sevco.io

Google Cloud Platform

About Google Cloud Platform

A suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, Google Drive, and YouTube.

The Data We Collect and How We Use It

The table below lists the fields we collect from Google Cloud Platform and how they map to the fields in our Sevco platform. This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

Google Cloud Platform FieldSevco Field
IdID
NameHostnames
HostnameHostnames
time.nowLastUpdatedTime

Google Cloud Platform Service Account Configuration

  1. Add a source: Follow our instructions to add a Sevco source.
427
  1. Provide credentials: You'll be asked to provide source credentials that Sevco will use to connect to Google Cloud Platform:
Credential or ParameterDescriptionWhere You Can Find This Value
project_idGoogle Cloud Project ID. If empty the plugin will attempt to pull from all projects accessible by the service account.To locate your project_id refer to this documentation
service_account_jsonService Account JSON key file contentsThis information is available in the Google Cloud Console's IAM & AdminService Accounts section. For Details refer to this documentation
  1. Create Service Account. For more information on creating a service accounts visit https://cloud.google.com/iam/docs/creating-managing-service-accounts. Create your service account within a project you want imported into Sevco.

  2. Set permissions: In Google Cloud Platform, create a new custom role with the following permissions. The role can be in the same project as the service account or in a top-level organization.

compute.instances.get
compute.instances.list
compute.zones.list
resourcemanager.folders.list
resourcemanager.projects.list
resourcemanager.projects.get

The role should look like the following:

538
  1. Add the service account to every project you wish to be imported, or add the service account to a top-level organization with the role created in step 4. This will import compute instances from projects contained within that organization.
534

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Google Cloud Platform OAuth 2.0 Configuration

Permissions

  1. Create an IAM Role with the following assigned permissions
compute.instances.get
compute.instances.list
compute.zones.list
resourcemanager.folders.list
resourcemanager.projects.list
resourcemanager.projects.get

After creating your role, it should look like the following:

627

📘

Assigning your Role

It is recommended the user performing Oauth 2.0 flow be assigned the role above at a top-level GCP organization. Otherwise not all compute instances will be retrieved. The IAM Role will be inherited by any child projects/folders within your organization.

  1. Create a new Google Cloud Platform Source and Select OAuth2 configuration. Click Next.
424
  1. Read through the click explanation on what happens next. Click Next.
422
  1. Enter an Optional Name for this source. Click Activate.
425
  1. Select your Google Account to use for this source. and click Allow
457