Google Cloud Archives - Anuj Varma, Hands-On Technology Architect, Clean Air Activist

Archives for Google Cloud

GCP security audit – some considerations

August 21, 2022 GCP security audit – some considerations2022-09-02T04:20:16-05:00 No Comment

Security Audits are a top requirement for any public cloud migration - pre-migration and post migration effort. Anuj Varma offers an in-depth cloud security audit, covering all the pillars of…

Applications and Service Accounts

July 11, 2020 Applications and Service Accounts2021-04-26T20:20:52-05:00 Google Cloud No Comment

Service Accounts in GCP Service accounts are ubiquitous in GCP - there are built in SAs (for most major services) and those that you can create yourself (using gcloud, the…

Impersonate Service Account in GCP

July 4, 2020 Impersonate Service Account in GCP2021-04-26T20:20:24-05:00 Google Cloud No Comment

Grant a user (an on premises user) ONLY IMPERSONATION privileges gcloud iam service-accounts add-iam-policy-binding \ --member user: \ --role It’s possible to impersonate a Service Account from within your Terraform…

Send an email from your App Engine Instance

June 27, 2020 Send an email from your App Engine Instance2020-06-27T17:31:11-05:00 Google Cloud No Comment

Use your gSuite email to do this. Here is simple python code that you can use on your app engine instance # Function to send email def trigger_email(msg): # Change these to your email details email_user = email_password = "blahbhal" smtp_server = ''…

Projects in GCP – 3 tier applications on Google Cloud

May 23, 2020 Projects in GCP – 3 tier applications on Google Cloud2021-09-07T13:40:39-05:00 Google Cloud 1 Comment

Also visit for in-depth GCP posts. Also Read - A Reusable Hub Spoke Network Design on GCP and Service Projects - VPCs or not As a Google Cloud Architect, your…

GCP – Example of IAM access on Project Level Resources

May 11, 2020 GCP – Example of IAM access on Project Level Resources2020-05-23T18:40:02-05:00 No Comment

Also read - Projects in GCP Example of IAM in a project (compute engine instances) Select your user from IAM — and assign the following two roles (At the very least, you…

The GCP Project Boundary, Trust Boundary and the Principle of Least Privilege

April 8, 2020 The GCP Project Boundary, Trust Boundary and the Principle of Least Privilege2020-04-08T11:14:34-05:00 AWS No Comment

Projects are holders of resources, akin to Accounts in AWS. While AWS accounts are MUCH more than simple resource containers, this is still the best way to visualize the correspondence…

Add a VPN Tunnel to a VPN Connection on GCP

March 26, 2020 Add a VPN Tunnel to a VPN Connection on GCP2020-04-14T16:33:17-05:00 Google Cloud No Comment

Overview A VPN Connection is an abstraction (in Google Cloud Platform terms) - while a VPN Tunnel is the implementation. A connection can have one or more tunnels. There are…

Gov Cloud Regions in GCP?

March 19, 2020 Gov Cloud Regions in GCP?2020-04-02T11:00:46-05:00 Google Cloud No Comment

While there isn't a separate GOV region (like in AWS or azure), GCP does offer the ability to run Fedramp compliant workloads in several regions (5 for HIGH fedramp classified…

Sandbox environments in google cloud

March 18, 2020 Sandbox environments in google cloud2020-03-18T15:07:51-05:00 Google Cloud No Comment

Tools to help with Sandbox Environments A manual process to build sandboxes is always an option. There are a couple of popular one is Buddy (some highlights below). This post will…

12 3 4