Last week's must-read news and stories from GCP community
TheraFox
 
Read best and most important news and tutorials about Google Cloud Platform (GCP), every week.
🌐 View in your browser   |  ✍️ Publish on FAUN   |  🦄 Become a sponsor
 
 
Patrons
 
faun.dev faun.dev
 
Advertise with FAUN
 
 
Meet developers where they are, not where you want them to be. Fill the form and download our mediakit.
 
 
 
 
 
🔔 Announcement

We're thrilled to announce Humans Behind Code!

Humans Behind Code (HBC) is a project by FAUN, where developers meet other developers and learn about the people behind the tools, libraries, frameworks, and other projects they use to build their applications.

We interview developers and ask them about their projects, their motivations, their struggles, and their successes. It's about sharing knowledge and helping each other grow.

👉 If you're a Developer or a maintainer of a widely adopted Open Source project and you think it's worth talking about it and your experiences in building it, join Humans Behind Code!

Best,
Aymen from FAUN.

If you have any questions, just hit the reply button!
 
 
Sponsors
 
nordvpn.sjv.io nordvpn.sjv.io
 
Best VPN Deal
 
 
NordVPN 68% Black Friday discount is here!

👉 Access anything online without restrictions
👉 Add extra layers of security to your digital life
👉 Get the best online protection tools along with your NordVPN service.
👉 Get 3 months FREE with the 2-year plan
 
 
 
From the web
 
cloud.google.com cloud.google.com
 
Practicing the principle of least privilege with Cloud Build and Artifact Registry   ✅
 
 
People often use Cloud Build and Artifact Registry in tandem to build and store software artifacts - these include container images, to be sure, but also OS packages and language specific packages.

Consider a venn diagram where these same users are also users who use the Google Cloud project as a shared, multi-tenant environment. Because a project is a logical encapsulation for services like
Cloud Build and Artifact Registry, administrators of these services want to apply the principle of least privilege in most cases.

Of the numerous benefits from practicing this, reducing the blast radius of misconfigurations or malicious users is perhaps most important.

Users and teams should be able to use Cloud Build and Artifact Registry safely - without the ability to disrupt or damage one another.

With per-trigger service accounts in Cloud Build and per-repository permissions in Artifact Registry, this post walks through how you can make this possible.
 
 
cloud.google.com cloud.google.com
 
4 ways to optimize your GKE costs
 
 
Trimming your Google Kubernetes Engine (GKE) costs is a simple matter of using built-in tools and following well-established best practices.
 
 
cloud.google.com cloud.google.com
 
No-cost learning with Google Cloud
 
 
Access no-cost Google Cloud training on Coursera - grow in-demand cloud skills to stand out in the job market.
 
 
securityintelligence.com securityintelligence.com
 
How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell   ✅
 
 
IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell.
 
 
 
Supporters
 
internxt.com internxt.com
 
70% off on the 2TB Internxt Annual Plan
 
 
✅ Encrypted file storage and sharing
✅ Access your files from any device
✅ Get access to all our services

Discount available until December 5th.
 
 
faun.dev faun.dev
 
Post Developers Jobs for Free on FAUN
 
 
Reach developers where they are not where you want them to be.
Post jobs for free reach thousands of developers.
 
 
 
Quick Hits
 
 
Google announced Private Marketplace, now in preview.
  • The new Private Marketplace feature allows IT and cloud administrators to create a private, curated version of Google Cloud Marketplace that’s accessible to employees within their organization.
  • With your own Private Marketplace, you can: Curate product collections for your org, prevent redundant products, and reduce "shadow IT".
  • Setting up a Private Marketplace is easy and straightforward (Google Cloud Marketplace > Marketplace Governance > Private Marketplace)
  • If you have teams or users that typically use different products from Google Cloud Marketplace, you can create multiple collections for each of them so they only see what’s most relevant.
 
 
Cloud Storage gets better system observability with customizable monitoring dashboards.
  • Google Cloud announced the public preview of a new set of Cloud Storage Monitoring Dashboards for Cloud Storage, which are available at both the project level and bucket level.
  • All Cloud Storage users can now access the new dashboards through the Monitoring tab on the left navigation menu.
  • If you have monitoring editor or owner access or project editor or owner access, you can add an alert chart from a previously created alert policy, or you can create an alert by customizing the out-of-the-box dashboard. You are able to see the alerts directly in context on the Cloud Storage Monitoring page if you added the alert chart in a customized dashboard.
  • The customizable dashboard enables you to perform the troubleshooting journey inside the storage pages on the platform, reducing the need to navigate between different monitoring tools or even different monitoring platforms.
 
 
Book picks
 
www.amazon.com www.amazon.com
 
Cloud Finops: Collaborative, Real-time Cloud Financial Management
 
 
With this book, you'll learn:
  • The DNA of a highly functional cloud FinOps culture
  • A road map to build executive support for FinOps adoption
  • How to understand and forecast your cloud spending
  • How to empower engineering and finance to work together
  • Cost allocation strategies to create accountability for cloud and container spend
  • Strategies for rate discounts from cloud commitments
  • When and how to implement automation of repetitive cost tasks
  • How to empower engineering team action on cost efficiency
  • Using unit economics to drive data-driven decision-making
 
 
 
Tools
 
github.com github.com
 
lynnlangit/gcp-for-bioinformatics
 
 
GCP for Bioinformatics Researchers
 
 
github.com github.com
 
Twingate-Labs/tg-ip-lookup
 
 
Lookup an IP address to find out which public cloud it originates from
 
 
github.com github.com
 
cloudknit-io/cloudknit
 
 
Open Source Solution for Managing Cloud Environments
 
 
github.com github.com
 
slok/tfe-drift
 
 
Automated Terraform cloud and enterprise drift detection
 
 
github.com github.com
 
clouditor/clouditor
 
 
The Clouditor is a tool to support continuous cloud assurance.
 
 
 
Meme of the week
 
 
 

TheraFox #347: No-cost Learning with Google Cloud
Legend: ✅ = editors' choice / ♻️ = Old but gold / ✨ = sponsored / 🔰 = beginner friendly

You received this email because you are subscribed to FAUN.
🐾 FAUN is a world wide community of developers 👣 We help developers learn and grow by keeping them up with what matters.

You can manage your subscription options here (recommended) or use the old way here (legacy). If you have any problem, read this or reply to this email.

Important: We are gradually migrating to a new system. If you don't create an account on FAUN (here), you will stop receiving our weekly newsletter.