On AWS, there is something called "Certificate Manager", that lets me procure valid TLS / SSL certificates for all my subdomains, that are issues by "Amazon" CA.
It takes care of upgradation, renewal, etc. without me having to interfere even a tiny bit.
I am looking for something similar on Google Cloud Platform, so that I don't have to first procure a certificate from a different CA.
As already mentioned by Kamran in the comment on the question, GCP does not have something like AWS Certificate Manager.
Although from the discussion ongoing in the publish issue tracker here there is an ongoing project which aims at solving this issue. It is in private beta (I don't have access to that; would love if someone who does have access can add to this), and might be out to public soon.
There is no ETA for this feature, but all that can be made out from the said thread is that it will use Letsencrypt for the purpose.
For someone looking for at solution, there are a number of ways people have solved this.