|
🔗 Stories, Tutorials & Articles |
|
|
|
4 ways to optimize your GKE costs |
|
|
Trimming your Google Kubernetes Engine (GKE) costs is a simple matter of using built-in tools and following well-established best practices. |
|
|
|
|
|
|
No-cost learning with Google Cloud |
|
|
Access no-cost Google Cloud training on Coursera - grow in-demand cloud skills to stand out in the job market. |
|
|
|
|
|
|
How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell ✅ |
|
|
IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. |
|
|
|
|
|
|
Practicing the principle of least privilege with Cloud Build and Artifact Registry ✅ |
|
|
People often use Cloud Build and Artifact Registry in tandem to build and store software artifacts - these include container images, to be sure, but also OS packages and language specific packages. Consider a venn diagram where these same users are also users who use the Google Cloud project as a shared, multi-tenant environment. Because a project is a logical encapsulation for services like Cloud Build and Artifact Registry, administrators of these services want to apply the principle of least privilege in most cases. Of the numerous benefits from practicing this, reducing the blast radius of misconfigurations or malicious users is perhaps most important. Users and teams should be able to use Cloud Build and Artifact Registry safely - without the ability to disrupt or damage one another. With per-trigger service accounts in Cloud Build and per-repository permissions in Artifact Registry, this post walks through how you can make this possible. |
|
|
|
|
👉 Got something to share? Create your FAUN Page and start publishing your blog posts, tools, and updates. Grow your audience, and get discovered by the developer community. |