IT-Cloud

Visualize spend over time with Google Data Studio

Dashboard Sample: https://gcpbilling.page.link/dash You can get up-to-date Cloud Billing graphs throughout the day, and use labels to slice and dice your Google Cloud bill the way you want by combining Cloud Billing data export to BigQuery functionality with Google Data Studio.Step by Step: https://cloud.google.com/billing/docs/how-to/visualize-data You can use┬álabels┬áto answer complex questions, such as “How can I …

Visualize spend over time with Google Data Studio Read More »

Google Cloud setup checklist (Enterprise Guide)

This checklist helps you set up Google Cloud for scalable, production-ready enterprise workloads. The checklist is designed for administrators who are trusted with complete control over the company’s Google Cloud resources. Checklist Cloud identity and organization Users and groups Administrative access Set up billing Resource hierarchy Create initial projects in the resource hierarchy Confirm projects …

Google Cloud setup checklist (Enterprise Guide) Read More »

How to secure a BigQuery data warehouse that stores confidential data

This document is intended for data engineers and security administrators who deploy and secure data warehouses using BigQuery. It’s part of a security blueprint that’s made up of the following: A GitHub repository that contains a set of Terraform configurations and scripts. The Terraform configuration sets up an environment in Google Cloud that supports a data warehouse …

How to secure a BigQuery data warehouse that stores confidential data Read More »

GCP Overview: Browse, choose, design and build using Google Cloud to meet your Business Goal & Technical Requirements (Free Trial!)

Browse over 100 products. New customers get $300 in free credits to start running workloads and conduct an assessment. These are some General Availability core products and features are open to all customers, ready for production use, and covered by a Google Cloud SLA, where applicable. Ref: https://cloud.google.com/products (other products like google maps, google meet, google …

GCP Overview: Browse, choose, design and build using Google Cloud to meet your Business Goal & Technical Requirements (Free Trial!) Read More »

GCP Tutorial: Cloud Storage FUSE to mount GCP Cloud Storage buckets as file systems on Linux OS

First, I would like to say this method is not recommended for critical or highly performant environment (small random reads). It depends on your requirement, use it with cautious. I use this method because I understand my workload is not too critical and I don’t need a highly performant environment. I just need the semantic …

GCP Tutorial: Cloud Storage FUSE to mount GCP Cloud Storage buckets as file systems on Linux OS Read More »

AWS Centralized Logging & Observability

I always got this question from customers. How do I do the best mechanism for logging on my applications on AWS. This implementation guide discusses architectural considerations and configuration steps for deploying the Centralized Logging solution in the Amazon Web Services (AWS) Cloud. It includes links to AWS CloudFormation templates that launch, configure, and run the AWS …

AWS Centralized Logging & Observability Read More »

AWS Incident Response – Unintended Access to S3 bucket

Incident Type Unintended access to an S3 Bucket Summary This runbook is provided to be used as a template only. It should be customized by administrators working with AWS to suit their particular needs, risks, available tools and work processes. It is not official AWS documentation and is provided as-is to customers using AWS products …

AWS Incident Response – Unintended Access to S3 bucket Read More »

AWS Incident Response – runbook template for Credential leakage

Incident Type Credential Leakage/Compromise Summary These run-books are created to be used as templates only. They should be customized by administrators working with AWS to suit their particular needs, risks, available tools and work processes. These guides are not official AWS documentation and are provided as-is to customers using AWS products and who are looking …

AWS Incident Response – runbook template for Credential leakage Read More »

AWS Incident Response runbooks template – DDoS attack

Incident Type Web Application Dos/DDoS Attack Summary These run-books are created to be used as templates only. They should be customized by administrators working with AWS to suit their particular needs, risks, available tools and work processes. These guides are not official AWS documentation and are provided as-is to customers using AWS products and who …

AWS Incident Response runbooks template – DDoS attack Read More »

Hal yang perlu dilakukan untuk memastikan keamanan minimum di lingkungan AWS anda

Pada kali ini, sesuai dengan topik diatas, banyak interaksi saya dengan pelanggan yang berkonsultasi mengenai bagaimana memastikan kemananan lingkungan AWS mereka secara minimum. Sebenarnya mekanisme ini dibahas lebih detail dengan me-refer pada dokumen-dokumen sebagai berikut https://awssecworkshops.com/, https://wellarchitectedlabs.com/security/, https://d1.awsstatic.com/whitepapers/architecture/AWS-Security-Pillar.pdf dan lain-lain. Secara garis besar, topik-topik minimum yang perlu kita lakukan adalah: Asset Management Identity & Access …

Hal yang perlu dilakukan untuk memastikan keamanan minimum di lingkungan AWS anda Read More »

Configure your domain.com e-Mail using AWS Workmail, Active Directory, Route53, Cloudfront

In this blog, I just would like to give you high level step by step and references if you would like to host your domain’s email (webmail, mail accounts) using AWS Workmail. I used this methods to host my https://mail.priyambodo.com email account. Configure your domain to be hosted on AWS Route53 Create an Active DIrectory …

Configure your domain.com e-Mail using AWS Workmail, Active Directory, Route53, Cloudfront Read More »