Identity and Context-Aware Access Control
The course is part of this learning path
This course explores Zero Trust and how it can be implemented using BeyondCorp Enterprise. We also look at securing resources and applying access levels.
- Explaining the Zero Trust Security Model
- Implementing Zero Trust using BeyondCorp Enterprise
- Securing resources with an Identity-Aware Proxy
- Extending security by creating and applying access levels
- GCP Developers
- GCP Security Engineers
- Access to a GCP account
Congratulations! You made it through the course. But before I wrap things up, let me quickly review everything that was covered.
First, I talked about the zero trust security model. Today, it no longer makes sense for network security to be based around perimeters and segmentation. Devices and users on your private networks cannot be trusted any more than devices and users on public networks. Zero Trust means that you should “never trust, but always verify.” Private and public access should be handled the same way.
Second, I talked about how BeyondCorp Enterprise is Google's implementation of the zero trust model. It allows you to provide secure access to your GCP resources without requiring a VPN. BeyondCorp is made up of several features including: Chrome browser integration, Identity-Aware Proxies, and Access Policies.
And finally, I demonstrated how to set up an Identity-Aware Proxy to restrict who could access one of your Virtual Machines. I also showed you how to add region and IP address restrictions to provide an additional layer of security.
Well, that’s all I have for you today. Remember to give this course a rating, and if you have any questions or comments, please let us know. Thanks for watching, and make sure to check out our many other courses on Cloud Academy!
Daniel began his career as a Software Engineer, focusing mostly on web and mobile development. After twenty years of dealing with insufficient training and fragmented documentation, he decided to use his extensive experience to help the next generation of engineers.
Daniel has spent his most recent years designing and running technical classes for both Amazon and Microsoft. Today at Cloud Academy, he is working on building out an extensive Google Cloud training library.
When he isn’t working or tinkering in his home lab, Daniel enjoys BBQing, target shooting, and watching classic movies.