Info |
---|
This article explains how to set up a service account in Google Cloud Platform. Ensure you have the necessary permissions in Google Cloud. |
Table of Contents | ||
---|---|---|
|
Summary
Create Service Account
...
...
*If you already have a service account dedicated to Cloudaware, proceed to step 4.
3. Enter the name for the service account, in this guide To integrate Google Cloud Platform with Cloudaware:
Create a new service account for Cloudaware
Assign the Project Viewer role. Create and assign a custom role for tagging & backups (optional).
Download a service account key (
json
).Enable Google APIs:
Compute Engine API
Identity and Access Management (IAM) API
Cloud Resource Manager API
Kubernetes Engine API
Cloud Billing API
For detailed setup instructions, refer to the in-depth guidelines below.
Create service account
Log in to the Google console. Select the Google project. Go to 'IAM & admin'→Service accounts → +CREATE SERVICE ACCOUNT.
Use a meaningful name, e.g. cloudaware-service-account. Click CREATE AND CONTINUE.
...
Assign the role Project Viewer* to the service account. Click DONE.
...
NOTE: If you use Google Organizations, assign the role 'Viewer' to the service account for Cloudaware to consume your Organization data. Assign the following roles to the service account created earlier:
Organization Role Viewer
Folder Viewer
Organization Viewer
Organization Policy Viewer
Project Viewer
Click Save.
Assign the 'Project Viewer' role on the organization level for Cloudaware to automatically add and collect Google Projects within a Google Organization:
Create Service Account Key
The service account key is required for setup in Cloudaware.
1. Select the service account. Click +Create key.
...
2. Select 'JSON' → Create.
...
*This is the minimum access role required. For more detailed access information, refer to the guide Additional permissions in Google.
Create service account key
Select the service account that will be added to Cloudaware. Go to the tab 'Keys' → +Create key.
Select 'JSON' → CREATE. A
.json
file will be automatically downloaded
...
.
...
Save the key in a secure location as it is is required for further setup in Cloudaware.
Enable Google APIs for Google Project
...
Go back to
...
Google Organization → 'APIs & Services'.
...
Select the Google Project where the service account
...
for Cloudaware was created. Click +ENABLE APIS AND SERVICES.
...
...
Using the search bar,
...
find and enable the following APIs:
Compute Engine API (see example below)
Identity and Access Management (IAM) API
Cloud Resource Manager API
Kubernetes Engine API (learn more)
Cloud Billing API (learn more)
...
! Next step - Google setup in Cloudaware