IT-Cloud

Deploy a secure serverless architecture (+terraform)

Please refer to Secure Serverless Blueprint Guide and accompanying Terraform repo update for more detail. Serverless architectures enable customers to avoid the time-consuming process of applying security patches, controls  and agents to the underlying operating system and application servers.  The responsibility for safeguarding the data center, network, servers, operating systems, and their configurations is shifted …

Deploy a secure serverless architecture (+terraform) Read More »

Welcome to the December 16-31, 2022 edition of Google Cloud Technology Nuggets. 

Thank you Romin Irani for providing great Tech Updates! // Top stories blogs Towards the end of the year, blog posts that round up the top stories of the year or even predictions can be interesting reads as you set yourself for work in the new year. In no order of preference, here are some …

Welcome to the December 16-31, 2022 edition of Google Cloud Technology Nuggets.  Read More »

Design and step by step to build your Google Cloud Landing Zone (Organization – Folders – Projects)

Some of my customers ask about best practice/reference on how to design an organization for their Google Cloud environment. This is one of the best sample on how to design this: Example Organization Your Organization – Folders – Projects Explanation of the strategy can be read from here: https://services.google.com/fh/files/misc/google-cloud-security-foundations-guide.pdf Step by step on how to …

Design and step by step to build your Google Cloud Landing Zone (Organization – Folders – Projects) Read More »

Resources, including code and templates, that can be used to deploy cloud resources in recommended configurations

Resources, including code and templates, that can be used to deploy cloud resources in recommended configurations. Deployable blueprints Security foundations deployable assets Terraform modules that can be composed to build a security-centric Google Cloud foundation. The supplied structure and code is a starting point with pragmatic defaults based on our guide. You can customize the scripts …

Resources, including code and templates, that can be used to deploy cloud resources in recommended configurations Read More »

Google Cloud security best practices

During my interaction with customers and partners, best practice and guidance always been asked by them. Best practices guides provide specific, informed guidance on helping secure Google Cloud deployments and describe recommended configurations, architectures, suggested settings, and other operational advice. This is one of the most comprehensive guide to ensure Security is properly implemented in …

Google Cloud security best practices Read More »

How to protect your website using Google Cloud Armor as Web Application Firewall

Some typical questions that I often get from customers is how to protect your web application against DDoS attack, forcing HTTPS, implementing OWASP 10 protection ([SQL] Injection, Broken authentication, Sensitive data exposure, XML external entities (XXE), Broken access control, Security misconfiguration, Cross-site scripting (XSS), Insecure deserialization, using components with known vulnerabilities, insufficient logging & monitoring). …

How to protect your website using Google Cloud Armor as Web Application Firewall Read More »

How to deploy WordPress on GKE Autopilot in Google Cloud

Here I would like to share step by step on deploying WordPress site to GKE Autopilot in Google Cloud. This approach is the most managed as the GKE autopilot clusters are fully managed by GCP along with Node upgrade, repairs, maintenance. So there is no operational cost associated with it. Setting up your environment Creating …

How to deploy WordPress on GKE Autopilot in Google Cloud Read More »

How to run WordPress on Google Kubernetes Engine (GKE) Standard

This tutorial shows you how to set up a single-replica WordPress deployment on Google Kubernetes Engine (GKE) using a MySQL database. Instead of installing MySQL, you use Cloud SQL, which provides a managed version of MySQL. WordPress uses PersistentVolumes (PV) and PersistentVolumeClaims (PVC) to store data. Objectives Create a GKE cluster. Create a PV and a PVC backed by Persistent Disk. Create a Cloud SQL for …

How to run WordPress on Google Kubernetes Engine (GKE) Standard Read More »

Consultation technique as Cloud Architect (things to do)

1. Designing and planning a cloud solution architecture 1.1 Designing a solution infrastructure that meets business requirements. Considerations include:     a. Business use cases and product strategy     b. Cost optimization     c. Supporting the application design     d. Integration with external systems     e. Movement of data     …

Consultation technique as Cloud Architect (things to do) Read More »

How to do Data Replication from MySQL, PostgreSQL, SQL Server, Oracle database using real time change data capture (CDC) to Google BigQuery

When you are dealing with analytic project, you will definitely go through these steps:1. Deciding your Data Sources2. Extracting and ingesting your Data from Source to Target3. Storing your Data in storage/database4. Transforming your data based on your business needs5. Consuming your data via explorer/reports/dashboards6. Activating your data via API, Machine Learning, export, integration One …

How to do Data Replication from MySQL, PostgreSQL, SQL Server, Oracle database using real time change data capture (CDC) to Google BigQuery Read More »

MyTip: Flowchart on how to choose the right model for your structured data ML use case

When talking about machine learning, besides the data, the model, and the prediction. There are few algorithm to choose to create the model whether it is popular such as linear regression, decision trees, even neural network. Or other algorithms such as k-Means, k-NN, SVM, Random Forests, Naive Bayes, logistic regression. This is the trick to …

MyTip: Flowchart on how to choose the right model for your structured data ML use case Read More »