My cheat sheet for protecting your GCP resources
There are lots of great sources of info to use when you design solutions in the Google Cloud Platform (GCP). But there are some things I needed and couldn’t find anywhere, so I’ve created my own. This post is about another one of these. It is based on the chapter about security services in my book, “The Professional Cloud Architect’s Big Fact Sheet”. You can read more about the book at economo.tech.
Every solution in GCP needs various layers of defence to protect it from the bad guys out there. To create the first concept of your solution, you sometimes want to go through the main protection methods that are built into GCP, just to look at your options, without getting yet into the detail.
The different GCP features you use for security aren’t necessarily listed as “security services” in Google’s formal documentation. Some of them hide under “networking”, “storage”, “containers” and so on. But they are still there to add layers of security around your cloud resources.
So the “cheat sheet” below is the one I use as a check list when thinking about security at the solution concept stage. I also used it for revision before the GCP architecture exam. It’s quite a modest sheet: it only says the absolute minimum about every service, as a reminder of what it can help you protect. I’ve somehow managed to list 40 different GCP services or features that provide a security function.
In the cheat sheet I’ve kept the colour coding I use in the book, which splits the GCP services into 10 areas (only 7 of them are in this table). If you read the book then it includes a list of facts about each one of the 40 services and features listed here. If you know these GCP features already, or if you learn about them from other sources, then you may find this cheat sheet helpful as a stand-alone checklist.
Here it is!
