Infrastructure and Security Lifecycle Management on Google Cloud
Webinar: Scaling Infrastructure on Google Cloud Next
Guide: Terraform continuous validation use cases for Google Cloud
Google Cloud Ready — Distributed Cloud Program
Infrastructure Lifecycle Management on Google Cloud
Build, deploy, and manage your infrastructure lifecycle the right way by enforcing policies, boosting productivity, sharpening visibility, and removing unneeded resources on Google Cloud.
Build. Establish a strong foundation for Infrastructure Lifecycle Management with a consistent approach to building your environments.
The continuous validation feature in Terraform Cloud allows users to validate the health of their infrastructure beyond the initial provisioning. This guide provides multiple use cases of how to use Terraform check blocks and continuous validation with Google Cloud.
Deploy. Provision the infrastructure needed to deploy an application — then schedule and make it happen.
Terraform Cloud's dynamic provider credentials let you establish a trust relationship between Terraform Cloud and Google Cloud. To get started, learn how to configure dynamic credentials with the Google Cloud provider.
Manage. Provide a system of record for all infrastructure, images, workloads, and applications in one platform for visibility and management
Google Cloud Infrastructure Manager automates the deployment and management of Google Cloud infrastructure resources using Terraform. Google Cloud Infrastructure Manager helps you to get started on Google Cloud with IaC and Terraform. As you adopt Google Cloud and set the foundations of your infrastructure (see Terraform on Google Cloud maturity model), Infrastructure Manager will provide the capabilities to support your needs and the flexibility to manage your Google Cloud resources at scale.
Security Lifecycle Management on Google Cloud
As your cloud use grows, so does your attack surface. Protect, inspect, and connect the sensitive elements across your cloud infrastructure to reduce credential exposure, enforce least-privileged access, and stop secret sprawl on Google Cloud.
Protect. Guard sensitive data across all environments with a central system of record to reduce the risk of credential exposure.
Terraform Cloud's dynamic provider credentials let you establish a trust relationship between Terraform Cloud and Google Cloud. They limit the blast radius of compromised credentials by using unique, short-lived credentials for each Terraform run. Dynamic provider credentials also allow you to scope fine-grained control over the resources that each of your Terraform Cloud projects and workspaces can manage.
Inspect. Continuously scan your environment for unsecured sensitive data and keep tabs on privileged access.
Secrets sync is a feature in HashiCorp Vault that facilitates centralized management, governance, and control of secrets for multiple external secret managers. Secrets sync lets users manage multiple external secrets managers, including Google Cloud Secrets Manager.
Connect. Enforce least-privileged access based on trusted identities without exposing your network.
HashiCorp Consul is how teams automate networking across Google Cloud runtimes. Consul's integration with Google Cloud Apigee allows operators to offload service-to-service authorization to external tools and platforms. This allows more options to authorize traffic based on more conditions like allow/deny based on business hours.