[brango]

Google's approach to auth is cumbersome and leaves a lot to be desired. Also, there's nothing like cloudformation for configuring supporting services (their equivalent is a pathetic joke).

The only thing I'd use GCP for today is bigquery. For everything else I'd rather use AWS.

[rifung]

I work for Google.. Sorry to hear that your experience was poor but thanks for the candid feedback!

Is the equivalent to CloudFormation on GCP supposed to be Deployment Manager? Would you mind elaborating what could have been done better?

I work closely with them so I can at least relay the feedback. If it's easy enough maybe I'll even get to help since I am interested in working on that project =D

[brango]

Yes Deployment Manager. I can't remember now. I looked at it when I needed to automate something and found that I couldn't do it. IIRC it seemed too limited in its capabilities.

The GKE auth thing is so bad to the point we had to roll back from using service accounts to using normal API keys because there was nowhere in stack driver to add a service account key file. So the choice was either lose all our endpoint monitoring or just switch to API keys. When I opened a support ticket about this the support guy seemed incompetent. He literally couldn't understand what I was saying despite repeating myself 3 times in a way I struggled to make any clearer. It wasn't worth the hassle.

I'm running a gRPC/REST service on GKE with Endpoints and to add a new credential I needed to add the key to the service.yml file and update the endpoint. There's no way that scales. I can't wait to use AWS IAM for this instead. We had to backtrack and give out API keys instead of having anything better.

Follow this tutorial for what I was trying to do before going back to just normal API keys: https://cloud.google.com/endpoints/docs/grpc/authenticating-...

It's like GCP services weren't designed to work with each other. Just a hodgepodge of services that are fine if you can run CLI commands, but as soon as you want to get an ops team involved who want to do everything through a UI you're screwed.

Oh, and I can't tell you how frustrating it is for the k8s alpha clusters to just vanish on you. I'm a big boy. Let me decide when I want to kill an alpha cluster because, you know, I might know better than whichever engineer put that 30 day limit in.

Sorry for the rant, but as you can imagine I'm done with GCP and can't wait to head back to AWS land.

[rifung]

> Sorry for the rant, but as you can imagine I'm done with GCP and can't wait to head back to AWS land.

Nonsense, the feedback is much appreciated! Thanks for taking the time!

[oxplot]

Terraform [1] should be preferred over both Google's and Amazon's as it supports cross cloud provisioning and provides features such as update plan which are crucial for making low risk changes to infra.

[1]: https://www.terraform.io/

[azurezyq]

Is the equivalent you mentioned Cloud Deployment Manager? Could you provide a bit more detail about what is missing there?

I work on data processing & analytics at Google Cloud. Really glad to know you love BQ. :)