I would like to create a GCP cost management platform for resellers/MSP. The platform will pule cost data per each of the reseller's end customers.
Where Can I find information on:
How can I access the reseller's data?
What is the data structure? Does a reseller have one dataset for all of his customers, or one dataset per customer?
What are the needed credentials that the reseller needs to provide in order to fetch his customers data, and what permissions need to be provided?
I created a Video Lab on Google Cloud Billing. The first step is to understand how billing works in Google Cloud. Then understand how Identity and Access Management works so that you know what roles you need for credentials to access billing APIs.
Google Cloud Billing
Review the following documentation links for technical API details:
Get Started with the Cloud Billing API
Cloud Billing API
APIs & Reference
To access reseller information you will need to become a Google Partner first. Then request documentation.
Related
I'm Trying to access maps using Maps JavaScript API at Google Cloud Platform.
I got error
You must enable Billing on the Google Cloud Project at
https://console.cloud.google.com/project/_/billing/enable Learn more at
Can we access Google API & Services without link Billing Account?
Yes it is necessary to enable billing to access Google API & Services.
Some Google APIs charge for usage, and you need to enable billing before you can start using these APIs. Enabling billing for the APIs that your projects use also has other advantages:
Some APIs allow free usage up to a courtesy usage limit, and in some cases this free limit is increased when you enable billing. For some APIs, more services are available after you enable billing.
Billing is enabled at the project level, not the API level. If you enable billing for a project, then every billable API in that project is billed, based on the project's usage. All usage in a project is billed using the payment method that you specify, and you can change to a different method at any time. You cannot selectively enable billing for some APIs but not others; when you enable billing for a project, it applies to all the APIs that you used within that project, even if the API is currently disabled. Refer APIs and billing for information.
NOTE : In order for you to use Maps API or Places API, you will have to create a new account under USD because Google Maps Platform services cannot be billed through the same billing account as Google Cloud Platform services. In order to continue using Google Maps Platform, all customers with a billing account in INR will need to create a new billing account for Maps and then migrate their existing Maps projects under this new account. You cannot get Google Map API without billing. Refer Google Maps Platform for information.
How to pull the list of IAM users from google cloud along with their last activity??
Tried "gcloud projects get-iam-policy"
but it gives only list of iam users/members but not their last activity
Ok, if it's for company, you have this information in the Google Cloud Identity platform. You can log in here: https://admin.google.com
Go to users and boom
Of course you can request these values by API with the admin sdk
It works only for managed accounts. If you have unmanaged account (in gmail.com or from another company) you don't have access to this information.
EDIT 1
To track the service account activity, you can rely on the documentation. Cloud Monitoring allow you to do that. If you need to export the data to BigQuery for analytics for example, let me know I could help on that.
To know the privilege that the users have, you can rely on the Asset Inventory, and especially on the IAM search policy feature.
I am unable to select google cloud individual billing account when trying to enable billing on mine google cloud account. Can't select that option and have Individual profile set for Play developer.
I am not an citizen of EU country (saw on some threads that this could be the cause).
I need this account for development purposes (Google maps API to be more exact).
If you manage your Google Cloud resources using an Organization node, and you are a member of that Google Cloud Organization, then you must be a Billing Account Creator to create a new Cloud Billing account.
Specifically, if you are a Google Cloud user within an Organization, to perform this task, you must have the following permission.
billing.accounts.create
If you are not a member of a Google Cloud Organization but instead are managing your Google Cloud resources or Google Maps Platform APIs using projects, you do not need any specific role or permission to create a Cloud Billing account.
I would like to get all the different prices for different services in GCP in a REST API call.
Do I have to use the API of each service to get this, or is there one call that could get all the info on the different GCP services ?
Have a look at the documentation Get Started with the Cloud Billing API:
For the Cloud Billing Catalog API:
Programmatic access to the entire public Google Cloud catalog consisting of:
Billable SKUs
Public pricing
Relevant metadata
You can access the Cloud Billing API in one of the following ways:
REST API.
RPC API.
more details you can found at the section Get Google Cloud pricing information:
This page shows you how to use the Cloud Billing Catalog API to:
Get a list of all public services including relevant metadata about each service.
Get a list of all public SKUs within a service including:
Human readable description of the SKU.
Public pricing of the SKU.
Regions where the SKU is available for purchase.
Categorization data about the SKU.
with examples how to do it.
Keep in mind that calling the Cloud Billing Catalog API requires an API Key.
You can use the Cloud Billing Catalog API with your existing cost management tools, as well as to reconcile list pricing rates when you export billing data to Google BigQuery.
I want to create a user account for contacting developers using their own email addresses, not a new Gmail user in my account. Google Cloud Platform seems to let me create the users, but they never receive an email and hence can't complete the account creation.
As it happens, they are Google Docs users with their own Google accounts, but naturally they'd rather not have yet another email address. Is this even possible or does Google tie Google Cloud Platform into Google Docs? It seems a major limitation of Google Cloud Platform if they do.
Google Cloud Platform, G Suite (formerly "Google Docs") and all other Google services share an identity system. The identity system requires humans to have user accounts while software|machines have service accounts. One Google user account equals one user.
There are 2 flavors of (Google) user accounts: [your-name]#gmail.com and those created by an organization for its users someone#acme.com. For example, Google uses Google identity internally and so Googlers have emails [their-name]#google.com.
When you create a Google Cloud Platform project, anyone with a Google account may be added to it. Whether their Google account is something#gmail.com or an account created by their employer for them.
The only time your users will receive an email from you when you add them to a Google Cloud Platform project is if you make them project owners. This is because, ownership requires acceptance of Google's Terms of Service. Other types of users will be added without receiving an email (from Google about it) but will be able to access your project's resources.
I suspect your users have been added correctly and you're ready to go!
the most simple is to share a directory with those off-domain email addresses
this is possible, because Google Docs is backed by Google Drive as storage.
setting them up with IAM would only add complexity, which is not required
(at least, unless you won't have to grant them access to GCP resources).