gcpd9-autoonboarding-functions | Automatic onboarding of GCP projects
kandi X-RAY | gcpd9-autoonboarding-functions Summary
kandi X-RAY | gcpd9-autoonboarding-functions Summary
gcpd9-autoonboarding-functions is a Python library. gcpd9-autoonboarding-functions has no bugs, it has no vulnerabilities, it has build file available and it has low support. You can download it from GitHub.
Automatic onboarding of GCP projects linked to a G-Suite Organisation, built for Google Functions
Automatic onboarding of GCP projects linked to a G-Suite Organisation, built for Google Functions
Support
Quality
Security
License
Reuse
Support
gcpd9-autoonboarding-functions has a low active ecosystem.
It has 0 star(s) with 1 fork(s). There are 1 watchers for this library.
It had no major release in the last 12 months.
gcpd9-autoonboarding-functions has no issues reported. There are 3 open pull requests and 0 closed requests.
It has a neutral sentiment in the developer community.
The latest version of gcpd9-autoonboarding-functions is v0.1
Quality
gcpd9-autoonboarding-functions has no bugs reported.
Security
gcpd9-autoonboarding-functions has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
License
gcpd9-autoonboarding-functions does not have a standard license declared.
Check the repository for any license declaration and review the terms closely.
Without a license, all rights are reserved, and you cannot use the library in your applications.
Reuse
gcpd9-autoonboarding-functions releases are available to install and integrate.
Build file is available. You can build the component from source.
Installation instructions are available. Examples and code snippets are not available.
Top functions reviewed by kandi - BETA
kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of gcpd9-autoonboarding-functions
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of gcpd9-autoonboarding-functions
gcpd9-autoonboarding-functions Key Features
No Key Features are available at this moment for gcpd9-autoonboarding-functions.
gcpd9-autoonboarding-functions Examples and Code Snippets
No Code Snippets are available at this moment for gcpd9-autoonboarding-functions.
Community Discussions
No Community Discussions are available at this moment for gcpd9-autoonboarding-functions.Refer to stack overflow page for discussions.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install gcpd9-autoonboarding-functions
The first step is to create an IAM Service Account to use for the Secret Manager retrieval. Go to the project in which the Secret Manager and function are to be deployed and follow the steps below:-. Prior to deploying the function, you need to add the GCP credentials into Secret Manager. Enable the Secret Manager API (if not already enabled) and perform the following steps:-. To create the Cloud Function, follow the steps below:-. In order to run the onboarder script on a schedule, we need to create a job in Cloud Scheduler, which is basically "cron in the cloud". Perform the steps below:-. The job will take a few seconds to create. Once complete, you can test it manually by clicking Run Now and viewing the logs.
Click IAM and then Service Accounts from the left navigation bar
Click Create service account Give the service account a meaningful name, such as Dome9-Onboarder Check the service account ID is automatically filled. Copy this address somewhere handy as you will need it later Give the service account a description, such as "Dome9 Onboarder SA Click Create
In Service Account Permissions, add the Secret Manager Secret Accessor role to the account
Add another role and add the role Cloud Functions Admin
Click continue
Click Keys and Create Key
Leave the default key format as JSON and click Create
Note the downloaded key file location, you will need this later
Click Done and verify the Service Account has the correct permissions for the project
Go to Security and Secret Manager in the left navigation bar
Click Create Secret
Give the secret a meaningful name (Dome9-onboarder, for example)
Upload the JSON secret file you downloaded from earlier when creating the GCP Service Account
Select the region to store the secret (optional)
Click Create Secret, this should create a Version 1 of your secret, status Enabled
Go to Cloud Functions in the left navigation bar
Click Create Function
Name the function, e.g. Dome9-Onboarder
Set Memory Allocated to 128MB
Leave Trigger as the default HTTP
In the Source Code section, either copy and paste the text from the main.py file in the repo or upload the function.zip file from the repo, same for requirements.txt. If using the ZIP Upload method, select a staging bucket for the upload
Set the Runtime to be Python 3.8
Set Function to execute to add_project
Click Environment variables, Networking, Timeouts and More
In the Environment section, click Add Variable and add environment variables for the following:- D9_API_KEY D9_API_SECRET GCP_SM_PROJECT_ID - Security project ID where Secret Manager deployed, e.g. my-security-project-999999 GCP_SECRET_ID - Name of secret GCP_SECRET_VERSION - Version number of secret (e.g. 1)
Click Create, this will take a few minutes to deploy and shows green when successful in the console
Once deployed, the function can be tested by clicking the Triggers tab and clicking the trigger URL. The browser response should simply read OK. If it does not, check the Service Account IAM permissions.
Create a new Service Account for Cloud Scheduler in the security project Set the Name as SA-Cloud-Scheduler (or whatever makes sense). Note the account e-mail address, you will need this later Set the Description to be Service Account for HTTP Scheduler (or whatever) Click Create Add the Project Owner role to the Service Account Click Done
Create a new Cloud Scheduler job by following the steps below:- Go to Tools | Cloud Scheduler in the left navigation bar Click Create Job Set the Job Name D9-Onboarder (or whatever) Set the optional job Description Set the job Frequency in standard Cron format (e.g. 0 6 * * * will set the job to run at 0600 daily) Set the appropriate Time Zone In Target settings, set HTTP In the URL field, add the URL of the Cloud Function you defined earlier Leave the HTTP Method at the default of POST Click Show More Under Auth header, select Add OIDC token Under Service Account, paste the e-mail address of the Service Account created in the step above (SA-Cloud-Scheduler) Under Audience, paste in the URL of the Cloud Function Click Create
Click IAM and then Service Accounts from the left navigation bar
Click Create service account Give the service account a meaningful name, such as Dome9-Onboarder Check the service account ID is automatically filled. Copy this address somewhere handy as you will need it later Give the service account a description, such as "Dome9 Onboarder SA Click Create
In Service Account Permissions, add the Secret Manager Secret Accessor role to the account
Add another role and add the role Cloud Functions Admin
Click continue
Click Keys and Create Key
Leave the default key format as JSON and click Create
Note the downloaded key file location, you will need this later
Click Done and verify the Service Account has the correct permissions for the project
Go to Security and Secret Manager in the left navigation bar
Click Create Secret
Give the secret a meaningful name (Dome9-onboarder, for example)
Upload the JSON secret file you downloaded from earlier when creating the GCP Service Account
Select the region to store the secret (optional)
Click Create Secret, this should create a Version 1 of your secret, status Enabled
Go to Cloud Functions in the left navigation bar
Click Create Function
Name the function, e.g. Dome9-Onboarder
Set Memory Allocated to 128MB
Leave Trigger as the default HTTP
In the Source Code section, either copy and paste the text from the main.py file in the repo or upload the function.zip file from the repo, same for requirements.txt. If using the ZIP Upload method, select a staging bucket for the upload
Set the Runtime to be Python 3.8
Set Function to execute to add_project
Click Environment variables, Networking, Timeouts and More
In the Environment section, click Add Variable and add environment variables for the following:- D9_API_KEY D9_API_SECRET GCP_SM_PROJECT_ID - Security project ID where Secret Manager deployed, e.g. my-security-project-999999 GCP_SECRET_ID - Name of secret GCP_SECRET_VERSION - Version number of secret (e.g. 1)
Click Create, this will take a few minutes to deploy and shows green when successful in the console
Once deployed, the function can be tested by clicking the Triggers tab and clicking the trigger URL. The browser response should simply read OK. If it does not, check the Service Account IAM permissions.
Create a new Service Account for Cloud Scheduler in the security project Set the Name as SA-Cloud-Scheduler (or whatever makes sense). Note the account e-mail address, you will need this later Set the Description to be Service Account for HTTP Scheduler (or whatever) Click Create Add the Project Owner role to the Service Account Click Done
Create a new Cloud Scheduler job by following the steps below:- Go to Tools | Cloud Scheduler in the left navigation bar Click Create Job Set the Job Name D9-Onboarder (or whatever) Set the optional job Description Set the job Frequency in standard Cron format (e.g. 0 6 * * * will set the job to run at 0600 daily) Set the appropriate Time Zone In Target settings, set HTTP In the URL field, add the URL of the Cloud Function you defined earlier Leave the HTTP Method at the default of POST Click Show More Under Auth header, select Add OIDC token Under Service Account, paste the e-mail address of the Service Account created in the step above (SA-Cloud-Scheduler) Under Audience, paste in the URL of the Cloud Function Click Create
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page