Google Cloud Platform (GCP)

Configuring Google Cloud Platform integration

Tidal Control's Google Cloud Platform integration monitors your GCP resources, IAM settings, and security configurations for compliance purposes.

What this integration monitors:

• Resources: Virtual machines, storage, databases, and other GCP services
• IAM: Users, roles, and permissions within your GCP project
• Security: Security settings and access controls

Requirements:

• Super User role in Tidal Control
• Google Cloud Platform project access
• Access to Google Cloud Console

Configuration step-by-step plan

What we're going to do: We'll create a Google service account with the necessary permissions to access your GCP resources through secure APIs.

Configuration steps:

1. Create service account
2. Assign role and generate JSON key
3. Enable APIs
4. Configure integration

Step 1: Create service account

• Go to Google Cloud Console at https://console.cloud.google.com
• Log in with account that has project access
• Select your Google Cloud project in project selector
• Navigate to IAM & Admin → Service Accounts
• Click "+ CREATE SERVICE ACCOUNT"
• Fill in service account details:
  • Service account name: Tidal Control GCP
  • Service account ID: tidal-control-gcp
  • Description: Service account for Tidal Control GCP monitoring

Step 2: Assign role and generate JSON key

• Select role: Basic → Viewer
• Click "Continue" and skip next step
• Click "Done" to create service account
• Select new service account from list
• Go to "KEYS" tab
• Click "ADD KEY" → "Create new key"
• Select JSON format
• Download JSON file automatically to computer
• Store file securely - needed for integration setup

Step 3: Enable APIs

• Navigate to APIs & Services → Library in Google Cloud Console
• Search and enable the following APIs:
  • Identity and Access Management (IAM) API
  • Cloud Resource Manager API
• Click "ENABLE" for each API

Step 4: Configure integration

• Go to Settings → Integrations in Tidal Control
• Click the plus icon next to Google Cloud Platform
• Fill in configuration:
  • Name: GCP Production Account
  • Service Account JSON: Upload or paste contents of JSON file
• Click "Create" to save integration

Configuration fields explained

Name:

• A descriptive name for this integration
• For example: GCP Production Account, GCP Staging

Service Account JSON:

• Contains authentication credentials for your service account
• Downloaded in step 2 during service account creation
• Keep this file secure - it provides access to your GCP environment

Verification

Check GCP integration status:

• Settings → Integrations shows "Connected" status for Google Cloud Platform
• Google Cloud test available in Tests section
• Test refresh delivers results without authentication errors

Frequently asked questions

Can I use the same service account for multiple Tidal Control environments? Yes, you can reuse the same service account JSON key across different Tidal Control instances.

Do I need Google Workspace to use the GCP integration? No, GCP integration works independently. If you also want to monitor Google Workspace or Google Drive, configure those as separate integrations via the Google Workspace guide.

How often does Tidal Control sync GCP data? Data is synchronized according to your configured test schedule, typically every few hours.

Common problems

"Authentication failed" errors

• Verify the JSON key file is correctly uploaded
• Check that the service account has the correct Viewer role in GCP
• Confirm that all required APIs are enabled

"API not enabled" errors

• Ensure IAM API and Cloud Resource Manager API are enabled in your GCP project
• Wait a few minutes after enabling APIs before testing the integration

"Permission denied" errors

• Verify the service account has the Basic → Viewer role assigned
• Check that the JSON key belongs to the correct service account

Still can't figure it out?

Send an email to support@tidalcontrol.com, and we'll get back to you as soon as possible.