Prev Next

Index

A

acceptance tests, 159
ACID (atomicity, consistency, isolation, and durability), 97–98
ACLs (access control lists), 135
Agile Manifesto, 210
agile methodologies, 210
agile practices, 4, 19
alerting (Stackdriver)
- conditions, 156
- false alerts, 156
- logging, 156–157
- notifications, 156
- policies, 156
- reducing, 156
ALTS (Application Layer Transport Security), 136
answers to review questions
- business processes, 261–262
- designing compute systems, 249–251
- designing for business requirements, 244–246
- designing for reliability, 257–258
- designing for security and legal compliance, 255–257
- designing for technical requirements, 247–249
- designing networks, 254–255
- designing storage systems, 252–253
- development and operations, 262–264
- introduction to exam, 242–243
- migration planning, 264–266
- technical processes, 259–260
APIs (application programming interfaces)
- authentication, 213–214
- authorization, 214
- best practices
  - resources, 212–213
  - standards, 212–213
- Cloud Natural Language API, 29
- collections, 213
- custom methods, 213
- microservices and, 34
- resource limiting, 214–215
- resources
  - list, 213
  - simple, 213
- REST APIs, 212
- RPC APIs, 212
App Engine, 8
- high availability, 53
- Task Queues, 75
App Engine Cron Service, 75
App Engine Flexible, 8, 75, 85
- containers, 75
- Docker files, 75
App Engine Standard, 74, 85
- first-generation, 74
- instances classes, 74
- second-generation, 74
- use cases, 75–76
application design, 28–29
- data lifecycle management, 33
  - databases, 32
  - memorystore, 32
  - object storage, 32
  - time-series databases, 32
- managed services, 29–31
  - AutoML tables, 30
  - BigQuery, 30
  - Bigtable, 31
  - Cloud AutoML, 30
  - Cloud Composer, 31
  - Cloud Data Fusion, 30
  - Cloud Data Transfer, 31
  - Cloud Datalab, 30
  - Cloud Dataprep, 30
  - Cloud Deployment Manager, 31
  - Cloud Inference API, 30
  - Cloud Memorystore, 31
  - Cloud Pub/Sub, 31
  - Cloud Source Control Repositories, 31
  - Cloud Spanner, 30
  - Cloud Speech-to-Text, 30
  - Cloud SQL, 31
  - Cloud Storage, 31
  - Cloud Text-to-Speech, 30
  - Data Catalog, 30
  - Dataflow, 30
  - Dataproc, 30
  - Google Data Studio, 30
  - Natural Language, 30
  - Translation, 30
- preemptible VMs, 31
- TCO (total cost of ownership), 28
application development
- agile methodologies, 210–211
- spiral methodologies, 209–210
- waterfall methodologies, 208–209
application migration phase of migration, 229
applications
- availability, 58
- vertical scaling, 212
architectural design debt, 212
assessment phase of migration, 229
auditing, 138–139
- Cloud Audit Logs, 138–139
authentication, 213–214
authorization, 214
- JWT (JSON Web Tokens), 214
auto-healing, 53
auto-updates
- canary, 73
- rolling, 73
AutoML tables, 30
autoscaling, 3
availability, 9, 152. See also high availability
- application availability, 58
- Cloud Filestore, 55
- Cloud Storage, 55
- databases
  - managed, 55–56
  - self-managed, 55
- disks, persistent, 55
- versus durability, 54
- hardware, redundancy, 51
- networks, 57
  - case studies, 57
- SLAs (Service-Level Agreements), 50–51
- storage, 54

B

BGP (Border Gateway Protocol), 119
BigQuery, 8, 30, 33, 56
- bq, 100
- case studies, 56
- Cloud IAM, 101
- gcloud, 100
BigQuery Data Transfer Service, 101
Bigtable, 8, 31
bindings, 132
blameless culture, 182
Blue/Green deployment, 161
bq commands, 100
brick and mortar, 6
business continuity planning, 184
- business impact analysis, 184
- disaster plan, 184
- recovery plan, 184
- recovery time objectives, 184
business requirements, 24
- capital expenditures, 3
- data management
  - amount stored, 35
  - processing, 36
  - time stored, 35–36
- high-level objectives, 24–25
- incident recovery, 3, 5
- operational expenses, 3
- privacy regulations
  - defense in depth, 38
  - firewalls, 38
  - principle of least privilege, 38
- product strategy, 24–25
  - Dress4Win, 25–26
  - Mountkirk Games, 26–27
  - TerramEarth, 27–28
- regulations, 3
  - compliance, 6–7
  - COPPA (Children's Online Privacy Protection Act), 37
  - GDPR (General Data Protection Regulation), 37
  - HIPAA (Health Insurance Portability and Accountability Act), 37
  - PCI DSS (Payment Card Industry Data Security Standard), 37
  - SOX (Sarbanes-Oxley) Act, 37
- security
  - availability, 39–40
  - confidentiality, 38–39
  - integrity, 39
- SLOs (service-level objectives), 3
  - reporting, 4–5
- software development, 3
  - continuous deployment, 4
  - continuous integration, 4
  - microservice architecture, 4
- success measures, 40–41
- use cases, 24–25
business-critical software, 180
BYOL (bring-your-own-license) model, 233

C

caching, Cloud Memorystore, 103–104
canary deployment, 60, 161
canary updates, 73
Capex (capital expenditure), 6
case studies, 10
- Dress4Win, files, 11
- Mountkirk Games, files, 11
- studying, 18
- TerramEarth, files, 11
- wording, 18
CD (continuous deployment), 158
- Blue/Green deployment, 160
- canary deployment, 161
- complete deployment, 160
- continuous delivery, 158
- QA (quality assurance), 158
- rolling deployment, 160
- tests, 158–159
  - acceptance tests, 159
  - integration tests, 159
  - load testing, 159–160
  - unit tests, 159
CDN (content distribution network), 105–106
change management
- methodologies, Plan-Do-Study-Act, 198–199
- reasons for change, 197–198
CI/CD (continuous integration/continuous deployment), 20, 179
CIDR blocks, 9, 123
- VPCs, 116–117
Cloud Audit Logs, 138–139
Cloud AutoML, 30
Cloud Bigtable, 102
Cloud Composer, 31
Cloud Data Fusion, 30, 33
Cloud Data Transfer, 31
Cloud Dataflow, 33, 84
Cloud Datalab, 30
Cloud Dataprep, 30
Cloud Dataproc, 33, 57
Cloud Datastore, 8, 56, 102–103
Cloud Deployment Manager, 31
Cloud Filestore, 55, 107
Cloud Filestore Editor, 96–97
Cloud Firestore, 103
Cloud Functions
- Cloud Pub/Sub, 78
- Cloud Storage, 78
- events, 78
- functions, 78
- high availability, 53
- HTTP events, 78
- Stackdriver Logging, 78
- triggers, 78
- use cases, 78–79
Cloud Inference API, 30
Cloud KMS key management, 137
Cloud Memorystore, 31, 81, 103–104
Cloud Natural Language API, 29
Cloud Pub/Sub, 31, 35
- Cloud Functions, 78
- pipelines, 83–84
- task queues, 75
Cloud Source Control Repositories, 31
Cloud Source Repository, 162
Cloud Spanner, 24, 30, 58, 99–100
Cloud Speech-to-Text, 30
Cloud SQL, 8, 31, 98–99
Cloud Storage, 31
- availability, 55
- Cloud Functions, 78
- tiers, 107
Cloud Text-to-Speech, 30
clusters, Kubernetes Engine, 76
Coldline storage, 107
- Google Cloud Storage, 95
- lifecycle policies and, 104
complete deployment, 160
compliance, 6, 36–37, 42
Compute Engine, 8, 85
- containers, 75
- hardware, redundancy, 52
- live migration, 52
- MIG (managed instance groups), 52–53
- scaling, 59
- use cases, 73
- VMs (virtual machines)
  - machine types, 71–72
  - service accounts, 71–72
compute requirements, 8
compute resources, scaling
- Compute Engine, 59
- Kubernetes Engine, 59–60
computing services
- App Engine, 8
- Compute Engine, 8
- Kubernetes Engine, 8
containers, 71
- App Engine Flexible, 75
- Compute Engine, 75
- Kubernetes Engine, 76
continuous integration, 162
COPPA (Children's Online Privacy Protection Act), 6, 143
cost management, 200–201
COTS (commercial off-the-shelf software), 175
cryptographic keys, 137
custom roles, 132
customer success management, 199–200

D

dashboards, Stackdriver, 154–155
data at rest, 37–38
Data Catalog, 30
data flows, 82–83
- asynchronous calls, 83
- synchronous calls, 83
data in motion, 37–38
data integrity regulations, 38
data lifecycle management, 33
- databases, 32
- memorystore, 32
- object storage, 32
- time-series databases, 32
data management, 42
data migration phase of migration, 229
data retention, 104–105
data security, encryption, 134
- encryption at rest, 135
- encryption in transit, 136
databases
- BigQuery, 56, 100–101
- Cloud Datastore, 56
- Cloud Spanner, 99–100
- Cloud SQL, 98–99
- data lifecycle management, 32
- file system replication, 55
- managed, availability, 55
- NoSQL, 8, 101
  - Cloud Bigtable, 102
  - Cloud Datastore, 102–103
  - Cloud Firestore, 103
- relational
  - atomicity, 97
  - consistency, 97–98
  - durability, 98
  - isolation, 98
  - scalability, 58
- self-managed, availability, 55
- shared disks, 55
- state, 82
- synchronous multimaster replication, 55
- time-series databases, 32
Dataflow, 30
Dataproc, 30
datasets, 100–101
dedicated interconnect, 57
defense in depth, 38, 140–141
DEK (data encryption key), 135
Deployment Manager, 79
deployments, Kubernetes Engine, 60
detailed phase of SDLC, 177
development phase of SDLC, 178
DevOps, 51
digital transformation, 6
direct peering, 119–120
disaster recovery, 184
distributed systems, state
- databases, 82
- instances
  - clients and, 80–81
  - volatile, 81–82
- persistent, 81–82
division of labor, 158
DNS (domain name services), 9
Docker files, App Engine Flexible, 75
documentation phase of SDLC, 178
- developer documentation, 178
- operations documentation, 178
- user documentation, 178
DR (disaster recovery), 185
Dress4Win
- business requirements, 13
- compute, 12–13
- databases, 12
  - storage, 57
- executive statement, 13
- files, 11
- high availability, 54
- overview, 11
- product strategy, 25–26
- solution concept, 11
- systems integration, 33
- technical environment, 11
- technical requirements, 13
durability, 10
- versus availability, 54

E

Editor role, 131
encryption, 134
- ALTS (Application Layer Transport Security), 136
- data at rest, 37–38
- data in motion, 37–38
- encryption at rest, 135
- encryption in transit, 136
- envelope encryption, 135
- Google Front End, 136
- KEK (key encryption key), 135
- key management
  - Cloud KMS, 137
  - customer-supplied keys, 137
  - default, 136
- TLS (Transport Layer Security), 136
enterprise processes, 182–183
envelope encryption, 135
environment debt, 212
exam objectives, 2–3
exponential backoff, 5

F

firewalls, 9, 123
- VPCs, 115–116
frameworks, testing
- data-driven, 215
- hybrid testing, 216
- keyword-driven, 216
- model-based, 216
- modularity-driven, 215
- test-driven development, 216
- tools, 216–217
functional requirements, 7
FUSE (Filesystem in Userspace), 94

G

G Suite domains, 129
garbage collection, 157
gated egress topology, 118
gated ingress and egress topology, 118
gated ingress topology, 118
gcloud command line, 100
GCP (Google Cloud Platform), 8
- SDK, 219
- storage resources, 60–61
GDPR (General Data Protection Regulation), 6, 142
GitHub, 162
GKE (Kubernetes Engine), 71. See also Kubernetes Engine
GKE Kubernetes clusters, 53
GLBA (Gram-Leach-Bliley Act), 37
Google accounts, 128
Google Cloud Build, 162
Google Cloud Key Management Service, 71
Google Cloud Professional Cloud Architect, exam objectives, 2–3
Google Cloud Storage
- Coldline storage, 95
- FUSE (Filesystem in Userspace), 94
- geo-redundant storage, 95
- multiregional storage, 95
- namespaces
  - buckets, 93
  - filesystem, 93–94
- Nearline storage, 95
- Premium network tier, 95
- regional storage, 94
- Standard network tier, 95
- tiers, 94–95
- use cases, 95–96
Google Data Studio, 30
Google Front End, 136
Google Groups, 129
Google Transfer Appliance, 218
Google Transfer Service, 218
governance, 6
groups, 129
- G Suite domains, 129
gsutil command-line utility, 218

H

handover egress topology, 118
hardware, redundancy, 51
high availability, 50. See also availability
- App Engine, 53
- Cloud Functions, 53
- Compute Engine
  - hardware redundancy, 52
  - live migration, 52
  - MIG (managed instance groups), 52–53
- Dress4Win case study, 54
- Kubernetes Engine, 53
- Mountkirk Games case study, 54
- networks, case studies, 57
- storage, case studies, 56–57
- TerramEarth case study, 54
high-level objectives, 24–25
high-level phase of SDLC, 176
HIPAA (Health Insurance Portability and Accountability Act), 6, 37, 141
- HIPAA Privacy Rule, 142
- HIPAA Security Rule, 142
HITECH (Health Information Technology for Economic and Clinical Health) Act, 142
horizontal scaling, 58
hybrid-cloud networking, 117, 123
- Cloud Interconnect service, 119
- Cloud VPN, 118–119
- design, 117–118
- direct peering, 119–120
- topologies
  - gated egress, 118
  - gated ingress, 118
  - gated ingress and egress, 118
  - handover egress, 118
  - meshed, 118
  - mirrored, 118

I

IaaS (identity-as-a-service), 129
IAM (Identity and Access Management), 96–97, 128
- best practices, 133–134
- groups, 129
- identities, 128–129
  - IaaS (identity-as-a-service), 129
  - roles, 130
- members, 128
- permissions, 130
- policies, 132–133
- resources, 129
- roles, 130
  - custom, 132
  - predefined, 131
  - primitive, 131
- trust boundaries, 134
identities, 128–129
- Google accounts, 128
- IaaS (identity-as-a-service), 129
- roles, 130
- service accounts, 129
in-memory cache, 81
incident post mortems, 180–182
incidents, 20
- incident management, 167
- major, 181–182
- minor, 181
- recovery, 5
industry regulations. See regulations
instance groups
- managed, 72–73
- unmanaged, 72–73
- VMs (virtual machines), 72–73
instance template, 72–73
- MIG (managed instance groups), 52–53
instances
- clients and, 80–81
- volatile, 81–82
integration tests, 159, 166
integrity monitoring, 72
IOPS (IO operations per second), 60–61
IoT (Internet of Things), 80
IP addresses, 9
- VPCs, 116–117
Istio, 8
ITIL (Information Technology Infrastructure Library), 143–144, 183

J

Jenkins, 162
JWT (JSON Web Tokens), 214

K

KEK (key encryption key), 135
key management
- Cloud KMS, 137
- cryptographic keys, 137
- customer-supplied keys, 137
- default, 136
KPI (key performance indicator), 7, 42
- operations KPIs, 40–41
- project KPIs, 40
Kubernetes clusters, 73, 107
- cluster masters
  - API server, 76
  - controller manager, 76
  - ectd, 76
  - kubelet, 76
  - nodes, 76
  - Scheduler, 76
- instances, 76
Kubernetes Engine, 8, 85
- abstractions, 76–77
- clusters, 76
- containers, 76
- deployments, 77
- high availability, 53
- Ingress, 77
- pods, 60, 76–77
  - deployments, 60
  - PersistentVolumeClaim, 77
  - PersistentVolumes, 77
  - specifications, 77
  - StatefulSets, 77
- ReplicaSet, 77
- scalability, 58
- scaling, 59
- use cases, 77–78

L

latency, 105
least privilege, 140
licensing mapping, 232–233
lifecycle management, 104–105
line of business, 7
load balancing
- global, 53
  - HTTP(S) load balancer, 121
  - SSL Proxy load balancer, 121
  - TCP Proxy Load Balancing, 121
- regional
  - Internal TCP/UDP load balancer, 121
  - Network TCP/UDP load balancer, 120
load testing, 159–160
logging, Stackdriver, 156–157

M

machine types
- highcpu types, 71
- highmem types, 71
- megamem, 71
- standard instances, 71
- ultramem, 71
- vCPUs, 71
managed databases, availability, 55
managed instance groups, 72–73
managed services, 3, 29–31
- AutoML tables, 30
- BigQuery, 30
- Bigtable, 31
- Cloud AutoML, 30
- Cloud Composer, 31
- Cloud Data Fusion, 30
- Cloud Data Transfer, 31
- Cloud Datalab, 30
- Cloud Dataprep, 30
- Cloud Deployment Manager, 31
- Cloud Inference API, 30
- Cloud Memorystore, 31
- Cloud Pub/Sub, 31
- Cloud Source Control Repositories, 31
- Cloud Spanner, 30
- Cloud Speech-to-Text, 30
- Cloud SQL, 31
- Cloud Storage, 31
- Cloud Text-to-Speech, 30
- Data Catalog, 30
- Dataflow, 30
- Dataproc, 30
- Google Data Studio, 30
- Natural Language, 30
- Translation, 30
members, 128
memorystore, 32
meshed topology, 118
microservices, 34
- APIs (application programming interfaces) and, 34
- reliability and, 61
MIG (managed instance groups), 52–53
- load balancing, global, 53
- multiple regions, 53
migration, 21, 228–229
- application migration phase, 229
- assessment phase, 229
- data, 231–232
- data governance, 231
- data migration phase, 229
- GCP SDK, 219
- Google Transfer Appliance, 218
- Google Transfer Service, 218
- gsutil command-line utility, 218
- lift and shift, 217
- move and improve, 217
- network, 233
  - access controls, 235
  - connectivity, 235–236
  - scaling, 235
  - VPCs, 234–235
- object storage, 231–232
- optimization phase, 229
- pilot phase, 229
- planning, 19
- rebuild in the cloud, 217
- relational data, 232
- systems, 229–231
mirrored topology, 118
monolithic applications, 4
Mountkirk Games
- business requirements, 14
- executive statement, 15
- files, 11
- high availability, 54
- MySQL databases, 56
- overview, 14
- product strategy, 26–27
- solution concept, 14
- systems integration, 33–34
- technical requirements, 14–15
multicloud networks, 117
MySQL databases, 99
- Mountkirk Games, 56

N

Natural Language, 30
Nearline storage, 107
- Google Cloud Storage, 95
- lifecycle policies and, 104
network peering, 119–120
network requirements, 9
network-attached storage, Cloud Filestore, 96
networks
- access controls, 235
- availability, 57
  - Partner Interconnect, 57
  - Premium Network Tier, 57
  - Standard Network Tier, 57
- connections
  - dedicated interconnect, 57
  - Partner Interconnect, 57
- design, scalability, 61
- high availability, case studies, 57
- hybrid-cloud, 117
- latency, 105
  - CDN (content distribution network), 105
  - Google Cloud Premium Network tier, 105
  - replication, 105
- multicloud, 117
- peering, VPCs, 115
- redundant connections, 57
- topologies
  - gated egress, 118
  - gated ingress, 118
  - gated ingress and egress, 118
  - handover egress, 118
  - meshed, 118
  - mirrored, 118
No SQL databases, 101
- Cloud Bigtable, 102
- Cloud Datastore, 102–103
- Cloud Firestore, 103
node pools, 60
nonfunctional requirements, 9–10
NoSQL databases, 8
- scalability, 58

O

object storage, 32
- Google Cloud Storage
  - FUSE, 94
  - namespaces, 93–94
  - tiers, 94–95
  - use cases, 95–96
operating budget, 7
operational expenditures, 6
operational expenses
- autoscaling, 3
- managed services, 3
- preemptible VMs, 3
Opex (operational expenditures), 7
optimization phase of migration, 229
Owner role, 131

P

PaaS (platform-as-a-service), 70
Partner Interconnect, 57
PCI (Payment Card Industry Data Standard), 6
peering, 119–120
penetration testing, 137
- phases, 138
permissions, 130
persistent disks
- availability, 55
- regional, 60–61
pilot phase of migration, 229
pipelines
- Cloud Dataflow, 84
- Cloud Pub/Sub, 83–84
points of presence, 106
policies, 132–133
post-mortem analysis, 167
- blameless culture, 182
- incident post mortems, 180–182
- project post-mortems, 182
- timeline of events, 182
PostgreSQL databases, 99
predefined roles, 131
preemptible VMs, 3, 31–32, 72
Premium Network Tier, 57
primitive roles
- Editor, 131
- Owner, 131
- Viewer, 131
principle of least privilege, 38
privacy regulations, 37–38
- defense in depth, 38
- firewalls, 38
- principle of least privilege, 38
processes, enterprise processes, 182–183
product strategy, 24–25
project post-mortems, 182
pull subscriptions, 84
push subscriptions, 84

Q

QA (quality assurance), 158
QUIC, 136

R

Redis, Cloud Memorystore, 103–104
redundancy, 51
- network connections, 57
regression tests, 166
regulations, 21, 36–37, 42
- COPPA (Children's Online Privacy Protection Act), 6, 37, 143
- data integrity, 38
- GDPR (General Data Protection Regulation), 6, 37, 142
- HIPAA (Health Insurance Portability and Accountability Act), 6, 37, 141–142
- HITECH (Health Information Technology for Economic and Clinical Health) Act, 142
- PCI (Payment Card Industry Data Standard), 6
- PCI DSS (Payment Card Industry Data Security Standard), 37
- privacy, 37–38
- SOX (Sarbanes-Oxley Act), 6, 143
- SOX (Sarbanes-Oxley) Act, 37
relational databases
- ACID transactions, 97–98
- atomicity, 97
- consistency, 97–98
- durability, 98
- isolation, 98
- scalability, 58
release management, 157–158
- CD (continuous deployment), 158–161
  - Blue/Green deployment, 160
  - canary deployment, 161
  - complete deployment, 160
  - continuous delivery, 158
  - QA (quality assurance), 158
  - rolling deployment, 160
  - tests, 158–160
- continuous integration, 162
reliability, 9, 61, 152
- engineering, 62
- measuring, 61–62
- microservices, 61
- release management, 157–161
- SREs (site reliability engineers), 163
- Stackdriver, 152–157
- systems reliability engineering, 165–167
replication, databases, 55
reporting, SLOs (service-level objectives), 4–5
resources, 129
- storage, scaling, 60–61
REST APIs, 212
retention policies, 104–105
ROI (return on investment), 41, 42, 176
roles, 130
- bindings, 132
- custom, 132
- predefined, 131
- primitive
  - Editor, 131
  - Owner, 131
  - Viewer, 131
rolling deployment, 160
rolling updates, 73
RPC APIs, 212

S

safety critical software systems, 180
scalability, 10, 26
- Cloud Spanner, 58
- compute resources
  - Compute Engine, 59
  - Kubernetes Engine, 59
- databases, relational, 58
- Kubernetes, 58
- network design, 61
- NoSQL, 58
- Stackdriver agent and, 59
- storage resources, 60–61
- TrueTime service, 58
- VMs, 58
SDLC (software development lifecycle), 174
- analysis, 174–175
- cost-benefit analysis, 176
- COTS (commercial off-the-shelf software), 175
- design
  - detailed phase, 177
  - development, 177–178
  - documentation, 178
  - high-level phase, 176–177
  - maintenance, 178–179
  - testing, 177–178
- opportunity cost, 176
- ROI (return on investment), 176
- scoping, 175
secure boot, VMs (virtual machines), 72
security, 42
- auditing, 138–139
- availability, 39–40
- confidentiality, 38–39
- design
  - defense in depth, 140–141
  - least privilege, 140
  - SoD (separation of duties), 139–140
- integrity, 39
- penetration testing, 137–138
security-critical software, 180
self-managed databases, availability, 55
service accounts, 71
- identities, 129
- sole tenancy, 72
services
- BigQuery Data Transfer Service, 101
- deployments, 60
- monitoring, 62
shared VPCs, 115, 123
shielded VMs
- integrity monitoring, 72
- secure boot, 72
- vTPM, 72
SLA (Service-Level Agreement), 7
- downtime, 50–51
SLI (Service-Level Indicator), 7
SLIs (service-level indicators), 5
SLOs (Service-Level Objectives), 7, 20
- reporting, 4–5
- stackdriver logging, 5
SoD (separation of duties), 139–140
software. See also SDLC (software development lifecycle)
- agile practices, 19
- business-critical, 180
- COTS (commercial off-the-shelf software), 175
- design
  - detailed phase, 177
  - development, 177–178
  - documentation, 178
  - high-level phase, 176–177
  - maintenance, 178–179
  - testing, 177–178
- safety critical software systems, 180
- security-critical, 180
software development
- continuous deployment, 4
- continuous integration, 4
- microservice architecture, 4
- monolithic applications, 4
SOX (Sarbanes-Oxley Act), 6, 143
Spanner, 8
spiral methodologies, 209–210
SREs (site reliability engineers), 163
SSDs, availability, 55
Stackdriver, 84–85, 152–153
- agent, 59
- alerting
  - conditions, 156
  - false alerts, 156
  - notifications, 156
  - policies, 156
  - reducing, 156
- monitoring
  - dashboards, 154–155
  - metrics, 153
  - time series, 154
- Stackdriver Logging, 5, 156–157
  - Cloud Functions, 78
stakeholder management
- communication plan, 196
- identifying stakeholders, 196
- influences, 194–195
- interests, 194–195, 196
- portfolios, 196
- programs, 195–196
- projects, 195
Standard Network Tier, 57
state
- databases, 82
- in-memory cache, 81
- instances
  - clients and, 80–81
  - volatile, 81–82
- persistent, volatile instances, 81–82
storage
- availability, 54
  - case studies, 56–57
- requirements, 8
- resources, scaling, 60–61
- services, 92
  - Google Cloud Storage, 93–96
subnet masks, VPCs, 117
subnets
- autogenerated, 9
- custom, 9
- VPCs, 114–115
subscriptions, 84
success measures, 42
- KPIs (key performance indicators), 40–41
- ROI (return on investment), 41
successful request rate, 62
systems integration, 33
- Dress4Win, 33
- Mountkirk Games, 33–34
- TerramEarth, 34
systems reliability engineering, 165–167
- cascading failures, 165–166
- incident management, 167
- overload, 162–163
  - quality of service, 164
  - shedding load, 163–164
  - upstream throttling, 164–165
- post-mortem analysis, 167
- testing, 166–167
  - integration tests, 166
  - reliability stress tests, 166–167
  - system tests, 166
  - unit tests, 166
systems tests, 166

T

TCO (total cost of ownership), 28, 42
team skill management, 199
technical debt, 211
technical requirements
- compute requirements, 8
- functional requirements, 7
- network requirements, 9
- nonfunctional requirements, 9–10
- storage requirements, 8
templates, instance templates, 52–53, 72–73
TerramEarth
- business requirements, 16
- data ingest, 16–17
- executive statement, 17
- files, 11
- high availability, 54
- overview, 15
- product strategy, 27–28
- reporting, 117
- solution concept, 15–16
- systems integration, 34
- technical environment, 16
- technical requirements, 16
testing, frameworks
- data-driven, 215
- hybrid testing, 216
- keyword-driven, 216
- model-based, 216
- modularity-driven, 215
- test-driven development, 216
- tools, 216–217
time series, Stackdriver, 154
time-series databases, 32
TLS (Transport Layer Security), 136
topologies
- gated egress, 118
- gated ingress, 118
- gated ingress and egress, 118
- handover egress, 118
- meshed, 118
- mirrored, 118
Translation, 30
troubleshooting, 180
TrueTime service, scalability, 58
trust boundaries, 134
TTL (time to live), 81

U

unit tests, 159, 166
user experience, 26

V

vertical scaling, 58, 212
Viewer role, 131
VMs (virtual machines)
- instance groups, 72–73
- machine types, 71–72
  - highcpu types, 71
  - highmem types, 71
  - megamem, 71
  - standard instances, 71
  - ultramem, 71
  - vCPUs, 71
- preemptible, 3, 31–32, 72
- redundant, 52–53
- scalability, 58
- service accounts, 71–72
- shielded, 72
VPCs (virtual private clouds), 9, 114, 122
- CIDR blocks, 116–117
- Compute Engine and, 114
- firewall rules, 115–116, 123
- GKE (Google Kubernetes Engine), 114
- IP addressing, 116–117
- network migration, 234–235
- network peering, 115
- peering, 9
- shared, 115, 123
- subnet masks, 117
- subnets, 114–115
vTPM (virtual Trusted Platform Module), 72

W–Z

waterfall methodologies, 208–209

Prev Next

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W–Z

Official Google Cloud Certified Professional Cloud Architect Study Guide