- Criado por Neture Technologies, última alteração em 14 jan., 2025
Neste manual você irá configurar a liberação/permissão de acesso para o nosso monitoramento do seu servidor/aplicação.
Configuração
- Ative o Stackdriver Monitoring API para o projeto GCP que você deseja que seja monitorado.
Documentação: https://cloud.google.com/monitoring/api/enable-api?hl=pt-br - Crie uma Conta de Serviço (Service Account) no console do Google Cloud para o projeto que você deseja ser monitorado.
Documentação: https://cloud.google.com/iam/docs/creating-managing-service-accounts?hl=pt-br
Lembrando: Para criar uma conta de serviço, é necessário possuir uma das roles: Project Owner, Project IAM Admin ou Service Account Admin
Permissões: A conta de serviço precisa ter as role de Project Viewer ou granulada conforme abaixo:GCP Permissões Expandir origemcloudsql.*.export cloudsql.*.get cloudsql.*.list compute.acceleratorTypes.* compute.addresses.get compute.addresses.list compute.addresses.listEffectiveTags compute.addresses.listTagBindings compute.autoscalers.get compute.autoscalers.list compute.backendBuckets.get compute.backendBuckets.getIamPolicy compute.backendBuckets.list compute.backendBuckets.listEffectiveTags compute.backendBuckets.listTagBindings compute.backendServices.get compute.backendServices.getIamPolicy compute.backendServices.list compute.backendServices.listEffectiveTags compute.backendServices.listTagBindings compute.commitments.get compute.commitments.list compute.diskTypes.* compute.disks.get compute.disks.getIamPolicy compute.disks.list compute.disks.listEffectiveTags compute.disks.listTagBindings compute.externalVpnGateways.get compute.externalVpnGateways.list compute.externalVpnGateways.listEffectiveTags compute.externalVpnGateways.listTagBindings compute.firewallPolicies.get compute.firewallPolicies.getIamPolicy compute.firewallPolicies.list compute.firewallPolicies.listEffectiveTags compute.firewallPolicies.listTagBindings compute.firewalls.get compute.firewalls.list compute.firewalls.listEffectiveTags compute.firewalls.listTagBindings compute.forwardingRules.get compute.forwardingRules.list compute.forwardingRules.listEffectiveTags compute.forwardingRules.listTagBindings compute.futureReservations.get compute.futureReservations.getIamPolicy compute.futureReservations.list compute.globalAddresses.get compute.globalAddresses.list compute.globalAddresses.listEffectiveTags compute.globalAddresses.listTagBindings compute.globalForwardingRules.get compute.globalForwardingRules.list compute.globalForwardingRules.listEffectiveTags compute.globalForwardingRules.listTagBindings compute.globalForwardingRules.pscGet compute.globalNetworkEndpointGroups.get compute.globalNetworkEndpointGroups.list compute.globalNetworkEndpointGroups.listEffectiveTags compute.globalNetworkEndpointGroups.listTagBindings compute.globalOperations.get compute.globalOperations.getIamPolicy compute.globalOperations.list compute.globalPublicDelegatedPrefixes.get compute.globalPublicDelegatedPrefixes.list compute.healthChecks.get compute.healthChecks.list compute.healthChecks.listEffectiveTags compute.healthChecks.listTagBindings compute.httpHealthChecks.get compute.httpHealthChecks.list compute.httpHealthChecks.listEffectiveTags compute.httpHealthChecks.listTagBindings compute.httpsHealthChecks.get compute.httpsHealthChecks.list compute.httpsHealthChecks.listEffectiveTags compute.httpsHealthChecks.listTagBindings compute.images.get compute.images.getFromFamily compute.images.getIamPolicy compute.images.list compute.images.listEffectiveTags compute.images.listTagBindings compute.instanceGroupManagers.get compute.instanceGroupManagers.list compute.instanceGroupManagers.listEffectiveTags compute.instanceGroupManagers.listTagBindings compute.instanceGroups.get compute.instanceGroups.list compute.instanceGroups.listEffectiveTags compute.instanceGroups.listTagBindings compute.instanceSettings.get compute.instanceTemplates.get compute.instanceTemplates.getIamPolicy compute.instanceTemplates.list compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getIamPolicy compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instantSnapshots.get compute.instantSnapshots.getIamPolicy compute.instantSnapshots.list compute.interconnectAttachments.get compute.interconnectAttachments.list compute.interconnectAttachments.listEffectiveTags compute.interconnectAttachments.listTagBindings compute.interconnectLocations.* compute.interconnectRemoteLocations.* compute.interconnects.get compute.interconnects.list compute.interconnects.listEffectiveTags compute.interconnects.listTagBindings compute.licenseCodes.get compute.licenseCodes.getIamPolicy compute.licenseCodes.list compute.licenses.get compute.licenses.getIamPolicy compute.licenses.list compute.machineImages.get compute.machineImages.getIamPolicy compute.machineImages.list compute.machineTypes.* compute.multiMig.get compute.multiMig.list compute.networkAttachments.get compute.networkAttachments.getIamPolicy compute.networkAttachments.list compute.networkAttachments.listEffectiveTags compute.networkAttachments.listTagBindings compute.networkEdgeSecurityServices.get compute.networkEdgeSecurityServices.list compute.networkEdgeSecurityServices.listEffectiveTags compute.networkEdgeSecurityServices.listTagBindings compute.networkEndpointGroups.get compute.networkEndpointGroups.list compute.networkEndpointGroups.listEffectiveTags compute.networkEndpointGroups.listTagBindings compute.networkProfiles.* compute.networks.get compute.networks.getEffectiveFirewalls compute.networks.getRegionEffectiveFirewalls compute.networks.list compute.networks.listEffectiveTags compute.networks.listPeeringRoutes compute.networks.listTagBindings compute.nodeGroups.get compute.nodeGroups.getIamPolicy compute.nodeGroups.list compute.nodeTemplates.get compute.nodeTemplates.getIamPolicy compute.nodeTemplates.list compute.nodeTypes.* compute.organizations.listAssociations compute.packetMirrorings.get compute.packetMirrorings.list compute.packetMirrorings.listEffectiveTags compute.packetMirrorings.listTagBindings compute.projects.get compute.publicAdvertisedPrefixes.get compute.publicAdvertisedPrefixes.list compute.publicDelegatedPrefixes.get compute.publicDelegatedPrefixes.list compute.publicDelegatedPrefixes.listEffectiveTags compute.publicDelegatedPrefixes.listTagBindings compute.regionBackendServices.get compute.regionBackendServices.getIamPolicy compute.regionBackendServices.list compute.regionBackendServices.listEffectiveTags compute.regionBackendServices.listTagBindings compute.regionFirewallPolicies.get compute.regionFirewallPolicies.getIamPolicy compute.regionFirewallPolicies.list compute.regionFirewallPolicies.listEffectiveTags compute.regionFirewallPolicies.listTagBindings compute.regionHealthCheckServices.get compute.regionHealthCheckServices.list compute.regionHealthChecks.get compute.regionHealthChecks.list compute.regionHealthChecks.listEffectiveTags compute.regionHealthChecks.listTagBindings compute.regionNetworkEndpointGroups.get compute.regionNetworkEndpointGroups.list compute.regionNetworkEndpointGroups.listEffectiveTags compute.regionNetworkEndpointGroups.listTagBindings compute.regionNotificationEndpoints.get compute.regionNotificationEndpoints.list compute.regionOperations.get compute.regionOperations.getIamPolicy compute.regionOperations.list compute.regionSecurityPolicies.get compute.regionSecurityPolicies.list compute.regionSecurityPolicies.listEffectiveTags compute.regionSecurityPolicies.listTagBindings compute.regionSslCertificates.get compute.regionSslCertificates.list compute.regionSslCertificates.listEffectiveTags compute.regionSslCertificates.listTagBindings compute.regionSslPolicies.get compute.regionSslPolicies.list compute.regionSslPolicies.listAvailableFeatures compute.regionSslPolicies.listEffectiveTags compute.regionSslPolicies.listTagBindings compute.regionTargetHttpProxies.get compute.regionTargetHttpProxies.list compute.regionTargetHttpProxies.listEffectiveTags compute.regionTargetHttpProxies.listTagBindings compute.regionTargetHttpsProxies.get compute.regionTargetHttpsProxies.list compute.regionTargetHttpsProxies.listEffectiveTags compute.regionTargetHttpsProxies.listTagBindings compute.regionTargetTcpProxies.get compute.regionTargetTcpProxies.list compute.regionTargetTcpProxies.listEffectiveTags compute.regionTargetTcpProxies.listTagBindings compute.regionUrlMaps.get compute.regionUrlMaps.list compute.regionUrlMaps.listEffectiveTags compute.regionUrlMaps.listTagBindings compute.regionUrlMaps.validate compute.regions.* compute.reservationBlocks.* compute.reservations.get compute.reservations.list compute.resourcePolicies.get compute.resourcePolicies.getIamPolicy compute.resourcePolicies.list compute.routers.get compute.routers.getRoutePolicy compute.routers.list compute.routers.listBgpRoutes compute.routers.listEffectiveTags compute.routers.listRoutePolicies compute.routers.listTagBindings compute.routes.get compute.routes.list compute.routes.listEffectiveTags compute.routes.listTagBindings compute.securityPolicies.get compute.securityPolicies.list compute.securityPolicies.listEffectiveTags compute.securityPolicies.listTagBindings compute.serviceAttachments.get compute.serviceAttachments.getIamPolicy compute.serviceAttachments.list compute.serviceAttachments.listEffectiveTags compute.serviceAttachments.listTagBindings compute.snapshotSettings.get compute.snapshots.get compute.snapshots.getIamPolicy compute.snapshots.list compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings compute.spotAssistants.get compute.sslCertificates.get compute.sslCertificates.list compute.sslCertificates.listEffectiveTags compute.sslCertificates.listTagBindings compute.sslPolicies.get compute.sslPolicies.list compute.sslPolicies.listAvailableFeatures compute.sslPolicies.listEffectiveTags compute.sslPolicies.listTagBindings compute.storagePools.get compute.storagePools.getIamPolicy compute.storagePools.list compute.subnetworks.get compute.subnetworks.getIamPolicy compute.subnetworks.list compute.subnetworks.listEffectiveTags compute.subnetworks.listTagBindings compute.targetGrpcProxies.get compute.targetGrpcProxies.list compute.targetGrpcProxies.listEffectiveTags compute.targetGrpcProxies.listTagBindings compute.targetHttpProxies.get compute.targetHttpProxies.list compute.targetHttpProxies.listEffectiveTags compute.targetHttpProxies.listTagBindings compute.targetHttpsProxies.get compute.targetHttpsProxies.list compute.targetHttpsProxies.listEffectiveTags compute.targetHttpsProxies.listTagBindings compute.targetInstances.get compute.targetInstances.list compute.targetInstances.listEffectiveTags compute.targetInstances.listTagBindings compute.targetPools.get compute.targetPools.list compute.targetPools.listEffectiveTags compute.targetPools.listTagBindings compute.targetSslProxies.get compute.targetSslProxies.list compute.targetSslProxies.listEffectiveTags compute.targetSslProxies.listTagBindings compute.targetTcpProxies.get compute.targetTcpProxies.list compute.targetTcpProxies.listEffectiveTags compute.targetTcpProxies.listTagBindings compute.targetVpnGateways.get compute.targetVpnGateways.list compute.targetVpnGateways.listEffectiveTags compute.targetVpnGateways.listTagBindings compute.urlMaps.get compute.urlMaps.list compute.urlMaps.listEffectiveTags compute.urlMaps.listTagBindings compute.urlMaps.validate compute.vpnGateways.get compute.vpnGateways.list compute.vpnGateways.listEffectiveTags compute.vpnGateways.listTagBindings compute.vpnTunnels.get compute.vpnTunnels.list compute.vpnTunnels.listEffectiveTags compute.vpnTunnels.listTagBindings compute.zoneOperations.get compute.zoneOperations.getIamPolicy compute.zoneOperations.list compute.zones.* resourcemanager.projects.get resourcemanager.projects.list serviceusage.quotas.get serviceusage.services.get serviceusage.services.list
- Crie e faça o download da Chave de Conta de Serviço (Service Account Key) em formato JSON.
Documentação: https://cloud.google.com/iam/docs/creating-managing-service-account-keys?hl=pt-br - Para monitorar os serviços de CLOUD SQL, ative o CLOUD SQL Admin API.
Documentação: https://cloud.google.com/sql/docs/mysql/admin-api?hl=pt-br - Após a configuração, envie o arquivo JSON finalizado para o time abrindo um chamado em nosso Console ou em chamado de Ativação em andamento.
- Sem rótulos