GCP Omniverse Architect

Global Context

Sets the Project ID and Region for all resources.

Resource Hierarchy

Folders allow you to apply policies (e.g., No Public IPs) to groups of projects.

FinOps

Set budget alerts to prevent unexpected costs.

Compute Engine

Virtual Machines. Use Service Accounts for identity and OS Config for patching.

OS Config Patching

Kubernetes Engine

Managed K8s. Autopilot is recommended for reduced ops overhead.

Autopilot Mode Private Cluster

Anthos Multi-Cloud

Manage clusters on AWS/Azure via GCP.

Cloud Run

Serverless containers. Scale to zero.

Publicly Accessible

Cloud Functions V2

Event-driven snippets. Now built on Cloud Run.

App Engine

Legacy PaaS for monolithic apps.

VMware Engine

Lift and shift vSphere workloads without refactoring.

Sole Tenant Nodes

Dedicated hardware for compliance/licensing.

Blockchain Engine

Managed Ethereum nodes.

VPC Network

Global software defined network.

Hybrid Connectivity

HA VPN or Interconnect for on-prem links.

Load Balancing

Global HTTP(S) Load Balancer.

Cloud DNS

Managed Zones and Hybrid Forwarding.

Cloud NAT

Outbound internet for private servers.

Network Connectivity Center

Hub and Spoke management for WANs.

Private Service Connect

Access Google APIs privately via IP.

API Management

Apigee (Enterprise) or API Gateway (Serverless).

Connectivity Test

Static analysis of network reachability.

Cloud Storage

Object storage. Enforce Uniform Access.

Cloud SQL / AlloyDB

Managed Postgres/MySQL.

Spanner

Global, horizontally scalable relational DB.

NoSQL

Firestore (Documents) or Bigtable (Wide-column).

Caching

Redis Memorystore or Cloud Memcache.

NetApp Volumes

Enterprise file storage (SMB/NFS).

BigQuery

Serverless Data Warehouse.

Dataplex

Data Mesh Governance.

Dataflow

Apache Beam pipelines.

Cloud Composer

Managed Airflow.

Pub/Sub

Messaging middleware. Lite is for high throughput.

Looker

Managed BI Instance.

Dataform

SQL Pipelines as Code.

Database Migration

Lift and shift SQL DBs.

Vertex AI

Notebooks and TPU nodes.

Vertex Search

GenAI Search & Chat Apps.

Feature Store

ML Feature Management.

IAM & WIF

Service Accounts & Federation.

KMS

Encryption Keys.

VPC Service Controls

Data Exfiltration Perimeter.

Cloud Armor

WAF & DDoS Protection.

Cloud IDS

Intrusion Detection Endpoint.

Cert Manager

Managed SSL Certificates.

Access Context

Zero Trust Access Levels.

Cloud Identity

Manage Google Groups via Code.

CI/CD

Cloud Build Triggers & Deploy Pipelines.

Monitoring

Uptime Checks and SLOs.

Tasks & Scheduler

Async Queues and Cron Jobs.

Backup

GKE Backup Plans & Snapshot Policies.

Storage Transfer

Migrate data from S3/Azure to GCS.

Workstations

Remote Development Environments.