Google Cloud Collector

Plugin to collect Google Cloud

SpaceONE's plugin-google-cloud-inven-collector is a convenient tool to get cloud service data from Google Cloud platform.

Find us also at Dockerhub

Please contact us if you need any further information. ([email protected])

Google Service Endpoint (in use)

There is an endpoints used to collect resources information of GCP. Endpoint of served GCP is a URL consisting of a service code.

https://[service-code].googleapis.com

We use dozens of endpoints because we collect information from many services.

Service list

The following is a list of services being collected and service code information.

No.	Service name	Service Code
1	Compute Engine	compute
2	Networking	compute
3	Cloud SQL	sqladmin
4	Storage	storage
5	BigQuery	bigquery
6	Cloud Pub/Sub	pubsub
7	Cloud Functions	cloudfunctions
8	Recommender	recommender

If you want to know the detailed service endpoint, please check the content details below.

Content details

Table of Contents
- Compute Engine
- Networking
- Cloud SQL
  - Instance
- Storage
  - Buckets
- BigQuery
  - SQLWorkspace
- Cloud Pub/Sub
  - Topic
  - Subscription
  - Snapshot
  - Schema
- Cloud Fuctions
  - Function
- Recommender
  - Recommendation
  - Insight
- Options
  - CloudServiceType
  - ServiceCodeMapper

Authentication Overview

Registered service account on SpaceONE must have certain permissions to collect cloud service data Please, set authentication privilege for followings:

Storage

Bucket
- IAM
  - storage.buckets.get
  - storage.objects.list
  - storage.objects.getIamPolicy
- Service Endpoint
  - https://storage.googleapis.com/storage/v1/b/{resource}

BigQuery

SQLWorkspace
- IAM
  - bigquery.datasets.get
  - bigquery.tables.get
  - bigquery.tables.list
  - bigquery.jobs.list
  - resourcemanager.projects.get
- Service Endpoint
  - https://bigquery.googleapis.com/bigquery/v2/projects/{projectId}/{resource}

Pub/Sub

Topic
- IAM
  - pubsub.topics.list
  - pubsub.subscriptions.get
  - pubsub.snapshots.get
- Service Endpoint
Subscription
- IAM
  - pubsub.subscriptions.list
- Service Endpoint
  - https://pubsub.googleapis.com/v1/{project}/subscriptions
Snapshot
- IAM
  - pubsub.snapshots.list
- Service Endpoint
  - https://pubsub.googleapis.com/v1/{project}/snapshots
Schema
- IAM
  - pubsub.schemas.list
- Service Endpoint
  - https://pubsub.googleapis.com/v1/{parent}/schemas

Functions

Function
- IAM
  - 1st Generation
    - cloudfunctions.functions.list
    - storage.bucket.get
  - 2nd Generation
    - cloudfunctions.functions.list
    - storage.bucket.get
    - eventarc.providers.list
- Service Endpoint
  - 1st Generation
    - https://cloudfunctions.googleapis.com/v1/{parent=projects/*/locations/*}/functions
    - https://storage.googleapis.com/storage/v1/b/{bucket}
  - 2nd Generation

Recommender

Recommendation & Insight
- IAM
  - cloudasset.assets.listResource
  - cloudasset.assets.listIamPolicy
  - cloudasset.assets.listOrgPolicy
  - cloudasset.assets.listAccessPolicy
  - cloudasset.assets.listOSInventories
  - recommender.*.get
  - recommender.*.list
- Recommendation Service Endpoint
  - https://recommender.googleapis.com/v1/{name=projects/*/locations/*/recommenders/*/recommendations/*}
- Insight Service Endpoint
  - https://cloudasset.googleapis.com/v1/{parent=*/*}/assets
  - https://recommender.googleapis.com/v1/{parent=projects/*/locations/*/insightTypes/*}/insights

Options

Cloud Service Type : Specify what to collect

If cloud_service_types is added to the list elements in options, only the specified cloud service type is collected. By default, if cloud_service_types is not specified in options, all services are collected.

The cloud_service_types items that can be specified are as follows.


{
    "cloud_service_types": [
    'ComputeEngine'
    'CloudSQL',
    'BigQuery',
    'CloudStorage',
    'Networking'
    ]
}

How to update plugin information using spacectl is as follows. First, create a yaml file to set options.


> cat update_collector.yaml
---
collector_id: collector-xxxxxxx
options:
  cloud_service_types:
    - CloudSQL
    - VPCNetwork

Update plugin through spacectl command with the created yaml file.


> spacectl exec update_plugin inventory.Collector -f update_collector.yaml

Service Code Mapper : Update service code in Cloud Service Type.

If service_code_mapper is in options, You can replace the existed service code into new value one. The default service code is listed below service code list


{
    "service_code_mappers": {
        "Compute Engine": "Your new service code",
        "Cloud SQL": "Your new service code",
    }
}

Custom Asset URL : Update ASSET_URL in Cloud Service Type.

If custom_asset_url is in options, You can change it to an asset_url that users will use instead of the default asset_url.
The default ASSET_URL in cloud_service_conf is https://spaceone-custom-assets.s3.ap-northeast-2.amazonaws.com/console-assets/icons/cloud-services/google_cloud.


{
    "custom_asset_url": "https://xxxxx.spaceone.dev/icon/google"
}

Name		Name	Last commit message	Last commit date
Latest commit History 651 Commits
.github		.github
docs		docs
pkg		pkg
src		src
test/api		test/api
.dockerignore		.dockerignore
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md

License

cloudforet-io/plugin-google-cloud-inven-collector

Folders and files

Latest commit

History

Repository files navigation

Google Cloud Collector

Google Service Endpoint (in use)

Service list

Content details

Authentication Overview

VM Instance

Instance Template

Instance Group

Machine Images

Disk

Snapshot

VPC Network

Route

External IP Address

Firewall

LoadBalancing

Instance

Bucket

SQLWorkspace

Topic

Subscription

Snapshot

Schema

Function

Recommendation & Insight

Options

Cloud Service Type : Specify what to collect

Service Code Mapper : Update service code in Cloud Service Type.

Custom Asset URL : Update ASSET_URL in Cloud Service Type.

About

Topics

Resources

License

Stars

Watchers

Forks

Languages