You can't secure the cloud right? – Lesson summary
That concludes the module you can’t secure the cloud right? let me remind you of what you learned in this model. You started by learning all about how security in the Cloud is administered by GCP you thought about the importance of security in the cloud and how it shapes the use and development of Google Cloud platform you also determined that the security responsibilities are shared between google who is responsible for managing its infrastructure security and you the customer who is responsible for securing your data and you also discovered that there are various encryption options available including Google default encryption,CMEK, CSEK and client-side encryption. Next you learned how cloud identity and access management can you control who can do what on which resource in GCP. And you discovered cloud identity proxy which lets you establish a central authorisation letter for application success by TLS so you can use an application level access control model instead of relying on network-level firewalls. And finally you were introduced to best practices for authorisation using IAM which included leveraging and understanding the resource hierarchy, granting roles to groups instead of individuals and planning carefully about how to use service accounts.