Course Introduction
Cloud Monitoring Access Control
Cloud Logging Access Control
Course Conclusion
The course is part of these learning paths
See 2 moreThis course looks at logging and monitoring access control on Google Cloud Platform. We start by looking at monitoring IAM, and you'll also learn about the IAM permissions and roles that apply specifically to monitoring. A demonstration from the GCP cloud console will show you how to grant monitoring permissions through role assignments.
Then we'll move on to monitoring access control via VPC Service Controls as well as covering cloud logging access control. We’ll start with an overview, before taking a closer look at specific IAM roles and permissions that are used to grant access to Cloud Logging. Finally, we'll look at Logs Explorer permissions and show which permissions you need to export logs.
Learning Objectives
- Get a solid understanding of monitoring and logging access control on GCP
- Learn about the IAM permissions and roles for monitoring
- Learn how to monitor access control using VPC Service Controls
- Understand the roles and permissions used to grant access to cloud logging
- Learn Logs Explorer permissions for exporting logs
Intended Audience
This course is intended for anyone who wants to learn how to configure logging and monitoring access control on the GCP platform.
Prerequisites
To get the most out of this course, you should have some experience of using GCP, as well as knowledge of IAM principles.
Hi there. Welcome to Logging and Monitoring Access Control on GCP. My name is Thomas Mitchell and I’ll be taking you through this course.
I’m a GCP instructor at cloud Academy and I have over 25 years of IT experience, several of those with cloud technologies. If you have any questions about this course, feel free to connect with me on LinkedIn, or send an email to support@cloudacademy.com.
This course is intended for those who wish to learn how to configure logging and monitoring access control on the GCP platform, and it is split into two sections. In the first section, we’ll cover cloud monitoring access control, while, in the second section, we’ll dive into cloud logging access control.
We’ll kick things off with an overview of monitoring IAM, where you’ll be introduced to the permissions and access necessary to use monitoring.
After you’ve been introduced to monitoring IAM, you’ll learn about the IAM permissions and roles that apply specifically to Monitoring.
We will then talk about granting IAM roles, because, while project owners, editors, and default service accounts for the Compute Engine and the App Engine will already have the required permissions for monitoring, there may be times when you need to grant these roles explicitly for certain users.
We’ll wrap up monitoring access control by quickly covering VPC Service Controls. We’ll touch on this topic briefly because, while IAM is the primary means for managing monitoring access, VPC Service Controls can also be used to further control access to monitoring data.
After covering cloud monitoring access control, we’ll get into cloud logging access control. We’ll start with an overview of Cloud Logging access control.
We’ll then look more closely at specific IAM roles that are used to grant access to Cloud Logging. You’ll learn about the specific logging permissions that are associated with each role.
Coming down the home stretch, we’ll take a look at log explorer permissions, before wrapping the course up by taking a look at the permissions you need to export logs.
After finishing this course, you'll come away with a solid understanding of how to configure logging and monitoring access control on GCP.
We’d love to get your feedback on this course, so please give it a rating when you’re finished.
If you’re ready to learn about configuring logging and monitoring access control on GCP, let’s get started!
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.