Book Image

Professional Cloud Architect – Google Cloud Certification Guide

By : Konrad Cłapa, Brian Gerrard
Book Image

Professional Cloud Architect – Google Cloud Certification Guide

By: Konrad Cłapa, Brian Gerrard

Overview of this book

Google Cloud Platform (GCP) is one of the leading cloud service suites and offers solutions for storage, analytics, big data, machine learning, and application development. It features an array of services that can help organizations to get the best out of their infrastructure. This comprehensive guide covers a variety of topics specific to Google's Professional Cloud Architect official exam syllabus and guides you in using the right methods for effective use of GCP services. You'll start by exploring GCP, understanding the benefits of becoming a certified architect, and learning how to register for the exam. You'll then delve into the core services that GCP offers such as computing, storage, and security. As you advance, this GCP book will help you get up to speed with methods to scale and automate your cloud infrastructure and delve into containers and services. In the concluding chapters, you'll discover security best practices and even gain insights into designing applications with GCP services and monitoring your infrastructure as a GCP architect. By the end of this book, you will be well versed in all the topics required to pass Google's Professional Cloud Architect exam and use GCP services effectively.
Table of Contents (26 chapters)
Free Chapter
1
Section 1: Introduction to GCP
5
Section 2: Managing, Designing, and Planning a Cloud Solution Architecture
15
Section 3: Designing for Security and Compliance
17
Section 4: Managing Implementation
19
Section 5: Ensuring Solution and Operations Reliability
21
Section 6: Exam Focus

Introduction to security

Let's start this chapter with a brief introduction to GCP's approach to security. As we mentioned previously, security is not an afterthought and is built into its services. But before we even think about securing our services, we need to acknowledge the fact that GCP has a holistic view of security. This can be seen by restricting physical data center access and using custom hardware and hardened versions of operating systems in the software stack.

Google uses custom hardware with security in mind and uses a hardened version of Linux for the software stack, which is monitored for binary modifications and enforces trusted server boots.

Storage is a key service for any cloud provider, and GCP offers encryption at rest by default on all storage services. This can support customer encryption keys or manage keys on behalf of the customer. On physical...