Architecture documentation

[obriensystems]

staging on wiki https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki/Architecture https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/wiki/Asset-Inventory

production and development on root readme

Detail 3 phases

• preparation project
• bootstrap phase
• org/environment/networks/projects phases

Microsegmentation

There are two classifications in the LZ - restricted and base. There are three environments - development, non-production, production.

High Level Diagram - Default

High Level Diagram - Development environment only

High Level Diagram - All dev/nonprod/prod environments

Low Level Diagram - Default

serviceusage.Service,559
compute.Route,141
iam.ServiceAccount,108
logging.LogSink,78
logging.LogBucket,75
cloudbilling.ProjectBillingInfo,51
cloudresourcemanager.Project,51
compute.Project,49
compute.Subnetwork,39
compute.Address,38
dns.ManagedZone,33
storage.Bucket,29
orgpolicy.Policy,19
cloudbuild.BuildTrigger,15
compute.FirewallPolicy,15
compute.Network,14
compute.Router,12
cloudresourcemanager.Folder,11
dns.Policy,10
compute.ForwardingRule,8
iam.ServiceAccountKey,8
servicedirectory.Endpoint,8
servicedirectory.Namespace,8
servicedirectory.Service,8
identity.ServicePerimeter,7
cloudkms.CryptoKey,6
cloudkms.CryptoKeyVersion,6
cloudkms.KeyRing,6
cloudresourcemanager.TagValue,4
identity.AccessLevel,4
artifactregistry.DockerImage,3
pubsub.Subscription,3
pubsub.Topic,3
artifactregistry.Repository,2
bigquery.Dataset,2
bigquery.Table,1
cloudbilling.BillingAccount,1
cloudbuild.WorkerPool,1
cloudfunctions.Function,1
cloudresourcemanager.Organization,1
cloudresourcemanager.TagKey,1
compute.Firewall,1
eventarc.Trigger,1
identity.AccessPolicy,1
run.Revision,1
run.Service,1
workflows.Workflow,1