Permissions to enable GCP Monitoring

What permissions should I have in my Google account to enable Site24x7 Google Cloud Platform (GCP) Monitoring?

The following permissions should be given to a GCP Service Account to monitor and manage your GCP resources in the Site24x7 web client:  
  1. Ensure the roles listed in the table below are provided to the service account associated with the project, depending on the monitor you want to create.
  2. For Management Actions, to start/stop VMs, like start/stop VMs, ensure the service account is provided a custom role with roles listed in the table below.

Permissions required
For monitoring performance metrics

  1. Viewer

  1. Viewer
  2. Browser
For management actions (like start/stop VMs)
  1. compute.instances.start
  2. compute.instances.stop
  1. compute.instances.start
  2. compute.instances.stop

Assigning permissions at the organization level, transfers the same permissions to all the projects associated to it. For project monitoring, permissions have to be provided for each project.
To create a custom role, in your Google Cloud console, navigate to IAM & Admin > Roles. Click + CREATE ROLE.
Name the role, for example: Custom VM Start/Stop Role.

Alternatively, you can provide the Viewer role for the required service type and Monitoring Viewer role to perform resource discovery and monitoring for that service type.
For example, provide the roles Compute Viewer and Monitoring Viewer for the service type Compute Engine to discover and monitor the Compute Engine resources.

For detailed instructions on how to create a service account for monitoring Site24x7 and to know more about the permissions and roles, refer to our help document here.


Not having a service account in your GCP console yet? Learn more on how to create a service account.