)2021-06-14T16:10:49+00:00 GCP Infrastructure No Comment

Also read IP Addressing in GCP and Firewall Rules in GCP Zones and Regions A subnet in GCP can span across multiple zones and multiple regions. When you deploy VMs…

Fewer Subnets with Larger Address Spaces – Best Practices for VPC Subnetting in GCP

anuj June 8, 2021 Fewer Subnets with Larger Address Spaces – Best Practices for VPC Subnetting in GCP2021-06-08T00:25:12+00:00 GCP Networking No Comment

Subnets and Routes work differently in GCP, partly due to the global nature of GCP VPCs. Group applications into fewer subnets with larger address ranges Unlike other networking environments in…

Native GCP Firewall and Firewall Rules

anuj June 6, 2021 Native GCP Firewall and Firewall Rules2022-06-26T23:30:48+00:00 Compute Engine 1 Comment

Firewalls in GCP vs AWS AWS SGs are only ALLOW rules. For DENY, you need to go to NACLs GCP full blown FW rules -allow and deny, just like on…

Egress Costs that come into play with a Transit VPC

anuj June 3, 2021 Egress Costs that come into play with a Transit VPC2021-06-08T00:26:32+00:00 AWS No Comment

Egress charges incur TWICE when traffic goes through a TRANSIT VPC (Regardless of AWS or GCP). This is true on both AWS and GCP. Adding additional filtering appliances introduces…

Patching versus Reloading Images

anuj June 1, 2021 Patching versus Reloading Images2021-06-01T15:53:20+00:00 GCP Infrastructure No Comment

Today's Public Cloud Hosting introduces a slight twist on the data center 'patching' paradigm. Instead of patching an OS, one typically reloads the base image (AMI in AWS, base compute…

KMS Keys in a Single Project or Multiple Projects?

anuj May 28, 2021 KMS Keys in a Single Project or Multiple Projects?2024-01-23T20:29:25+00:00 Cloud KMS No Comment

Also read KMS - Auditing Key Activity and KMS - Monitoring and Alerting Storing all KMS Keys in a single project has some advantages. One can tightly place IAM controls…

KMS Auditing Key Activity

anuj May 28, 2021 KMS Auditing Key Activity2024-01-23T20:29:37+00:00 Cloud KMS 1 Comment

Which KMS Activities are not LOGGED by default? (Also read KMS Monitoring and Alerting ) IMonitoring administrative activities vs. data access activities: All administrative KMS activities are logged by default. For…

Network Admin versus Security Admin in GCP

anuj May 28, 2021 Network Admin versus Security Admin in GCP2021-05-28T02:08:53+00:00 GCP IAM No Comment

These can be defined at any level , but the Organization level is the most common. In addition to these network admins, there are also shared VPC admins (and service…

Single Pub Sub Topic for Multiple Projects

anuj May 28, 2021 Single Pub Sub Topic for Multiple Projects2021-05-28T02:06:28+00:00 GCP Pub Sub 1 Comment

Single Pub Sub Topic for Multiple Projects? To create a sink that publishes to a Cloud Pub/Sub topic in a different project (you would need to grant Project A's Service…

«‹9 101112 13 ›»