Configuring GCP in Aquila Clouds FinOps

Owned by Kalpesh Bhandari
Last updated: Jul 26, 2023 by Kalpesh Bhandari
3 min read

To configure GCP in Aquila Clouds, perform the following tasks:

Create a service account for Aquila Clouds

You can create a service account in the GCP console for Aquila Clouds.

  • Login to the Google Cloud Platform console.

  • Select the following icon (Navigation menu) > APIs & Services tab > select Credentials.

  • Select the required project.

  • Create a service account.
    Tip: If there is already an existing service account for a project that can be shared, manage that service account. Click Manage service accounts to manage an existing service account.

    • Click Create service account.

    • Enter the name for the service account, ID for the service account, and description for the service account.

    • Click Create.

    • Assign the following roles to the selected project to grant permissions for the resources in the project.

      • Reader Only Roles

        • Compute Viewer

        • Browser

        • BigQuery Data Viewer

        • BigQuery Job User

      • Reader and Writer Roles

        • Compute Admin

        • Browser

        • BigQuery Data Owner

        • BigQuery Job User

  • Click Continue.

  • Click Done.

  • Create private key and download generated Json.

    • On the Service Accounts page, select the required email address to create a key for it.

    • Select the Keys tab, and in the ADD KEY list select Create new key.

    • On the Create private key for Project name page, select JSON as the Key type.

    • Download the JSON file.

  • Go to API & Services

    • Click on Create Credentials > API Key

    • Copy this API Key

    • Click on generated API Key and in API Restrictions, select Restrict Key

    • Select Cloud Billing API, Google Cloud APIs

    • Save the API Key

  • Go to Billing > Billing export and identify Dataset name

    • Click on Dataset name and identify appropriate Big Data Query for Billing ingestion

  • Enable cross project access to service account created above.

    • Firstly, using the project navigation in the top menu select your other(s) project. In this case Project B

    • Select IAM & Admin from the menu, and select IAM

    • Select +ADD/GRANT ACCESS

    • From this new menu, you will need to use the Service account ID created in steps above.

    And following roles assigned to the original Service Account

    Compute Viewer

    Browser

    Monitoring Viewer

Add required permissions for Aquila Clouds

  1. Select the following icon (Navigation menu) > Billing tab -> Billing export.

  2. Create dataset and then table name if not already created.

Assign labels to the resources to be monitored using Aquila Clouds

  1. Select the following icon (Navigation menu) > Compute Engine tab -> VM Instances.

  2. Select instance and under labels tab ,add label as Key = ”instance_id” value = selected instance id.

  3. Navigate to Disks and add label as Key = “disk_id” value = selected disk id.

Add GCP environment to Aquila Clouds

  1. On the side navigation bar, select Administration tab.

  2. On the Administration tab, click Environments.

  3. On the Environments page, click Add.

  4. On the Add Environment page, toggle Active.

  5. In the Environment Type group, select Google.

     

  6. In the Name of the environment, type the name of Google Cloud Platform environment.

  7. Enter the following details for the connection parameters:

    • Type: Type the service account type.

    • Project Id: Type the project id from the downloaded json file.

    • Private Key Id: Type the private key id from the downloaded json file.

    • Private Key: Type the private Key from the downloaded json file.

    • Client Email: Type the email address of the client from the downloaded json file.

    • Client Id: Type the client id from downloaded json file.

    • Client Cert Url: Type the client certificate URL from downloaded json file.

    • Dataset Name: Type the dataset name from GCP console.

    • GCP Table Name: Type the big query table name from GCP console.

    • GCP Table Name: Type the big query table name from GCP console.

    • GCP Billing Account Id: Type specific billing account id

    • GCP API Key: Type API Key copied in step 8 above

  8. Click Apply.

  9. Review the environment details and click Do you wish to confirm? Google Cloud Platform environment is configured in Aquila Clouds. You can start monitoring and managing Google Cloud resources from Aquila Clouds platform according to the permissions defined in Google Cloud Platform environment.

How to setup Cloud Billing data export to BigQuery (GCP Documentation)