SaaS Manual Resource Creation (Google Cloud + BigQuery)

Last updated 11 days ago

Manage resources with Terraform

Add Masthead agent module to your Terraform project

module "masthead-agent_bigquery" {
  source  = "masthead-data/masthead-agent/google//modules/bigquery"
  project_id = "PROJECT_ID"
}

More details about the module .

Apply the new resource changes

Update your dependencies:

terraform init

Plan and verify the resource changes:

terraform plan

Apply the changes to your cloud project:

terraform apply

Continue integration on the UI

Go back to page, click Manual Deployment and enter the project ID again.

Then click Check permissions and connect.

You will be forwarded to the overview dashboard for your newly integrated project.

Manual resource creation

Select Google Cloud project

Choose a project where BigQuery datasets are located and you would like Masthead Solution to monitor them. Use this project to create resources further.

Copy the project ID, you will need it further during the the Manual deployment option.

Create Pub/Sub resources

Under this selected project, navigate to Pub/Sub.

Click Create Topic. Set topic id masthead-topic. (unmark checkbox Add a default subscription)

Navigate into the newly created. Click Create Subscription
Set subscription id: masthead-agent-subscription
Set Cloud Pub/Sub topic ID: masthead-topic, then scroll down a little ...
Set Acknowledgement deadline: 60 seconds
Click Create and we are all done with Pub/Sub topic and Subscription.

Create Logs Router

Navigate to Logs Router from the Logging menu. Click Create Sink button in the upper right corner and fill in the required fields:

Name: masthead-agent-sink

Set Sink Destination: Cloud Pub/Sub topic -> choose from the dropdown newly created Pub/Sub topic masthead-topic

Choose logs to include in the sink. Copy the text below and paste it into the filter.

protoPayload.methodName="google.cloud.bigquery.storage.v1.BigQueryWrite.AppendRows" OR "google.cloud.bigquery.v2.JobService.InsertJob" 
OR "google.cloud.bigquery.v2.TableService.InsertTable" 
OR "google.cloud.bigquery.v2.JobService.Query" 
resource.type ="bigquery_table" OR resource.type ="bigquery_dataset" OR resource.type ="bigquery_project"

Hit Create Sink to complete creation

Grant Masthead Service Account roles

Grant masthead-data@masthead-prod.iam.gserviceaccount.com next roles:

BigQuery Metadata Viewer
BigQuery Resource Viewer
Pub/Sub Subscriber

Grant Masthead Service Account to quickly onboard from retrospective data

The Masthead platform can gain insights in a few hours by parsing retrospective logs and creating a data model around them. To do so, please grant Service Account retro-data@masthead-prod.iam.gserviceaccount.com a Private Logs Viewer role.

Navigate to IAM & Admin -> IAM
Click on GRANT ACCESS button on the top left of the screen
Specify retro-data@masthead-prod.iam.gserviceaccount.com in the New principals field
Click on Select a role and type Private Logs Viewer. Select found Private Logs Viewer role.
Click SAVE

This will enable Masthead Agent to look up only recently produced events in the Google Cloud that corresponds to the filter defined in the Cloud Logs Sink.

Continue integration on the UI

Go back to page, click Manual Deployment and enter the project ID again.

Then click Check permissions and connect.

You will be forwarded to the overview dashboard for your newly integrated project.

Manage resources with Terraform

Add Masthead agent module to your Terraform project

module "masthead-agent_bigquery" {
  source  = "masthead-data/masthead-agent/google//modules/bigquery"
  project_id = "PROJECT_ID"
}

More details about the module .

Apply the new resource changes

Update your dependencies:

terraform init

Plan and verify the resource changes:

terraform plan

Apply the changes to your cloud project:

terraform apply

Continue integration on the UI

Go back to page, click Manual Deployment and enter the project ID again.

Then click Check permissions and connect.

You will be forwarded to the overview dashboard for your newly integrated project.

Manual resource creation

Select Google Cloud project

Choose a project where BigQuery datasets are located and you would like Masthead Solution to monitor them. Use this project to create resources further.

Copy the project ID, you will need it further during the the Manual deployment option.

Create Pub/Sub resources

Under this selected project, navigate to Pub/Sub.

Click Create Topic. Set topic id masthead-topic. (unmark checkbox Add a default subscription)

Navigate into the newly created. Click Create Subscription
Set subscription id: masthead-agent-subscription
Set Cloud Pub/Sub topic ID: masthead-topic, then scroll down a little ...
Set Acknowledgement deadline: 60 seconds
Click Create and we are all done with Pub/Sub topic and Subscription.

Create Logs Router

Navigate to Logs Router from the Logging menu. Click Create Sink button in the upper right corner and fill in the required fields:

Name: masthead-agent-sink

Set Sink Destination: Cloud Pub/Sub topic -> choose from the dropdown newly created Pub/Sub topic masthead-topic

Choose logs to include in the sink. Copy the text below and paste it into the filter.

protoPayload.methodName="google.cloud.bigquery.storage.v1.BigQueryWrite.AppendRows" OR "google.cloud.bigquery.v2.JobService.InsertJob" 
OR "google.cloud.bigquery.v2.TableService.InsertTable" 
OR "google.cloud.bigquery.v2.JobService.Query" 
resource.type ="bigquery_table" OR resource.type ="bigquery_dataset" OR resource.type ="bigquery_project"

Hit Create Sink to complete creation

Grant Masthead Service Account roles

Grant masthead-data@masthead-prod.iam.gserviceaccount.com next roles:

BigQuery Metadata Viewer
BigQuery Resource Viewer
Pub/Sub Subscriber

Grant Masthead Service Account to quickly onboard from retrospective data

Navigate to IAM & Admin -> IAM
Click on GRANT ACCESS button on the top left of the screen
Specify retro-data@masthead-prod.iam.gserviceaccount.com in the New principals field
Click on Select a role and type Private Logs Viewer. Select found Private Logs Viewer role.
Click SAVE

This will enable Masthead Agent to look up only recently produced events in the Google Cloud that corresponds to the filter defined in the Cloud Logs Sink.

Continue integration on the UI

Go back to page, click Manual Deployment and enter the project ID again.

Then click Check permissions and connect.

You will be forwarded to the overview dashboard for your newly integrated project.