# Google Cloud Computing Foundations: Infrastructure in Google Cloud
### Where do I store this stuff?
:::info
**Objectives**
- Explore the different storage options available in Google Cloud.
- Learn to differentiate between structured and unstructured storage in the cloud.
- Examine how you can use Cloud Storage for unstructured data storage.
- Explore the use case for relational versus NoSQL storage options and identify the options available with Google Cloud.
:::
---
---
---
---
**Cloud Storage: Qwik Start - CLI/SDK**
:::success
**Insight**
1. Create a bucket
2. Upload an object into your bucket
3. Download an object from your bucket
4. Copy an object to a folder in the bucket
5. List contents of a bucket or folder
6. List details for an object
7. Make your object publicly accessible
8. Remove public access
:::
* Each bucket has a default storage class, which you can specify when you create your bucket. True
* An access control list (ACL) is a mechanism you can use to define who has access to your buckets and objects. True
* You can stop publicly sharing an object by removing the permission entry that has: allUsers
---
---
---
**Cloud SQL for MySQL: Qwik Start**
:::success
**Insight**
1. Create a Cloud SQL instance
2. Connect to your instance using the mysql client in Cloud Shell
3. Create a database and upload data
:::
Instance ID is used to uniquely identify your instance within the project. False
---
---
---
---
**Quiz**
1. Which storage service is best suited to unstructured data? Cloud Storage
2. Which storage solution is a petabyte scale, NoSQL database? Bigtable
3. You are looking for an unstructured storage solution for archiving files that might never be accessed again. Which Cloud Storage class is the best option? Archive storage
4. Google Cloud offers two managed relational database services. What are they? Cloud SQL, Cloud Spanner
### There’s an API for that!
:::info
**Objectives**
- Explore the purpose and benefit of APIs.
- Compare Cloud Endpoints and Apigee API Management, two different API management tools.
- Examine Pub/Sub, a Google Cloud tool to handle distributed message-oriented architectures at scale.
:::
---
---
---
**Cloud Endpoints: Qwik Start**
:::success
**Insight**
1. Getting the sample code
2. Deploying the Endpoints configuration
3. Deploying the API backend
4. Sending requests to the API
5. Tracking API activity
6. Add a quota to the API
:::
---
---
---
**Google Cloud Pub/Sub: Qwik Start - Python**
:::success
**Insight**
1. Create a virtual environment
2. Install the client library
3. Pub/Sub - the Basics
4. Create a topic
5. Create a subscription
6. Publish messages
7. View messages
:::
* Google Cloud Pub/Sub service allows applications to exchange messages reliably, quickly, and asynchronously. True
* A "topic" is a shared string that allows applications to connect with one another.
---
**Quiz**
1. What does API stand for? Application Programming Interface
2. Which platform for developing and managing API proxies has a specific focus on business problems, like rate limiting, quotas, and analytics? Apigee API Management
3. Which API management system supports applications running in App Engine, Google Kubernetes Engine, and Compute Engine? Cloud Endpoints
4. Which statement about Pub/Sub is true? Pub/Sub’s APIs are open.
### You can’t secure the cloud, right?
:::info
**Objectives**
- Outline how security is administered in Google Cloud, including the shared security model.
- Explore the different encryption options with Google Cloud.
- Identify best practices when you configure authentication and authorization with Identity and Access Management (IAM).
:::
---
---
---
---
---
**User Authentication: Identity-Aware Proxy**
:::success
**Insight**
1. Deploy the application and protect it with IAP
2. Access user identity information
3. Use Cryptographic Verification
:::
---
---
**Cloud IAM: Qwik Start**
:::success
**Insight**
1. The IAM console and project level roles
2. The IAM console and project level roles
3. Explore editor roles
4. Prepare a resource for access testing
5. Remove project access
6. Add Storage permissions
7. Verify access
:::
---
**Quiz**
1. When a customer moves an application to Google Cloud, which one of the following does the customer remain responsible for? Data security
2. Which IAM role is the most broad in scope? Basic
3. At which level of Google Cloud’s infrastructure security will you find intrusion detection? The operational security level
4. With which encryption option does a customer encrypt data before sending it to Google Cloud? Client-side encryption
Sign in with Wallet
Connect another wallet