It's very easy to get up and running with a credit card and kick the tires with a demo app under your personal account. But you don't want that demo to turn into production with poorly implemented security and architecture.
This article is going to discuss at a very high level what the best practices areas of focus should be and ideally link out to published information from Google themselves.
First - Use a Framework
To start, the very first step you should do is get familiar with Google Cloud Architecture Framework. Many suggest doing architecture after other best practices are implemented. However, when you do that you aren't really understanding the cloud and specifically GCP.
If you want these best practices to stick and ideally become a policy or procedure within your enterprise then this is your reasoning behind doing best practices to begin with. This framework covers the following areas.
- Google Cloud system design considerations
- Operational excellence
- Security, privacy, and compliance
- Performance and cost optimization
Second - Use Workspace or Cloud Identity to create an Org
While anyone can create a GCP project without either Workspace or Cloud Identity, what you miss out on when not using one of these is all the security and management constructs for managing your GCP resources. Cloud Identity is free, so there is no reason not to use that at a minimum.
This video covers GCP resource organization and best practices (Cloud Next 19'). This goes hand and hand with your decision of choosing to implement Workspace or Cloud Identity. This is the only way that you will get an Organization that the video talks about and all the benefits that come with it.
This video discusses most of the items in googles documentation for best practices for enterprise organizations which is a must read for this step.
Project ownership and structure can be complex but it doesn't have to be. Have a look at our support article on this topic.
Third - Use a Checklist
Now that you understand the reasons behind why the best practices are what they are it's important to not miss a step in your journey with GCP. An organization of any size should use this checklist. This will walk you through setting up billing, support, logging and all the basics that should be turned on and enabled before that first application is deployed.
Fourth - Use Resource Best Practices
Most GCP resources have best practices of there own and it's important to keep your best practice journey going well after the setup of your org and projects. For example, GCS has a great list of best practices that covers naming conventions, scaling and cost considerations.
As you architect your solution you can save yourself a lot of time by reviewing the best practices for the resources in your architecture. This should also be done in the context of quotas and limits, here is GCS's for example.
It's best to take a step back. If you don't yet fully understand the cloud or GCP have a look at the framework in the first step. If you don't yet have an Org then take a look at the links in the second step. Make sure you don't forget anything by reviewing the checklist and circle back to steps that may have been missed there. Lastly, don't neglect the best practices and quotas of the GCP resources you are planning on using.