Google Cloud Platform

Optimize your Google Cloud environment with new AI-based recommenders

GCP_security.jpg

You want your Google Cloud environment to be as unique as your organization, configured for optimal security, cost and efficiency. We are excited to offer new recommenders for Google Cloud Platform (GCP) in beta, which automatically suggest ways to make your cloud deployment more secure and cost-effective, with maximum performance.

Now in beta, the recommender family includes the Identity and Access Management (IAM) Recommender and the Compute Engine Rightsizing Recommender, with more to come. 

With IAM Recommender, you can automatically detect overly permissive access policies and receive suggested adjustments to them based on the access patterns of similar users in your organization.

The Compute Engine Rightsizing Recommender helps you choose the optimal virtual machine size for your workload. You can use this recommender to help avoid provisioning machines that are too small or too large. 

How recommenders work

Our recommenders use analytics and machine learning to automatically analyze your usage patterns and to determine if your Google Cloud resources and policies are optimally configured. For example, the Compute Engine Rightsizing Recommender analyzes CPU and memory utilization over the previous eight days to identify the optimal machine type for the workload.

IAM recommendations are generated by analyzing the IAM permissions for each customer individually to create an overall model to recommend more secure IAM policies. The recommendations are custom tailored to your environment. For example, if a set of permissions hasn’t been used in 90 days, the IAM Recommender may recommend that you apply a less permissive role. 

Access recommendations today

You can check out your IAM recommendations today by visiting the IAM page in the Cloud Console and view the policy bindings which can be optimized. You can learn more about how to access the IAM Recommender through the API by looking at the IAM Recommender documentation.

The Compute Engine Rightsizing Recommender is available within the Compute Engine page in the Cloud Console and you can see which VMs can be optimized. Most notably with this beta you will be able to access recommendations programmatically through an API. To  learn more, take a look at the VM Rightsizing Recommender documentation.

You can opt-out of these recommendations by going to the Recommendation section in the Security & Privacy navigation panel from the Cloud Console.