This self-paced training course gives participants broad study of security controls and techniques on Google Cloud. Through recorded lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution, including Cloud Identity, Resource Manager, Cloud IAM, Google Virtual Private Cloud firewalls, Google Cloud Load balancing, Cloud Peering, Cloud Interconnect, and VPC Service Controls.
Welcome to Managing Security in Google Cloud
Welcome to Managing Security in Google Cloud, the first course of Security in Google Cloud. This course gives you an overview of security controls and techniques on Google Cloud. Through lectures, demonstrations, and hands-on labs, you will explore and deploy the components of a secure Google Cloud solution.
Foundations of Google Cloud Security
Securing systems is a hot topic and should be a priority for everyone today - and, as you will see, it is definitely a priority here at Google. In this module we will introduce you to Google Cloud’s approach to security. We will also discuss the shared security responsibility model, which is a collaborative effort between Google and its users. Next, we will outline several threats that are mitigated for you when your systems are run on Google’s infrastructure in Google Cloud. And, finally, we will end with a section on access transparency.
In this module we will discuss Cloud Identity, a service which makes it easy to manage cloud users, devices, and apps from one console. We will also discuss a few related features to help reduce the operational overhead of managing Google Cloud users, such as the Google Cloud Directory Sync and Single Sign-On. We will end with some authentication best practices.
Cloud Identity and Access Management (Cloud IAM)
Cloud Identity and Access Management (Cloud IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage your cloud resources centrally. More specifically, we will cover; the Resource Manager which enables you to centrally manage projects, folders, and organizations, IAM roles and policies, including custom roles, and Cloud IAM best practices, including separation of duties and the principle of least privilege.
VPCs for Isolation and Security
Managed networking on Google Cloud utilizes a Virtual Private Cloud (or VPC). In this module we will discuss VPC related security concepts including: VPC firewalls, load balancing SSL policies, network Interconnect & peering options, VPC network best practices and VPC flow logs. You will also have the opportunity to practice what you’ve learned, by completing the labs exercises “Configuring VPC Firewalls” and “Configuring and Using VPC Flow Logs in Cloud Logging.”