2 posts tagged with "gcp"

While both Google Cloud Platform (GCP) and Amazon Web Services (AWS) Identity and Access Management (IAM) systems share the same goal-controlling who can do what on which resources-they are built on fundamentally different architectural philosophies.

Understanding these differences is crucial for multi-cloud engineers, as applying AWS logic to GCP (or vice versa) often leads to security gaps or unmanageable complexity.

Centralized Authorization on GCP: Casbin, Envoy, and API Gateway​

Implementing authorization within a web application, especially in a microservices environment, can quickly lead to duplicated or inconsistent security logic. By leveraging the External Authorization Pattern using Envoy Proxy and Casbin, you can decouple security checks from your Flask application, making your architecture cleaner, more secure, and scalable.

This strategy is particularly effective on Google Cloud Platform (GCP) when using services like API Gateway or Cloud Endpoints as the entry point, and Firestore as the persistent policy backend.