Book Image

Google Cloud Platform for Architects

By : Vitthal Srinivasan, Loonycorn , Judy Raj
Book Image

Google Cloud Platform for Architects

By: Vitthal Srinivasan, Loonycorn , Judy Raj

Overview of this book

Using a public cloud platform was considered risky a decade ago, and unconventional even just a few years ago. Today, however, use of the public cloud is completely mainstream - the norm, rather than the exception. Several leading technology firms, including Google, have built sophisticated cloud platforms, and are locked in a fierce competition for market share. The main goal of this book is to enable you to get the best out of the GCP, and to use it with confidence and competence. You will learn why cloud architectures take the forms that they do, and this will help you become a skilled high-level cloud architect. You will also learn how individual cloud services are configured and used, so that you are never intimidated at having to build it yourself. You will also learn the right way and the right situation in which to use the important GCP services. By the end of this book, you will be able to make the most out of Google Cloud Platform design.
Table of Contents (19 chapters)
13
Logging and Monitoring

Use case – restricting access with both ACLs and IAM

IAM is an acronym for Identity and Access Management, and, as you'd imagine, it has to do with who can do what. More on this in the chapter on IAM, but for now, just know that:

  • All GCP services have both identities (who is this?) and roles (what can they do?)
  • Cloud storage is an exception because we can also use Access Control Lists (ACLs, pronounced ackles) to directly specify who can do what:

As the figure suggests, roles and permissions can be given at an organizational level (the organization that you have registered for your GCP project), storage bucket level, or at an individual object level. Of course, public access options will remain everywhere.

First of all, let's clear out the most obvious option, Public Access. The public URL for any object can be generated from the options menu and it will consist...