How Can We Help?

Connect your Google Cloud Platform Environment

Now that you are logged into Cloudockit (click here if you are not logged in yet), you can connect your Google Cloud Platform Projects.

From the list of platforms, select Google Cloud Platform.

You will be prompted with the two following options to connect your GCP Environment:

  • Service Account (Recommended)
  • Google Sign-In

Service Account (Recommended)

Step 1 – Create a Service Account

  • Sign in to the GCP Console and click on IAM & Admin / Service Accounts : https://console.cloud.google.com/iam-admin/serviceaccounts
  • Select the project where you want to create the Service Account (you will then be able to give the appropriate permissions to the other projects with the same service account)
  • Then click on Create Service Account and enter the Service Account Name. (e.g. use Cloudockit). Then click on create

  • Select the role Project / Viewer. Then click on Continue

  • Click on Create Key button and select JSON and click Create. Save the file locally

  • To save the service account, click on Done.

Step 2 – Activate the appropriate APIs

As Cloudockit is using the Cloud Resource Manager API to list all the projects, you need to Enable this API in order for Cloudockit to view your resources. You also need to activate other APIs (see complete list below) depending on the workload you want to document.
Please note that these APIs need to be activated in the Project where you have created your service account to do the scan (create in the previous step)
To do so, click on API & Services and then click on Enable APIs and Services.
  • In the search box, enter Resource Manager

  • Then click on Cloud Resource Manager API and click ENABLE.

Once you have activated this API, you should also activate the APIs that are used by Cloudockit to automatically create the documents and diagrams:

  • Compute Engine API
  • Kubernetes Engine API
  • Cloud Resource Manager
  • App Engine Admin
  • Cloud Pub/Sub
  • Cloud Spanner API
  • Dataflow API
  • Cloud Bigtable Admin
  • Cloud SQL Admin API
  • Cloud IoT API
  • Google Cloud Memorystore for Redis API
  • Cloud Functions API

Step 3 – Log into Cloudockit

  • When you are prompted for an GCP authentication, select Service Account
  • Then, click on Browse and select the JSON file that you have just downloaded in the previous step
  • Then click on Login. You should now see your AWS Account.

Google Sign-In

Note : Google Cloud does not allow OAuth 2 User Authentication to the scope cloud-platform.readonly so you should use Service Account to ensure you get all the information (reason why Method 1 is recommended).

To use your Google Account, you just need to login using your Google Account that has required privileges to your Google Cloud Project :

Table of Contents