book

Google Cloud Certified Professional Cloud Architect All-in-One Exam Guide

Name: Google Cloud Certified Professional Cloud Architect All-in-One Exam Guide
Author: Iman Ghanizada
ISBN: 9781264257287

by Iman Ghanizada

March 2021

Intermediate to advanced

560 pages

9h 55m

English

McGraw-Hill

Read now

Unlock full access

Cover
About the Author
Title Page
Copyright Page
Dedication
Contents at a Glance
Contents
Acknowledgments
Introduction
Chapter 1 Introduction to the Professional Cloud Architect Certification
Reasons to Take the Professional Cloud Architect ExamPrerequisite KnowledgeCase StudiesMountkirk GamesDress4WinTerramEarthGeneral Tips on Taking Technical Certification ExamsHow to Use the Supplementary ResourcesChapter ReviewQuestionsAnswers

Chapter 2 Overview of Cloud Computing and Google Cloud
Overview of Cloud ComputingGoogle Cloud vs. Other CloudsSecurity FirstOpen CloudAnalytics and Artificial IntelligenceGlobal Data Centers and NetworkPrinciples of System DesignA 10,000-Foot Overview of GCPCompute SolutionsStorage SolutionsDatabase SolutionsData AnalyticsNetworking SolutionsOperations SolutionsDeveloper ToolsHybrid Cloud and Multi-Cloud SolutionsMigration SolutionsSecurity and Identity SolutionsInteracting with the GCPGoogle Cloud ConsoleCommand-Line InterfaceExercise 2-1: CLI ExampleClient LibrariesBusiness and Technical Context for the Google Cloud ArchitectAssessing Business RequirementsAssessing Technical RequirementsChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 3 Cloud Identity
Setting Up a Cloud Identity and Admin AccountSecurity Principles in the CloudThe AAA Security ModelLeast Privilege and Separation of DutiesCloud Identity OverviewManaging Users in Cloud IdentityHow Users Authenticate to GCP2-Step VerificationSecurity AuditingChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 4 Resource Management
Cloud Resource Manager OverviewOrganization HierarchyOrganization, Folders, Projects, and ResourcesOrganization PoliciesBest PracticesExercise 4-1: Creating a ProjectChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 5 Cloud Identity and Access Management
Cloud IAM OverviewMembers, Roles, and PoliciesGoogle AccountsGroupsService AccountsIAM RolesIAM PoliciesIAM ConditionsAccounting and Technical ComplianceChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 6 Networking
Networking Deep DiveGoogle’s Global NetworkNetwork TiersVirtual Private Cloud, Subnets, Regions, and ZonesSubnet Ranges and IP AddressingRoutes and Firewall RulesPrivate AccessCross-Project CommunicationCloud DNSConnectivity to Your CloudCloud RouterCloud VPNCloud InterconnectCloud Load BalancingOverviewCloud CDNNetwork SecurityNetwork Security PrinciplesGoogle Front EndFirewallsCloud ArmorCloud NATVPC Service ControlsIdentity-Aware ProxyNetwork LoggingChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 7 Compute and Containers
Google Compute EngineVirtual Machine InstancesImagesInstance Templates and Instance GroupsStorage OptionsOS LoginGoogle App EngineApp Engine Flex vs. App Engine StandardGoogle Kubernetes EngineCluster ArchitectureConfigurationNode UpgradesCloud FunctionsCloud RunAPI ManagementApigeeCloud EndpointsSecure Your APIsChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 8 Storage, Databases, and Data Analytics
StorageGoogle Cloud StorageCloud FilestorePersistent DiskLocal SSDDatabasesCloud SQLCloud SpannerCloud BigtableCloud FirestoreCloud MemorystoreData AnalyticsBigQueryCloud DataprocCloud DataflowCloud Pub/SubData SecurityData ClassificationCloud DLPEncryptionChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 9 DevOps
The DevOps PhilosophyContinuous Integration and Continuous DeploymentContinuous IntegrationContinuous DeploymentInfrastructure as CodeDeployment StrategiesBlue-Green DeploymentRolling DeploymentCanary DeploymentA/B DeploymentDeployment ToolsGoogle Cloud Deployment ManagerCloud BuildCloud Source RepositoriesContainer RegistryChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 10 Cloud Operations
Cloud LoggingLog TypesCloud Trace, Cloud Profiler, and Cloud DebuggerCloud MonitoringWorkspacesMonitoring AgentUptime ChecksMetrics and AlertsDashboardsThe Importance of ResilienceChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 11 Security
Security FundamentalsCIA TriadControl CategoriesControl FunctionsAsset × Threat × Vulnerability = RiskSecurity ModernizationComplianceInfrastructure Security HighlightsIdentity SecurityResource Management SecurityIAM SecurityNetwork SecurityApplication Layer SecurityData SecurityDevOps SecuritySecurity OperationsCloud Asset InventorySecurity Command CenterChapter ReviewAdditional ReferencesQuestionsAnswers
Chapter 12 Billing, Migration, and Support
Billing FundamentalsCost ControlMigration PlanningResource Quotas vs. CapacityTransferring Applications and DataTraining and EnablementGoogle Cloud SupportChapter ReviewQuestionsAnswers
Closing Thoughts
Appendix A Objective Map
Appendix B About the Online Content
System RequirementsYour Total Seminars Training Hub AccountPrivacy NoticeSingle User License Terms and ConditionsTotalTester OnlineTechnical Support
Glossary
Index

Content preview from Google Cloud Certified Professional Cloud Architect All-in-One Exam Guide

CHAPTER 5 Cloud Identity and Access Management

In this chapter, we’ll cover

• Best practices for authorizing users to access resources using Cloud IAM

• The three main parts of the Cloud IAM: members, roles, and IAM policies

• The differences between users, groups, and service accounts

• How to use IAM conditions

• The importance of security principles in the context of user and programmatic accounts

It’s an incredible time to be in cybersecurity, largely due to the fact that human beings consistently are the weakest link to and cause of environmental security compromise. If you think about some of the largest cyberattacks that have occurred in recent history, they all seem to have resulted from some aspect of overprivileged users ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Google Cloud Certified Associate Cloud Engineer All-in-One Exam Guide

Publisher Resources

ISBN: 9781264257287

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Google Cloud Certified Professional Cloud Architect All-in-One Exam Guide

by Iman Ghanizada

CHAPTER 5

Cloud Identity and Access Management

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.