# Google Cloud ### Supported Types | Logs | Metrics | Traces | | ---- | ------- | ------ | | ✓ | ✓ | ✓ | ### Prerequisites #### Network Requirements The following Google Cloud APIs must be enabled * Cloud Monitoring * Cloud Logging * Cloud Trace The following network access is required between the Bindplane Collector and the following Google API endpoint URLs. **Logging**\ Google Cloud Logging API v2: `logging.googleapis.com:443` **Metrics**\ Google Cloud Monitoring API v3: `monitoring.googleapis.com:443` **Traces**\ Google Cloud Trace API: `cloudtrace.googleapis.com:443` {% hint style="success" %} **TIP** 👍 Typically, when sent telemetry from a GCP hosted system, these URLs are part of default network access. {% endhint %} #### Authentication The Google Cloud destination supports two forms of authentication. * Access Scopes * Access Scopes are used when the Bindplane Collector is running on a GCP-hosted VM. * Service Account * Services Account auth is the ***only*** option for sending telemetry from non-GCP-hosted collectors. **Google Cloud Access Scopes** When running within Google Cloud, you can configure your Compute Engine instances with the following access scopes. This will allow the Google Cloud destination to configure authentication automatically. * logging.write * monitoring.write * trace.append You can read more about access scopes [here](https://cloud.google.com/compute/docs/access/service-accounts?&_ga=2.22740927.-507322852.1681826195#accesscopesiam). **Service Account** If running outside of Google Cloud, or within Google Compute Engine without access scopes, you can create a service account for authentication. 1. Create a Google service account following [this documentation](https://cloud.google.com/iam/docs/service-accounts-create). 2. Assign your service account the following roles 1. Logs Writer: `roles/logging.logWriter` 2. Monitoring Metric Writer: `roles/monitoring.metricWriter` 3. Cloud Trace Agent: `roles/cloudtrace.agent` 3. Create and download a Service Account Access Key following [this documentation](https://cloud.google.com/iam/docs/keys-create-delete). The downloaded access key will be used when configuring the Google Cloud destination. ### Configuration Table
ParameterTypeDefaultDescription
projectstringThe Google Cloud Project ID to send logs, metrics, and traces to.
auth_typeenumautoThe method used for authenticating to Google Cloud. 'auto' will attempt to use the collector's environment, which is useful when running on Google Cloud or when you have set GOOGLE_APPLICATION_CREDENTIALS in the collector's environment. 'json' takes the JSON contents of a Google Service Account's credentials file. 'file' is the file path to a Google Service Account credential file.
credentialsstringJSON value from a Google Service Account credential file.
credentials_filestringPath to a Google Service Account credential file on the collector system. The collector's runtime user must have permission to read this file.
### Supported Retry and Queuing Settings This destination supports the [retry settings](https://docs.bindplane.com/configuration/bindplane-otel-collector/retry-on-failure), the [sending queue settings](https://docs.bindplane.com/configuration/bindplane-otel-collector/sending-queue), and the [persistent queue settings.](https://docs.bindplane.com/configuration/bindplane-otel-collector/persistent-queue) | Sending Queue | Persistent Queue | Retry on Failure | | ------------- | ---------------- | ---------------- | | ✓ | ✓ | ✓ | ### Example Configurations #### Automatic Configuration This example uses the `auto` Authentication Method. When running within Google Cloud with the correct access scopes, the destination will perform automatic authentication and send metrics, traces, and logs to the project `bindplane-gcp`.
Bindplane docs - Google Cloud - image 1
**Service Account Credentials (JSON)** Bindplane can embed credentials into the collector configuration when the authentication method `json` is selected. When using the `json` option, paste the service account JSON key into the text box. This method is convenient as it does not require copying the service account key on the collector system.
Bindplane docs - Google Cloud - image 2
**Service Account Credentials (File)** If you would prefer to copy the service account key to the collector system instead of having Bindplane handle it, you can select the `file` option. In this example, the service account access key file is located at `/opt/observiq-otel-collector/service_account.json.`
Bindplane docs - Google Cloud - image 3
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bindplane.com/integrations/destinations/google-cloud.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.