To configure the Management Pack for Google Cloud Platform, you must create a service account in Google Cloud Platform and download the private key as a JSON file. To create the service account, you must have the Service Account Admin role (roles/iam.serviceAccountAdmin) or the Editor primitive role (roles/editor). For read-only access, the service account requires the project level viewer role (Viewer - primitive role on GCP).
To monitor the Google Cloud Platform account using this Management Pack, enable the following APIs:
- BigQuery API
- Compute Engine API
- Cloud Storage and Google Cloud Storage JSON API
- Kubernetes Engine API
- Stackdriver Monitoring API (The Stackdriver monitoring API (monitoring.googleapis.com) is required to monitor time-series metric data).
- In the Cloud Console, navigate to APIs & Services for your project.
- In the Library page, search for the above APIs.
- Select the Service API you want to enable.
- Click Enable.
When the APIs are enabled and the service account has the correct set of roles and associated permissions, this Management Pack can retrieve Google Cloud Platform data. When creating a service account, you must select a Google Cloud Platform project as Google Cloud Platform does not allow the service account to belong directly under the Google Cloud Platform Organization.
- In the Cloud Console, navigate to
- From the Service account list, select New service ccount.
- In the Service account name text box, enter a name.
- From the Role list, The Role field authorizes the service account to access resources. Select Project > Owner or select the required services in read-only (as a viewer).
- Click Save.
- Download the service account private key as a JSON file.