Taicheng's Profile

The Quotas & System Limits page displays a table with configurable columns. The Service and Quota columns provide general information about which quota is being described. For example, the Service might be Cloud Logging API and the Quota might be Log ingestion requests per minute. The Quota field also describes how the quota is evaluated. Rate quotas are evaluated per minute, per 100 seconds, or per day. Quotas without any…

Let’s see how Google Cloud provides capabilities across the various layers of security. Infrastructure Security Google’s stack builds security through progressive layers that deliver true defense in depth at scale. Google’s hardware infrastructure is custom-designed “from chip to chiller” to precisely meet specific requirements. Its software and OS are stripped-down, hardened versions of Linux. Titan…

Security Command Center is a native security and risk management platform for Google Cloud. Security Command Center continuously monitors your Google Cloud environment, allowing you to:

Service accounts are a special type of account used by applications and services. Nonhuman access to Google Cloud APIs and services is usually done through service accounts.

The service projects do not have any network, and therefore they rely on the shared VPC configured in the host project to get IP addresses.

Google API Gateway is a managed service that is intended to allow you to expose your APIs to the internet. It is a fully managed service that handles the scaling and load balancing of your APIs. It also provides several features such as authentication, rate limiting, and monitoring.

When using Cloud IAM, you should map IAM policies to functional identities using groups:

IAM policies can also be bound to conditions based on resource and request attributes. This allows for the following use cases:

Setting up Cloud Identity is a prerequisite to onboarding your organization onto Google Cloud. Here’s how it works:

Cloud DLP offers several deidentification techniques that can help obscure sensitive information while preserving some utility: