This document describes how to set up Cloud Hub.
There are several main steps in the setup process:
To manage your resources in an application-centric way, including viewing data for your applications in Cloud Hub, you must Set up application management.
If you don't set up application management, you can still view some data by Google Cloud project instead of by application in Cloud Hub.
Set up access for Cloud Hub users.
Different people or teams might be responsible for different steps in the Cloud Hub setup process.
Required roles
To get the permissions that you need to set up Cloud Hub, ask your administrator to grant you the following IAM roles:
-
Enable application management for a folder:
Folder Admin (
resourcemanager.folderAdmin) on the parent resource. -
Create applications in App Hub:
App Hub Editor (
roles/apphub.editor) on the management project in the app-enabled folder. -
Create application templates in Application Design Center:
Application Design Center User (
roles/designcenter.user) on the management project in the app-enabled folder. -
Create applications from application templates in Application Design Center:
Application Editor (
roles/designcenter.applicationEditor) on the management project in the app-enabled folder. -
Set up access for Cloud Hub users:
Folder Admin (
resourcemanager.folderAdmin) on on the parent resource.
For more information about granting roles, see Manage access to projects, folders, and organizations.
You might also be able to get the required permissions through custom roles or other predefined roles.
Set up application management
Many cloud applications evolve to include multiple infrastructure resources from one or more Google Cloud projects, which can make it harder for both developers and operators to manage and understand these resources. By organizing your resources as App Hub applications, you can better understand resource interactions and analyze, monitor, manage, and troubleshoot in an application-centric way.
Before you create your applications, you must enable a Google Cloud folder for application management that contains the resources that you want to manage as applications.
Configure an app-enabled folder
When you configure application management for a folder, the process includes the following actions:
- Creation of a new management project in the folder. The management project is a Google-owned project that you can't move or delete.
- Enabling APIs for services that support application management. The services are enabled on the management project.
For steps to enable application management on a folder, see Managing applications in a folder.
Create applications
After you have configured an app-enabled folder, you can create your applications. You have the following options to create your applications:
- Use App Hub to create applications from existing Google Cloud resources. See Create an application.
- Use Application Design Center to design and deploy new Google Cloud resources, which automatically provision App Hub applications. You use application templates to define the design and then deploy application instances based on the templates.
Enable required APIs
This section lists APIs required to display data on specific Cloud Hub page.
- If you set up application management, some APIs are already enabled on the management project.
- Cloud Logging and Cloud Monitoring APIs are enabled by default when you create a project.
APIs for other services, such as Cloud Quotas, Unified Maintenance, and Personalized Service Health must be enabled separately to view data related to the service.
| Page | Required APIs | View application data | View project data |
|---|---|---|---|
| Home |
This page displays a subset of data from other Cloud Hub pages. It will display data for APIs that are enabled for the other pages. |
Yes | Yes |
| Deployments |
App Hub, Application Design Center For app-enabled folders, these APIs are automatically enabled on the management project |
Yes | No |
| Health & troubleshooting |
App Hub, Cloud Logging, Cloud Monitoring, Cloud Trace, Error Reporting, Personalized Service Health, Cloud Asset Inventory For app-enabled folders, these APIs are automatically enabled on the management project App Hub is only required to view data by application. |
Yes | Yes |
| Maintenance | Unified Maintenance Capacity Planner is also required for users in the Capacity Planner private preview |
No | Yes |
| Quotas & reservations | Cloud Quotas, Compute Engine |
No | Yes |
| Support | Cloud Customer Care | No | Yes |
To enable a specific API:
In the Google Cloud console, go to the API Library page,
Select the Google Cloud project where you want to enable the API.
Search for the API you want to enable.
Click the name of the API in the search results.
On the Product details page for the API click ENABLE.
Configure aggregated views of telemetry data
Since data for App Hub applications can include multiple projects, aggregating your logs, metrics, and traces is required to view your data by application in Cloud Hub.
If you are only viewing data by project, aggregating your data is not required but is still recommended since there are additional benefits outside of application management:
- You can view and query logs, metrics, and traces across projects when you view the data in Cloud Logging, Cloud Monitoring, and Cloud Trace.
- Storing logs in a central project decouples the lifecycle of logs from the lifecycle of projects. This separation is beneficial for compliance requirements such as data retention.
- If you need to comply with data locality requirements, you can manage a small set of regional log buckets that centralize logs for each Google Cloud region that you use.
Typically, setting up aggregation of logs, metrics, and traces is performed
by a principal the Identity and Access Management (IAM) role of Organization Administrator
(roles/resourcemanager.organizationAdmin).
- To aggregate the data in an app-enabled folder, see Set up application monitoring.
- To aggregate the data for an organization without app-enabled folders, see the following documentation:
What's next
- View the Home page.