GCP ARCHITECTURE REVIEW
Define a Clear Path Forward.
CloudWerx will work with your company to conduct technical discovery of new or existing DevOps workloads and facilitate architecture design workshops to define a path forward to run DevOps workloads on Google Cloud. After the workshops are completed, CloudWerx will document design recommendations and provide you with recommended next steps.
The goal of this project is to create a strategy that is unique to your company and define a clear path forward. We’ll highlight how to implement GCP best practices to benefit the cost, efficiency and security of your current GCP environment as well as any migration of new or existing DevOps workloads to GCP.
Understand the cost and impact of migrating workloads from their on-prem environment
Gain awareness of the process, effort, and timeline required to update and follow GCP best practices
Learn about GCP-specific products and applications that can better support corporate growth plan
Drive recognition of GCP’s unique value as a cloud partner through an architectural review and assessment
Evolve Overall Strategy to Leverage the Full Power of GCP
Review IAM Permissions
Follow principles of least privileges
Review Security Accounts
review the service accounts and usage and its keys
Review GKE Configuration
Comprehensively review GKEs configuration including the use the lack of workload identity. Control plane’s communication with worker nodes; private/public cluster
Review SSL Certs
Assess how SSL certs are generated
Inspect Load Balancers and it’s related security products
Review the use of Cloud Armor, Cloud CDN, DDOS protection, SQL injection attacks, Cross-sit Scripting
Review CloudSQL for its configuration
Review the DB configuration for security
Assess Adequate logging
Logging is necessary to trace and debug the problems. Assess id the required logging is enabled for various components.
Review the usage of public IPs do compute. Analyze private VPC connection
Asses CI/CD pipelines
Review CI/CD’s usage or the lack of it
GCP Review Process
Perform technical discovery on current environment workloads
a. Current architecture review/assessment
b. Software versions and existing tooling
c. Special requirements or considerations
d. Long term platform goals
Hold a series of architecture planning and design workshop sessions
Meet and discuss with customer stakeholders to identify business and technical challenges and possible solutions.
Plan infrastructure requirements for in-scope workload(s)
Discuss containerization strategy for any applicable workload(s)
Identify requirements for automation, management and deployment strategies
We'll provide recommendations on subsequent toolchains.
Deliverables for this engagement include:
1. Up to 3 virtual technical discovery/architecture review planning and design workshop sessions facilitated by CloudWerx
2. Finalized Technical Design Document, including application and CI/CD pipeline reference architectures, recommended migration options, assessment of risk, and technical feasibility
3. Google Cloud pricing calculator with cost estimate (if necessary)
4. CloudWerx recommended next steps
Link back to Assessment as a part of the 3 steps in our Starter Kit