× Want to read this newsletter every week?! × 👋  Join FAUN
GoogleCloud Weekly Newsletter, Therafox. Curated GoogleCloud news, tutorials, tools and more!
🌐 View in your browser   |  ✍️ Publish on FAUN   |  🦄 Become a sponsor
Last week's must-read news and stories from GCP community
⭐ Patrons
faun.dev faun.dev
Advertise with FAUN
Sponsor FAUN and reach developers where they are, not where you want them to be.

Download our mediakit.
🔔 Announcement

We're thrilled to announce Humans Behind Code!

Humans Behind Code (HBC) is a project by FAUN, where developers meet other developers and learn about the people behind the tools, libraries, frameworks, and other projects they use to build their applications.

We interview developers and ask them about their projects, their motivations, their struggles, and their successes. It's about sharing knowledge and helping each other grow.

👉 If you're a Developer or a maintainer of a widely adopted Open Source project and you think it's worth talking about it and your experiences in building it, join Humans Behind Code!

Aymen from FAUN.

If you have any questions, just hit the reply button!
⭐ Sponsors
nordvpn.sjv.io nordvpn.sjv.io
Best VPN Deal
NordVPN 68% Black Friday discount is here!

👉 Access anything online without restrictions
👉 Add extra layers of security to your digital life
👉 Get the best online protection tools along with your NordVPN service.
👉 Get 3 months FREE with the 2-year plan
🔗 From the web
cloud.google.com cloud.google.com
4 ways to optimize your GKE costs
Trimming your Google Kubernetes Engine (GKE) costs is a simple matter of using built-in tools and following well-established best practices.
cloud.google.com cloud.google.com
No-cost learning with Google Cloud
Access no-cost Google Cloud training on Coursera - grow in-demand cloud skills to stand out in the job market.
securityintelligence.com securityintelligence.com
How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell   ✅
IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell.
cloud.google.com cloud.google.com
Practicing the principle of least privilege with Cloud Build and Artifact Registry   ✅
People often use Cloud Build and Artifact Registry in tandem to build and store software artifacts - these include container images, to be sure, but also OS packages and language specific packages.

Consider a venn diagram where these same users are also users who use the Google Cloud project as a shared, multi-tenant environment. Because a project is a logical encapsulation for services like
Cloud Build and Artifact Registry, administrators of these services want to apply the principle of least privilege in most cases.

Of the numerous benefits from practicing this, reducing the blast radius of misconfigurations or malicious users is perhaps most important.

Users and teams should be able to use Cloud Build and Artifact Registry safely - without the ability to disrupt or damage one another.

With per-trigger service accounts in Cloud Build and per-repository permissions in Artifact Registry, this post walks through how you can make this possible.

⭐ Supporters
faun.dev faun.dev
Post Developers Jobs for Free on FAUN
Reach developers where they are not where you want them to be.
Post jobs for free reach thousands of developers.
internxt.com internxt.com
70% off on the 2TB Internxt Annual Plan
✅ Encrypted file storage and sharing
✅ Access your files from any device
✅ Get access to all our services

Discount available until December 5th.
📺 Quick Hits
Google announced Private Marketplace, now in preview.
  • The new Private Marketplace feature allows IT and cloud administrators to create a private, curated version of Google Cloud Marketplace that’s accessible to employees within their organization.
  • With your own Private Marketplace, you can: Curate product collections for your org, prevent redundant products, and reduce "shadow IT".
  • Setting up a Private Marketplace is easy and straightforward (Google Cloud Marketplace > Marketplace Governance > Private Marketplace)
  • If you have teams or users that typically use different products from Google Cloud Marketplace, you can create multiple collections for each of them so they only see what’s most relevant.
Cloud Storage gets better system observability with customizable monitoring dashboards.
  • Google Cloud announced the public preview of a new set of Cloud Storage Monitoring Dashboards for Cloud Storage, which are available at both the project level and bucket level.
  • All Cloud Storage users can now access the new dashboards through the Monitoring tab on the left navigation menu.
  • If you have monitoring editor or owner access or project editor or owner access, you can add an alert chart from a previously created alert policy, or you can create an alert by customizing the out-of-the-box dashboard. You are able to see the alerts directly in context on the Cloud Storage Monitoring page if you added the alert chart in a customized dashboard.
  • The customizable dashboard enables you to perform the troubleshooting journey inside the storage pages on the platform, reducing the need to navigate between different monitoring tools or even different monitoring platforms.
📚 Book picks
www.amazon.com www.amazon.com
Cloud Finops: Collaborative, Real-time Cloud Financial Management
With this book, you'll learn:
  • The DNA of a highly functional cloud FinOps culture
  • A road map to build executive support for FinOps adoption
  • How to understand and forecast your cloud spending
  • How to empower engineering and finance to work together
  • Cost allocation strategies to create accountability for cloud and container spend
  • Strategies for rate discounts from cloud commitments
  • When and how to implement automation of repetitive cost tasks
  • How to empower engineering team action on cost efficiency
  • Using unit economics to drive data-driven decision-making
⚙️ Tools
github.com github.com
The Clouditor is a tool to support continuous cloud assurance.
github.com github.com
Open Source Solution for Managing Cloud Environments
github.com github.com
Automated Terraform cloud and enterprise drift detection
github.com github.com
Lookup an IP address to find out which public cloud it originates from
github.com github.com
GCP for Bioinformatics Researchers
👉 Spread the word and help developers find and follow your Open Source project by promoting it on FAUN. Get in touch for more information.
😂 Meme of the week
❤️ Thanks for reading
That's all for this issue of 🦊TheraFox: GoogleCloud Weekly Newsletter

👉 Never miss an issue, subscribe to our newsletter here.

🐦 Follow us on Twitter
📘 Follow us on Facebook
💼 Follow us on LinkedIn