icon-zcspm.svg
ZCSPM

Configuring GCP Projects Onboarding Prerequisites using Scripts

You can configure onboarding prerequisites for your GCP projects on ZCSPM. Using the script becomes particularly useful when you have a large set of projects or want to onboard only a selected set of projects, either as a list or as a .csv file.

Prerequisite Roles and Permissions

Action Required Roles and Permission Billing Account
Create Service Account & Key Project Owner
Assign roles to Service Account Project Owner
Enable APIs Project Owner All projects must be linked with the billing account

To configure onboarding prerequisites for your GCP Projects onto ZCSPM:

    1. Open the GCP cloud shell. To set the project, use the following command:
    gcloud config set project <Project_ID>
    
    1. Check if you are authenticated to the GCP cloud by using the following command:
    gcloud auth list
    
    1. Download the script by using the following command:
    wget -O - https://raw.githubusercontent.com/Cloudneeti/docs_cloudneeti/master/scripts/gcp-onboarding/download-gcp-onboarding-scripts.sh | bash
    
    1. Update the script's permissions by using the following command:
    chmod +x zcspm-gcp-onboarding/*.sh
    
    1. Change the directory by using the following command:
    cd zcspm-gcp-onboarding
    
    Close
  • To enable APIs on a single or multiple GCP projects, run the following command:

     ./configure-project-onboarding-prerequisites.sh -p <service_account_project_id> -s <service_account_name> -l “<project_id1>,<project_id2>,<project_id3>

    You can list up to 10 projects.

    OR

    To enable APIs on an allowed list of projects on a .csv file, run the following command:

    ./configure-project-onboarding-prerequisites.sh -p <service_account_project_id> -s <service_account_name> -c <file_name>.csv
    

    You can create a .csv file of allowed list of projects by running the following command:

    gcloud projects list --format="csv(projectId,name)" > <file_name>.csv
    

    Copy the key file path and download the key. Store the downloaded key in a secure location.

    cloudshell download <Key_File_Path>

    The script also enables the required Cloud APIs on the project in which the service account is created.

    Close
Related Articles
Onboarding a Google Cloud Platform Project AccountOnboarding a Google Cloud Platform Organization Account Configuring the ZCSPM Agent for Google Kubernetes EngineVerifying the Cloud Account Health Status for GCPConfiguring GCP Projects Onboarding Prerequisites using ScriptsConfiguring GCP Organization Onboarding Prerequisites using Scripts