Set up Google Cloud

Contributors netapp-bcammett

Cloud Manager needs access to the Cloud Volumes Service API and the right permissions through a Google Cloud service account.

Enable the Cloud Volumes Service API

In Google Cloud Shell, run the following command to enable the Cloud Volumes Service API:

gcloud --project=<my-cvs-project> services enable cloudvolumesgcp-api.netapp.com

Set up a service account

Complete the following tasks so that Cloud Manager can access your Google Cloud project:

  • Create a new service account

  • Add the new service account member to your project and assign it specific roles (permissions)

  • Create and download a key pair for the service account that is used to authenticate to Google

Steps
  1. In the Google Cloud console, go to the Service accounts page.

  2. Click Select a project, choose your project, and click Open.

  3. Click Create service account.

  4. Enter the service account name (friendly display name) and description.

    The Cloud Console generates a service account ID based on this name. Edit the ID if necessary - you cannot change the ID later.

  5. To set access controls now, click Create and then DONE from the bottom of the page, and continue to the next step.

  6. From the IAM page click Add and fill out the fields in the Add Members page:

    1. In the New Members field, enter the full service account ID, for example, user1-service-account-cvs@project1.iam.gserviceaccount.com.

    2. Add these roles:

      • NetApp Cloud Volumes Admin

      • Compute Network Viewer

    3. Click Save.

  7. Click the Service Account name, and then from the Service account details page, click Add key > Create new key.

  8. Select JSON as the key type and click Create.

    By clicking Create your new public/private key pair is generated and downloaded to your system. It serves as the only copy of the private key. Store this file securely because it can be used to authenticate as your service account.

For detailed steps, refer to Google Cloud documentation: