Google Organization Integration - Installation and Configuration

×

Introduction

The Google Organization Integration automatically installs all projects within a Google Cloud organization as integrations in OpsRamp, under the same client where the organization integration is set up. To complete the installation, users must provide the Organization ID, Service Account Email, Management Certificate, and Passphrase as input.

Configuration in Google cloud

1. Log in to the Google Cloud console.

2. Navigate to IAM and click Grant Access.

   

3. In the New Principals section, enter the service account you previously created for OpsRamp. Along with the necessary roles for accessing Google Cloud resources, add the following two roles at the Organization level:

   • Folder Viewer
   • resourcemanager.projects.getIamPolicy
   

4. Click SAVE.

OpsRamp configuration

1. Navigate to the Setup > Account.

2. On the ACCOUNT DETAILS page, select Integrations.

3. The INSTALLED INTEGRATIONS page is displayed with all the installed applications.

   Note

   If there are no installed applications, it will navigate to the AVAILABLE INTEGRATIONS AND APPS page.

4. Click + ADD on the INSTALLED INTEGRATIONS page. The AVAILABLE INTEGRATIONS AND APPS page displays all the available applications along with the newly created application.
   

   Note

   You can even search for the application using the search option available. Also, you can use the All Categories option to search.

5. Click ADD in the Google Cloud application.

   

6. In the ADD Google Cloud page, enter the account information:

7. You can choose All resources or choose specific resources to discover from your Google Cloud account. If you would like to select specific resources, check the checkboxes, and select the resources you need.

   

8. Click Next.

9. Select the actions to be performed on the resources.

10. Select the Discovery Schedule option to schedule a discovery and define the preferred Recurrence pattern.

    Note

    The filters, options, and discovery schedule configured during tenant integration installation will be applied to the installation of child accounts.

11. Click FINISH. The Google Cloud app is installed.

    Note

    • If the Google Organization Integration is installed, all projects under the organization will be added to the client. During installation, child projects will inherit the organization's integration properties, including the Discovery Profile, Actions (limited to Manage Device), Discovery Schedule, and Credentials. After installation, these properties—Discovery Profile, Actions, Credentials, and Discovery Schedule—can be modified individually as needed.
    • When updating the organization integration, only the provided credentials (such as Service Account Email, Management Certificate, and Passphrase) will be updated for child integrations. The Discovery Profile and Actions will remain unchanged. Additionally, only projects with access to the updated credentials will be affected.
    • If the organization integration is deleted with the "Delete Linked Child Accounts" option enabled, all projects associated with that organization—regardless of how they were installed—will be removed from the client.
      To delete a Google Cloud Integration via the API, the deleteAssociatedChildAccounts field must be set to true. If this field is omitted or set to false, the associated child integrations will not be removed by default.
    • If a user adds or removes projects in Google Cloud after installing the organization integration, those projects will not be automatically added or removed in OpsRamp. The user must manually add or delete projects as needed.