You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Sep 2, 2025. It is now read-only.
Copy file name to clipboardExpand all lines: gdi/get-data-in/connect/gcp/gcp.rst
+15-7Lines changed: 15 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -55,57 +55,65 @@ For more information, refer to Google's official announcement :new-page:`Introdu
55
55
<h3>Select a role for your GCP service account<aname="gcp-one"class="headerlink"href="#gcp-one"title="Permalink to this headline">¶</a></h3>
56
56
</embed>
57
57
58
-
If you use GCP's :strong:`Project Viewer` role, you won't require any changes to your GCP setup to use Splunk Observability Cloud, and any update will be applied automatically.
59
-
60
-
If you want to use a more restrictive role than Project Viewer, make sure your selected role has sufficient permissions to connect to Splunk Observability Cloud, otherwise you'll get an error message when trying to connect. Review and activate any missing permissions, or change the role to Project Viewer.
58
+
You can use GCP's :strong:`Viewer` role, it has all/most of the permissions you need. You can also create a more restrictive role with the permissions in the table.
61
59
62
60
The following table specifies the permissions required for GCP integrations:
63
61
64
62
.. list-table::
65
63
:header-rows: 1
66
-
:widths: 40 60
64
+
:widths: 40 60 20
67
65
68
66
* - :strong:`Permission`
69
67
- :strong:`Required?`
68
+
- :strong:`Included in GCP's Viewer role?`
70
69
71
70
* - ``compute.instances.list``
72
71
- Yes, if the Compute Engine service is activated
72
+
- Yes
73
73
74
74
* - ``compute.machineTypes.list``
75
75
- Yes, if the Compute Engine service is activated
76
+
- Yes
76
77
77
78
* - ``container.clusters.list``
78
79
- Yes, if the Kubernetes (GKE) service is activated
80
+
- Yes
79
81
80
82
* - ``container.nodes.list``
81
83
- Yes, if the Kubernetes (GKE) service is activated
84
+
- Yes
82
85
83
86
* - ``container.pods.list``
84
87
- Yes, if the Kubernetes (GKE) service is activated
88
+
- Yes
85
89
86
90
* - ``monitoring.metricDescriptors.get``
87
91
- Yes
92
+
- Yes
88
93
89
94
* - ``monitoring.metricDescriptors.list``
90
95
- Yes
96
+
- Yes
91
97
92
98
* - ``monitoring.timeSeries.list``
93
99
- Yes
100
+
- Yes
94
101
95
102
* - ``resourcemanager.projects.get``
96
103
- Yes, if you want to sync project metadata (such as labels)
104
+
- Yes
97
105
98
106
* - ``serviceusage.services.use``
99
107
- Yes, if you want to activate the use of a quota from the project where metrics are stored
100
-
101
-
* - ``serviceusage.serviceUsageConsumer``
102
-
- Yes, for SQL services
108
+
- No, but included in ``roles/serviceusage.serviceUsageConsumer``
0 commit comments