Skip to main content
Skip table of contents

Google Cloud

Google Cloud Platform, offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products.

Enabling Google Cloud APIs and Creating a Service Account

To connect Lucidum to Google Cloud Platform you need to:

  1. Enable cloud APIs

  2. Create a service account and grant permissions to that service account

Enabling Cloud APIs

  1. Go to the Google Cloud Console and select the project that you want Lucidum to connect to.
    Then, go to APIs & Services -> Dashboard.

  2. Lucidum requires the following APIs to be enabled. The enabled APIs will be shown in the list.

    • Compute Engine API

    • Cloud Resource Manager API

    • Cloud Storage JSON API

    • Cloud SQL Admin API

    • Stackdriver Monitoring API

    • Identity and Access Management (IAM) API

    • Cloud Billing API

  3. If the API does not appear in the list, it needs to be enabled first. To enable an API, click Enable APIs and Services at the top of the page. Search for the API you want to enable and click It. For example, Cloud Resource Manager API:

  4. Click Enable.

Creating a Service Account and Granting Permissions to that Service Account

  1. Go to the Google Cloud Console and select the project that you want Lucidum to connect to.

  2. From menu, select IAM & admin -> Service accounts.

  3. Click Create a Service Account.

  4. Give the service account a name, etc, then click Create and Continue. If you click "Done", go to step 8.

  5. In the "Grant this service account access to a project", give the service account the roles listed below:

    • Compute Viewer

    • Kubernetes Engine Viewer

    • Storage Object Viewer

    • Cloud SQL Viewer

    • Organization Policy Viewer

    • Security Reviewer

  6. Skip the "Grant users access to this service account" step.

  7. Click Done.

  8. To modify, or review the permissions granted to this service account in any project or at the organization level, go to IAM, find the service account you've created, and click "Edit Permissions".

  9. Next, click the newly created service account, go to Keys →  Add Key → Create New Key and create a JSON key.

  10. Your JSON key will start to be downloaded. Finish creating the account and go back to the service accounts page. Copy the email address of the new service account.

  11. Go back to IAM & Admin - IAM. Under Permissions → Member, Check if the new service account is listed and has all the required roles attached.

    If the service account is NOT listed, click Add and use the new service account email to add the new service account as a new member of the organization. Click + Add Another role to add the required roles in step 5 to the new member:

  12. Click Save.

Configuring the Connector for Google Cloud

To configure Lucidum to ingest data from Google Cloud:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • JSON Key pair for the service account (required) - A JSON-document containing service-account credentials. For example, /tmp/app/external/configs/Development-9957d6c30b42.json

    • Project ID (required) - Project to access GCP. For example, development-205110

    • Verify SSL. For future use.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.