Set Ops Authing from Google Cloud
Refer to Manage Environment Ops Authing▸, during the process of using the AutoMQ Cloud BYOC product, the AutoMQ service provider requires the user to provide the necessary operational authorization. By granting cross-account authorization to AutoMQ for the Ops Bucket where AutoMQ stores logs and monitoring data, users enable AutoMQ to provide 24/7 monitoring and management for their production environment. This document explains how to configure operational authorization in Google Cloud GCS.
Throughout this document, references to AutoMQ Product Service Provider, AutoMQ Service Provider, or AutoMQ specifically refer to AutoMQ HK Limited.
Google Cloud Environment Authorization
Google Cloud's GCS offers a web interface and simplified policy authorization.
Console Operation Steps
Log in to the cloud account that owns the Ops Bucket, switch to the corresponding Project, and navigate to the GCS Console:
- Navigate to the Bucket list page and locate the target Ops Bucket. Users need to access the GCS console, click on Bucket list in the left navigation pane, and enter the list page. Search for the operational bucket configured for the current environment and click on the details.
- Navigate to Permissions Management > Add Authorization. Click the Add Authorization button to open the form for adding new authorizations.
Add Bucket Authorization Policy According to the Template Information. Follow the instructions below to fill in the required authorization details, click "OK", and complete the creation of the authorization policy.
Authorized Primary Account: Refer to the Authorization Principle section of this document and choose the service account “automq-public-ops-authing@automq-public.iam.gserviceaccount.com” on the AutoMQ service side.
Bound Role: Select the Storage Object User role.
