Ask or search…
K

Connect GCP account

Learn how to connect data streaming and/or Kubernetes workloads from your Google Cloud Platform account.
Sedai currently supports the following GCP cloud resources:
  • Dataflow BETA
  • Google Kubernetes Engine (GKE)
Sedai individually connects to Kubernetes clusters, so GKE clusters are displayed independent of their corresponding GCP account. To connect your GKE workloads, we recommend deploying Sedai's Smart Agent within your cluster, but you can also setup with agentless access.

How to connect Dataflow jobs

To connect your GCP account, log in to Sedai and navigate to Settings > Integrations. In the upper righthand corner, select the Add Integration button and select Cloud Provider from the side drawer.
Since you can add multiple GCP accounts to Sedai, you will be asked to give your integration a unique nickname — this helps you easily identify resources within Sedai.
You will need to provide the Project ID and Region (found in the home page of your GCP console) as well as create a new service account and provide its JSON.
Once completed click save and you will be prompted to integrate Google Monitoring (by default, Sedai maps labels but you can optionally customize these). Enter the same Project ID and service account JSON from the previous step and click save.

Service Account Setup

Setup via console
Setup via CLI
From your GCP console click IAM & Admin, then select Service Accounts in the left-hand menu and click Create Service Account. Enter details and click continue.
Add the following roles to grant access:
Role
Purpose
Dataflow Viewer (roles/dataflow.viewer)
Lists all Dataflow jobs (learn more)
Compute Viewer (roles/compute.viewer)
Lists all compute instances & regions (learn more)
Monitoring Viewer (roles/monitoring.viewer)
Grants access to Cloud Monitoring metrics (learn more)
Once saved, navigate to the Keys section of the new service account and click the Add key dropdown to create a new key. Select JSON key as the type and create.
Replace SA_NAME and PROJECT_ID in the following prompts based on your service account name and GCP project.
Create new service account:
gcloud iam service-accounts create sedai-sa-dataflow-work --description "Service Account for Sedai Dataflow Integration" --display-name "sedai-sa-dataflow-work"
Set permissions (view details on the required roles)
gcloud projects add-iam-policy-binding [PROJECT_ID] \
--member "serviceAccount:[SA_NAME]@[PROJECT_ID].iam.gserviceaccount.com" \
--role roles/dataflow.viewer \
--role roles/monitoring.viewer \
--role roles/storage.objectViewer
Create and download key:
gcloud iam service-accounts keys create [NEW_KEY_FILE_NAME].json \
--iam-account [SA_NAME]@[PROJECT_ID].iam.gserviceaccount.com
Last modified 14d ago