Introduction to Google Cloud¶
I will always have a soft spot for AWS as my preferred cloud provider. A few weeks ago I was asked to develop a solution on Google Cloud, and while at first I had my reservations, it didn't take long for me to start liking it.
What, what??¶
No don't worry - I'm not ditching aws just yet. In my role as a security consultant, I regularly need to find the best solution for my clients. I believe that some of the cloud providers are better at some things than others.
The use case¶
You may recall my last blog post about automated security reporting. As part of this solution, I develop solutions to extract data from various data sources. The solution runs as a docker container.
Docker is a tool that makes it easy to create, deploy, and run applications in containers. Containers bundle everything an application needs to run, including code and dependencies, into a single package. This ensures that the application works the same way on any system. Docker helps developers and teams work more efficiently by providing a consistent environment for applications, making it simpler to develop, test, and deploy software.
The solution runs a scheduled docker image daily. The image is initiated with several environment variables, and several secret credentials, that allow it to extract data, and store it in a designated data source.
Amazon Web Services¶
The AWS container service is Fargate. Building this on aws requires the following.
- Create an ECR Repository to store the image
- Create a Fargate Cluster
- Create a Fargate Task
- Create SSM Parameter Stores to store credentials
- Create a scheduled Event Bridge event
- Create the IAM roles to allow access to the various services.
For my solution, the AWS pricing estimator for a 2vCPU / 4GB instance running 1000 executions a month for 2 minutes in the Sydney region, is estimated to cost around $57 USD per month.
Google Cloud¶
To set up the same solution on GCP, we will use the Cloud Run service.
- Create the secrets in Secrets Manager
- Create an Artifact to store the images
- Create a Cloud Run Job, scheduled to run once a day.
The Google cost estimator calculates the same cost to around $7 per month.
How does it stack up?¶
Category | AWS | GCP |
---|---|---|
Ease of setup | ❌More difficult on AWS, but can be automated with Cloudformation. | ✅ Very easy to Clickops it on GCP |
Cost | ❌ $57 | ✅ $7 |
In summary¶
I was really impressed with how easy it was to configure Google Cloud, and how cheap it was compared to AWS. With no knowledge of GCP, I found the interface easy to use, and very intuitive. This is not a criticism of AWS, merely an observation of how AWS is like a box of Lego that has multiple components, and allows you to build anything you can imagine, whereas GCP is a tool more focused on solving real-world problems without the added complexity of having to tie multiple services together with Lambda functions. Watch this space... I will be sharing more about my experience with GCP in future blog posts.