Google Cloud Security Best Practices Crash Course

Best Practices for Securing Google Cloud Resources and Data

What you'll learn

Use Identity and Access Management (IAM) to control access to resources Google Cloud

Use organization policies to control what can be done with resources in Google Cloud

Implement best practices to improve application and operations security

Apply security best practices for Compute Engine, Google Kubernetes Engine (GKE), and other Google Cloud services.

Use Data Loss Prevention service to protect sensitive and private data

Choose among Google Cloud security controls for a variety of security requirements

Requirements

Familiarity with Google Cloud or other cloud and a basic understanding of operating systems, networking, and data managment.

Description

Whether you are a software developer, database administrator, DevOps engineer, data engineer, network engineer or architect, security is part of your job. This course gives you an overview of key security controls and services in Google Cloud and when to use them to protect resources and data.  This course includes best practices for:Managing identities including service accounts and federated identitiesControlling access to resource using IAM rolesUsing organization policies to ensure consistent compliance with security policiesProtecting web applications against security risksUsing Apigee to protect APIsBuilding secure containersSecurely managing secrets, such as passwords, API keys, and credentialsProtecting data in Cloud Storage as well as databasesPreventing data exfiltration using. Google Cloud's Data Loss Prevention (DLP) serviceSecuring Compute Engine instances and Google Kubernetes Engine clustersUsing network security controls including Cloud NAT, Cloud Armor, Identity-Aware Proxy, and VPC Service ControlsThis course is designed for those who are new to Google Cloud or want additional exposure to recommended ways to protect data and resources in Google Cloud.  The course present an overview of principles, patterns, and practices that will help you improve the security of your Google Cloud environments.  This course does not delve into implementation details, such as the syntax of gcloud commands to implement a security measure on a virtual machine.  Implementation details are covered in other courses, particularly the Google Cloud Associate Engineer: Get Certified course.Let's dive into learning about a variety of important best practices for protecting your Google Cloud environment.

Overview

Section 1: Introduction

Lecture 1 Introduction

Section 2: Access Controls

Lecture 2 Understand the Resource Hiearchy

Lecture 3 Understand Organization Policies

Lecture 4 Understand Identity and Access Management

Lecture 5 Federating Identities with Active Directory

Lecture 6 Managing Super Admin Accounts

Lecture 7 Securing Service Accounts

Lecture 8 Planning Accounts and Organizations

Section 3: Application Security

Lecture 9 OWASP Top 10 Security Risks to Web Applications

Lecture 10 Protecting APIs with Apigee

Lecture 11 Best Practices for Building Containers

Lecture 12 Best Practices for Managing Secrets in Google Cloud

Lecture 13 Shift Left Security

Section 4: Data Protection

Lecture 14 Cloud Storage Security

Lecture 15 Data Encryption in Google Cloud

Lecture 16 Data Loss Prevention

Lecture 17 Database Security Best Practices

Section 5: Securing Compute Engine and Google Kubernetes Engine

Lecture 18 OS Login for Compute Engine

Lecture 19 Compute Engine Security Best Practices

Lecture 20 Compute Engine Security Options

Lecture 21 Google Kubernetes Engine Security Best Practices

Lecture 22 Cloud Audit Log Best Practices

Section 6: Networking Security in Google Cloud

Lecture 23 Cloud NAT

Lecture 24 Cloud Armor

Lecture 25 Identity-Aware Proxy (IAP)

Lecture 26 VPC Service Controls

Lecture 27 Firewall Configuration Best Practices

Section 7: Conclusion

Lecture 28 Additional Resources and Next Steps

Application developers,Cloud Engineers,DevOps Engnieers,Cloud Architects,Software engineers,Project managers