What permissions should I have in my Google account to enable Site24x7 Google Cloud Platform (GCP) Monitoring?
The following permissions should be given to a GCP Service Account to monitor and manage your GCP resources in the Site24x7 web client:
- Ensure the roles listed in the table below are provided to the service account associated with the project, depending on the monitor you want to create.
- For Management Actions, to start/stop VMs, like start/stop VMs, ensure the service account is provided a custom role with roles listed in the table below.
Permissions required | ||
For monitoring performance metrics |
|
|
For IT Automation actions |
|
|
| For management actions (like start/stop VMs) |
|
|
Assigning permissions at the organization level, transfers the same permissions to all the projects associated to it. For project monitoring, permissions have to be provided for each project.
To create a custom role, in your Google Cloud console, navigate to IAM & Admin > Roles. Click + CREATE ROLE.
Name the role, for example: Custom VM Start/Stop Role.
Alternatively, you can provide the Viewer role for the required service type and Monitoring Viewer role to perform resource discovery and monitoring for that service type.
For example, provide the roles Compute Viewer and Monitoring Viewer for the service type Compute Engine to discover and monitor the Compute Engine resources.
For detailed instructions on how to create a service account for monitoring Site24x7 and to know more about the permissions and roles, refer to our help document here.
Not having a service account in your GCP console yet? Learn more on how to create a service account.
Related Articles
How does resource termination settings work for Google Cloud (GCP) monitoring?
In the Add/Edit Google Cloud (GCP) Monitor page (Site24x7 > Cloud > GCP > Add GCP Monitor), the option Automatically Remove Terminated Resources under Resource Termination Settings lets you remove terminated resources (in Google Cloud Console) from ...How to re-add deleted monitors in Google Cloud monitoring
You cannot re-add resources that have been deleted or terminated from the Google Cloud console. Log in to Site24x7 and go to Cloud > GCP > click the Google Cloud project or Google Cloud monitor > Management Actions. Scroll down to the Add Deleted ...How many API calls does Site24x7 GCP monitor make
Site24x7 Google Cloud monitoring (GCP) fetches the health and performance metrics and your Google Cloud resources' data via APIs. Here is an illustrative calculation on how many API calls will be made by Site24x7 for monitoring your Google Cloud ...How to create a service account in the GCP console?
A service account as a JSON file is required to authenticate Site24x7 to perform GCP resource discovery and monitoring. To create a service account, follow the steps below: Log in to your GCP console and click on the hamburger icon at the top left ...Sample Terraform script that can be used to enable the required APIs at each project level for Google Cloud monitoring
Use this sample Terraform script to enable the required APIs for each project. This Terraform script helps you enable all the required APIs for multiple projects in a single deployment. Main.tf provider "google" { project = "base project id" } module ...