Gartner Research

How to Implement Policy in Google Cloud Platform for 3 Common Cloud Governance Use Cases

Published: 16 May 2019

ID: G00377616

Analyst(s): Richard Watson

Summary

Enterprises using Google Cloud Platform must implement programmatic controls for enforcing governance policies. The three common cloud governance use cases in this assessment illustrate how infrastructure and operations technical professionals can apply GCP policies.

Table Of Contents

Analysis

  • Requirements for Implementing Programmatic Governance Using Policy
  • Google Cloud Platform Policy Implementation Basics
    • Cloud IAM Policies and Roles
    • The GCP Resource Hierarchy
    • Policy Inheritance Moves Down the Hierarchy
    • Organization Policy Service and Constraints
  • Assessing GCP Implementations for Common Governance Use Cases
    • Use Case No. 1. Identity, Security and Compliance: RBAC (Roles/Accounts/IAM)
    • Use Case No. 2. Cost Management and Resource Optimization
    • Use Case 3: Inventory and Classification
  • Strengths
  • Weaknesses

Guidance

  • Start With a Foundation of GCP Governance Best Practices
    • Use an Organization Resource
    • Map Your Organization and Products Closely to the GCP Resource Hierarchy
    • Implement the Principle of Least Privilege
  • Evaluate Third-Party Cloud Management Platforms and Tools in Certain Scenarios
  • Beware of Beta Services and Keep Informed of New Governance Capabilities

Gartner Recommended Reading

©2019 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client