GCP ARCHITECTURE REVIEW

Define a Clear Path Forward.

Request Demo

CloudWerx will work with your company to conduct technical discovery of new or existing DevOps workloads and facilitate architecture design workshops to define a path forward to run DevOps workloads on Google Cloud. After the workshops are completed, CloudWerx will document design recommendations and provide you with recommended next steps. 

The goal of this project is to create a strategy that is unique to your company and define a clear path forward. We’ll highlight how to implement GCP best practices to benefit the cost, efficiency and security of your current GCP environment as well as any migration of new or existing DevOps workloads to GCP.

2 copy.png

Understand the cost and impact of migrating workloads from their on-prem environment 

3.png

Gain awareness of the process, effort, and timeline required to update and follow GCP best practices 

4.png

Learn about GCP-specific products and applications that can better support corporate growth plan 

5.png

Drive recognition of GCP’s unique value as a cloud partner through an architectural review and assessment

Evolve Overall Strategy to Leverage the Full Power of GCP

Review IAM Permissions

Follow principles of least privileges

 

Review Security Accounts

review the service accounts and usage and its keys

 

Review GKE Configuration

Comprehensively review GKEs configuration including the use the lack of workload identity. Control plane’s communication with worker nodes; private/public cluster

 

Review SSL Certs

Assess how SSL certs are generated

Inspect Load Balancers and it’s related security products

Review the use of Cloud Armor, Cloud CDN, DDOS protection, SQL injection attacks, Cross-sit Scripting

Review CloudSQL for its configuration

Review the DB configuration for security

 

Assess Adequate logging

Logging is necessary to trace and debug the problems. Assess id the required logging is enabled for various components.

 

Review VPCs/subnets

Review the usage of public IPs do compute. Analyze private VPC connection

 

Asses CI/CD pipelines

Review CI/CD’s usage or the lack of it

GCP Review Process

 Perform technical discovery on current environment workloads 

a. Current architecture review/assessment 

b. Software versions and existing tooling 

c. Special requirements or considerations 

d. Long term platform goals

Hold a series of architecture planning and design workshop sessions

Meet and discuss with customer stakeholders to identify business and technical challenges and possible solutions.

 Plan infrastructure requirements for in-scope workload(s)

COPY

Discuss containerization strategy for any applicable workload(s)

COPY

 Identify requirements for automation, management and deployment strategies

We'll provide recommendations on subsequent toolchains.

Deliverables for this engagement include:

1. Up to 3 virtual technical discovery/architecture review planning and design workshop sessions facilitated by CloudWerx 

2. Finalized Technical Design Document, including application and CI/CD pipeline reference architectures, recommended migration options, assessment of risk, and technical feasibility 

3. Google Cloud pricing calculator with cost estimate (if necessary) 

4. CloudWerx recommended next steps 

Link back to Assessment as a part of the 3 steps in our Starter Kit