Skip to main content

Google Cloud Platform Autodiscovery

Google Cloud Platform Discovery Items

The following table outlines the Google Cloud Platform (GCP) items that Device42 automatically discovers, the types of information generated for each item, and where that information can be found in Device42.

Cloud Service/Object NameDevice42 LocationAccessed APIInformation Generated
K8s (GKE) DiscoveryDevices -> UnknownCompute API, Container APIContainers, pods, clusters
Networks (as VRF Groups)Network -> VRF GroupsCompute APIName
SubnetsNetworks -> SubnetsCompute APIMask, name, VRF Group
SQL DBSQL Admin APITables, instances, etc.
VMsDevices -> All DevicesCompute APIType, Name, RAM, OS, CPU, cores, etc.

GCP Permission Requirements

The following permissions are required to perform a GCP discovery job. You can create a custom IAM role with these permissions or ensure they are included in existing roles granted to your account or service account.

Click to expand the code block
bigquery.datasets.get
bigquery.models.getMetadata
bigquery.models.list
bigquery.tables.get
bigquery.tables.list
cloudsql.instances.list
compute.addresses.list
compute.backendServices.get
compute.disks.get
compute.disks.list
compute.firewalls.list
compute.globalForwardingRules.list
compute.images.get
compute.images.list
compute.instances.list
compute.machineTypes.get
compute.networks.list
compute.regions.list
compute.subnetworks.get
compute.targetSslProxies.get
container.clusters.list
container.configMaps.list
container.cronJobs.list
container.daemonSets.list
container.deployments.list
container.endpoints.list
container.ingresses.list
container.namespaces.get
container.namespaces.list
container.nodes.list
container.persistentVolumes.list
container.pods.list
container.replicaSets.list
container.replicationControllers.list
container.resourceQuotas.list
container.services.list
container.statefulSets.list
resourcemanager.projects.get

GCP Discovery Job Configuration

You need a user account with the built-in GCP "Viewer" role before you can begin a GCP discovery job.

Create a New GCP Discovery Job

To create a new GCP discovery job, go to Discovery > Cloud and click + Add Cloud Autodiscovery. Choose Google Cloud as the discovery Type.

To discover all accessible projects, leave the Project ID field blank.

Add Google Cloud discovery formAdd Google Cloud discovery form

Provide JSON Credentials

  1. Locate and save your Google Cloud Engine JSON key to your local machine.
  2. Open the key in a text editor and copy its contents: Google Cloud Engine JSON key
  3. Paste the copied JSON in its entirety into the Password field:
Add JSON as new SecretAdd JSON as new Secret

Determine Configuration Options

The following configuration options are available for GCP:

  • Select Kubernetes Discovery to discover Kubernetes clusters hosted on your GCP.
Kubernetes Discovery optionKubernetes Discovery option
  • Select Strip Domain Name to remove the domain name (everything after the first period) from the discovered name.
  • Set an Object category for discovered devices to assign a specific category to discovered devices.
  • Select Overwrite existing object categories to replace previously assigned categories with the current selection.
  • Set a job Service Level (for example, "Development", "Deployment", or "Production") to apply to the discovered items. See Service Level and Object Category Options for details.

Locate GCP Account Tags

Navigate to Infrastructure > Cloud Infrastructure > Cloud Accounts and select your GCP account from the Cloud Accounts list page.

The available discovered account-level tags will be listed under the Vendor Custom Fields section.

GCP vendor custom fieldsGCP vendor custom fields