Book Image

Professional Cloud Architect Google Cloud Certification Guide - Second Edition

By : Konrad Cłapa, Brian Gerrard
5 (1)
Book Image

Professional Cloud Architect Google Cloud Certification Guide - Second Edition

5 (1)
By: Konrad Cłapa, Brian Gerrard

Overview of this book

Google Cloud Platform (GCP) is one of the industry leaders thanks to its array of services that can be leveraged by organizations to bring the best out of their infrastructure. This book is a comprehensive guide for learning methods to effectively utilize GCP services and help you become acquainted with the topics required to pass Google's Professional Cloud Architect certification exam. Following the Professional Cloud Architect's official exam syllabus, you'll first be introduced to the GCP. The book then covers the core services that GCP offers, such as computing and storage, and takes you through effective methods of scaling and automating your cloud infrastructure. As you progress through the chapters, you'll get to grips with containers and services and discover best practices related to the design and process. This revised second edition features new topics such as Cloud Run, Anthos, Data Fusion, Composer, and Data Catalog. By the end of this book, you'll have gained the knowledge required to take and pass the Google Cloud Certification – Professional Cloud Architect exam and become an expert in GCP services.
Table of Contents (25 chapters)
1
Section 1: Introduction to GCP
5
Section 2: Manage, Design, and Plan a Cloud Solution Architecture
14
Chapter 12: Exploring Storage and Database Options in GCP – Part 2
17
Section 3: Secure, Manage and Monitor a Google Cloud Solution
21
Section 4: Exam Focus

VPC firewall rules

A firewall is either a hardware or software device that filters network traffic that's passing through it. This filtering can be done based on many conditions, such as the source, target IPs, protocol, or ports. It allows you to secure your network from unwanted access.

The firewall rules allow you to control traffic flow to and from VM-based instances. Firewall rules work independently of the VM operating system and are always enforced if put in an enabled state. VPC acts as a distributed firewall that leverages micro-segmentation. This means that the firewall rules are enforced per VM, even if the machines reside in the same network. It should be noted that it does not have the ability to analyze the contents of data packets. The firewall rules are constructed of the following components:

  • Ingress (inbound) firewall rules:
    • Priority 0: 65545 with a default value of 1000
    • Action: allow or deny
    • Enforcement: enabled or disabled
    • Target (destination): All instances...