GCP Flowcharts
Mark is a certified AWS Solution Architect Professional and Google Cloud Architect Professional. He is passionate about cloud, business and people. He has worked globally in tech for over 20 years.
So simple yet so powerful. These charts help people understand Google Cloud!
GCP has produced a number of flowcharts over the years.
This single post also allows me to maintain an up to date collection from one place.
There will always be times when choices will have to be made for each use case.
A flowchart or visual decision tree helps the discussion and can provide clarity.
Which compute option?*
Choosing the right compute option in GCP: a decision tree https://cloud.google.com/blog/products/compute/choosing-the-right-compute-option-in-gcp-a-decision-tree
App Hosting on Google Cloud
https://cloud.google.com/hosting-options#comparing_options
Which Serverless (compute) Option?
Serverless Computing
https://cloud.google.com/serverless
GKE Cluster size?
Cluster administration overview
https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-admin-overview
Serverless Scale Strategies
6 strategies for scaling your Serverless applications
https://cloud.google.com/blog/products/serverless/6-strategies-for-scaling-your-serverless-applications
Rate-limiting strategies and techniques https://cloud.google.com/architecture/rate-limiting-strategies-techniques
Storage and Data
What Storage type?
Google Cloud databases
https://cloud.google.com/products/databases/
Transfer method for big data sets to GCP?
Migration to Google Cloud: Transferring your large datasets
https://cloud.google.com/architecture/migration-to-google-cloud-transferring-your-large-datasets
Cloud storage type?
Storage classes
https://cloud.google.com/storage/docs/storage-classes#comparison_of_storage_classes
Dataproc vs dataflow?
Dataflow
https://cloud.google.com/dataflow/
Dataproc https://cloud.google.com/dataproc/
Apache Bream https://beam.apache.org/
Security How to manage encryption keys?
Managing encryption keys in the cloud: introducing Google Cloud Key Management Service
https://cloud.google.com/blog/products/gcp/managing-encryption-keys-in-the-cloud-introducing-google-cloud-key-management-service?m=1
Encryption at rest in Google Cloud https://cloud.google.com/docs/security/encryption/default-encryption
Which Authentication option?
Firebase Authentication
https://firebase.google.com/docs/auth/
Service accounts https://cloud.google.com/iam/docs/service-accounts
User Authentication Options https://cloud.google.com/appengine/docs/standard/python/oauth/
Using JSON Web Tokens (JWTs) https://cloud.google.com/iot/docs/how-tos/credentials/jwts
What is Cloud Identity? https://support.google.com/cloudidentity/answer/7319251?hl=en&visit_id=637828650815588657-4061234347&rd=1
Which identity management product?
Simplifying identity and access management of your employees, partners, and customers
https://cloud.google.com/blog/products/identity-security/simplifying-identity-and-access-management-of-your-employees-partners-and-customers
Identity and authentication, the Google Cloud way https://cloud.google.com/blog/products/identity-security/identity-and-authentication-the-google-cloud-way
Securing your GKE end points
Apigee Edge
https://docs.apigee.com/api-platform/get-started/what-apigee-edge
Istio Security https://istio.io/latest/docs/concepts/security/
Enabling IAP for GKE https://cloud.google.com/iap/docs/enabling-kubernetes-howto
Getting started with Identity Platform https://cloud.google.com/blog/products/identity-security/getting-started-with-identity-platform
Authenticating service accounts?*
Best practices for using and managing service accounts
https://cloud.google.com/iam/docs/best-practices-for-using-and-managing-service-accounts
Attaching a service account to a resource https://cloud.google.com/iam/docs/impersonating-service-accounts#attaching-to-resources
Use Workload Identity https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
Kubernetes Managing Service Accounts https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/
Workload identity federation https://cloud.google.com/iam/docs/workload-identity-federation
Requesting temporary security credentials https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
HashiCorp Vault Service Account Keys https://www.vaultproject.io/docs/secrets/gcp#service-account-keys
Networking
Which network tier?
Animated Image
https://2.bp.blogspot.com/-Za3HWtGbQK8/WZ3TuWoVxzI/AAAAAAAAETc/bkqmGj9TBXYGTMO6naL3t_pRh_LIz7XtACK4BGAYYCw/s1600/image2.gif
NETWORK SERVICE TIERS https://cloud.google.com/network-tiers/
Choosing a Load balancer?
Cloud Load Balancing overview
https://cloud.google.com/load-balancing/docs/load-balancing-overview
Choosing a floating IP address pattern?
Patterns for using floating IP addresses in Compute Engine
https://cloud.google.com/architecture/patterns-for-floating-ip-addresses-in-compute-engine
Choosing a connection option for another Cloud to GCP?
Patterns for connecting other cloud service providers with Google Cloud
https://cloud.google.com/architecture/patterns-for-connecting-other-csps-with-gcp
Hybrid & multi-cloud logging & monitoring patterns
Hybrid and multi-cloud monitoring and logging patterns
https://cloud.google.com/architecture/hybrid-and-multi-cloud-monitoring-and-logging-patterns
What annotations(labels) should you use for which use case?
Labelling and grouping your Google Cloud Platform resources
https://cloudplatform.googleblog.com/2018/06/Labelling-and-grouping-your-Google-Cloud-Platform-resources.html
[References] https://cloud.google.com/ https://cloud.google.com/blog/products/gcp
