Sunday, March 30, 2025

Home / Cloud / GCP / GCP - Introduction

GCP - Introduction

by on in ,

 

GCP is a public cloud vendor like competitors of Azure and AWS.  Customers are able to access server resources housed in Google's data centers around the world on a pay-per-user basis.

GCP offers a suite of computing services to do everything from Cost management to data management to delivering web and video over the web to AI and machine learning tools.

Google's global infrastructure has given 24X7 services around the world with highest speed and reliability. GCP starts with a region and within a region are availability zones. These availability zones are isolated from a single point of failure. Some resources such as HTTP global load balancer are global and can receive requests from any of the Google cloud Edge locations and regions. Others resources like storage can be regional.  The storage is distributed across multiple zones within a region for redundancy.
We need to select the locations depending on the performance, reliability and scalability and security needs of your organization. 

Plan to create a GCP setup:





Policies are inherited from the Organization root folder. It will act as parent of the policies within organization.



Setting the bill account is very important before start the project. We need a billing administrator role to perform this task. we can able to set a budget from project level or billing account level.

Cloud Shell:
    GCP includes command line tools for Google cloud product and services:
        gcloud - Main CLI for GCP cloud
        gsutil   - Cloud storage
        bq - biq query

Sytex of gcloud:
gcloud + component + entity + operation + positional args + flags


Cloud Identify:
Role - Define a permission of each entity within the group/principal. To make a permission is available into principals including user, group and service accounts, we need to give a proper roles assign into principals.

  • Policies are inherit from top to bottom approach,  There is a no ways to remove the permission that was grant at the top level into resource level.
Different types of Roles in GCP:
  • Basic Role - Owner, Editor and view
  • Predefined Role - Service specific role [pub/sub subscriber]
  • Custom Role - Based on user specified list of permission

Service account:

We can create a service account for automation of manual task. We can able to create a service account through GUI or glcoud CLI.
#gcloud compute instances create myinstance --service-account servicename

Create a service account for PubSub subscription
#gcloud pubsub subscriptions create [subscription_name] --topic [Topic_name] --push-endpoint=[Cloud_Run_Service_URL] --push-auth-service-account=[serviceacountname]@prjectid.iam.gserviceaccount.com

Best practice of Access Management:
  •    Donot grant a basic roles [Owner, Editor, viewer]
  •    Have more than one organization admin
  •    Grant roles to Google groups instead of individuals
  •    Be cautious when granting the Service Account user role
  •    Regularly check Cloud Audit logs and audit IAM policy changes.








Author Image

About Admin
Soratemplates is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design. The main mission of templatesyard is to provide the best quality blogger templates.

You May Also Like:
By at
Tags ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)