
Why Google Cloud Platform?
According to Global Knowledge’s Survey for 2018 a GCP Cloud Architect had the highest salary at $139,529. Getting Google Cloud Certified or even just learning more can add value to your career earnings.
Course Description
Course UPDATED 04/01/2019 - Course materials update with downloaded pdf of over 150 pages.
Security in the cloud is much like security in your on-premise data centers, only without the costs of maintaining facilities and hardware. In the cloud, security is generally a shared responsibility between the provider and the customer.
With Google Cloud Platform there are many facets of maintaining a secure cloud environment and in this course we will cover them.
Areas of focus will be IAM, Stackdriver, Gsuite, Cloud Identity, Roles and Service Accounts.
Download the course slides and over 140 pages of course materials to follow along, and share comments to enrich the discussion on Google Cloud security features.
Learn how Google Cloud organizes resources with organizations, folders, and projects, and how IAM, groups, G Suite, and Cloud Identity enable granular, lifecycle-aware security and resource management.
Explore identity and access management in Google Cloud, granting access to Google accounts, service accounts, groups, and cloud identity domains, and using directory sync and federation for lifecycle management.
Explore IAM roles in GCP, comparing primitive, curated, and custom roles to control access. Understand service accounts, key management, audit logging, encryption, and the user invitation workflow for projects.
Explore service accounts and their role in authenticating applications to Google Cloud APIs using private keys and service account credentials for server-to-server interactions.
Create and manage service accounts in the default project, assign a viewer role to audit resources, enable private keys and domain wide delegation as needed, and delete unused accounts.
Apply the principle of least privilege and group-based access to manage auditors and administrators, audit policy changes, and centralize control with the organizational policy service for Google Cloud resources.
Explore how G Suite integrates with Google Cloud Directory Sync to securely sync on-prem LDAP and Active Directory data to Google Cloud, with setup, rules, one-way sync, and reports.
Explore how to structure Google Cloud security with projects, folders, and an organization to manage resources, roles, and access, and integrate with G Suite, Cloud IAM, and GCDS.
Explore Google Cloud VPCs as a global private network that spans regions, enabling internal communication, subnet management, peering, and shared VPC options with auto and custom modes.
Create a VPC network with auto mode, configure a firewall rule for SSH (port 22), then delete the VPC to illustrate secure lifecycle management and optional flow logs.
Configure virtual networking in Google Cloud by setting up ip addressing and dns to isolate traffic across vpc networks and subnets, enabling secure cloud vpn connections.
Learn how Google Cloud Identity supports federation and single sign-on, centralizing user management with IAM and comparing free and premium options for lifecycle and mobile device management.
Explore configuring Google Cloud firewall rules for VPC networks, including ingress and egress, ports and protocols, priorities, targets, and the optional enforcement feature for troubleshooting.
Explore compute and container security in this course, highlighting security features such as security scanner for App Engine and Compute Engine, and shielded VM with configurable compute options.
Discover how bastion hosts concentrate inbound access to Google Cloud and how NAT gateways handle outbound traffic, reducing exposed IPs and guiding developers to a single jump point.
Connect on-prem to Google Cloud securely via Cloud VPN and a bastion host, enabling ssh or rdp access with os login and key management.
Google's data storage security uses progressive layers from physical security to hardware, with encryption at rest, key management, and Titan chip verification for root identity.
Explore cloud compliance in Google Cloud, including PCI DSS, FedRAMP, and GDPR, and review the customer responsibility matrix to identify in-scope services and responsibilities.
Explore Google Stackdriver, a hybrid multi-cloud monitoring and logging platform that enables auditing, issue detection, uptime checks, tracing, and alerts with Cloud Pub/Sub.
Explore Stackdriver on Google Cloud Platform and learn to monitor, log, trace, and profile. Create dashboards, workspaces, and custom views, and group resources for flexible monitoring.
Configure billing and service alerts using cloud monitoring, build alerting policies with conditions and thresholds, and publish notifications and dashboards to monitor resources and incidents.
Explore Google Cloud Platform security, compliance, and governance, with reference architectures and security posture guidance across industries. Learn about industry-specific offerings, governance controls, and resources like videos and white papers.
Run cloud security scanner on app engine and compute engine to detect vulnerabilities such as cross-site scripting and outdated libraries, enabling early remediation before production deployment.
Conduct pen testing on Google Cloud Platform by targeting only your resources, following the acceptable use policy, and using the Google Vulnerability Reward Program to report valid findings.
Explore Google's security posture by reviewing the Google Cloud Platform security white paper, covering incident handling, privacy, compliance, auditing, and encryption in transit and at rest.
Explore Google Cloud security features panel, including identity aware proxy, key management with key rings, context manager, VPC service controls, binary authorization, data loss prevention, and web security scanner.
Discover Google code labs on the Google developers site for free, guided hands-on practice with Google Cloud storage, deploying apps, and Cloud Pub/Sub across Google products.
Explore quick labs for hands-on Google Cloud practice, with quests on cloud architecture and security tasks, including labs on service accounts, VPC pairing, and data loss prevention.
Learn how to sign up for the Google Cloud free tier, understand geo-based eligibility, and use the $300 credit on APIs or platform services to prepare for the architect course.
Explore the Google Cloud Asset Library for templates and icons of cloud services, including Compute Engine, App Engine, Cloud Storage, and Cloud SQL, with mobile back ends and Spinnaker examples.
Explore App Engine as a platform as a service, compare standard and flexible environments, and review deployment, logging, storage, custom domains, and microservices capabilities.
Explore how Google Cloud's Kubernetes Engine enables you to create clusters, deploy containerized applications, manage nodes and networking, and implement CI/CD with container registries.
Compare aws to gcp certifications, showing how google's associate cloud engineer, professional cloud developer, and updated cloud architect differ in objectives and difficulty from aws exams.
Discover the top ten focus areas for the new Google Cloud Architect exam, including SI pipeline, GKE, Cloud Build, Repositories, Cloud Functions, SDLC best practices, and A/B testing.
Master the top ten topics for the associate cloud engineer exam, including gcloud commands, containers, cloud sql vs spanner, app engine, compute engine, stackdriver, and billing.
Explore the beta Google Cloud certified professional cloud developer exam, its four-hour format, and key topics like continuous integration, blue-green canary deployments, traffic splitting, and cloud service selection.
Google Cloud is growing quickly as companies increasingly adopt multi-cloud strategies. It was once again named a Leader in the 2019 Gartner Infrastructure as a Service Magic Quadrant, and demand for people with Google Cloud skills is running high.
According to Global Knowledge’s Survey for 2020 a GCP Cloud Architect had the highest salary at $179,000. Getting Google Cloud Certified or even just learning more can add value to your career earnings
Security in the cloud is much like security in your on-premise data centers, only without the costs of maintaining facilities and hardware. In the cloud, security is generally a shared responsibility between the provider and the customer.
With Google Cloud Platform there are many facets of maintaining a secure cloud environment and in this course we will cover them.
Areas of focus will be IAM, Stackdriver, Gsuite, Cloud Identity, Roles and Service Accounts.
What's Included?
Course materials include downloaded pdf of over 150 pages
4 hours on-demand video
Accredible Certificate of Completion
Who this course is for:
GCP Beginners with a month or more of experience. Some minor experience would be helpful since this course does not spend much time on GCP 100 materials
Anyone pursuing a GCP Cloud Certification
Existing Cloud Managers and Administrators
Existing Solutions Architects
What You'll Learn
✔ Student will learn about common GCP Cloud Security basics such as IAM
✔ Students will learn about GCDS and Cloud Identity
✔ Students will learn how to use App Engine and Compute Engine Security Scanner
✔ Students will learn about how GSUITE and Google Cloud can integrate security
✔ Students will learn about service accounts
✔ Students will learn about Compliance and Governance with Google Cloud
Requirements
Cloud Computing experience with a major platform
Sign up for the Google Cloud Platform Free credits or Free Tier.
Use Codelabs which is Free to help solidify learning about