Skip to main content

Prerequisites

  • A GCP project with the services you want to monitor
  • Permissions to create Workload Identity Federation pools, service accounts, and manage IAM in your GCP project
  • Your GCP Project ID and Project Number

Step-by-Step Setup

1. Navigate to Integrations

In your Corelayer dashboard, go to the Integrations page.

2. Add GCP Integration

Click the Add Integration button and select GCP from the list of available integrations.

3. Enter Project Details

Provide your GCP Project ID and Project Number. You can find these in the GCP Console under Project Settings.

4. Enable Required APIs

Enable the following APIs in your GCP project (Corelayer will list the exact APIs based on your selected services):
  • Cloud Resource Manager API
  • IAM Service Account Credentials API
  • Any service-specific APIs (e.g., Cloud Run Admin API, Cloud Functions API)

5. Create a Workload Identity Federation Pool

Follow the provided commands to create a WIF pool in your GCP project:
  1. Create the Workload Identity Pool
  2. Create an OIDC Provider within the pool
  3. Configure attribute mappings for Corelayer’s identity

6. Create a Service Account

Create a service account for Corelayer:
  1. Create the service account in your GCP project
  2. Grant the necessary roles (viewer/reader roles for the services you want to monitor)
  3. Allow Corelayer to impersonate the service account via the WIF pool

7. Test Connection

Enter the service account email and WIF configuration details, then click Test Connection to verify access.

8. Select Resources

Once connected, choose which GCP resources to monitor:
  • Cloud Run — Select Cloud Run services
  • Cloud Functions — Select functions to monitor
  • GKE — Select Kubernetes clusters
  • App Engine — Select App Engine applications
  • Compute Engine — Select VM instances

9. Add GCP Resources to Your Service Maps

When configuring your Corelayer Service Maps, select which GCP resources are relevant to each service.

What Corelayer Can Do With GCP

Once connected, Corelayer will:
  • Monitor your selected GCP services for errors and issues
  • Query Cloud Logging for relevant log entries during debugging
  • Access Cloud SQL instances for database context
  • Correlate GCP service data with other integrations for root-cause analysis

Managing Your Integration

Disconnecting

To disconnect your GCP integration:
  1. Navigate to Settings > Integrations
  2. Find your GCP integration and click Uninstall
  3. Confirm the uninstallation
  4. Optionally, delete the service account and WIF pool from your GCP project

Troubleshooting

Integration Not Working?

  • Verify your Project ID and Project Number are correct
  • Ensure the required APIs are enabled in your GCP project
  • Check that the service account has the correct IAM roles
  • Confirm the WIF pool and OIDC provider are configured correctly
  • Verify that Corelayer’s identity can impersonate the service account
Need help? Contact support for assistance with your GCP integration.