A foundational component of monitoring Google Cloud environments with Datadog is our Google Cloud Platform integration. This integration continuously collects metrics from all of your Google Cloud services and enriches them with tags, enabling you to scope dashboards and monitors to the relevant resources and seamlessly pivot across logs, metrics, and traces inside the Datadog platform.
We are excited to announce a faster, streamlined, and more secure setup experience for this integration so you can get full visibility into all your Google Cloud projects. In just a few clicks, you can enable visibility across your entire organization—even if you’re managing hundreds or thousands of projects.
In this post, we’ll discuss how you can:
- Quickly start monitoring your Google environment with automatic discovery of projects
- Gain better visibility at a glance with the new integration tile
- Securely grant access to your cloud environment using service account impersonation
Automatic discovery of new Google Cloud projects
Whether your organization manages tens, hundreds, or thousands of Google Cloud projects, our new setup experience allows you to scale effectively by using a single service account to assign access across multiple projects. You can even assign access at the folder or organization level. When you configure the integration this way, Datadog will automatically discover and begin monitoring new projects as they are created within the assigned scope, ensuring seamless monitoring coverage as your Google Cloud environment scales.
Visibility at a glance with the new integration tile
The Google Cloud integration tile in the Datadog platform has been updated to make it easier for enterprises to use the integration to manage large numbers of projects seamlessly. You can use the new tile layout to understand which projects are being monitored, what integration settings are being applied, and which service account is associated with a given project. In addition, the new search bar lets you isolate specific projects or service accounts.
The new integration tile also surfaces the most critical errors and warnings at the top of the page, with clear messages that enable you to discern the overall health status of your environment, identify issues, and determine the scope of those issues within service accounts or projects.
If you’re an existing customer using static credentials to grant Datadog access to your accounts, the integration tile can help you switch over to using service account impersonation, which we’ll discuss in detail below. As you onboard your projects to Datadog with service account impersonation, you can use the duplicate configuration warning messages in the tile to track your progress. Once a project is discovered and monitored with the new configuration, these warnings will highlight the legacy configurations that are ready for deletion, allowing you to migrate without interruption to your monitoring coverage.
Securely grant access using service account impersonation
Service account impersonation is a form of workload identity federation, which is a system that establishes trust between two parties for authenticating users and authorizing the use of resources. Using short-lived access tokens, Datadog crawlers make requests to Google Cloud Monitoring APIs to fetch metrics, events, and metadata from your Google Cloud projects.
This approach improves security and removes the need for static credentials (in the form of files). It also makes the setup process easier since there’s no need to create or upload any files.
To make use of service account impersonation, copy the Datadog principal from your org, then follow the steps in Google Cloud console to grant access to Datadog. Check out our setup documentation for the step-by-step instructions.
Get started with our new Google Cloud integration setup today
Our new Google Cloud integration setup leverages automatic discovery of new projects, an intuitive new tile layout, and secure remote access with service account impersonation so you can enable visibility across your entire organization in minutes. To get started using the new setup, install the Google Cloud Platform integration. You can also check out our documentation for a full list of supported features via this integration. Or, if you’re brand new to Datadog, sign up for a 14-day free trial.
