Google Cloud Platform

Google Cloud Platform services

Get Started. It's Free
or sign up with your email address
Rocket clouds
Google Cloud Platform by Mind Map: Google Cloud Platform

1. Compute

1.1. App Engine (GAE)

1.1.1. Standard Env

1.1.2. Flexible Env

1.2. Compute Engine (GCE)

1.2.1. VM Instances Machine types Standard High-memory High-CPU Shared Memory-optimized Processor Sandy Bridge Ivy Bridge Haswell Broadwell Skylake Management Automation Availability policy Security Shielded VM SSH keys Disks Boot disks Encryption Networking Network Subnet Alias IP range Network tags External IP IP forwarding Sole Tenancy

1.2.2. Instance groups Group Type Unmanaged Managed Location Single Zone Multi-Zones

1.2.3. Instance Templates

1.2.4. Sole Tenant Nodes Node groups Node templates

1.2.5. Disks

1.2.6. Firewalls 443 - https 80 - http 22 - tcp 20 - ssh 3389 - RDP

1.2.7. Snapshots

1.2.8. Images

1.3. Kubernetes Engine (GKE)

1.4. Cloud Functions

1.4.1. Triggers http request pub/sub event cloud storage event

2. Databases

2.1. No SQL

2.2. SQL

2.2.1. Cloud SQL MySQL first gen second gen PostgreSQL

2.3. Relational

2.3.1. Cloud Spanner relational database with SQL queries and horizontal scalability Scales horizontally like nosql db high availability 99.999 standard sql support supports DDL language relational fully managed

2.4. Non-relational

2.4.1. Cloud Big table Structured objects, with lookups based on a single key no-sql wide column database single key per row capable for holding hundreds of petabytes of information consistent low latency and high throughput Use cases financial data IoT data graph data marketing data

2.5. Scaling

2.5.1. Horizontal Cloud Datastore Structured objects, with transactions and SQL-like queries document database GQL (SQL like language) to query data supports ACID property any number of property can be indexed Use case:s Structure

2.5.2. Vertical

3. Networking

3.1. Services

3.1.1. Cloud Load Balancing Global https lb tcp proxy lb ssl proxy lb Regional network lb internal lb How to Choose?

3.1.2. Cloud CDN Stackdriver monitoring & logging

3.1.3. Cloud DNS

3.1.4. Cloud NAT

3.2. Network Security

3.2.1. Cloud Armor Blacklist / whitelist CIDR range source ip address IPv4 or IPv6 IP addresses can be used in black/white list Deny rule: 403, 404, 502 error codes Priority: Rule order

3.2.2. SSL Policies

3.3. Hybrid Connectivity

3.3.1. Virtual Private Cloud (VPC)

3.3.2. Interconnect Dedicated Interconnect highest bandwidth 10gb/sec per circuit (max 8 circuit) direct connection with google's network 69 co-location facilities in 17 regions routing equipment is required at co-location facility Partner Interconnect connect to 3rd party service provider no routing equipment required bandwidth 50mb/sec to 10gb/sec

3.3.3. Cloud Router

3.4. VPN (IPsec)

3.4.1. Routing method supported Dynamic gateways using BGP Policy based routing Route based VPN

3.5. Sharing Networks across Projects

3.5.1. Shared VPC

3.5.2. VPC Peering Direct Peering Carrer Peering

3.6. coursera vpc

3.6.1. Projects

3.6.2. Networks default auto mode custom mode

3.6.3. Subnetworks

3.6.4. Regions

3.6.5. Zones

3.6.6. IP Addresses Internal external range

3.6.7. Routes

3.6.8. Firewall rules direction of traffic ingress egress Priority Target All the instances in network Specified target tags Specified service account action on match allow deny source filter IP ranges Subnets source tags service accounts Destination filter IP ranges Subnets Protocol and Ports icmp tcp ssh http https allow/deny all

3.6.9. VMs

4. Big Data

4.1. BigQuery

4.2. Colud Pub/Sub

4.2.1. fully managed messaging middleware service

4.2.2. communication one to many many to many many to one

4.2.3. delivery method push (to end point) pull

4.2.4. allows secure and highly available messaging between independent apps

4.2.5. works with both google and external services

4.3. Cloud Dataflow

4.3.1. ETL

4.3.2. Serverless

4.3.3. no cluster

4.4. Cloud Dataproc

4.4.1. fully managed cluster data processing service

4.5. Cloud Dataprep

4.6. Cloud Datalab

4.6.1. based on Juipyter notebook

4.7. Data Studio

4.8. Iot Core

4.9. Genomics

5. Security

5.1. Tital Security Key

5.2. Shielded VMs

5.3. Cloud Security Scanner

5.3.1. scan & detect Cross site scripting (XSS) Flash injection Mixed content (http & https) Clear text passwords outdated insecure libraries

5.3.2. works in app engine compute engine

5.4. Cloud Identity-Aware Proxy

5.4.1. Application level authorization service

5.4.2. Based on BeyondCorp

5.4.3. It's ideal for Line Of Business apps

5.4.4. No VPN needed

5.4.5. Simple to use for remote users

5.5. Cloud KMS

5.5.1. Hierarchy Project > Location > Key Ring > Key > Key version

5.5.2. Key version states/life cycle Enabled Disabled Scheduled for destruction Destroyed

5.6. category

5.6.1. data protection governance DLP DCAP encryption & tokenization HSM

5.6.2. infrastructure security DDoS Firewall IDS/IPS WAF Container security

5.6.3. scan,log,monitor Vulnerability scanners SIEM/Security analytics

5.6.4. Identity & user protection SSO IAM Anti-malware MDM/MAM Gateways & CASB

6. Migration to GCP

6.1. Google Transfer Appliance

6.2. Cloud Storage Transfer Service

7. Storage

7.1. Cloud Storage (GCS)

7.1.1. Storage class Regional Multi-regional Nearline Coldline

7.2. Memorystore

7.2.1. Fully managed In-Memory database

7.2.2. Extremely low latency (sub milli seconds)

7.2.3. 300gb scaling per instance

7.2.4. connect with app engine compute engine kubernetes engine

7.2.5. service tiers Basic Standard

7.2.6. use cases caching layer in gaming, stream processing from IoT devices and analytical processing

7.3. Firestore

7.4. Capacity

7.4.1. Petabytes Cloud Storage Bigtable BigQuery

7.4.2. Terabytes Datastore Cloud SQL

8. Architecture

8.1. Organization

8.1.1. Folders Projects

8.2. Resources

8.2.1. Global Addresses Images Snapshots Instance Template VPC network Firewalls Routes

8.2.2. Regional Addresses Subnets Regional managed instance groups Regional persistent disk

8.2.3. Zonal Instances Persistent disks Machine types Zonal managed instance groups

9. AI

9.1. ML Engine

9.2. Natural Language

9.3. Translation

9.3.1. Speech-to-Text

9.3.2. Text-to-Speech

9.3.3. Translation API

9.4. Vision

10. IAM

10.1. Overview

10.1.1. Policy Member Identity Google account Service account Google Group Cloud Identity G Suite domain Roles Primitive roles Predefined roles Custom roles

10.1.2. Access Management Resource Roles Permissions

11. Tools

11.1. Developer Tools

11.1.1. Cloud SDK

11.1.2. Cloud Build

11.1.3. Cloud Source Repositories

11.1.4. Cloud Scheduler

11.1.5. Cloud Test Lab

11.1.6. Cloud tools for PowerShell Visual Studio Eclipse Intelij

11.2. Management Tools

11.2.1. Stackdriver Monitoring Logging Debugger Profiler Trace Error Reporting Works with Google Cloud AWS

11.2.2. Deployment Manager

11.2.3. Cloud Endpoints

11.2.4. Cloud Console

11.2.5. Cloud Shell

11.2.6. Cloud Mobile app Android iOS

11.2.7. Billing Account Type Self-serve Invoices Billing cycle Monthly billing Threshold billing connected to Payments profile Imp. Roles Domain Payments Profile