Safetynet to Play Integrity migration - Google Cloud account - google-cloud-platform

When we migrate from the SafetyNet Api to Google Play Integrity Api we need link a PlayStore application to the Google Cloud Project in the Google Play console.
For existing on production application should it be the same google cloud project in which safetyet's keys were created? Or can it be different/new Google Cloud project and it will not affect the existing clients? Does it matter which account I will link? What should I do if I lost the account which originally was used to created the SafetyNet API keys?
I search through Google's documentation but I have not found any information about this matter. I also have not used increased api usage quota.

Those two API's are not dependent on each other.
I've tried same application with two different Google Cloud projects and got the same token response. So I believe the answer is yes - you can link a new Google Cloud Project to your application.

Related

The Google API for creating projects in GCP initially worked, and then they no longer worked

I am developing an application that uses the google api to create projects on the google cloud platform and enable these projects to the Dialogflow api.
For this reason I created a service account with the Cloud Resource Manager API and Service Usage API enabled. In sequence I send two HTTP POST requests to the service account first to the address:
https://cloudresourcemanager.googleapis.com/v3/projects
to create a new project and then to the address
https://serviceusage.googleapis.com/v1/projects/{0}/services/dialogflow.googleapis.com:enable
to enable the Dialogflow api on the new project (clearly in place of {0} I'm going to put the code of the new project returned by the previous API).
Initially and for some time everything worked fine. Projects were created and with the Dialogflow API enabled.
Then all of a sudden the second api to enable dialogflow gives me a resource not found error and it doesn't work anymore.
I understand that the problem is the following:
the API for creating new project, although it does not give me any errors and is done successfully, it does not really create the project in the google cloud platform.
I add that I have a Google Cloud Identity account (required to address a parent folder when a new project is created) and an account with billing details linked to the service account. I also applied to Google to increase the maximum limit of projects allowed on the google cloud platform.
I don't know why suddenly google no longer allows me to create projects via its api.

Is there any way to link Google Developer and Google Cloud Services accounts?

I am using two different Google accounts for Google Developer and Google Cloud Services. I have a live Android app and now I want enable real-time-notifications for monetisation. Is there any way that I can link my Google Developer account to Google Cloud Services Account So I can integrate Pub/Sub service?
If I understand correctly this you could use Cloud IAM and give needed roles Developer account. So you can give ex. Project Owner rights to your Google Developer account and than this account can control the project as the owner.
But I don't think you need project owner for Pub/Sub integration. Please check this document that shows such process.
As well there is possibility to merge accounts via Google Workspace Support, however again I don't think this is needed to integrate pub/sub.

Google Cloud Run only has access to subset of metadata on http://metadata.google.internal

Problem: Google Cloud Run only provides a subset of documented metadata
I have a simple JVM based application running on Google Cloud Run that queries http://metadata.google.internal for available metadata.
The only metadata available is at the following paths:
http://metadata.google.internal/computeMetadata/v1/instance/service-accounts
http://metadata.google.internal/computeMetadata/v1/instance/zone
http://metadata.google.internal/computeMetadata/v1/project/project-id
http://metadata.google.internal/computeMetadata/v1/project/numeric-project-id
As per the documentation, I was expecting more than this and hoping that I would be able to query the metadata server for the name of the Cloud Run service and the metadata required to configure Stackdriver Monitoring for a generic_node.
One clue that I have found is in the server header in the response from querying the Metadata server gives the value: Metadata Server for Serverless
Theory: Cloud Run is in beta and the Metadata Server for Serverless is separate from the typical metadata server and is a work in progress.
Question(s):
Is this theory valid?
Is this limitation documented somewhere?
Is there a roadmap for adding additional metadata?
Is there an alternative for determining the metadata needed to configure Stackdriver?
Compute Metadata service you linked is only available to Compute Engine products (such as GCE, GKE). Many of the endpoints in there are about VM details, VM metadata/tags, VM startup scripts etc.
These concepts don't apply to serverless compute environments. Therefore I don't think a feature request here will succeed.
Serverless products such as App Engine, Cloud Functions and Cloud Run support a minimal version of the metadata service to provide basic functionality to SDKs (such as Google Cloud client libraries, Stackdriver or OpenTelemetry/OpenCensus clients, or gcloud CLI). Using these endpoints, Google’s own client libraries can automatically get auth tokens, discover project IDs etc.
Also, these serverless products don't run on GCE, and don't have the same concepts. That's why a full metadata service isn't available for these products.
The applicable for serverless environments are the endpoints you listed in your question.
I don't think you will find much information in order to validate your theory as that has to do with the product's architecture and I don't think Google will share it for the moment, however, it does seem to be valid based on the evidence you found.
What can be done is to open a feature request to Google so that they work on adding more information to the metadata so that it cover your needs. As the product is on beta, they should be open to do some changes.
Hope you find this useful.

Get developer keys for Google Cloud Service Accounts

I have enabled the XML API and allocated some Developer Keys for my own account using the Google Cloud Platform Console. All working well.
My question is: Is there any way to enable the XML API and get a Developer Key for a Service Account?
No, there isn't. However, if you're willing to complete a couple additional steps, you can do a full migration and use service accounts natively with minimal effort.

Where to find Google cloud platform id?

I wanted to create an account to new google vision api to possibly integrate its service in the app http://www.openbricks.io I am working on.
But the form to have access to this new api ask for an account on Google Cloud platform, it is my case, but also a mystical Google Cloud platform user account Id, I cannot find no where Google Cloud help is a real maze and to have support we need to pay.
Is anyone using Google Cloud Platform? And know how to get this id ?
It is simply the email address you're using for Google Cloud Platform.
To use the Google Cloud Platform, you create a project, which handles billing, team access, API configuration and the like - all api calls and such will be associated with a project. Those projects have an id, which I think is what you're referring to.
In brief: you create a project by creating it in the Google Cloud Console. Once you've created a project, there should be a field in the UI that specifies the project id.