Google Cloud Platform Autodiscovery
Google Cloud Platform Discovery Items
The following table outlines the Google Cloud Platform (GCP) items that Device42 automatically discovers, the types of information generated for each item, and where that information can be found in Device42.
| Cloud Service/Object Name | Device42 Location | Accessed API | Information Generated |
|---|---|---|---|
| K8s (GKE) Discovery | Devices -> Unknown | Compute API, Container API | Containers, pods, clusters |
| Networks (as VRF Groups) | Network -> VRF Groups | Compute API | Name |
| Subnets | Networks -> Subnets | Compute API | Mask, name, VRF Group |
| SQL DB | SQL Admin API | Tables, instances, etc. | |
| VMs | Devices -> All Devices | Compute API | Type, Name, RAM, OS, CPU, cores, etc. |
GCP Permission Requirements
The following permissions are required to perform a GCP discovery job. You can create a custom IAM role with these permissions or ensure they are included in existing roles granted to your account or service account.
Click to expand the code block
bigquery.datasets.get
bigquery.models.getMetadata
bigquery.models.list
bigquery.tables.get
bigquery.tables.list
cloudsql.instances.list
compute.addresses.list
compute.backendServices.get
compute.disks.get
compute.disks.list
compute.firewalls.list
compute.globalForwardingRules.list
compute.images.get
compute.images.list
compute.instances.list
compute.machineTypes.get
compute.networks.list
compute.regions.list
compute.subnetworks.get
compute.targetSslProxies.get
container.clusters.list
container.configMaps.list
container.cronJobs.list
container.daemonSets.list
container.deployments.list
container.endpoints.list
container.ingresses.list
container.namespaces.get
container.namespaces.list
container.nodes.list
container.persistentVolumes.list
container.pods.list
container.replicaSets.list
container.replicationControllers.list
container.resourceQuotas.list
container.services.list
container.statefulSets.list
resourcemanager.projects.get
GCP Discovery Job Configuration
You need a user account with the built-in GCP "Viewer" role before you can begin a GCP discovery job.
Create a New GCP Discovery Job
To create a new GCP discovery job, go to Discovery > Cloud and click + Add Cloud Autodiscovery. Choose Google Cloud as the discovery Type.
To discover all accessible projects, leave the Project ID field blank.
Provide JSON Credentials
- Locate and save your Google Cloud Engine JSON key to your local machine.
- Open the key in a text editor and copy its contents:
- Paste the copied JSON in its entirety into the Password field:
Determine Configuration Options
The following configuration options are available for GCP:
- Select Kubernetes Discovery to discover Kubernetes clusters hosted on your GCP.
- Select Strip Domain Name to remove the domain name (everything after the first period) from the discovered name.
- Set an Object category for discovered devices to assign a specific category to discovered devices.
- Select Overwrite existing object categories to replace previously assigned categories with the current selection.
- Set a job Service Level (for example, "Development", "Deployment", or "Production") to apply to the discovered items. See Service Level and Object Category Options for details.
Locate GCP Account Tags
Navigate to Infrastructure > Cloud Infrastructure > Cloud Accounts and select your GCP account from the Cloud Accounts list page.
The available discovered account-level tags will be listed under the Vendor Custom Fields section.
