Security Best Practices in Google Cloud (Coursera)

What You Will Learn

- Apply techniques and best practices to secure Compute Engine

- Apply techniques and best practices to secure cloud data

- Apply techniques and best practices to secure applications

- Apply techniques and best practices to secure Kubernetes

Completing this course will count towards your learning in any of the following programs:

- Security in Google Cloud Platform Specialization

- Google Cloud Security Professional Certificate

Syllabus

WEEK 1

Welcome to Security Best Practices in Google Cloud

Welcome to Security Best Practices in Google Cloud! In this course we will build upon the foundations laid during the earlier course in this series, Managing Security in Google Cloud Platform. In this section, expect to learn more about how to implement security "best practices" to lower the risk of malicious attacks against your systems, software and data.

WEEK 2

Securing Compute Engine: Techniques and Best Practices

In this module we will start with a discussion of service accounts, IAM roles and API scopes as they apply to compute engine. We will also discuss managing VM logins, and how to use organization policies to set constraints that apply to all resources in your organization's hierarchy. Next, we will review compute engine best practices to give you some tips for securing compute engine.

Lastly, we will cover encrypting persistent disks with Customer Supplied Encryption keys.

WEEK 3

Securing Cloud Data: Techniques and Best Practices

In this module we discuss controlling IAM permissions and access control lists on Cloud Storage buckets, auditing cloud data, including finding and remediating data that has been set to publicly accessible, how to use signed Cloud Storage URLs and signed policy documents, and encrypting data at rest. In addition, BigQuery IAM roles and authorized views will be covered to demonstrate managing access to datasets and tables. The module will conclude with an overview of storage best practices.

WEEK 4

Securing Applictions: Techniques and Best Practices

In this module we will discuss application security techniques and best practices. We will see how the Google Cloud Security scanner can be used to identify vulnerabilities in your applications, and dive into the subject of Identity and Oauth phishing. Lastly, you will learn how the Google Cloud Identity-Aware Proxy or IAP can be used to control access to your cloud applications.

WEEK 5

Securing Kubernetes: Techniques and Best Practices

Protecting workloads in Google Kubernetes Engine involves many layers of the stack, including the contents of your container image, the container runtime, the cluster network, and access to the cluster API server. In this module, you will learn how to securely set up your Authentication and Authorization, how to harden your clusters, secure your workloads, and monitor everything to make sure it stays in good health.