Introduction
Security was, is, and always will be a critical point of discussion for any solution architecture. Google Cloud offers a range of services, catering to the information security needs of our solutions. Cloud IAM is an enterprise-grade IAM system, which securely enables admins to enable or deny access to Google Cloud Platform (GCP) services. Users of GCP can gain access at an organizational level, a group level, a project level, or at a resource level. We'll create a custom role to gain a better understanding of roles and of IAM in general. GCP offers a host of security services, such as Cloud Identity-Aware Proxy (IAP), Cloud Data Loss Prevention (DLP), Security Key Enforcement, Cloud Key Management Service (KMS), Cloud Resource Manager and Cloud Security Scanner. We'll test a few of the services in this chapter.
Note
Read more about Google Cloud's security model here: https://cloud.google.com/security/.