Overview
Connect GCP Cloud Monitoring to give TierZero access to your Google Cloud metrics, logs, and alerting data. TierZero queries Cloud Monitoring during investigations to analyze service health and correlate events.Prerequisites
- A GCP integration configured with a service account
- Cloud Monitoring enabled in your GCP project
Setup Instructions
Step 1: Configure GCP Integration
If you haven’t already, set up the GCP integration first. Cloud Monitoring access is provided through the GCP service account.Step 2: Navigate to Integration Settings
- Go to Settings → Integrations
- Click Connect next to GCP Cloud Monitoring
- Select the GCP project(s) to monitor
Step 3: Verify Access
TierZero will validate access to Cloud Monitoring using the configured service account.Required Roles
The service account must have:roles/monitoring.viewer: Read metrics and alerting policiesroles/logging.viewer: Read Cloud Logging data
What TierZero Accesses
- Metrics: Custom and system metrics, timeseries data
- Logs: Cloud Logging entries and log-based metrics
- Alerts: Alerting policy configurations and incidents
Security
- Access through GCP service account impersonation
- Read-only roles only
- Revoke by removing the monitoring/logging roles from the service account
Troubleshooting
Missing Metrics
- Verify the service account has
roles/monitoring.viewer - Check that metrics exist in the selected GCP project
- Ensure the correct project is selected in the integration settings