Google recently announced some additions to its Google Cloud Platform. The GCP additions are meant to help users better manage, secure, and modernize deployments. Here’s a rundown of the changes to help you make the most of the platform.
GCP additions: Cloud NAT
First, the company announced a beta version of Cloud NAT, a new Network Address Translation service that’s managed by Google. It lets you provision application instances even without public IP addresses and allows them to access the internet for things like updates and patching. This is a major benefit for users that want to run applications in the cloud without making them publicly available.
Firewall Rules Logging
Firewall Rules Logging is another of the new GCP additions. It is a beta feature that lets you audit, verify, and analyze your firewall rules. It gives you visibility into connection attempts that are blocked by those rules and logs any unauthorized connections allowed in an application. Connection records are reported every five seconds, so the logs are updated almost in real time. This lets you actually monitor usage and make sure your rules are being followed.
Managed TLS Certificates
Google is also unveiling managed TLS certificates for HTTPS load balancers. Available in beta, this update makes it easier for you to manage certificate lifecycles since Google handles the provisioning. You no longer have to manually manage the TLS certs for these load balancers.
Load balancing features
For applications running on Google Kubernetes Engine or self-managed Kubernetes in Google Cloud, the company is releasing a new container-native load balancing feature. This capability lets you use a Google abstraction called Network Endpoint Groups to program load balancers with network endpoints that represent the containers and IP and port settings. This allows load balancers to load directly to containers rather than VMs, essentially avoiding those extra steps in the process.
