Skip to content
This repository was archived by the owner on May 7, 2025. It is now read-only.

Commit 4e8cd7b

Browse files
author
Mathieu Benoit
committed
update agenda page
1 parent 76ebe20 commit 4e8cd7b

File tree

1 file changed

+26
-7
lines changed

1 file changed

+26
-7
lines changed

content/overview/agenda.md

Lines changed: 26 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,26 +7,32 @@ tags: ["apps-operator", "org-admin", "platform-admin"]
77
1. As Org Admin, create a Host project
88
1. As Org Admin, create a Config Controller instance
99
1. As Org Admin, set up Host project's Git repo
10+
1. As Org Admin, enforce policies for tenant projects
1011
1. Tenant project
1112
1. As Org Admin, set up the Tenant project
1213
1. As Org Admin, set up the Tenant project's Git repo
14+
1. As Org Admin, enforce policies for Google Cloud resources
1315
1. Networking
1416
1. As Org Admin, allow Networking for Tenant project
1517
1. As Platform Admin, set up Network in Tenant project
1618
1. GKE cluster
1719
1. As Org Admin, allow GKE for Tenant project
20+
1. As Org Admin, enforce policies for GKE cluster resources
1821
1. As Platform Admin, create GKE cluster in Tenant project
19-
1. As Org Admin, allow GKE Hub for Tenant project
22+
1. As Org Admin, allow Fleet for Tenant project
2023
1. As Platform Admin, set up GKE configs's Git repo in Tenant project
24+
1. As Platform Admin, set up Config Sync monitoring
2125
1. As Platform Admin, set up `NetworkPolicy` logging in GKE cluster
26+
1. As Platform Admin, enforce policies for `NetworkPolicies`
2227
1. Artifact Registry
2328
1. As Org Admin, allow Artifact Registry for Tenant project
2429
1. As Platform Admin, create Artifact Registry in Tenant project and allow GKE cluster to pull containers
25-
1. As Platform Admin, enforce Artifact Registry policies (allowed container registries)
30+
1. As Platform Admin, enforce policies for Artifact Registry (allowed container registries)
2631
1. Service Mesh
2732
1. As Org Admin, allow ASM for Tenant project
2833
1. As Platform Admin, install Managed ASM in GKE cluster
2934
1. As Platform Admin, set up ASM configs in GKE cluster
35+
1. As Platform Admin, enforce policies for ASM
3036
1. Ingress Gateway
3137
1. As Platform Admin, create the Public static IP address for the Ingress Gateway
3238
1. As Org Admin, allow Cloud Armor for Tenant project
@@ -35,16 +41,29 @@ tags: ["apps-operator", "org-admin", "platform-admin"]
3541
1. As Platform Admin, deploy `NetworkPolicies` for the Ingress Gateway namespace in GKE cluster
3642
1. As Platform Admin, deploy `AuthorizationPolicies` for the Ingress Gateway namespace in GKE cluster
3743
1. Whereami app
44+
1. As Platform Admin, set up DNS for the Whereami app
3845
1. As Platform Admin, set up the Whereami app's Git repo in GKE cluster
46+
1. As Apps Operator, copy Whereami container in private Artifact Registry
3947
1. As Apps Operator, deploy the Whereami app
40-
1. As Apps Operator, deploy `NetworkPolicies` for the Whereami namespace in GKE cluster
4148
1. As Apps Operator, deploy `Sidecars` for the Whereami namespace in GKE cluster
49+
1. As Apps Operator, deploy `NetworkPolicies` for the Whereami namespace in GKE cluster
4250
1. As Apps Operator, deploy `AuthorizationPolicies` for the Whereami namespace in GKE cluster
4351
1. Online Boutique apps
52+
1. As Platform Admin, set up DNS for the Online Boutique app
4453
1. As Platform Admin, set up the Online Boutique apps's Git repo in GKE cluster
54+
1. As Apps Operator, copy Online Boutique containers in private Artifact Registry
4555
1. As Apps Operator, deploy the Online Boutique apps
46-
1. As Org Admin, allow Memorystore (redis) for Tenant project
47-
1. As Platform Admin, create Memorystore (redis) in Tenant project
48-
1. As Apps Operator, deploy `NetworkPolicies` for the Online Boutique namespace in GKE cluster
4956
1. As Apps Operator, deploy `Sidecars` for the Online Boutique namespace in GKE cluster
50-
1. As Apps Operator, deploy `AuthorizationPolicies` for the Online Boutique namespace in GKE cluster
57+
1. As Apps Operator, deploy `NetworkPolicies` for the Online Boutique namespace in GKE cluster
58+
1. As Apps Operator, deploy `AuthorizationPolicies` for the Online Boutique namespace in GKE cluster
59+
1. As Org Admin, allow Memorystore (redis) for Tenant project
60+
1. As Org Admin, enforce policies for Memorystore (redis) resources
61+
1. As Platform Admin, create Memorystore (redis) instances with and without TLS in Tenant project
62+
1. As Apps Operator, configure Online Boutique apps to use Memorystore (redis) instance
63+
1. As Apps Operator, secure Online Boutique apps to access Memorystore (redis) instance via TLS
64+
1. Monitoring & Audit
65+
1. As Platform Admin, verify ASM versions
66+
1. As Apps Operator, monitor apps security
67+
1. As Apps Operator, monitor apps health
68+
1. As Apps Operator, trace apps
69+
1. As Apps Operator, monitor Cloud Armor (WAF) rules

0 commit comments

Comments
 (0)