Cloud Account Integrations
Google Cloud
Connecting Google Cloud to SpaceONE

Connecting Google Cloud to SpaceONE

Connection Methods

SpaceONE provides two methods for connecting Google Cloud accounts:

Individual Account Connection

This method is suitable when the project scale is not large. Create an account with resource collection permissions for each individual Google Cloud project and register it with SpaceONE.

Multiple Account Connection

This method is suitable when managing large-scale projects simultaneously. Create an account in Google Cloud with access permissions to sub-projects, allowing SpaceONE to access multiple Google Cloud projects with a single service account.

Prerequisites

Before connecting a Google Cloud account to SpaceONE, minimum permission settings are required for resource collection.

Additionally, when choosing the multiple account connection method, additional Google Cloud permission settings are required.

Registering SpaceONE Service Account

ℹ️
SpaceONE’s Service Account is a service for integrating with cloud service providers such as AWS, Azure, and Google Cloud. You can easily integrate, manage, and track cloud resources collected through service accounts in SpaceONE.

The following service accounts can be created in SpaceONE:

General Account

This is the basic account for collecting and managing individual Google Cloud project resources. SpaceONE’s General Account can be created in three ways:

  • Option 1) You can directly register a Google Cloud service account using individual credentials.
  • Option 2) You can connect to a Trusted Account created in SpaceONE.
  • Option 3) Depending on the situation, you can create a new service account without separate credentials.

Trusted Account

This is an account that manages multiple Google Cloud projects by connecting them at once.

  • You can create a Trusted Account in SpaceONE that can be connected to General Accounts.
  • Trusted Accounts are referenced and utilized when accessing General Accounts.

Creating a General Account

Navigate to General Account Creation Page

On the [Asset Inventory > Service Account] page, select [Google Cloud], then select [General Account] from the tabs.

Then click the [Create] button on the right.

Configure Basic Information

Configure the basic information. You can find the Project ID in the Google Cloud information created previously.

ℹ️
For General Accounts, you must specify a SpaceONE project.

Configure Credentials

Set up the credentials. This information can be entered directly through input fields or by uploading the JSON file downloaded when creating the Google Cloud account.

Option 1) Register a Google Cloud service account by directly entering individual credentials.


Option 2) Register by connecting credentials from a Trusted Account.


Option 3) Depending on the situation, you can create a new account without separate credentials.

Creating a Trusted Account

Navigate to Trusted Account Creation Page

On the [Asset Inventory > Service Account] page, select [Google Cloud], then select [Trusted Account] from the tabs.

Configure Basic Information

Enter the service account name and Project ID in the basic information. You can find the Project ID in the Google Cloud information created previously.

Configure Credentials

Set up the credentials. This information can be entered directly through input fields or by uploading the JSON file downloaded when creating the Google Cloud account.

Configure Auto Synchronization

If needed, you can automatically map Google Cloud’s service account hierarchy to SpaceONE. For more details, refer to Google Cloud Account Auto Synchronization.

Google Cloud Account Auto Sync