Set up Gemini Cloud Assist

Before you can use Gemini Cloud Assist, your administrator needs to perform the setup steps that are described in this document.

Console

Go to the Gemini for Google Cloud page.

Go to Gemini for Google Cloud
Click Get Gemini Cloud Assist.
In the Get Gemini Cloud Assist dialog, do the following:
1. Enable the Gemini for Google Cloud API which is required to use any Gemini for Google Cloud product.
2. Optional: Enable any of the following recommended APIs:
  - Cloud Asset Inventory API, which lets you manage the history and inventory of Google Cloud resources.
  - Cloud Monitoring API, which lets you manage your Cloud Monitoring data and configurations.
  - Recommender API, which lets you receive guidance and insights to help you optimize your Google Cloud projects.
3. Click Enable Gemini Cloud Assist.
Grant the IAM roles that are required to use Gemini Cloud Assist.
1. Go to the IAM & Admin page.
  
  Go to IAM & Admin
2. In the Principal column, find a principal for which you want to give access to Gemini Cloud Assist, and then click Edit principal in that row.
3. In the Edit access pane, click Add another role.
4. In Select a role, select Gemini for Google Cloud User.
5. Click Add another role and select Service Usage Consumer.
6. Click Add another role and select Cloud Asset Viewer.
7. Click Add another role and select Recommender Viewer.
8. Click Save.

API

In the Google Cloud console, activate Cloud Shell.

Activate Cloud Shell
Enable the Gemini for Google Cloud API in a Google Cloud project.
1. In the project selector menu, select a project.
2. Enable the Gemini for Google Cloud API using the gcloud services enable command:
```
gcloud services enable cloudaicompanion.googleapis.com
```
If you want to enable the Gemini for Google Cloud API in a different Google Cloud project, add the --project parameter:
```
gcloud services enable cloudaicompanion.googleapis.com --project PROJECT_ID
```
Replace PROJECT_ID with your Google Cloud project ID.

The output is similar to the following:
```
Waiting for async operation operations/acf.2e2fcfce-8327-4984-9040-a67777082687 to complete...
Operation finished successfully.
```
Grant IAM roles in a Google Cloud project.
1. Grant the Gemini for Google Cloud User role:
```
gcloud projects add-iam-policy-binding  PROJECT_ID \
    --member=PRINCIPAL --role=roles/cloudaicompanion.user
```
  Replace PRINCIPAL with the identifier for the principal. The identifier takes the form user|group|serviceAccount:email or domain:domain—for example, user:cloudysanfrancisco@gmail.com, group:admins@example.com, serviceAccount:test123@example.domain.com, or domain:example.domain.com.
  
  The output is a list of policy bindings that includes the following:
```
- members:
  - user:PRINCIPAL
  role: roles/cloudaicompanion.user
```
2. Grant the Service Usage Consumer role:
```
gcloud projects add-iam-policy-binding  PROJECT_ID \
    --member=PRINCIPAL --role=roles/serviceusage.serviceUsageConsumer
```
  The output is a list of policy bindings that includes the following:
```
- members:
  - user:PRINCIPAL
  role: roles/serviceusage.serviceUsageConsumer
```
3. Grant the Cloud Asset Viewer role:
```
gcloud projects add-iam-policy-binding  PROJECT_ID \
    --member=PRINCIPAL --role=roles/cloudasset.viewer
```
  The output is a list of policy bindings that includes the following:
```
- members:
  - user:PRINCIPAL
  role: roles/serviceusage.cloudasset.viewer
```
4. Grant the Recommender Viewer role:
```
gcloud projects add-iam-policy-binding  PROJECT_ID \
    --member=PRINCIPAL --role=roles/recommender.viewer
```
  The output is a list of policy bindings that includes the following:
```
- members:
  - user:PRINCIPAL
  role: roles/recommender.viewer
```
For more information, see Grant a single role and gcloud projects add-iam-policy-binding.

What's next

Learn how to analyze and optimize your cloud resources with Gemini assistance.