Chapter 2. Setting Up Accounts and Users
In Chapter 1, you saw the principles that underly modern security and, specifically, how security functions as cloud native becomes the dominant paradigm in the industry. Now, let’s move on to the initial configuration of your cloud estate. Investing in a scalable, programmatic approach will let you move with the business, allowing teams to rapidly onboard and innovate and allowing you to focus your energies and efforts on higher-value activities.
You’ll see how to do the following:
-
Create the fundamental building blocks of cloud estates
-
Deploy a region-based guardrail to constrain teams to only approved regions
-
Centralize and create users to allow people to access your estate in a manageable way
2.1 Scalable Project Structures on GCP
Problem
You need to deploy the projects required to rapidly onboard a new team in to your organization.
Solution
In this recipe, you will deploy a new folder for a team, with the four required projects underneath, as shown in Figure 2-1.
Figure 2-1. Recommended organization structure
If you haven’t already done so, familiarize yourself with Terraform and the different authentication mechanisms in Chapter 11.
Create a variables.tf file and copy the following contents:
variable"production_folder_name"{type=stringdescription="The name of the production folder"}variable"nonproduction_folder_name" ...
Get Cloud Native Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
