GCP Security Best Practices
Why Knowing GCP Security best practices are so important!
It’s impossible to cover all the GCP security in a single blog so I would like to list all the security pillars in GCP first and then provide details to each one as we go along.
1> Configuring GCP Network Security (Security properties of a VPC network — Shared VPC and VPC peering, Subnet, Firewall — Firewall rules; IAP, Load Balancer , Hybrid connectivity etc.)
2> GCP IAM
3> GCP Organisational policies
4> GCP Data Protection (DLP API, default encryption, customer-managed encryption keys (CMEK), and customer-supplied encryption keys (CSEK)
5> GCP Operations (Backup and data loss strategy, Log sinks, audit logs, monitoring for security events, and data access logs )
6> Application deployment (Static code analysis, security scanning through a CI/CD pipeline)
7>Ensuring compliance ( security shared responsibility model, limiting compute and data for regulatory compliance)
8> GKE Security