GCP Fundamentals Flashcards
GCP Fundamentals
What is SaaS
Software as a service
Google Cloud Datastore
Cloud Datastore is a NoSQL document database built for automatic scaling, high performance, and ease of application development.
What is IaaS
Infrastructure as a Service. It provide raw compute, storage, and network organized in ways that are familiar from data centers
What is PaaS
Platform as a Service. It binds application code you write to libraries that give access to the infrastructure your application needs.
What is a Zone in GCP network
A zone is a single failure domain within a region - the fines level grain. Zones are grouped into Regions.
How to built a fault tolerant application
Spread the resources across multiple zones or across different regions.
Google pricing details
Billing by the second. Sustained use discounts. Automatic discounts for each incremental minute of use. Custom virtual machine types
Google security examples
Google custom security chip - Titan. Cryptographic signatures. Automatic encryption of PC traffic between data centers. GFE - Google front end: checks incoming connections for correct certificates
What are Google projects used for
To organize resources, group together related resources with common business objective.
What is the Google Cloud Platform resource hierarchy
Resources in a folder inherit the IM policies from the folder
What is the top of the Google Cloud Platform resource hierarcy
The organization node
Define a Identity and Access Management (IAM)
Who? -> Google account, a Google group, a Service account, an entire G Suite, or a Cloud Identity domain.
Can do what? -> defined by an IAM role. An IAM role is a collection of permissions grouped together for easier maintenance
On what resource?
What kinds of IAM roles exist?
- Primitive roles: owner, editor, viewer, billing administrator role.
- GCP predefined roles.
- Custom roles
How can you interact with Google Cloud Platform
- GCP Console - web interface
- Cloud Shell and Cloud SDK - command line interface: gcloud, gsutil, bq
- Cloud Console mobile app - for IOS and Android
- REST-based APIs - for custom applications
What is Cloud Launcher
It’s a tool for quickly deploying functional software packages on Google Cloud platform.
Virtual Private Cloud (VPC) Network
Google Cloud VPC networks are global; subnets are regional
What is HTTP load balancing used for
Cross-regional load balancing for web applications
What is global SSL proxy load balancer used for
For Secure Sockets Layer traffic that is not HTTP
What are the GPC interconnect options
- VPN
- Direct peering
- Carrier peering
- Dedicated interconnect
What are the core Google storage options
Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Data Store and Google Big Table.
What is Cloud Storage
Binary loud-object storage - with high availability and high durability. Objects are immutable. Data in transit is encrypted by https
How to control access to Cloud Storage
For most purposes, Cloud IAM is sufficient. Roles are inherited from project to bucket to object. If you need finer control, you can create access control lists ACLs that offer finer control
Cloud Storage classes
regional, multi regional, nearline, and coldline
Cloud Storage interactions options
- Online transfer service: self managed copy by command line or drag and drop
- Storage Transfer service: scheduled batch transfers
- Transfer Appliance: rackable appliances to securely ship your data
