Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Connecting to Compute Instance running in the private subnet of GCP VPC from your DevBox.
Follow Connecting to GCP guide.
Go to Compute Engine > VM Instances.
Click on SSH. You will see the commands for accessing it.
Go to DevBox and make a copy of the key pair.
Connect to Compute Instance:
Go to Compute Engine > Create Instance.
Enter the name of the instance along with region and machine type.
Use one of the supported linux distros.
Choose the Instance type.
Go to Advanced Options > Networking > Network Tags and enter the firewall tags.
Go to Advanced Options > Networking > Network Interfaces, click on Network and choose the VPC where your bastion host is running, then click on Subnetwork and choose the private subnet.
Copy the newly created SSH key pair once the instance is created.
Go to the DevBox and make a copy of the key pair.
Connect to the desired Compute instance using ssh and the new key pair:
Connecting to GCP Kubernetes Cluster running in the private subnet of GCP VPC from your DevBox.
Follow Connecting to GCP guide.
Go to your DevBox and install Gcloud SDK:
Authenticate your GCP account with Gcloud SDK:
Download the kubectl binaries:
Install kubectl:
Connect to the cluster:
Check if the cluster is accessible:
Go to Kubernetes Engine > Kubernetes Cluster > Create.
Select the standard Cluster, enter the name of the cluster and assign a Regional location where your Private Subnet is located.
Click on Next. In the Node Pool > Default Pool > Nodes > Configure node settings section, choose the desired Machine Configuration for the nodes.
Go to Cluster > Networking and select the Network VPC along with the Private Subnet for the cluster. Choose Private cluster in the IPv4 network access and uncheck the Access control plane using its external IP address checkbox.
Enter a desired Default pod address range and service address range. Here we have taken 192.168.0.0/16 and 192.169.0.0/16 for pod address range and service address range repectively.
Enter the Bastion Host's CIDR Range in the Authorized Networks section.
Click on Create.
Go to your DevBox and install Gcloud SDK:
Authenticate your GCP account with Gcloud SDK:
Download kubectl binaries:
Install kubectl:
Connect to the cluster:
Check if the cluster is accessible:
Connecting to GCP BigQuery Service from your DevBox.
Go to IAM & Admin > Service Accounts.
Click on Create Service Account, enter the Service Account Name and click on Create and Continue.
Click on Select a role, select BigQuery Admin, and click on Continue.
Select the new service account and go to Keys.
Click on Add Key > Create a new key and click on Create.
Connect to your DevZero workspace.
Store the Google Authentication Credentials on the workspace.
Install Python and PIP:
Install BigQuery API:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Write a Python scipt to test the BigQuery API Connection:
Run the Python Script:
If the connection is successful, you should see "Connected" printed in the terminal output.
Connecting to Memorystore running in the private subnet of GCP VPC from your DevBox.
Go to Memorystore > Clusters.
Select your Instance and copy your Domain Endpoint.
Go to your DevBox and connect to Service:
Go to Memorystore > Clusters and click on Create Instance.
Enter the Cluster ID and choose the region.
Choose the Node type, Cluster Size and Replicas.
Choose the VPC Network under the Set up connection section.
Setup the service connection policy if prompted.
Fill in the network name and the private subnet in the policy section.
After setting up the connection policy, click on Create Cluster.
Go to Memorystore > Clusters.
Select your Instance and copy your Domain Endpoint.
Go to your DevBox and connect to Service:
Connecting to GCP Cloud Storage Service from your DevBox.
Go to your DevBox and install Gcloud SDK:
Authenticate your GCP account with Gcloud SDK:
Access your cloud storage list by:
Go to Cloud Storage > Buckets.
Click on Create.
Enter a unique name for the bucket and click on Create.
Go to your DevBox and install Gcloud SDK:
Authenticate your GCP account with Gcloud SDK:
Access your cloud storage list by:
Connecting to an Cloud SQL running in the private subnet of GCP VPC to your DevBox.
Go to Cloud SQL > Instances and note down the Internal IP Address of the instance.
Go to VPC network > Routes and select the region where you have deployed the instance.
Copy the Destination IP Range of the Peering Subnet route which contains the IP address of the Cloud SQL Instance.
SSH into your Bastion Host and enter the following command:
Go to DevBox.
Connecting to the Database.
Run the following commands:
To install the mysql client cli:
To access the database:
To install the psql client cli:
To access the database:
Go to Cloud SQL > Create an instance.
Choose the Available Versions of the Database.
Enter your Instance ID and Password.
Go to Choose region and zonal availability and select the zone where you have provisioned your Private Subnet.
Scroll down to Customize your instance > Connections and choose Private IP only.
Enter your VPC when prompted.
Click on create a private service access connection and select Use automatically assigned IP range while choosing Allocated IP range.
Click on Create Instance.
Go to Cloud SQL > Instances and note down the Internal IP Address of the instance.
Go to VPC network > Routes and select the region where you have deployed the instance.
Copy the Destination IP Range of the Peering Subnet route which contains the IP address of the Cloud SQL Instance.
SSH into your Bastion Host and enter the following command:
Go to DevBox.
Connecting to the Database.
Run the following commands:
To install the mysql client cli:
To access the database:
To install the psql client cli:
To access the database:
Connecting to an Firestore instance to your DevBox.
Connect to your DevZero workspace.
Store the Google Authentication Credentials on the workspace.
Install Python and PIP:
Install Firestore Admin API:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Write a Python scipt to test the Firestore Admin API Connection:
Run the Python Script:
If the connection is successful, you should see "Connected" printed in the terminal output.
Go to Firestore > Databases and click on Create database.
Choose the Native Mode and click on Continue.
Enter your Database ID and select the between Region and Multi-region mode.
Choose your desired region and click on Create Database.
Connect to your DevZero workspace.
Store the Google Authentication Credentials on the workspace.
Install Python and PIP:
Install Firestore Admin API:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Write a Python scipt to test the Firestore Admin API Connection:
Run the Python Script:
If the connection is successful, you should see "Connected" printed in the terminal output.
Connecting to an Firestore instance to your DevBox.
Connect to your DevZero workspace.
Store the Google Authentication Credentials on the workspace.
Install Python and PIP:
Install Firestore Admin API:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Write a Python scipt to test the Firestore Admin API Connection:
Run the Python Script:
If the connection is successful, you should see "Connected" printed in the terminal output.
Go to Firestore > Databases and click on Create database.
Choose the Datastore Mode and click on Continue.
Enter your Database ID and select the between Region and Multi-region mode.
Choose your desired region and click on Create Database.
Connect to your DevZero workspace.
Store the Google Authentication Credentials on the workspace.
Install Python and PIP:
Install Firestore Admin API:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Write a Python scipt to test the Firestore Admin API Connection:
Run the Python Script:
If the connection is successful, you should see "Connected" printed in the terminal output.
You are connecting to a GCP Secret Manager from your DevBox.
Here, you will connect to a GCP Secret Manager from your DevBox. This can be done using any programming language API, but for the scope of this document, we will use Python.
To connect to an existing Secret Manager, Follow the below steps:
To make the connection, you need to set up the IAM service account.
Go to IAM & Admin > Service Accounts* and click on Create Service Account.
Enter the Service Account Name and click on Create and Continue.
Click on Select a role, select Secret Manager Admin
, and click on Continue.
Select the new service account and go to the Keys tab.
Click on Add Key > Create a new key and click on Create.
Now, to retrieve the value from the secrets using the API, you need to authenticate the gcloud
CLI and verify the process with the access key we just downloaded by following the below steps:
Go to DevBox and store the Google Authentication Credentials on the workspace.
Install Python and PIP:
Install Secret Manager API:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable by using the following command:
Write a Python script to test the Secret Manager API Connection:
Run the Python Script:
If the connection is successful, you should see Secret printed in the terminal output.
If you need to make a new Secret Manager and access it through DevBox, then follow the below steps:
Go to Security > Secret Manager and click on Create Secret.
Enter the Name of the secret and then either upload your Secret or enter it within the box provided.
If you are storing an API Key secret, then it is advisable to check the box for Set rotation period under the Rotation section.
To make the connection, you need to set up the IAM service account.
Go to IAM & Admin > Service Accounts* and click on Create Service Account.
enter the Service Account Name and click on Create and Continue.
Click on Select a role, select Secret Manager Admin
, and click on Continue.
Select the new service account and go to the Keys tab.
Click on Add Key > Create a new key and click on Create.
Now, to retrieve the value from the secrets using the API, you need to authenticate the gcloud
CLI and verify the process with the access key we just downloaded by the below steps:
Go to DevBox and store the Google Authentication Credentials in the workspace.
Install Python and Pip:
Install Secret Manager package:
Set the GOOGLE_APPLICATION_CREDENTIALS environment variable by using the following command:
Write a Python script to test the Secret Manager API Connection:
Run the Python Script:
If the connection is successful, you should see Secret printed in the terminal output.
Connecting to GCP Cloud Run Service from your DevBox.
If you have an existing Cloud Run Container deployed, follow the steps below to access its content from the DevBox. Ensure the Cloud Run Deployment has the Require authentication
option selected in the Security section.
First, we need to create a recipe for the workspace:
Enter the recipe name and click on Create a recipe.
Now use the below-provided snippet to create a recipe for your workspace:
Click on Save and Build and when the build is successful, click on Publish.
Enter the workspace name and click on Select from recipe library.
Select the recipe you just created above and click on Select.
Click on Launch, and your workspace will be ready shortly.
Now, this is where the real task begins. After downloading the gcloud
package, we must authenticate with our Google Cloud account. To do this, we need to run the simple command.
After running the command, you will be given various options for choosing your Google account, default Project, and default Compute Region and Zone. You can choose what you prefer.
To access your Cloud Run container privately, you need to send a GET
request with an authentication token.
Follow the below steps to generate the Authentication token and access the Cloud Run application:
Use the below command to get the token:
Export the token to an environmental variable:
Now that everything is set, we can finally finish this all off by accessing the applications with the curl
command:
If you want to create a new Cloud Run Container, you can follow the below steps.
Go to Cloud Run > Services and click Deploy Container.
Choose a deployment method between Deploy one revision from an existing container image, Continuously deploy from a repository (source or function).
We are creating a container with an existing demo image for this guide.
Enter your Container Image URL or select by clicking on Select.
Click on Set Up with Cloud Build and follow the instructions.
Then Enter your Service Name and Region of deployment.
Select Require authentication option in the Authentication section.
Leave the remaining configurations as default and click on Create.
First, we need to create a recipe for the workspace:
Enter the recipe name and click on Create a recipe.
Now use the below-provided snippet to create a recipe for your workspace:
Click on Save and Build and when the build is successful, click on Publish.
Enter the workspace name and click on Select from recipe library.
Select the recipe you just created above and click on Select.
Click on Launch, and your workspace will be ready shortly.
Now, this is where the real task begins. After downloading the gcloud
package, we must authenticate with our Google Cloud account. To do this, we need to run the simple command.
After running the command, you will be given various options for choosing your Google account, default Project, and default Compute Region and Zone. You can choose what you prefer.
To access your Cloud Run container privately, you must send a GET
request with an authentication token.
Follow the below steps to generate the Authentication token and access the Cloud Run application:
Use the below command to get the token:
Export the token to an environmental variable:
Now that everything is set, we can finally finish this all off by accessing the applications with the curl
command:
Follow guide.
Follow the guide.
Use one of the in the Configuration.
Follow the guide.
Follow the guide.
is a serverless service offered by GCP to manage a computing platform that enables you to run invocable containers via requests or events. In this, we will set up a pipeline for our project within DevBox; it will be routed through Cloud Run. Then, depending on the type of project, we can either access it through the web or through the internal VPC of Google Cloud Infrastructure.
Go to the and click on New recipe.
Go to the by clicking New workspace.
Go to the and click on New recipe.
Go to the by clicking New workspace.