Professional Documents
Culture Documents
ISBN: 978-1-26-425728-7
MHID: 1-26-425728-7
The material in this eBook also appears in the print version of this title:
ISBN: 978-1-26-425727-0, MHID: 1-26-425727-9.
All trademarks are trademarks of their respective owners. Rather than put a
trademark symbol after every occurrence of a trademarked name, we use
names in an editorial fashion only, and to the benefit of the trademark
owner, with no intention of infringement of the trademark. Where such
designations appear in this book, they have been printed with initial caps.
TERMS OF USE
This is a copyrighted work and McGraw-Hill Education and its licensors
reserve all rights in and to the work. Use of this work is subject to these
terms. Except as permitted under the Copyright Act of 1976 and the right to
store and retrieve one copy of the work, you may not decompile,
disassemble, reverse engineer, reproduce, modify, create derivative works
based upon, transmit, distribute, disseminate, sell, publish or sublicense the
work or any part of it without McGraw-Hill Education’s prior consent. You
may use the work for your own noncommercial and personal use; any other
use of the work is strictly prohibited. Your right to use the work may be
terminated if you fail to comply with these terms.
Acknowledgments
Introduction
Chapter 1 Introduction to the Professional Cloud Architect
Certification
Reasons to Take the Professional Cloud Architect Exam
Prerequisite Knowledge
Case Studies
Mountkirk Games
Dress4Win
TerramEarth
General Tips on Taking Technical Certification Exams
How to Use the Supplementary Resources
Chapter Review
Questions
Answers
Chapter 2 Overview of Cloud Computing and Google Cloud
Overview of Cloud Computing
Google Cloud vs. Other Clouds
Security First
Open Cloud
Analytics and Artificial Intelligence
Global Data Centers and Network
Principles of System Design
A 10,000-Foot Overview of GCP
Compute Solutions
Storage Solutions
Database Solutions
Data Analytics
Networking Solutions
Operations Solutions
Developer Tools
Hybrid Cloud and Multi-Cloud Solutions
Migration Solutions
Security and Identity Solutions
Interacting with the GCP
Google Cloud Console
Command-Line Interface
Exercise 2-1: CLI Example
Client Libraries
Business and Technical Context for the Google Cloud
Architect
Assessing Business Requirements
Assessing Technical Requirements
Chapter Review
Additional References
Questions
Answers
Chapter 3 Cloud Identity
Setting Up a Cloud Identity and Admin Account
Security Principles in the Cloud
The AAA Security Model
Least Privilege and Separation of Duties
Cloud Identity Overview
Managing Users in Cloud Identity
How Users Authenticate to GCP
2-Step Verification
Security Auditing
Chapter Review
Additional References
Questions
Answers
Chapter 4 Resource Management
Cloud Resource Manager Overview
Organization Hierarchy
Organization, Folders, Projects, and Resources
Organization Policies
Best Practices
Exercise 4-1: Creating a Project
Chapter Review
Additional References
Questions
Answers
Chapter 5 Cloud Identity and Access Management
Cloud IAM Overview
Members, Roles, and Policies
Google Accounts
Groups
Service Accounts
IAM Roles
IAM Policies
IAM Conditions
Accounting and Technical Compliance
Chapter Review
Additional References
Questions
Answers
Chapter 6 Networking
Networking Deep Dive
Google’s Global Network
Network Tiers
Virtual Private Cloud, Subnets, Regions, and Zones
Subnet Ranges and IP Addressing
Routes and Firewall Rules
Private Access
Cross-Project Communication
Cloud DNS
Connectivity to Your Cloud
Cloud Router
Cloud VPN
Cloud Interconnect
Cloud Load Balancing
Overview
Cloud CDN
Network Security
Network Security Principles
Google Front End
Firewalls
Cloud Armor
Cloud NAT
VPC Service Controls
Identity-Aware Proxy
Network Logging
Chapter Review
Additional References
Questions
Answers
Chapter 7 Compute and Containers
Google Compute Engine
Virtual Machine Instances
Images
Instance Templates and Instance Groups
Storage Options
OS Login
Google App Engine
App Engine Flex vs. App Engine Standard
Google Kubernetes Engine
Cluster Architecture
Configuration
Node Upgrades
Cloud Functions
Cloud Run
API Management
Apigee
Cloud Endpoints
Secure Your APIs
Chapter Review
Additional References
Questions
Answers
Chapter 8 Storage, Databases, and Data Analytics
Storage
Google Cloud Storage
Cloud Filestore
Persistent Disk
Local SSD
Databases
Cloud SQL
Cloud Spanner
Cloud Bigtable
Cloud Firestore
Cloud Memorystore
Data Analytics
BigQuery
Cloud Dataproc
Cloud Dataflow
Cloud Pub/Sub
Data Security
Data Classification
Cloud DLP
Encryption
Chapter Review
Additional References
Questions
Answers
Chapter 9 DevOps
The DevOps Philosophy
Continuous Integration and Continuous Deployment
Continuous Integration
Continuous Deployment
Infrastructure as Code
Deployment Strategies
Blue-Green Deployment
Rolling Deployment
Canary Deployment
A/B Deployment
Deployment Tools
Google Cloud Deployment Manager
Cloud Build
Cloud Source Repositories
Container Registry
Chapter Review
Additional References
Questions
Answers
Chapter 10 Cloud Operations
Cloud Logging
Log Types
Cloud Trace, Cloud Profiler, and Cloud Debugger
Cloud Monitoring
Workspaces
Monitoring Agent
Uptime Checks
Metrics and Alerts
Dashboards
The Importance of Resilience
Chapter Review
Additional References
Questions
Answers
Chapter 11 Security
Security Fundamentals
CIA Triad
Control Categories
Control Functions
Asset × Threat × Vulnerability = Risk
Security Modernization
Compliance
Infrastructure Security Highlights
Identity Security
Resource Management Security
IAM Security
Network Security
Application Layer Security
Data Security
DevOps Security
Security Operations
Cloud Asset Inventory
Security Command Center
Chapter Review
Additional References
Questions
Answers
Chapter 12 Billing, Migration, and Support
Billing Fundamentals
Cost Control
Migration Planning
Resource Quotas vs. Capacity
Transferring Applications and Data
Training and Enablement
Google Cloud Support
Chapter Review
Questions
Answers
Closing Thoughts
Appendix A Objective Map
Appendix B About the Online Content
System Requirements
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Technical Support
Glossary
Index
ACKNOWLEDGMENTS
First and foremost, thank you for purchasing this book. I am truly humbled
that you are joining this learning journey by reading this content. Second,
you owe yourself thanks for even getting this far in investing in your future.
If you’re reading this page, you’ve already set the intention of gaining
knowledge in exchange for a better future for yourself and your loved ones.
Now you just need to follow through with your decision and spend an hour
a day on this investment. Everything you want to achieve in life takes work,
and although there are failures along the way, great things never come easy.
Whether you’re reading this book because you’ve been tasked with
passing the Google Cloud Professional Cloud Architect certification for
your job or for your personal objectives, you should know that having a
certification is not the end all, be all. There is a lot more to being a cloud
architect than carrying the badge on your belt. But the badge itself can open
up so many high-paying doors in a market that is significantly growing for
GCP architects. So our focus here is to help you pass the Google Cloud
Professional Cloud Architecture exam and also to help you understand
Google Cloud architecture from a more pragmatic point of view. This will
make more of an impact in your meetings, day-to-day work, and job
interviews.
One thing you’ll notice about this book is that it doesn’t read like a
traditional technical certification book. One of the biggest issues I have
with certification books is that they prepare you to take an exam, but leave
you struggling to identify and articulate concepts in the real world. In this
book, you’ll find quite a few elements of philosophy, academia, on-the-job
scenarios, and humor scattered around. You don’t have to take learning so
seriously all the time—it can be fun, enjoyable, thought-provoking, and
deeply technical all at the same time. You’d much rather be a multifaceted
architect—being technical is only one piece of the puzzle. Building
relationships and building influence will help you grow in your career,
especially as an architect, where you’re trusted to design the expensive
technology systems that power your organization. Also, know that this book
intentionally starts from scratch and iteratively builds on, from basic
foundational knowledge of computing concepts to the full-fledged cloud
architecture best practices. It picks up heavily when you get to Chapter 6,
the networking chapter; that’s when the mask comes off and the fun begins!
As technologists, we’ve innovated at the speed of light, yet the ethical
and moral standards of life haven’t kept up through our technological
advances. Technology runs the world in today’s day and age. So you, my
friends, hold a lot of power in your fingertips. It takes true representation to
solve issues unseen to the common technologist, and that is what makes
Google and some of the other leading companies that strive for equality so
special. There is a lot of merit involved for everyone who is fighting for
equal opportunity. But even if the opportunity is equal, we still need to do a
better job of attracting and grooming individuals from all walks of life into
tech. Big shout out to every underrepresented and marginalized group that
strives for equality and equal representation—women, people of color,
LGBTQ+ folks, and beyond. Nobody should ever be discriminated against
by the things that are absolute. We need to be aware of the unintended
implications our technology might trigger if we’re not designing it with
everyone in mind.
NOTE Unconscious biases are the automatic, mental shortcuts our minds
use to process information and make quick decisions. Your mind filters out
these bits of information from your consciousness, so you may not even
realize your biases unless you educate yourself and actively work to
overcome them. Take a look at all of the research behind Google’s
philosophy on unbiasing; it’s a big element of Google’s culture and has
been scientifically proven to help facilitate better decision-making:
https://rework.withgoogle.com/subjects/unbiasing/.
The Google Cloud Professional Cloud Architect exam is quite a bit more
comprehensive than your typical technology certification. Google Cloud
has done a phenomenal job of putting together a certification exam that
Another random document with
no related content on Scribd:
THE WINNETUXET.
Singlehurst,
Plympton, Mass.
HYMN ANCESTRAL.
Plympton, Mass.,
September 17, 1920.
A GARLAND.
In one aspiring carillon
God’s Sabbath-bells a-rhyme,
From country-side to country-side
Have set the world a-chime.
Like jewels dropped from heaven,
Ere time or death were known,
The arbutus is blooming,
Where never dust is blown,
For her—the Pilgrim Mother,—
Steadfast and halo-spanned,
Where, still, like constellations burn,
Her footsteps in the sand.
THE UMPAME MUSKETEERS.
O barefoot days, the bickering rains have deluged all the years,
But still the wide blue wonder calls to me,
And some day I shall answer where the waves run wild,
Once more a happy child.
36 Woodland Street,
Hartford, Ct.,
January 17, 1921.
NEW ENGLAND.
New England—Daughter of the Sun—
A laurel on your brow,
The thrill of springtime in your heart,
Yea, we are lovers now,
And we shall wind a lover’s horn
High on the hills of space,
To echo far beyond the stars;
I shall behold your face,
With laughing eyes, when time is not;
Your lifting vistas then,
As now, will haunt and wake in me
A chording great amen.
HILLS O’ MY HEART.
The bloom of night lay on the hills,
Lay on the hills o’ my heart,
When a white star came as on wings of light,
And my soul grew warm,
And my soul grew bright,
With a wild-sweet wonder of yesterday,
Mid a valley green, but it would not stay,
For the bloom of night lay on the hills,
Lay on the hills o’ my heart.
MASCOTTE.