17min

GCP Project

To connect a Google project you will need to generate service keys. This may either be done with Terraform or through the Google Cloud Platform.

Connect a GCP project

Connect a GCP project using Terraform

This module provisions an GCP Service Account granting cross account read-only access rights for AutoCloud's services to ingest your infrastructure.

  1. Get your AutoCloud organization ID, which can be found in My Account.
  2. Head over to AutoCloud's GCP Terraform Module.
  3. Get the Provision Instructions, copy and paste into your Terraform configuration.
  4. The following assets will be created:
    • google_service_account - The GCP cross-account Service Account
    • google_project_iam_member - Several role attachments linking the cross-account Service Account to the specific permissions allotted
    • google_service_account_key - The GCP cross-account Service Account Private Key

  5. Download this private key to your computer.

Document image

Connect a GCP project using the Google Cloud Platform

  1. Log in to your GCP account. Navigate to the 'IAM & Admin' section then click on 'Service Accounts' in the left-hand menu. Click the '+ Create Service Account' button at the top of this page.
Document image

2. Give your service account a name and description. We suggest the name include your Project's name.

Document image

3. Grant this service account read access to the project. Specifically, you must give it the 3 roles, as shown below. 1) a Project-level 'Viewer' role, 2) 'Service Usage Viewer' role and 3) Security Reviewer.

Document image

4. When you get to the 3rd step, 'Grant users access to this service account', skip down to the 'Create key' section. Click the '+ Create Key' button and generate a JSON key.

Document image

5. Download this private key to your computer. AutoCloud stores this key in Vault so that you do not need to upload the key each time you create a new Version. To learn more about how AutoCloud keeps your information secure, check out our Security Practices.

Document image

Connect a Google Project to AutoCloud

  1. Go to Accounts
  2. Click on "Create New" in the top right corner.
  3. Pick GCP as a provider.
  4. Name your account and add a description.
Document image

5. AutoCloud requires a Service Account Key with the roles "Viewer" and "Service Usage Viewer". A viewer role at the project-level is also required. You can generate this by using Google Console or Terraform. Upload the Service Account Key, then click Next.

Document image

6. If the upload of the JSON credentials was successful, you should now see the available projects. Click Next.

Document image

7. Select services and regions.

Document image

8. A version of your Google Project will be created.

Document image

9. You successfully created the first version of a GCP project.

Document image



10. Click on VIEW to take a look at your GCP 3D environment.

Document image
Document image



Updated 09 Jun 2022
Did this page help?
Yes
No
UP NEXT
What are Accounts
Documentation powered by archbee