Security in the Cloud | Best Practices for Authorization

Identify Best Practices for Authorization
In this lesson you will learn the best practices for authorization using cloud IAM. First leverage and understand the resource hierarchy specifically use projects to group resources that share the same trust boundary. Check the policy granted on each resource and make sure you recognize the inheritance, because of inheritance always use the principle of least privilege when granting roles. Audit policies using cloud auto logs and audit memberships of groups used in policies. When it comes to using service accounts here few best practices. Be very careful when granting the service account users role as it provides access to all the resources for which the service account has access. Also when you create a service account give it a display name that clearly identifies its purpose ideally using an established naming convention inside your organization and when it comes to service account keys establish key rotation policies and methods

Module 1: You Can't Secure the Cloud Right?

Module 1: What's the Cloud Anyway?

What's the Cloud Anyway? - Learning Outcomes

What’s the Cloud Anyway - Introduction

Cloud Computing

Cloud vs Traditional Architecture

Iaas, PaaS and SaaS

Google Cloud Architecture

What's the Cloud Anywhere - Quiz

What's the Cloud Anyway? - Lesson Summary

Module 2: Start with a Solid Platform

Start with a Solid Platform - Learning Outcomes

Start with a Solid Platform - Introduction

The GCP Console

Understanding Projects

Billing in GCP

Install and Configure Cloud SDK

Use Cloud Shell

GCP APIs

Cloud Console Mobile App

Start with a Solid Platform - Quiz

Start with a Solid Platform - Lesson Summary

Module 3: Use GCP To Build Your Apps

Use GCP to Build your Apps - Learning Outcomes

Use GCP to Build your Apps - Introduction

Compute Options in the Cloud

Exploring IaaS with Compute Engine

Configuring Elastic Apps with Autoscaling

Exploring PaaS with App Engine

Event Driven Programs with Cloud Functions

Containerizing and Orchestrating Apps with GKE

Use GCP to Build your Apps - Lesson Summary

Module 4: Where Do I Store This Stuff?

Where Do I Store this Stuff? - Learning Outcomes

Where Do I Store this Stuff? - Introduction

Storage Options in the Cloud

Structured and Unstructured Storage in the Cloud

Unstructured Storage Using Cloud Storage

SQL Managed Services

Exploring Cloud SQL

Cloud Spanner as a Managed Service

NoSQL Managed Services Options

Cloud Datastore a NoSQL Document Store

Cloud Bigtable as a NoSQL Option

Where Do I Store this Stuff? – Lesson summary

Module 5: There's an API for that

There’s an API for that - Learning Outcomes

There’s an API for that - Introduction

The Purpose of APIs

Cloud Endpoints

Using Apigee Edge

Managed Message Services

Cloud Pub_Sub

There's an API for that – Lesson summary

Module 6: You Can't Secure the Cloud Right?

You Can't Secure the Cloud Right? - Learning Outcomes

You Can't Secure the Cloud Right? - Introduction

Introduction to Security in the Cloud

Understanding the Shared Security Model

Explore Encryption Options

Understand Authentication and Authorization

Identify Best Practices for Authorization

You Can't Secure the Cloud Right? - Quiz

You Can't Secure the Cloud Right? – Lesson summary

Module 7: It Helps To Network

It Helps to Network - Learning Outcomes

It Helps to Network - Introduction

Introduction to Networking in the Cloud

Defining a Virtual Private Cloud

Public and Private IP Address Basics

Google’s Network Architecture

Routes and Firewall Rules in the Cloud

Multiple VPC Networks

Building Hybrid Clouds

Different Options for Load Balancing

It Helps to Network - Quiz

It Helps to Network – Lesson Summary

Module 8: Let Google Keep an Eye on Things

Let Google Keep an Eye on Things - Learning Outcomes

Let Google Keep an Eye on Things - Introduction

Education should be...
free and accessible.