Set up Cloud Hub

This document describes how to set up Cloud Hub.

There are several main steps in the setup process:

  1. To manage your resources in an application-centric way, including viewing data for your applications in Cloud Hub, you must Set up application management.

    If you don't set up application management, you can still view some data by Google Cloud project instead of by application in Cloud Hub.

  2. Enable required APIs.

  3. Configure aggregated views of logs, metrics, and traces.

  4. Set up access for Cloud Hub users.

Different people or teams might be responsible for different steps in the Cloud Hub setup process.

Required roles

To get the permissions that you need to set up Cloud Hub, ask your administrator to grant you the following IAM roles:

  • Enable application management for a folder: Folder Admin (resourcemanager.folderAdmin) on the parent resource.
  • Create applications in App Hub: App Hub Editor (roles/apphub.editor) on the management project in the app-enabled folder.
  • Create application templates in Application Design Center: Application Design Center User (roles/designcenter.user) on the management project in the app-enabled folder.
  • Create applications from application templates in Application Design Center: Application Editor (roles/designcenter.applicationEditor) on the management project in the app-enabled folder.
  • Set up access for Cloud Hub users: Folder Admin (resourcemanager.folderAdmin) on on the parent resource.

For more information about granting roles, see Manage access to projects, folders, and organizations.

You might also be able to get the required permissions through custom roles or other predefined roles.

Set up application management

Many cloud applications evolve to include multiple infrastructure resources from one or more Google Cloud projects, which can make it harder for both developers and operators to manage and understand these resources. By organizing your resources as App Hub applications, you can better understand resource interactions and analyze, monitor, manage, and troubleshoot in an application-centric way.

Before you create your applications, you must enable a Google Cloud folder for application management that contains the resources that you want to manage as applications.

Configure an app-enabled folder

When you configure application management for a folder, the process includes the following actions:

  • Creation of a new management project in the folder. The management project is a Google-owned project that you can't move or delete.
  • Enabling APIs for services that support application management. The services are enabled on the management project.

For steps to enable application management on a folder, see Managing applications in a folder.

Create applications

After you have configured an app-enabled folder, you can create your applications. You have the following options to create your applications:

  • Use App Hub to create applications from existing Google Cloud resources. See Create an application.
  • Use Application Design Center to design and deploy new Google Cloud resources, which automatically provision App Hub applications. You use application templates to define the design and then deploy application instances based on the templates.

Enable required APIs

This section lists APIs required to display data on specific Cloud Hub page.

  • If you set up application management, some APIs are already enabled on the management project.
  • Cloud Logging and Cloud Monitoring APIs are enabled by default when you create a project.

APIs for other services, such as Cloud Quotas, Unified Maintenance, and Personalized Service Health must be enabled separately to view data related to the service.

Page Required APIs View application data View project data
Home

This page displays a subset of data from other Cloud Hub pages. It will display data for APIs that are enabled for the other pages.

Yes Yes
Deployments

App Hub, Application Design Center

For app-enabled folders, these APIs are automatically enabled on the management project

Yes No
Health & troubleshooting

App Hub, Cloud Logging, Cloud Monitoring, Cloud Trace, Error Reporting, Personalized Service Health, Cloud Asset Inventory

For app-enabled folders, these APIs are automatically enabled on the management project

App Hub is only required to view data by application.

Yes Yes
Maintenance

Unified Maintenance

Capacity Planner is also required for users in the Capacity Planner private preview

No Yes
Quotas & reservations

Cloud Quotas, Compute Engine

No Yes
Support Cloud Customer Care No Yes

To enable a specific API:

  1. In the Google Cloud console, go to the API Library page,

    Go to API Library

  2. Select the Google Cloud project where you want to enable the API.

  3. Search for the API you want to enable.

  4. Click the name of the API in the search results.

  5. On the Product details page for the API click ENABLE.

Configure aggregated views of telemetry data

Since data for App Hub applications can include multiple projects, aggregating your logs, metrics, and traces is required to view your data by application in Cloud Hub.

If you are only viewing data by project, aggregating your data is not required but is still recommended since there are additional benefits outside of application management:

  • You can view and query logs, metrics, and traces across projects when you view the data in Cloud Logging, Cloud Monitoring, and Cloud Trace.
  • Storing logs in a central project decouples the lifecycle of logs from the lifecycle of projects. This separation is beneficial for compliance requirements such as data retention.
  • If you need to comply with data locality requirements, you can manage a small set of regional log buckets that centralize logs for each Google Cloud region that you use.

Typically, setting up aggregation of logs, metrics, and traces is performed by a principal the Identity and Access Management (IAM) role of Organization Administrator (roles/resourcemanager.organizationAdmin).

What's next

  • View the Home page.