Google Cloud ACE Planning and Configuring Solutions

GCP Pricing Calculator

The primary tool used to estimate monthly costs for Google Cloud services based on expected usage.

TCO (Total Cost of Ownership)

The comprehensive assessment of all costs—direct and indirect—associated with moving workloads to the cloud vs. on-premises.

Cloud Storage Standard

Best for "hot" data accessed frequently with no retrieval fee.

Cloud Storage Nearline

Best for data accessed less than once a month (e.g., monthly backups); 30-day minimum storage duration.

Cloud Storage Coldline

Best for data accessed less than once a quarter; 90-day minimum storage duration.

Cloud Storage Archive

Best for long-term data kept for years; 365-day minimum storage duration; highest retrieval cost.

Compute Engine Custom Machine Type

Allows you to specify exact numbers of vCPUs and GB of RAM to optimize cost and performance.

Preemptible VMs

Short-lived, low-cost VMs that can be reclaimed by GCP at any time; max 24-hour runtime.

Spot VMs

The modern replacement for Preemptible VMs; same low cost but no 24-hour runtime limit.

Committed Use Discounts (CUD)

Significant discounts in exchange for committing to use a specific amount of resources for 1 or 3 years.

Sustained Use Discounts (SUD)

Automatic discounts applied to Compute Engine bills when resources are used for a large portion of the billing month.

Sole-Tenant Nodes

Physical hardware dedicated to a single customer; used for compliance, licensing, or security.

Cloud SQL

Managed relational database supporting MySQL, PostgreSQL, and SQL Server; limited to 64TB.

Cloud Spanner

Fully managed, horizontally scalable, relational database with strong consistency for global scale.

Firestore

Flexible, scalable NoSQL document database for mobile, web, and server development.

BigTable

High-performance, scalable NoSQL wide-column database for large analytical and operational workloads (HBase compatible).

BigQuery

Serverless, highly scalable data warehouse with a built-in SQL engine and machine learning.

MemoryStore

Fully managed in-memory data store service for Redis and Memcached.

Choosing Compute Engine

Use when you need full control over the OS or have legacy software that won't run in containers.

Choosing GKE

Use when you need to manage a complex microservices architecture using Kubernetes.

Choosing App Engine Standard

Use for web apps in specific languages where you want zero-server management and scaling to zero.

Choosing App Engine Flexible

Use for web apps in containers or unsupported languages that need more underlying infrastructure control.

Choosing Cloud Run

Use for stateless containers that scale to zero and are triggered by HTTP requests or events.

Choosing Cloud Functions

Use for small, single-purpose snippets of code triggered by cloud events (FaaS).

Standard Network Tier

Delivers traffic over the public internet; cheaper but higher latency.

Premium Network Tier

Delivers traffic over Google’s private high-speed global network; default and higher performance.

Public IP Address

An IP address reachable from the internet; assigned to a VM for external communication.

Static External IP

A reserved public IP address that remains assigned to a resource even if it is stopped.

Ephemeral IP

A temporary IP address that is released when a resource is deleted or stopped.

VPC (Virtual Private Cloud)

A global private network that provides connectivity for GCP resources.

Subnet Mask /24

Provides 256 total IP addresses (252 usable in GCP).

Reserved IP Addresses in Subnets

GCP reserves the first two (.0, .1) and last two addresses (.254, .255) plus the gateway (.1).

Regional Managed Instance Group (MIG)

Provides high availability by spreading VM instances across multiple zones in one region.

Autoscaling Policy

Rules that trigger a MIG to add or remove instances (e.g., CPU usage, Load Balancing capacity).

Health Check

A mechanism to determine if a VM or service is healthy; used by MIGs for auto-healing and Load Balancers.

Global Load Balancer

Routes traffic to the closest healthy instance across different regions (HTTP/S, SSL Proxy, TCP Proxy).

Regional Load Balancer

Routes traffic within a single region (Network Load Balancer, Internal HTTP/S).

Content Delivery Network (Cloud CDN)

Caches content at Google’s edge locations to reduce latency for end users.

Cloud Storage Multi-Regional

Storing data in at least two geographic locations for maximum availability.

Cloud Storage Dual-Regional

Storing data in two specific regions (e.g., us-east1 and us-west1) for high availability and low latency.

Transfer Appliance

A high-capacity physical hardware device used to migrate massive amounts of data (TB to PB) to GCP.

Storage Transfer Service

An online service to move data from other cloud providers or on-premises to Cloud Storage.

Database Migration Service (DMS)

Serverless tool to migrate databases (like MySQL/Postgres) to Cloud SQL with minimal downtime.

VPC Peering

Connecting two VPC networks so they can communicate using private IP addresses.

Shared VPC

Allows multiple projects to share a single VPC network managed in a host project.

Cloud VPN

Securely connects on-premises networks to GCP VPCs over the public internet using IPsec.

Cloud Interconnect (Dedicated)

Direct physical connection between on-premises and Google network; 10 Gbps or 100 Gbps.

Cloud Interconnect (Partner)

Physical connection to Google through a supported service provider.

Cloud Router

Enables dynamic routing (BGP) between VPCs and on-premises networks.

Firewall Rules: Priority

A number from 0-65535; lower numbers have higher priority (0 is highest).

Firewall Rules: Implied Egress Allow

A default rule that allows all outgoing traffic from VMs.

Firewall Rules: Implied Ingress Deny

A default rule that blocks all incoming traffic to VMs.

Internal Load Balancer

Distributes traffic to instances within a VPC; not accessible from the internet.

Cloud DNS

A scalable, reliable, and managed authoritative Domain Name System service.

Private Google Access

Allows VMs with only private IPs to access Google APIs and services.

Cloud NAT

Allows VMs without public IPs to access the internet for updates or downloads.

Deployment Manager

An infrastructure-as-code service that uses YAML or Python to automate resource creation.

Terraform

An industry-standard infrastructure-as-code tool often used with GCP for multi-cloud deployments.

App Engine Traffic Splitting

Mechanism to send a percentage of traffic to different versions of an application (A/B testing).

Instance Template

A resource used to define the configuration (machine type, image, disk) for instances in a MIG.

Managed Instance Group (MIG)

A collection of identical VM instances managed as a single entity.

Unmanaged Instance Group

A group of dissimilar VMs; does not support autoscaling or auto-healing.

Shielded VMs

Compute Engine instances hardened against rootkits and boot-level malware.

Confidential Computing

Encrypts data in use (while it is being processed in RAM).

Snapshot

A point-in-time backup of a persistent disk; used for disaster recovery or image creation.

Custom Image

A boot disk image created from a VM or snapshot used to deploy identical pre-configured instances.

Cloud IAM Role: Project Viewer

Permission to see resources but not change them or see data (e.g., cannot see contents of a bucket).

Cloud IAM Role: Project Editor

Permission to modify most resources but not manage access or billing.

Cloud IAM Role: Project Owner

Full control over resources, including access management and billing.

Storage Object Viewer

Allows reading objects and metadata in a bucket but not listing the bucket itself.

Storage Object Creator

Allows writing objects to a bucket but not viewing or deleting them.

Cloud Storage Lifecycle Management

Rules to automatically transition data to cheaper storage classes or delete old data.

BigQuery Slot

A unit of computational capacity used to execute SQL queries.

BigQuery Partitioning

Dividing a table based on a column (usually Date) to improve query performance and reduce cost.

BigQuery Clustering

Organizing data based on the values of specific columns to optimize range filters.

Dataflow

Fully managed service for stream and batch data processing (based on Apache Beam).

Dataproc

Managed Hadoop and Spark service used for running big data clusters.

Pub/Sub

Asynchronous messaging service that decouples senders from receivers.

Cloud Build

Serverless CI/CD platform that builds, tests, and deploys software.

Artifact Registry

Next-generation manager for container images and language packages (Docker, Maven, npm).

Cloud Source Repositories

Private Git repositories hosted on Google Cloud.

Operation Suite: Cloud Monitoring

Collects metrics, dashboards, and alerts for infrastructure and applications.

Operation Suite: Cloud Logging

Stores, searches, and analyzes log data from GCP services.

Operation Suite: Cloud Trace

Provides distributed tracing for finding performance bottlenecks in microservices.

Operation Suite: Error Reporting

Aggregates and displays errors from running cloud services.

Secret Manager

Securely stores API keys, passwords, and certificates.

Cloud Armor

Web Application Firewall (WAF) and DDoS protection for HTTP/S load balancers.

Identity-Aware Proxy (IAP)

Controls access to applications and VMs without using a VPN.

Cloud Endpoints

Tool to help develop, deploy, and manage APIs on Google Cloud.

Apigee

Enterprise-grade API management platform for complex API ecosystems.

Vertex AI

Unified platform for training and deploying machine learning models.

Vision API

Pre-trained ML model for analyzing image content (labels, faces, OCR).

Translation API

Pre-trained ML model for translating text between languages.

Pub/Sub Topic

A named resource to which messages are sent by publishers.

Pub/Sub Subscription

A named resource representing the stream of messages from a specific topic to be delivered to a subscriber.

Pull Subscription

Subscriber requests messages from the Pub/Sub server.

Push Subscription

Pub/Sub server sends messages to a specific URL (webhook).

VPC Network Peering Transitivity

Peering is NOT transitive; if A peers with B, and B peers with C, A cannot talk to C.

Cloud Storage Versioning

Keeps a history of object changes to protect against accidental deletion.

Cloud Storage Signed URL

A URL that provides temporary, time-limited access to a specific Cloud Storage resource.