Guides

GCP Integration

Auto-discover Applications and GCP Resources

Rapticore Integrates with customer’s GCP environments by leveraging Service Accounts with read-only permissions added to customer's GCP projects.

📘

For more information on these service accounts and GCP integration, refer to our GCP integration reference

Setup

To simplify setup, we provide terraform template to facilitate Service Account creation and workload identity federation.

Setup involves:

  1. Configuring GCP Projects with readonly Service Accounts and workload identity pool and provider for cross-cloud access.
  2. Configuring Rapticore to integrate with those GCP Projects.

Necessary privileges in GCP

Either an IAM User or Service Account with privileges to create and update service accounts (roles/iam.serviceAccountAdmin), create workload identity pools (roles/iam.workloadIdentityPoolAdmin) and enable apis (roles/serviceusage.serviceUsageAdmin), or privileges of project owner (roles/owner) in the target gcp project can complete the setup steps.

Rapticore information provided in your invitation email

Rapticore, at the time of account creation, will provide customers with a unique account attributes; whichmust be used without modification in the setup.

  • RapticoreAccountId - Rapticore-operated AWS Account ID.

Rapticore privileges

You must have an Admin role to configure GCP integrations in Rapticore.

GCP Project Configuration

Option 1 - AWS Console Setup

  1. Log into your target project Google Cloud Console with permissions to create service accounts, workload identity pools, and enable apis or an owner role attached to the account.
  2. Go to the Infrastructure Manager and click the "Create deployment" button on the top of the screen.
  3. Under Deployment details, enter a Friendly Id for the deployment e.g., Rapticore-cloud-extractor-setup.
  4. Select appropriate region.
  5. Select a terraform version.
  6. Select a service account with owner role attached to it.
  7. Provide the link of the gcp-onboarding github repository for git repository field.
  8. Enter Rapticore Account Id provided to you by Rapticore as input value for rapticore_account_id parameter.
  9. Under Terraform details, enter project id of your GCP project as input value for gcp_project_id parameter.
  10. Click Create Deployment button on the bottom of the screen.
  11. Review Progress, and once the deployment is created, provide the GCP Project Id and Project Number in Rapticore Portal.

Option 2 - Google Cloud Command Line Deployment

  1. Install Terraform by following HashiCorp's official documentation for your operating system.

  2. Install Google Cloud CLI (gcloud) and configure Google Cloud account for deploying the stack using the gcloud CLI. Please consult Google Cloud documentation on gcloud CLI installation and configure gcloud authentication.

  3. Once both Terraform and gcloud are configured, run the following commands replacing YOUR-PROJECT-ID: Your Google Cloud project ID and YOUR-RAPTICORE-ID: Your Rapticore account ID (12 digits)

  4. Initialize the working directory containing Terraform configuration files

    terraform init

  5. Preview the execution plan and verify resources that will be created 

    terraform plan -var="gcp_project_id=YOUR-PROJECT-ID" -var="rapticore_account_id=YOUR-RAPTICORE-ID"

  6. Apply the changes to reach the desired state of configuration 

    terraform apply -var="gcp_project_id=YOUR-PROJECT-ID" -var="rapticore_account_id=YOUR-RAPTICORE-ID"

Repeat the process for all GCP Accounts you wish to integrate with Rapticore.


Rapticore Configuration

Updated about 17 hours ago