The Ultimate Guide to Building a Google Cloud Foundation

Book description

Follow Google's own ten-step plan to construct a secure, reliable, and extensible foundation for all your Google Cloud base infrastructural needs

Key Features

  • Build your foundation in Google Cloud with this clearly laid out, step-by-step guide
  • Get expert advice from one of Google's top trainers
  • Learn to build flexibility and security into your Google Cloud presence from the ground up

Book Description

From data ingestion and storage, through data processing and data analytics, to application hosting and even machine learning, whatever your IT infrastructural need, there's a good chance that Google Cloud has a service that can help. But instant, self-serve access to a virtually limitless pool of IT resources has its drawbacks. More and more organizations are running into cost overruns, security problems, and simple "why is this not working?" headaches.

This book has been written by one of Google's top trainers as a tutorial on how to create your infrastructural foundation in Google Cloud the right way. By following Google's ten-step checklist and Google's security blueprint, you will learn how to set up your initial identity provider and create an organization. Further on, you will configure your users and groups, enable administrative access, and set up billing. Next, you will create a resource hierarchy, configure and control access, and enable a cloud network. Later chapters will guide you through configuring monitoring and logging, adding additional security measures, and enabling a support plan with Google.

By the end of this book, you will have an understanding of what it takes to leverage Terraform for properly building a Google Cloud foundational layer that engenders security, flexibility, and extensibility from the ground up.

What you will learn

  • Create an organizational resource hierarchy in Google Cloud
  • Configure user access, permissions, and key Google Cloud Platform (GCP) security groups
  • Construct well thought out, scalable, and secure virtual networks
  • Stay informed about the latest logging and monitoring best practices
  • Leverage Terraform infrastructure as code automation to eliminate toil
  • Limit access with IAM policy bindings and organizational policies
  • Implement Google's secure foundation blueprint

Who this book is for

This book is for anyone looking to implement a secure foundational layer in Google Cloud, including cloud engineers, DevOps engineers, cloud security practitioners, developers, infrastructural management personnel, and other technical leads. A basic understanding of what the cloud is and how it works, as well as a strong desire to build out Google Cloud infrastructure the right way will help you make the most of this book. Knowledge of working in the terminal window from the command line will be beneficial.

Table of contents

  1. The Ultimate Guide to Building a Google Cloud Foundation
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Share Your Thoughts
  6. Chapter 1: Getting to Know Google’s Cloud
    1. How Google Cloud is a lot like a power company
    2. The four main ways of interacting with Google Cloud
      1. Google Cloud Console
      2. The Google Cloud SDK and Cloud Shell
      3. The Google Cloud APIs
      4. The Google Cloud mobile client
    3. Organizing Google Cloud logically and physically
    4. Google’s core services
      1. Compute
      2. Data storage
      3. Firestore (Datastore)
      4. Bigtable
      5. Memorystore
    5. Summary
  7. Chapter 2: IAM, Users, Groups, and Admin Access
    1. Step 1 – configuring identity management
      1. Cloud Identity setup
    2. Step 2 – adding an initial set of users and security groups
      1. Cloud Identity managing users and acting as IdP
      2. Cloud Identity managing IdP and an HR system managing users
      3. Cloud Identity delegates all IdP and user management to an external (non-AD) provider
      4. Integrating Cloud Identity with Microsoft AD
      5. Creating an initial set of security groups
    3. Step 3 – enabling administrator access
      1. Verifying initial Google Cloud organization creation
      2. Configuring organization administrator group access
    4. Summary
  8. Chapter 3: Setting Up Billing and Cost Controls
    1. Understanding billing terminology
    2. Step 4 – setting up billing and cost controls
      1. It starts with how you pay
      2. Next comes Cloud Billing
      3. Google Cloud Billing best practices
    3. Summary
  9. Chapter 4: Terraforming a Resource Hierarchy
    1. Automating infrastructure with Terraform
      1. Infrastructure as Code to the rescue!
      2. Terraform – the least you need to know
    2. Step 5 – creating a resource hierarchy to control logical organization
      1. Naming resources
      2. Designing the resource hierarchy
      3. Implementing a resource hierarchy
    3. Summary
  10. Chapter 5: Controlling Access with IAM Roles
    1. Understanding IAM in Google Cloud
      1. Who?
      2. Can do what?
    2. Step 6 – Adding IAM trust boundaries to the resource hierarchy
      1. Reading a security role
      2. Use groups where you can
      3. Google Cloud starter security group ideas
      4. Terraforming the permissions
      5. Fine-tuning IAM permissions with conditions
      6. Deny policies
      7. Limiting the use of privileged identities
      8. Troubleshooting access
    3. Summary
  11. Chapter 6: Laying the Network
    1. Networking in Google Cloud
      1. Understanding Virtual Private Cloud networks
      2. Communicating between networked resources
      3. Connecting VPC networks
      4. Leveraging Shared VPCs
      5. Hybrid cloud options
      6. Google Cloud network security
    2. Step 7 – building and configuring our foundational VPC network
      1. Updating your naming document
      2. Planning the Shared VPCs
      3. Terraforming your Google Cloud network
    3. Summary
  12. Chapter 7: Foundational Monitoring and Logging
    1. Getting to know the six core instrumentation products in Google Cloud
      1. Instrumentation product overview
      2. Working with Cloud Logging
      3. Monitoring your resources
    2. Step 8 – setting up foundational Cloud Logging and Cloud Monitoring
      1. Logging foundation
      2. Foundational monitoring
    3. Food for thought
    4. Summary
  13. Chapter 8: Augmenting Security and Registering for Support
    1. Step 9 – augmenting foundational security
      1. Data encryption
      2. Improving security posture with the SCC
      3. Limiting access with the Organization Policy Service
      4. General security elements
    2. Step 10 – Setting up initial Google Cloud support
    3. Final thoughts
    4. Why subscribe?
  14. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts

Product information

  • Title: The Ultimate Guide to Building a Google Cloud Foundation
  • Author(s): Patrick Haggerty
  • Release date: August 2022
  • Publisher(s): Packt Publishing
  • ISBN: 9781803240855