**[[https://cloud.google.com/free/docs/aws-azure-gcp-service-comparison]]**
\\
 
  * VPC peering
  * Service Perimeter
  * Cloud Router (~ vpc)
  * Cloud Storage (~ S3)
  * Compute Engine (~ ec2 )
  * Cloud interconnect (~ direct connect )
  * Persistent disk (Block storage service)
  * Local SSD : (Ephemeral locally attached block storage)
  * Firebase Hosting 

Compute Engine:\\

For ssh access, best thing is to enable '''OS Login'', check this [[https://cloud.google.com/compute/docs/instances/managing-instance-access#configure_users|link]]
  * Best is to use linux from a 'public' image. They have the 'guest environment preinstalled.
  * IAM-Admin > Manage resources . Select your project, add member, role 'Owner'. Or we can be more restrictive and add this [[https://cloud.google.com/compute/docs/instances/managing-instance-access#configure_users|roles]] by doing 'add role' and click in 'manage roles'
  * [[https://cloud.google.com/compute/docs/instances/managing-instance-access#add_oslogin_keys|Adding-ssh-keys]] : do it via the cloud shell (top right, command prompt symbol). The command is below (use double quotes to enclose the PubKey):

  gcloud config set project <your-project-name>
  gcloud compute os-login ssh-keys add --key='AAAsdfA..'

Shared VPC: 
  * We can have interconnects in different regions. GCP advertises prefixes via interconnects in different regions. So, if we lose all interconnects in one region, we, as a user can access gcp prefixes in that region via interconnects in other sides of the world.


----


TERRAFORM:\\
[[https://github.com/jotasantos/pubcloud/tree/main/gcp/tf_gcp]]\\
First install gcp sdk:
  cd your-project
  python3 -m venv env
  source env/bin/activate
  tar -xf google-cloud-sdk-352.0.0-linux-x86_64.tar.gz 
  ./google-cloud-sdk/install.sh    # exit the shell so the .bashrc changes take effect.
  deactivate
\\
Now authenticate your project and it will generate a json file that will be used in the tf provider:
  gcloud auth application-default login --project <my-project-id-not-name>
\\
Now we define the provider.tf (+ terraform init, terraform plan)
  provider "google" {
  credentials = "/home/myuser/.config/gcloud/application_default_credentials.json"
  project = "my-project-id-not-name"
  region = "us-east1"
  }