Professional Cloud Developer

Professional Cloud Developer

Intermediate

Gauge your current knowledge

Practice test preview
Track Readiness
Set Exam Goal

Designing secure applications

Designing highly scalable, secure, and reliable cloud-native applications
...

Study Guides for Sub-Sections

Authenticating to Google Cloud services (e.g., Application Default Credentials, JSON Web Token [JWT], OAuth 2.0, Cloud SQL Auth Proxy, AlloyDB Auth Proxy, Identity Platform, WIF)

The Cloud SQL Auth Proxy and AlloyDB Auth Proxy are essential tools for establishing secure, encrypted connections to managed databases. These proxies cre...

Securing cloud resources using Identity and Access Management (IAM) roles for service accounts

Service accounts are a special type of non-human identity used by applications and workloads to access Google Cloud resources. These accounts function as both prin...

Incorporating secure service-to-service communications (e.g., Cloud Service Mesh, Kubernetes Network Policies, Direct VPC egress, private service connectivity)

Private Connectivity is essential for building secure cloud applications that do not rely on the public internet. By using private access options, developers can ensure th...

Running services with least privileged access

Service accounts are special identities used by applications and workloads instead of people. To build secure applications, developers must follow the principle of least privil...

Securing application artifacts using Binary Authorization

Binary Authorization is a security service in Google Cloud that provides deploy-time enforcement for containerized environments like GKE and Cloud Run. It works by using a...

Implementing data retention and organization policies (e.g., Cloud Storage Object Lifecycle Management, Cloud Storage use and lock retention policies)

Data retention is the process of keeping information for a set amount of time to meet business or legal needs. In Google Cloud, retention policies help ensure that data is...

Responding to and resolving vulnerabilities, including those identified by Artifact Analysis and Security Command Center

Automation in cloud security is a vital way to manage complex systems and keep them safe. By creating automated CI/CD pipelines, developers can remove human mistak...

Storing, accessing, and rotating application secrets, credentials, and encryption keys (e.g., Secret Manager, Cloud Key Management Service, Workload Identity Federation)

Secret Management is the process of safely storing and handling sensitive data like passwords, API keys, and certificates. In a cloud environment, it is essential to p...

Using security mechanisms that identify vulnerabilities and protect services and resources (e.g., Identity-Aware Proxy [IAP], Web Security Scanner)

The Web Security Scanner is a specialized tool designed to identify security risks in public-facing web applications. It specifically supports environments like App Engine...