Google Cloud best practices
In this section, we review the best practices recommended by Google to make our developments safer, using the tools we've learned about in this chapter.
These practices are important because they help us to balance the focus given to the development of new functionalities in an application with the analysis and implementation of effective security measures. In this way, they substantially reduce the likelihood of having security incidents when the application gets to production.
POLP and roles
If a role has many permissions that are not used by your application, it is recommended to create a custom role with only the necessary permissions, thereby following POLP and reducing the application's attack surface.
Create one service account per microservice
If you are creating an application with a pattern of microservices, create a service account with POLP for each microservice and do not reuse the private keys of service accounts in...
