Fundamental 10 Steps 8h 10m 44 Créditos
Security is an uncompromising feature of Google Cloud Platform services, and GCP has developed specific tools for ensuring safety and identity across your projects. In this fundamental-level quest, you will get hands-on practice with GCP’s Identity and Access Management (IAM) service, which is the go-to for managing user and virtual machine accounts. You will get experience with network security by provisioning VPCs and VPNs, and learn what tools are available for security threat and data loss protections.
Prerequisites
Although this quest will teach you the fundamentals of Identity and Access Management (IAM) and Security in GCP, you will still need hands-on experience with the platform's core tools and services. It is recommended that the student have at least earned a Badge by completing the GCP Essentials and/or the Baseline: Infrastructure Quests before beginning.Quest Outline
Cloud IAM: Qwik Start
Google Cloud IAM unifica el control de acceso para los servicios de Cloud Platform en un solo sistema a fin de presentar un conjunto de operaciones coherente. Para comenzar, mire este video breve: Manage Access Control with Google Cloud IAM.
IAM Custom Roles
Cloud IAM provides the right tools to manage resource permissions with minimum fuss and high automation. You don't directly grant users permissions. Instead, you grant them roles, which bundle one or more permissions. This allows you to map job functions within your company to groups and roles.
Controlling Access to Google Cloud Functions
In this lab, you secure a Cloud Function so that only specific users authenticated by Cloud Identity & Access Management (IAM) can use it.
Cloud Security Scanner: Qwik Start
The Cloud Security Scanner identifies security vulnerabilities in your Google App Engine web applications.
Service Accounts and Roles: Fundamentals
In this hands-on lab, you will learn how to create and manage Service Accounts
VPC Network Peering
Google Cloud Platform (GCP) Virtual Private Cloud (VPC) Network Peering allows private connectivity across two VPC networks regardless of whether or not they belong to the same project or the same organization.
Data Loss Prevention: Qwik Start - Línea de comandos
Google Cloud Dataprep es un servicio inteligente que permite explorar datos visualmente, limpiarlos y prepararlos para su análisis.
Data Loss Prevention: Qwik Start - JSON
Google Cloud Dataprep es un servicio inteligente que permite explorar datos visualmente, limpiarlos y prepararlos para su análisis.
Cómo comenzar a usar Cloud KMS
En este lab, usará funciones avanzadas de las API de seguridad y privacidad de Google Cloud, como la configuración de un depósito seguro de Cloud Storage, la administración de claves y datos encriptados mediante Key Management Storage y la visualización de registros de auditoría de Cloud Storage.
Setting up a Private Kubernetes Cluster
Hands-on lab for creating a private cluster in the cloud environment. In a private cluster, nodes do not have public IP addresses, so your workloads run in an environment that is isolated from the Internet. Prerequisites: Experience with Kubernetes Clusters, and CIDR-range IP address.
Building a High-throughput VPN
In this lab you will learn how to create secure, high-throughput VPN and test the speed.