Lucidum has been acquired by Cyderes → [Read the announcement]

Lucidum has been acquired by Cyderes → [Read the announcement]

View Categories

Google Cloud

Estimated Reading Time: 1 min read

What is Google Cloud Platform? #

Google Cloud Platform provides public cloud infrastructure and includes services for computing and hosting, storage and database, networking, big data, and machine learning

Why Should You Use the Google Cloud Platform Connector? #

The Google Cloud Platform connector provides visibility into the assets in your environment. You can use this visibility to:

  • ensure assets are managed per your security policies
  • derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Meridian executes read-only requests to the Google Cloud Platform REST API and ingests only meta-data about Google Cloud Platform devices. Meridian does not retrieve any data stored on your assets.

Configuring the Connector in Meridian #

Field

Description

Example

Profile Name

 Name of this profile for the connector production servers
JSON Key File Click this button to upload the JSON file for the service account healthy-pager-321415-afaa28ca955d.json

Prerequisites #

To use the Google Cloud Platform connector, you must first:

  • Enable the Cloud APIs
  • Create a service account for the Meridian connector
  • Generate a JSON file for the service account

Enabling Google Cloud APIs and Creating a Service Account #

  1. Go to the Google Cloud Console (https://console.cloud.google.com/) and select the project that you want Meridian to ingest data from.
  2. Navigate to APIs & Services.

  3. Enable the following APIs.

    • Compute Engine API

    • Cloud Resource Manager API

    • Cloud Storage JSON API

    • Cloud SQL Admin API

    • Stackdriver Monitoring API

    • Identity and Access Management (IAM) API

    • Cloud Billing API

  4. If an API is not already in the list of APIs, follow these steps: https://cloud.google.com/endpoints/docs/openapi/enable-api#enabling_an_api.

  5. Click the API you want to enable.

  6. Click Enable.

Creating a Service Account and Granting Permissions to that Service Account #

To create a service account, see https://cloud.google.com/iam/docs/service-accounts-create#creating. The Meridian connector uses this account.

  1. In the “Grant this service account access to a project”, give the service account the roles listed below:

    • Compute Viewer

    • Kubernetes Engine Viewer

    • Storage Object Viewer

    • Cloud SQL Viewer

    • Organization Policy Viewer

    • Security Reviewer

    • Project Viewer
    • Billing Account Viewer

  2. Skip the steps about attaching users to the service account.

  3. Click Done.

Create the JSON Key File for the Service Account #

  1. For details on creating a JSON Key file to the new service account, see https://cloud.google.com/iam/docs/keys-create-delete#creating.
  2. Save the file locally. You will need it to configure the Meridian connector.

API Documentation #

https://cloud.google.com/apis?hl=en

The Meridian connector uses the Compute APIs and the Storage APIs.

What are your Feelings