Permissions to enable GCP Monitoring

What permissions should I have in my Google account to enable Site24x7 Google Cloud Platform (GCP) Monitoring?

The following permissions should be given to a GCP Service Account to monitor and manage your GCP resources in the Site24x7 web client:  
  1. Ensure the roles listed in the table below are provided to the service account associated with the project, depending on the monitor you want to create.
  2. For Management Actions, to start/stop VMs, like start/stop VMs, ensure the service account is provided a custom role with roles listed in the table below.

Permissions required
Project monitoring
Organization monitoring
For monitoring performance metrics
  1. Viewer
  1. Viewer
  2. Browser
For IT Automation actions

  1. compute.instances.start
  2. compute.instances.stop
  3. compute.instances.reset
  4. compute.instantSnapshots.create

  1. compute.instances.start
  2. compute.instances.stop
  3. compute.instances.reset
  4. compute.instantSnapshots.create
For management actions (like start/stop VMs)
  1. compute.instances.start
  2. compute.instances.stop
  1. compute.instances.start
  2. compute.instances.stop

Notes
Assigning permissions at the organization level, transfers the same permissions to all the projects associated to it. For project monitoring, permissions have to be provided for each project.
To create a custom role, in your Google Cloud console, navigate to IAM & Admin > Roles. Click + CREATE ROLE.
Name the role, for example: Custom VM Start/Stop Role.

Alternatively, you can provide the Viewer role for the required service type and Monitoring Viewer role to perform resource discovery and monitoring for that service type.
For example, provide the roles Compute Viewer and Monitoring Viewer for the service type Compute Engine to discover and monitor the Compute Engine resources.

Idea
For detailed instructions on how to create a service account for monitoring Site24x7 and to know more about the permissions and roles, refer to our help document here.


Not having a service account in your GCP console yet? Learn more on how to create a service account.

    • Related Articles

    • Exclude Site24x7 monitoring traffic from Google Analytics

      You can exclude traffic from the Site24x7 Web Transaction (Browser) monitor and Webpage Speed (Browser) traffic from Google Analytics in two ways. To exclude traffic for the Web Defacement monitor, you can follow the first method. 1. Creating a ...

    • Troubleshooting false positive alerts in monitoring

      Problem False positive alerts are being generated. Possible cause The monitoring system is down in some locations. The Website monitor might be configured for one location, such as Seattle, but may appear down when accessed from another location, ...

    • Response time in Website monitoring

      In website monitoring, response time is calculated as the total time taken to resolve the DNS, complete the TCP hand-shake, negotiate an SSL handshake (for HTTPS) and download the full HTML output from the server. However, it does not include getting ...

    • Exclude the selective SSH algorithms in On-Premise Poller during SFTP Transfer monitoring

      By excluding SSH algorithms, you can restrict Site24x7 SSH Client from using the excluded algorithm while connecting to the SSH server during SFTP Transfer monitoring. Follow the steps mentioned below for SSH algorithm exclusion in On-Premise Poller ...

    • Executables and scripts to allow for Windows server monitoring

      One of the reasons you could not enable Site24x7 server monitoring could be your organization's group policy denying access to the executables, scripts, and batch files associated with Site24x7 server monitoring. Mark the following executables, ...