GCP
GCP connections enable integration with Google Cloud Platform for health checks, configuration scraping, and playbook automation.
Used By
- GCP Config Scraper - Scrape GCP resource configurations
- GCS Folder Check - Check Cloud Storage buckets
- Playbook Actions - Execute GCP-related automation
| Field | Description | Scheme |
|---|---|---|
connection | The connection url to use, mutually exclusive with | |
credentials | The credentials to use for authentication | |
endpoint | Custom GCP Endpoint to use |
|
skipTLSVerify | Skip TLS verification when connecting to GCP |
|
Authentication Methods
1GKE Workload IdentityUse GKE workload identity. This is the default when no connection or credentials is specified and the recommended approach for workloads running on GKE.
Reference a shared connection:
using-connection.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: gcs-check
spec:
interval: 60
folder:
- name: GCS Backup Check
path: gcs://my-bucket
gcpConnection:
connection: connection://gcp/production
Specify service account credentials directly:
inline-credentials.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: gcs-check
spec:
interval: 60
folder:
- name: GCS Backup Check
path: gcs://my-bucket
gcpConnection:
credentials:
valueFrom:
secretKeyRef:
name: gcp-credentials
key: service-account.json
Examples
Service Account Connection
Create a GCP connection with service account:
gcp-connection.yamlapiVersion: mission-control.flanksource.com/v1
kind: Connection
metadata:
name: gcp-production
namespace: default
spec:
gcp:
credentials:
valueFrom:
secretKeyRef:
name: gcp-credentials
key: service-account.json
With Project ID
Include project for resource access:
gcp-with-project.yamlapiVersion: mission-control.flanksource.com/v1
kind: Connection
metadata:
name: gcp-project
spec:
gcp:
project: my-gcp-project
credentials:
valueFrom:
secretKeyRef:
name: gcp-credentials
key: service-account.json