Security and IAM resources

Last reviewed 2024-06-10 UTC

The Architecture Center provides content resources across a wide variety of security and identity and access management (IAM) subjects.

Get started

If you are new to Google Cloud or new to designing for security and IAM on Google Cloud, begin with these resources:

Security and IAM resources in the Architecture Center

You can filter the following list of security and IAM resources by typing a product name or a phrase that's in the resource title or description.

Automate malware scanning for files uploaded to Cloud Storage

Best practices for mitigating compromised OAuth tokens for Google Cloud CLI

Best practices for operating containers

Best practices for protecting against cryptocurrency mining attacks

Best practices for securing your applications and APIs using Apigee

Build and deploy generative AI and machine learning models in an enterprise

Build hybrid and multicloud architectures using Google Cloud

Building internet connectivity for private VMs

C3 AI architecture on Google Cloud

Centralized network appliances on Google Cloud

Configure networks for FedRAMP and DoD in Google Cloud

Configuring SaaS data protection for Google Workspace data with Spin.AI

Controls to restrict access to individually approved APIs

Data management with Cohesity Helios and Google Cloud

De-identification and re-identification of PII in large-scale datasets using Sensitive Data Protection

Decide the network design for your Google Cloud landing zone

Deploy a secured serverless architecture using Cloud Functions

Deploy a secured serverless architecture using Cloud Run

Deploy an enterprise developer platform on Google Cloud

Deploy network monitoring and telemetry capabilities in Google Cloud

Design secure deployment pipelines

Designing networks for migrating enterprise workloads: Architectural approaches

Disaster recovery planning guide

Enterprise foundations blueprint

FortiGate architecture in Google Cloud

Google Cloud FedRAMP implementation guide

Hybrid and multicloud architecture patterns

Identify and prioritize security risks with Wiz Security Graph and Google Cloud

Implement your Google Cloud landing zone network design

Implementing Binary Authorization using Cloud Build and GKE

Import data from an external network into a secured BigQuery data warehouse

Import data from Google Cloud into a secured BigQuery data warehouse

Landing zone design in Google Cloud

Limiting scope of compliance for PCI environments in Google Cloud

Manage just-in-time privileged access to projects

Migrate to Google Cloud

Mitigating ransomware attacks using Google Cloud

Overview of identity and access management

OWASP Top 10 2021 mitigation options on Google Cloud

PCI Data Security Standard compliance

PCI DSS compliance on GKE

Performing a PITR of a PostgreSQL database on Compute Engine

Scenarios for exporting Cloud Logging: Compliance requirements

Secure virtual private cloud networks with the Palo Alto VM-Series NGFW

Security blueprint: PCI on GKE

Security log analytics in Google Cloud

Set up an embedded finance solution using Google Cloud and Cloudentity

Transferring data from Amazon S3 to Cloud Storage using VPC Service Controls and Storage Transfer Service

Use Google Cloud Armor, load balancing, and Cloud CDN to deploy programmable global front ends

Using Microsoft SQL Server backups for point-in-time recovery on Compute Engine