The Google Cloud Platform terms of service (GCP: https: //cloud.google.com/terms) clearly state that technical support for customer projects concerns only the client itself. In other words, all service configuration is carried out by the customer, who is responsible for its lifecycle: creation, modification and deletion.
Configuration defines how cloud services work. This configuration is made up of parameter metadata for each service. Parameter changes can be made in a number of ways:
– Graphics Console
– Command line (gcloud CLI)
– REST API: Calls via URL or programming language such as Python
– Infrastructure in Code (IaC) tool: Terraform or Deployment manager
To minimize the risk of change, metadata can be copied individually to make useful backups for lifecycle management and auditing.
- Case of backup
If a parameter is modified in a way that is contrary to expectations, a service can become dysfunctional: through misuse or malicious intent.
In this case, it is essential to maintain a means of returning to nominal operation. The traditional way of going back in time is to restore a copy of the previously saved configuration (backup). For cloud services, it is possible to apply configuration metadata from a backup in order to return to a state prior to the malfunction.
The State-backup tool enables services to be backed up regularly and configurations to be restored on the temporary basis of a backup catalog.
- Audit case
As part of security audits or incident analysis, it is essential to take regular copies of the configuration status of cloud services. Each state must be preserved with its reference date. These time-stamped copies make up the essential analysis material for comparing changes between two or more periods.
The State-backup tool allows you to make regular backups of services and view configurations on the temporary basis of a backup catalog.
Data Perspective’s teams have developed a solution for backing up Google Cloud Platform (GCP) configurations based on the native API.
- Discovering objects
- Periodic automatic backup
- Catalog construction
- Restoration mechanism validation
- Audit at different dates for the same configuration
Take a look at the videos below to see some examples of use and restoration.
Data Perspective remains at your disposal for any further information.
