Disabling Unauthenticated Access to Cloud Run Services – API and User Interface with API Gateway and Cloud Storage

With the API Gateway working, you can now remove unauthenticated access to the Cloud Run services by revoking the roles/run.invoker role from allUsers from the Cloud Run service. This is because the API Gateway has the roles/run.invoker role to call the Cloud Run service on your behalf. This will also be the case for the […]

Deploying the UI Container to Cloud Run – API and User Interface with API Gateway and Cloud Storage

As the user interface container does not need any configuration, you do not need to configure any environment variables. It will also run without needing any additional permissions, so you do not need to configure any IAM roles. However, by default, it will use the default service account for the project which has more permissions […]

Requirements – API and User Interface with API Gateway and Cloud Storage

In previous chapters, you developed three separate Cloud Run services that collectively constitute the backend for the Skills Mapper application. While the benefit of this arrangement is that each service can be individually maintained and scaled, it has led to a somewhat fragmented system. Navigating this structure currently requires an understanding of which functionality is […]

Evaluation – Profile Service with Pub/Sub and Firestore

Let’s evaluate the solution in terms of cost. Overall, this is a low-cost solution; it is taking good advantage of cloud native services. The costs are broken down as follows. Firestore Firestore is a relatively cheap way to store data, as you are not paying for compute resources and are only storing small amounts of […]

Deploying to Cloud Run Connecting to Cloud SQL – Fact Service with Spring Boot, Cloud Run, and Cloud SQL

To deploy for real, the fact service needs to connect to the Cloud SQL PostgreSQL database. There are several options for connecting to a Cloud SQL database from Cloud Run. In this case, as you are using the Spring Cloud GCP starter for Cloud SQL to connect to a Cloud SQL database using the Cloud […]

Creating a Secret in Secret Manager – Fact Service with Spring Boot, Cloud Run, and Cloud SQL

Before establishing a connection between the Cloud Run service and the Cloud SQL database, it’s necessary to create a secret in Secret Manager to safely store the database user’s password. Secret Manager is a secure and convenient solution provided by Google Cloud for managing sensitive information like passwords, API keys, and other secrets. It ensures […]

Identity Platform – Fact Service with Spring Boot, Cloud Run, and Cloud SQL

In this service, a fact is made up by relating a person to a skill via a level of interest or proficiency. A skill is represented by a Stack Overflow tag you retrieved in Chapter 5 and made searchable in Chapter 6. However, you need a way of capturing the person it is associated with, […]