Installing a GCP connector on Cloud Run using CLI
Deploy the Docker image of the Apono connector as Cloud Run service
Cloud Run is a managed compute platform that enables running containerized applications in a fully managed serverless environment.
This article explains how to setup an Apono connector for Cloud Run with a Docker image.
Prerequisites
Apono Token
Account-specific Apono authentication value Use the following steps to obtain your token:
On the Connectors page, click Install Connector. The Install Connector page appears.
Click Cloud installation.
Click Cloud installation > GCP > Install and Connect GCP Project > CLI (Cloud Run).
Copy the token listed on the page in step 1.
Kubernetes Command Line Tool (kubectl)
Command-line tool used for communicating with a Kubernetes cluster's control plane
Google Cloud Command Line Interface (Google Cloud CLI)
Command-line interface used to manage Google Cloud resources
Google Cloud Information
Information for your Google Cloud instance
Google-defined Values:
(Organization) Organization ID
Google Cloud Location
Customer-defined Values:
Service Account Name
Artifact Repository Name
Cloud Run Service Name
Google Cloud Roles
Google Cloud role that provides Owner permissions for the project or organization
Project Implementation Role:
Owner
Organization Implementation Roles:
Owner
Organization Administrator
Create a Cloud Run user
Use the following sections to create a Cloud Run user for either your Google Project or Google Organization.
Project
Follow these steps to create a service account for Cloud Run in a Google Project:
In your shell environment, log in to Google Cloud and enable the API.
Set the environment variables.
Create the service account.
Assign the following roles to the service account.
role/secretmanager.secretAccessor
Access secret versions
Read the secret data
roles/iam.securityAdmin
Manage IAM policies, roles, and service accounts
Set and update IAM policies
Grant, modify, and revoke IAM roles for users and service accounts
Organization
Follow these steps to create a service account for Cloud Run in a Google Organization:
In your shell environment, log in to Google Cloud and enable the API.
Set the environment variables.
Create the service account.
Assign the following roles to the service account.
RolePermissions Grantedrole/secretmanager.secretAccessor
Access secret versions
Read the secret data
roles/iam.securityAdmin
Manage IAM policies, roles, and service accounts
Set and update IAM policies
Grant, modify, and revoke IAM roles for users and service accounts
roles/browser
List resources within the organization
View metadata
Deploy the connector
Follow these steps to deploy the Apono connector:
Push the connector image to GCP Artifact Registry.
The following sets of commands push the connector image to the GCP Artifact Registry:
New Registry: Use the code on this tab to push the Apono connector Docker image to a new GCP Artifact Registry.
Existing Registry: Use the code on this tab to push the Apono connector Docker image to an existing Docker-format GCP Artifact Registry
Deploy the Docker image of the Apono connector to the Cloud Run service.
Last updated
Was this helpful?