Google Cloud

Last updated 2 months ago

This topic describes how to set up P0's integration for Google Cloud Platform (GCP). It contains the following sections:

For fine-grained Kubernetes access in Google Kubernetes Engine (GKE), use the P0 .

Prerequisites

Existing P0 account at .
Existing Google project(s) where you want to install P0.
Permissions to create GCP roles and add IAM bindings to your Google project(s).
- iam.roleAdmin (Role Admin)
- iam.securityAdmin (Security Admin)
- orgpolicy.policyAdmin (Organization Policy Admin). This is optional but recommended, to ensure your P0 integration for GCP is as secure as possible

You may need to work with your organization's administrator for the relevant permissions.

This setup takes about 10 minutes.

Google Cloud Integration requires these key setup steps:

You must set up your organization prior to GCP provisioning. To set up p0 for your GCP organization:

Retrieve your organization ID from GCP using one of the following methods:
- Go to IAM & Admin > Manage Resources. You will find your organization ID listed under the ID field.
Copy and paste your organization ID into the input field and click Next. This enables you to install components that fit your needs.

If a previous Google Cloud integration is present, the field is disabled and pre-populated with the organization ID, so proceed to the next step.

For this example, we’ll install an Identity and Access Management (IAM) component.

The steps are similar for other components.

To install an IAM component:

Choose the component you want to install (e.g. IAM management).
Click Add project to install a new project.
Enter your existing GCP project name into the Project identifier field and click Next.
The resulting page will display GCP and Terraform commands to complete the installation.

To provision access using the GCP shell:

Open Cloud Shell Editor from the left menu, or use the search bar.
Click Open Terminal. This is where you’ll enter your shell commands.
If your browser is logged into multiple Google accounts, enter the command gcloud config set account email@email.com, and replace email@email.com with your account email.
Use the copy button to copy the entire Shell command set.
Paste the commands into the terminal window and press Return.

Return to the configuration page and click Next to begin the installation process.
When the installation completes, click Finish.
(Optional) We recommend that you secure your installation. If you haven’t enabled a domain restriction for your project, you’ll see the following warning message at the top of the Google Cloud page: