Cloud resource hierarchy and security controls
1. Cloud resource hierarchy and security controls
Resources in Google Cloud are arranged hierarchically. In the same way a plant species, like a grape tomato plant inherits physical traits from other "parent" tomato species, policies and controls established at the top level are applied down through the hierarchy. In other words, the grape tomato includes all genetic information its ancestor tomatoes had. And it’s important for you to understand that cloud organizational structure hierarchy works the same way, as it relates to policy and compliance. A hierarchy is a system that organizes or ranks things, usually by power or importance. In the cloud, hierarchies help engineers figure out how components are organized inside of their cloud account. They also enable the security team to put policies and controls into place within a business. Hierarchies offer more efficient and consistent management of controls. Let’s take the hierarchy in Google Cloud as an example. Hierarchies in Google Cloud are arranged in organization, folder, and project levels. The top level in the hierarchy is organization. The next level under organization is folders. And the bottom level under folders is projects. Controls applied at higher levels in this structure cascade down. A business should first determine the organization level’s policies. At this level, company-wide controls and policies can be set. These will then cascade down to all folders and all projects under organization. Within the organization, a company may have folders that align with departments like IT, Finance, or HR. There might also be folders for other logical segments like global regions that apply to the business. Policies and controls can be set at folder level and apply to everything inside the folder. Also, each Google Cloud folder will have projects that could contain specific resources, like an application and storage for that application. For example, there might be different projects assigned for development, testing, staging, and production. Each project can then have different rules, permissions, and controls. For example, there might be stricter rules on code deployment for staging and production projects. There’s levels to understanding hierarchy in the cloud. Applying levels will help you create policies and controls at different levels to meet your control objectives. The hierarchy will also enable you to apply controls for different levels and different groups, making security faster and more efficient.2. Let's practice!
Create Your Free Account
or
By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.