Preparations

Before the Google Cloud Discovery connector can be configured, the following preparations have to be made.

Locate email address for Google Cloud service account

The email address is the automatically assigned email address for the Google Cloud service account you will be using for this connector. This service account will belong to your primary Google Cloud project.

  1. On your Google Cloud Platform console, and under IAM & admin, select Service accounts.

  2. The email address will appear in the Service accounts window pane. Make a note of the email address, since it will be used when configuring the connector. If you have multiple Google Cloud projects, the email address will also be used for adding the Google Service account to the other projects.

Assign Google Cloud service account to secondary projects

If you have multiple Google Cloud projects that you want to fetch data about virtual machines from, you need to assign the service account for your primary Google Cloud project to all those secondary projects. The secondary projects will have view only permissions.

  1. On your Google Cloud Platform console, and under IAM & admin, select IAM

  2. On the IAM dashboard, select ADD.

    The Add members to "Secondary Project" window appears.

  3. In the New members box, enter the email address for the service account for your primary Google Cloud project, as saved in Locate email address for Google Cloud service account.

  4. In the Role box, and from the Compute Engine list, select Compute Viewer.

  5. Select Save.

  6. Repeat Step 2 to Step 5 for all projects that you want to include.

Create Google Cloud service account key and password

Create the service account key and password for your primary Google Cloud project.

  1. On your Google Cloud Platform console, and under APIs & Services, select Credentials.

  2. On the Credentials dashboard, and on the Credentials tab, select Create credentials, and then select Service account key from the list.

    The Create service account key window appears.

  3. In the Service account box, select Compute Engine default service account.

  4. Select P12 as Key type.

  5. Select Create.

    A file with the key and password is downloaded. Save the file, since the key and password will be used when configuring the connector.

Enable APIs for primary and secondary projects

The following APIs need to be enabled for the Google Cloud projects:

  • For your primary project: Cloud Resource Manager API

  • For your primary project and all secondary projects you plan to discover Virtual Machines within: Compute Engine API

  1. On your Google Cloud Platform console, and under APIs & Services, select Dashboard

  2. From the list of projects on the title bar, select the project for which you want to enable an API.

  3. Select ENABLE APIS AND SERVICES.

  4. In the search box, enter the name of the API, for example Compute Engine API, and select the API from the search results.

  5. Select Manage.

    The API is enabled for the project.

  6. Repeat Step 2 to Step 5 for all projects.