In this course, we will take a virtual tour of the main offerings of Google Cloud Platform Services.
- Artificial Intelligence and Machine Learning
- Security and Operations
- Anyone who wants to learn about the main services available on Google Cloud Platform
- Basic understanding of computers, servers, and data centers
- Basic understanding of cloud principles
In this lesson, I am going to talk about some of the Security and Operations services available on GCP.
First, let’s talk about security. Security services exist to help you protect your data. One of the main concerns with using the cloud is privacy. You want to be able to control exactly who can access your data. So privacy is the goal, and security is the method. Google security services allow you to define policies, procedures, and controls that everyone must follow. In order to protect your customers and your company, you need to properly implement security. The policies you define will often be shaped by compliance requirements. Compliance refers to a third party set of standards, usually by some sort of regulatory authority. For example, different countries have different laws about storing and encrypting data. Digital security is complicated, so there are many different GCP services to assist you.
Security Command Center provides a centralized control panel to help you discover vulnerabilities, detect threats, and generate reports. Secret Manager gives you centralized storage for things like passwords, API keys, and certificates. The Data Loss Prevention service helps you identify and scrub sensitive data. For example, if your user records contain credit card numbers, you could configure DLP to remove them before responding to a database query.
Next, I want to talk about operation services. Now operations is focused on monitoring and maintaining your existing infrastructure.
So you have things like Google Cloud Operations Suite which was previously called Stackdriver. Now this suite includes:
- Cloud Logging: This acts as a centralized repository for all your logs. It makes it easy to find your logs and to search the entries for any messages you are interested in.
- Cloud Monitoring: This gives you an overview of everything that is happening. You can view metrics like CPU utilization, response latency, and network traffic. Plus, you can use it to set up alerts to notify you where there are any problems. If a metric is too low or too high, you will know about it right away.
- Cloud Debugger: This helps you easily track down software bugs by allowing you to inspect the state of a running application.
- Cloud Profiler: This can be used to identify latency issues inside of an application.
- Cloud Trace: This helps you track down latency issues that exist between two or more applications.
Now there are other operation tools as well. These include things like:
- Cloud Deployment Manager which allows you to write templates and then use those to provision resources. You can have a template for creating a VM, and then run it 20 times to get 20 VMs. This is extremely useful for when you need to create a lot of the same resources. Now you no longer have to create everything by hand.
- Cloud Build is a tool that can help automate building, testing and deploying your code.
- Apigee helps you design secure and scale application programming interfaces (or APIs). This way your web services can easily communicate with each other.
- Cloud Composer can be used to create, schedule, monitor, and manage workflows that span across clouds and on-premises data centers.
Ok, so let’s quickly review the Security and Operations services I just talked about:
Under Security, you have:
- Security Command Center provides a centralized overview of security issues
- Secret Manager for storing passwords and keys
- Data Loss Prevention for identifying and hiding sensitive data
Under Operations, we talked about:
Cloud Operations Suite
Includes Logging & Monitoring
Debugging for finding bugs in an app
Profiling for identifying slowdowns in an app
Trace for identifying bottlenecks between applications
Deployment Manager for creating templates and automating infrastructure changes
Cloud Build for automating software deployments
Apigee for building APIs
Cloud Composer for managing workflows
And that just about covers the main Security and Operations services available on GCP.
Daniel began his career as a Software Engineer, focusing mostly on web and mobile development. After twenty years of dealing with insufficient training and fragmented documentation, he decided to use his extensive experience to help the next generation of engineers.
Daniel has spent his most recent years designing and running technical classes for both Amazon and Microsoft. Today at Cloud Academy, he is working on building out an extensive Google Cloud training library.
When he isn’t working or tinkering in his home lab, Daniel enjoys BBQing, target shooting, and watching classic movies.