GCP Infrastructure Requirements for POP Deployment
To deploy CWPP POP services in Google Cloud Platform (GCP), the following GCP resources are required or provisioned.
- Project. A container that holds all the related GCP resources for CWPP.
- Service Accounts. Service Accounts are used by an application or a virtual machine (VM) instance to make authorized API calls and access the resources it needs.
- Virtual Private Cloud Network Network (VPC). A virtual network dedicated to the account.
- Subnet. Subnet within Virtual Network to configure POP infrastructure.
- Network Address Translation (NAT) Gateway. GCP service to provide outbound internet connectivity for the subnet in the VPC network.
- Availability Zone. An availability zone is a logical data center in a region available for use.
- VM Instances. Virtual server to run the application with the given virtual machine size, username, and authentication type.
- Autoscaling. Provides and manages the load-balanced secondary virtual machine instances based on Node parameters.
- Internal load balancers. To route incoming traffic across multiple targets. Firewall rules are added.
- Storage Bucket. Provides object storage (PoPDeployment.tar, RunAzureDeployment.sh)
- File Store. File storage account to store logs of POP services present in the virtual machine and auto-scaling groups within and across multiple Availability zones