GCP
      Back to home
      1. Hyperglance Support
      2. Setup & Configuration
      3. GCP

      Add a GCP Project to Hyperglance

      This guide will help you connect a GCP Project to Hyperglance

      Prerequisites

      Prereq #1 - API Enablement

      For projects where Hyperglance will ingest inventory resources from please enable the following APIs:

      • Compute Engine API
      • API Gateway API
      • BigQuery API
      • Cloud Functions API
      • Cloud Resource Manager API
      • Cloud Monitoring API
      • Storage API

      For projects that store only billing data in BigQuery then only the BigQuery API needs to be enabled.

      Prereq #2 - Big Query Cost Exports

      Hyperglance will ingest billing data from BigQuery. For this to work you must enable cost exports to BigQuery.

      Prereq #3 - Service Account

      To access a project Hyperglance will use a Service Account.  NOTE: At the current time Hyperglance will require a Service Account to be created in each project that you wish to connect to. 

      Create a GCP Service Account and download the credentials json file to input into Hyperglance later.

      Assign both these roles to the service account:

      • Compute Viewer  (this is a predefined role)
      • A custom role role with the following permissions:
        • apigateway.apiconfigs.get

          apigateway.apiconfigs.list

          apigateway.apis.list

          apigateway.gateways.list

          bigquery.tables.list

          bigquery.tables.get

          bigquery.datasets.get

          cloudfunctions.functions.list

          storage.buckets.get

          storage.buckets.getIamPolicy

          storage.buckets.list

          storage.objects.getIamPolicy

          Storage.objects.list

      Additionally the service account will need these predefined roles assigned to but only for the project that owns the BigQuery billing exports:

      • BigQuery Data Viewer
      • BigQuery Job User

      NOTE: As we increase service coverage in Hyperglance our recommendations around which roles or permissions are required will change

      Connect to the project within Hyperglance

      1. Log in to Hyperglance
      2. Visit the Settings page
      3. Click Connect to GCP:
      4. Complete the form to connect to a project (inputs described below):


        Hyperglance will ingest resource inventory from the project that owns the Service Account, this information will be provided via the Credentials json field.  It will also ingest billing data from BigQuery, since this is usually held in a different project that is why you are prompted for the Billing Account ID and Billing Project ID.
        1. Alias - A user chosen name for the connection
        2. Credentials json - The credentials json file for a service account in GCP
        3. Billing Account ID - See: https://cloud.google.com/billing/docs/how-to/find-billing-account-id
        4. Billing Project ID - The project ID of the project that owns the billing BigQuery exports
        5. Organization Groups - Optionally tag this connection to group it with others in the Hyperglance platform.

      5. Submit the form.  
      6. If everything is successful GCP inventory and billing should start to be ingested and a connection entry should appear on the Settings page: