Google Cloud Platform (GCP) is one of the world’s leading public cloud providers, offering a variety of cloud services. You can add a single GCP account--a project--into DivvyCloud or you can add multiple projects--an organization--into DivvyCloud using the following steps.
1. Access the API Manager
a. Login to the GCP console. Make sure you are in the organization and the project you wish to add to DivvyCloud. Note the project ID, which you will use in DivvyCloud.
Note the Project ID; you will need this when adding the cloud account to the DivvyCloud tool.
b. Access the APIs & Services dashboard from the top left navigation option. Click Dashboard.
2. Enable APIs
a. Once you have selected Dashboard, you will see a listing of APIs that are currently enabled.
b. For DivvyCloud to retrieve and act upon data in your cloud, you need to have the following APIs enabled:
- Cloud SQL
- Cloud SQL Admin API
- Compute Engine API
- Compute Engine Instance Group Manager API
- Dataflow API
- Google Cloud Deployment Manager V2 API
- Google Cloud Storage
- Google Compute Engine Instance Group Updater API
- Google Compute Engine Instance Groups API
- Google+ API
- Kubernetes Engine API
c. If you do not have all of the required APIs enabled, select "Enable APIs and Services". Otherwise, skip to step #3.
d. In the Google API Library, enter the name of the missing API in the search box. Select the searched for API. (The example below shows just one match; multiple API matches may be shown in card format.)
e. Enable the API. You will see a description of the API. Once you have reviewed the information, select Enable. Repeat the process until you have added all of the missing APIs.
3. Create Credentials
a. Once you have verified your enabled APIs, click on Credentials on the navigation menu. (This is still under APIs & Services.)
b. Click on the Create credentials dropdown and select Service account key.
4. Define Credentials
a. Click on the Service account dropdown and select New service account.
b. Enter a service account name to denote that this account is used for DivvyCloud. As an example, you could name the service account DivvyCloud-API-Access. By creating a specific DivvyCloud service account, you are then able to monitor in Logging all actions taken by DivvyCloud; this facilitates troubleshooting by helping you understand what DivvyCloud is doing versus what others are doing.
c. Select a Role. Click on the Role dropdown and select an appropriate role. Select Project->Viewer to give DivvyCloud the scope to view all cloud resources. If you would like to view and act upon all cloud resources, choose Editor or Owner.
d. Select JSON as Key type. That allows DivvyCloud to call APIs programmatically.
e. Click on Create.
f. Confirm that your Service Account Key has been created. You should see a confirmation message with the name of your JSON.
Store this JSON in a secure place; the JSON contains the only copy of the keys.
1. Go to your DivvyCloud account. Navigate to Clouds on the navigation menu. Click on Add Cloud in the upper right.
2. Enter Cloud Information
- Select Google Compute Engine in the Select Technology dropbox.
- Name your cloud account.
- Provide your project ID from Setup on Google Console Step 1.
- Enter the contents of your JSON (contained in the file saved in Setup on Google Console, Step 4f.
- Enter an admin Email if you want to manage IAM and the Google Cloud Directory
3. Select the Harvesting Strategies for your cloud account by clicking on the Show Advanced button as shown below.
4. Add any Badges you would like to this particular cloud account. Badges provide a way to assign additional metadata about resources within the DivvyCloud platform. They are key/value pairs which can be used for filtering and identifying resources from parent cloud account.
5. Select Submit
You should see a screen that indicates you have successfully added a cloud account. DivvyCloud will begin harvesting immediately and the data should start to surface after five minutes or so, depending upon the size of your cloud account.
You can also confirm that your cloud account is added by selecting Clouds from the navigation menu and confirming that your newly added cloud account is listed.
You can add a GCP organization to DivvyCloud, enabling automatic addition of all associated cloud accounts/projects and badging by organizations.
1. GCP Console
Navigate to IAM & Admin -> Settings.
Copy the Organization name.
2. Go to the Clouds page and locate the Organizations Tab. Click on Add Organization.
3. Enter the Domain Name and Credentials
Cloud Technology: Only GCP is supported at this time.
Domain Name: Paste the Organization name copied previously.
Credential: Paste in the JSON string credential for an account with Organization Viewer role.
Click ADD to complete.
4. After a short time refresh the page and confirm Accounts column displays correct number of associated accounts.