Category Google
IAM Signblob and Service Accounts A Google Cloud Service Account contains an RSA key pair. When Google Cloud creates a service account an RSA key pair managed by Google Cloud is created. When you create a service account key, another… Continue Reading →
Application Default Credentials This article will cover Google Cloud Application Default Credentials (ADC) and how to create credentials using various methods in PHP. I wrote another article on ADC that includes Python examples. This article is more technical and includes… Continue Reading →
Introduction Once you have an SSL certificate configured, the next step is to redirect unencrypted traffic. There are several methods of doing this. Within your application (Laravel), by the web server (Apache or Nginx) or by the frontend (load balancer)…. Continue Reading →
Introduction I am currently preparing to recertify for the Google Professional Cloud Security Engineer Certification. I previously scheduled the HashiCorp Certified: Terraform Associate on March 29, 2021 at 3 PM. Maybe I will take both exams on the same day…. Continue Reading →
Introduction A common practice in Google Cloud is to create one or more service accounts to authorize the Google Cloud CLI. Using service accounts is recommended by Google instead of user accounts. However, a service account JSON or P12 file… Continue Reading →
Introduction This article shows how to impersonate a service account from user account credentials. To understand how to set up everything, read the companion article: Google Cloud – Improving Security with Impersonation Save the following PowerShell script as a file… Continue Reading →
Introduction One of the more frequent problems on Stackoverflow is Compute Engine SSH. This article will dive into how SSH is configured on Compute Engine and how to connect using various SSH tools. I will also cover how to create… Continue Reading →
Date created: March 10, 2018 Last updated: September 12, 2019 Google Stackdriver is a very good product for monitoring and logging your compute instances on Google Cloud, AWS, Azure, Alibaba, etc. This article covers Stackdriver logging for Google Compute instances… Continue Reading →
Date created: March 1, 2019 Last updated: March 3, 2019 Note: This article is evolving as I document my deep dive. Contents: Introduction March 1, 2019 – Day #1 – Basics and FAQ March 2, 2019 – Day #2 – Auditing, Alerting & Stackdriver… Continue Reading →
Date created: February 27, 2019 Last updated: March 2, 2019 Introduction This month I completed two beta Google certification exams (Security, Network) with another exam scheduled for March 11th. In preparing for these exams I realized that it is important… Continue Reading →
Date created: February 10, 2019 Last updated: March 13, 2019 Update: March 13, 2019. I passed this certification. Update: February 21, 2019. Bad news. My work schedule has been so long each day that I have not been able to… Continue Reading →
Google Cloud IAM supports several member types that can be authorized to access Google Cloud resources. The following member types can be added to Google Cloud IAM to authorize access to your Google Cloud Platform services. Google IAM Member Types:… Continue Reading →
Introduction You have a Debian instance running in Google Cloud Compute Engine. You connect to this instance via SSH. One day you decide to enable the UFW firewall and your SSH connection drops. You cannot reconnect. Problem Enabling the UFW firewall… Continue Reading →
Application Default Credentials Google Cloud Application Default Credentials (ADC) are not credentials. ADC is a strategy to locate Google Cloud Service Account credentials. Environment: If the environment variable GOOGLE_APPLICATION_CREDENTIALS is set, ADC will use the filename that the value contains for… Continue Reading →
In Google Cloud I often use Debian 9 Stretch for my test instances. Today I was wondering if this OS automatically resizes the root file system if I resize the VM instance disk. I also want to see if this… Continue Reading →