Skip to main content
Skyhigh Security

GCP Infrastructure Requirements for POP Deployment

To deploy CWPP POP services in Google Cloud Platform (GCP), the following GCP resources are required or provisioned. 

  • Project. A container that holds all the related GCP resources for CWPP. 
  • Service Accounts. Service Accounts are used by an application or a virtual machine (VM) instance to make authorized API calls and access the resources it needs. 
  • Virtual Private Cloud Network Network (VPC). A virtual network dedicated to the account. 
  • Subnet. Subnet within Virtual Network to configure POP infrastructure.  
  • Network Address Translation (NAT) Gateway. GCP service to provide outbound internet connectivity for the subnet in the VPC network.  
  • Availability Zone.  An availability zone is a logical data center in a region available for use.  
  • VM Instances. Virtual server to run the application with the given virtual machine size, username, and authentication type. 
  • Autoscaling. Provides and manages the load-balanced secondary virtual machine instances based on Node parameters. 
  • Internal load balancers. To route incoming traffic across multiple targets. Firewall rules are added.
  • Storage Bucket. Provides object storage (PoPDeployment.tar, RunAzureDeployment.sh) 
  • File Store. File storage account to store logs of POP services present in the virtual machine and auto-scaling groups within and across multiple Availability zones 
  • Was this article helpful?