# Google Cloud Managed Service for Prometheus [Google Cloud Managed Service for Prometheus](https://cloud.google.com/stackdriver/docs/managed-prometheus) is Google Cloud's fully managed, multi-cloud, cross-project solution for [Prometheus](https://prometheus.io/) metrics. ### Supported Types | Metrics | Logs | Traces | | ------- | ---- | ------ | | ✓ | | | ### Prerequisites #### Network Requirements The following Google Cloud APIs must be enabled * Cloud Monitoring The following network access is required between the Bindplane Collector and the following Google API endpoint URLs. **Metrics**\ Google Cloud Monitoring API v3: `monitoring.googleapis.com:443` {% hint style="success" %} **TIP** 👍 Typically, when sent telemetry from a GCP hosted system, these URLs are part of default network access. {% endhint %} #### Authentication The Google Managed Prometheus destination supports two forms of authentication. * Access Scopes * Service Account **Google Cloud Access Scopes** When running within Google Cloud, you can configure your Compute Engine instances with the following access scopes, allowing the Google Managed Prometheus destination to configure authentication automatically. * monitoring.write You can read more about access scopes [here](https://cloud.google.com/compute/docs/access/service-accounts?&_ga=2.22740927.-507322852.1681826195#accesscopesiam). **Service Account** If running outside of Google Cloud, or within Google Compute Engine without access scopes, you can create a service account for authentication. 1. Create a Google service account following [this documentation](https://cloud.google.com/iam/docs/service-accounts-create.). 2. Assign your service account the following roles 1. Monitoring Metric Writer 3. Create and download a Service Account Access Key following [this documentation](https://cloud.google.com/iam/docs/keys-create-delete.). The downloaded access key will be used when configuring the Google Cloud destination. ### Configuration Table
ParameterTypeDefaultDescription
projectstringThe Google Cloud Project ID to send logs, metrics, and traces to.
auth_typeenumautoThe method used for authenticating to Google Cloud. 'auto' will attempt to use the collector's environment, useful when running on Google Cloud or when you have set GOOGLE_APPLICATION_CREDENTIALS in the collector's environment. 'json' takes the JSON contents of a Google Service Account's credentials file. 'file' is the file path to a Google Service Account credential file.
credentialsstringJSON value from a Google Service Account credential file.
credentials_filestringPath to a Google Service Account credential file on the collector system. The collector's runtime user must have permission to read this file.
default_locationenumus-central1Google Managed Prometheus requires a "location" resource attribute. This parameter inserts the resource attribute if it does not already exist.
### Supported Retry and Queuing Settings This destination supports the [retry settings](https://docs.bindplane.com/configuration/bindplane-otel-collector/retry-on-failure), the [sending queue settings](https://docs.bindplane.com/configuration/bindplane-otel-collector/sending-queue), and the [persistent queue settings.](https://docs.bindplane.com/configuration/bindplane-otel-collector/persistent-queue) | Sending Queue | Persistent Queue | Retry on Failure | | ------------- | ---------------- | ---------------- | | ✓ | ✓ | ✓ | ### Example Configurations #### Automatic Authentication This example uses the `auto` Authentication Method. When running within Google Cloud with the correct access scopes, the destination will perform automatic authentication and send metrics, traces, and logs to the project `bindplane-gcp`.
Bindplane docs - Google Cloud Managed Service for Prometheus - image 1
#### Service Account Credentials (JSON) Bindplane can embed credentials into the collector configuration when the authentication method `json` is selected. When using the `json` option, paste the service account JSON key into the text box. This method is convenient as it does not require copying the service account key on the collector system.
Bindplane docs - Google Cloud Managed Service for Prometheus - image 2
#### Service Account Credentials (File) If you would prefer to copy the service account key to the collector system instead of having Bindplane handle it, you can select the `file` option. In this example, the service account access key file is located at `/opt/observiq-otel-collector/service_account.json.`
Bindplane docs - Google Cloud Managed Service for Prometheus - image 3
### Usage Create a configuration with the Prometheus source and Google Managed Prometheus destination. As an example, you can target the collector's metrics port, `8888`.
Bindplane docs - Google Cloud Managed Service for Prometheus - image 4
Configure the destination to point to your Google Cloud project, and add your service account credentials.
Bindplane docs - Google Cloud Managed Service for Prometheus - Configure Destination
The finished configuration will have a Prometheus source, and Google Managed Prometheus destination. You can add processors to add, remove, and modify metrics. Next, add at least one collector and rollout the configuration.
Bindplane docs - Google Cloud Managed Service for Prometheus - image 5
``` { "url": "", "provider": "", "href": "", "typeOfEmbed": "iframe" } ``` In Cloud Monitoring, search for "Prometheus Target" using the metrics explorer.
Bindplane docs - Google Cloud Managed Service for Prometheus - image 6
Select a metric and note that the `job`, `service_instance_id`and `service_name` metric labels can be used to identify which collector the metric originates from.
Bindplane docs - Google Cloud Managed Service for Prometheus - image 7