Archives for Google Cloud Platform - Page 7
Google Cloud KMS FAQ
What is Envelope Encryption? Cloud KMS generates a key called the KEK (key encrypting key). This key DOES NOT encrypt your payload data. It just encrypts the key that is…
Cloud Monitoring on GCP
Also read Logging in GCP Cloud Monitoring collects metrics, events, and metadata from Google Cloud and applications hosted on GCP. GCP provides several built in metrics What about ALERTING and…
MFA for IAM Users, Service Accounts and CLI Access
Do you need MFA on your IAM User accounts? What about Service Accounts or IAM users used for CLI access only? It depends on what the user account is used…
Why Service Accounts are a superior way to do Firewalls in GCP
Also read NACLS on AWS and GCP Equivalents The Problem Statement Configuring and managing IP-based firewall rules is a complex and manual process that can lead to unauthorized access if…
Why use a Customer Managed Key on AWS or GCP?
Why use a CMK on AWS ( a CMEK on GCP) at all, when the Cloud Provider managed keys will perform the same task? That's a question a lot of…
East to West Traffic Filtering using Palo Alto on GCP
Set up a 1 on 1 appointment with Anuj to assist with your cloud journey. First, you will need to decide whether egress, ingress or BOTH types of traffic are…
Shared VPC Best Practices, SAP Hana Example
Also see - granting the shared vpc admin role in gcp Overview - why a shared vpc isn't meant for shared prod and non-prod environments I wrote earlier about why…
Premium Tier Security Command Center GCP
Security Health Analytics should be your first stop for auditing the security posture of your GCP environment. In addition to several built in detectors, there are a handful of detectectors…
Understanding the GCP Organization Resource
What is it that is Hierarchal - IAM or resources? People talk about hierarchical IAM in GCP. In reality, it is the resource hierarchy that is hierarchical. IAM just follows…
NIST Compliance and GCP – Google Gov Cloud
Gov Cloud GCP Google's Assured Workloads for Government workloads NIST Standards The significant difference between NIST 800-53 and 800-171 is that the latter relates to non-federal networks. Simply put, if you run…