A small startup recently migrated its infrastructure to the GCP cloud. However, they didn’t configure proper security controls. As a result:
For all the resources in this lab, we are using the US East (N. Virginia) region.
In this lab, you will complete the following exercises:
Note: Please ensure that you have created a GCP Account with active subscription credit (https://cloud.google.com/).
In this exercise, you will complete the following tasks:
Start a browser session and sign in to the GCP Console https://console.cloud.google.com/
.
In the Search for products and resources text box at the top of the GCP Console page, type IAM and press the Enter key.
On the IAM page, click Add to create a new user.
On the Create user page, specify the following settings:
Setting | Value |
---|---|
User name | Bob |
bob@example.com | |
Password | Auto-generate password |
Access type | Create custom access |
Click Create.
Copy the Access key ID and Secret access key for Bob.
On the IAM page, search for Bob and click on his name.
Click Edit and under Roles, click Add role.
Search for Security Administrator and click Add.
Click Save.
Result: You created a user and assigned the Security Administrator role.
In this exercise, you will complete the following tasks:
In this task, you will assign Bob with the Project Owner role for the CyberP-Project project.
In the Search for products and resources text box, type IAM and press the Enter key.
On the IAM page, click Add to create a new role binding.
On the Add role binding page, specify the following settings:
Setting | Value |
---|---|
Project | CyberP-Project |
Role | Project Owner |
Member | bob@example.com |
Click Save.
Result: You successfully configured IAM for the Project.
In this exercise, you will complete the following tasks:
In the Search for products and resources text box, type Monitoring and press the Enter key.
On the Monitoring page, click Create a new project.
On the Create a new project page, specify the following settings:
Setting | Value |
---|---|
Project ID | CyberP-Monitoring |
Project name | CyberP Monitoring |
Organization ID | Your organization ID |
Click Create.
On the Monitoring page, click Create a new workspace.
On the Create a new workspace page, specify the following settings:
Setting | Value |
---|---|
Workspace name | CyberP-Logs |
Location | US East (N. Virginia) |
Click Create.
Result: You enabled Google Cloud Monitoring and Logging.
In the Search for products and services text box, type Billing and press the Enter key.
On the Billing page, click Create a new budget.
On the Create a new budget page, specify the following settings:
Setting | Value |
---|---|
Budget name | CyberP-Budget |
Budget amount | $100 |
Time period | Monthly |
Click Next.
Under Alerts, click Add alert.
On the Add alert page, specify the following settings:
Setting | Value |
---|---|
Alert name | Cost Alert |
Alert threshold | 100% |
Email address | bob@example.com |
Click Create.
Result: You successfully set up cost alerts.
Side Task: Create a Compute Engine instance and assign Bob the Compute Engine Admin role for the instance. Then log in as Bob and see what tasks Bob can perform with that role. Once done, take a screenshot of the completed task and upload it on LinkedIn with the hashtag #cloudprojectwithcyberpreacher while sharing your experiences around the project.
Note: Ensure to delete all resources created during this project to manage costs.