This series of articles explains how you can design Google Cloud Platform (GCP) policies for a variety of customer use cases. GCP has something for every customer, whether you represent a small company where people wear many hats or a large enterprise where roles are clearly defined. Whatever your business, you need a policy baseline for implementing the GCP environment.
To get started, your business must consider the following issues and make answering them an official policy:
- Identity management: How do you manage the different users who have access to your systems? Where do you manage the master copy of this user data?
- Organizational mapping: How can you map your organization structure to GCP?
- Billing: What controls do you place on billing? How do you monitor and understand spending?
- Network configuration: Does your network separate and prevent traffic between areas that need to be separated?
- Security controls: Do you implement controls in a way that can be expressed using GCP policies?
This series looks at typical customer use cases: Enterprise, Startup, and Education and Training. Using a hypothetical customer, each article explains how to design GCP policies that meet the requirements of a reference organization policy.
Enterprise customers have complex organizational structures and mature policies often developed over many years. Typically, they have many users to consider and manage.
Startup customers typically have simpler policy requirements, and need to be able to move quickly. However, they still need to ensure that appropriate safeguards are in place, particularly around protection of intellectual property.
Education and training customers need to be able to automatically create and destroy safe and sandboxed student environments.
To learn how to implement many of the concepts that are discussed in these articles, see the accompanying tutorial.