GCP
      Back to home
      1. Help Center
      2. Security & Access Management
      3. GCP

      Using the Google Cloud Console to Configure ProsperOps Access for a Savings Analysis

      This article assumes you are configuring ProsperOps access for a Savings Analysis using the ProsperOps Console onboarding flow.

      ⚠️  IMPORTANT NOTE: Be sure you are using a browser profile where you're authenticated with your corporate Google credentials, not your personal Gmail account.

      Steps to Complete this Onboarding

      1. Create custom ProsperOps role

      2. Assign Billing Account permissions

      3. Assign Detailed Usage Cost export permissions

      4. Assign Pricing export permissions

      5. Assign Organization permissions

      Custom ProsperOps Role

      The video below shows how to create a custom ProsperOps role in the Google Cloud Console IAM Roles page.

      • Return to the ProsperOps Console and click the GCP IAM Roles link


      • You will be taken to the IAM Roles page for your GCP organization. Click the Create Role button.

      • Enter the Title, Description, ID, and Role launch stage using the information provided in the ProsperOps Console. Click the Add Permissions button.

      • Copy the first permission from the ProsperOps Console into the Filter field. Check the filtered permission to add it, clear the filter, and repeat. When all 8 permissions have been added, click the Add button.

      • You should see all 8 permissions listed for the role. Click Create to finalize the role.

       

      • Return to the ProsperOps Console and click the Role Created button. 

       

      Billing Account Access

      Note that we refer to the service account as the principal name in the steps below.

      • Click the GCP Billing Account link

      • You will be taken to the GCP Billing Account page. Click the Add Principal button.

      • Copy the ProsperOps principal name from the ProsperOps Console and paste as the principal name.
      • Assign the Billing Account Viewer, Consumer Procurement Viewer, and ProsperOps roles, then click Save.

      • Return to the ProsperOps Console and click Validate to confirm permissions have been configured properly.

       

      Detailed Usage Cost Export Access

      • Click the BigQuery link

      • Referencing the information provided in the ProsperOps Console, expand the specified Project and Dataset, and select the specified Detailed Usage Cost table. Click the Share button.

      • Click the Add Principal button

      • Copy the ProsperOps principal name from the ProsperOps Console and paste as the principal name.
      • Assign the BigQuery Data Viewer role, then click Save.

      • Return to the ProsperOps Console and click Validate to confirm permissions have been configured properly.

       

      Pricing Export Access

      • Click the BigQuery link

      • Referencing the information provided in the ProsperOps Console, expand the specified Project and Dataset, and select the specified Pricing table. Click the Share button.

      • Click the Add Principal button

      • Copy the ProsperOps principal name from the ProsperOps Console and paste as the principal name.
      • Assign the BigQuery Data Viewer role, then click Save.

      • Return to the ProsperOps Console and click Validate to confirm permissions have been configured properly.

       

      Organization Access

      • Click the GCP IAM link

      • Click Grant Access

      • Copy the ProsperOps principal name from the ProsperOps Console and paste as the principal name.
      • Assign the ProsperOps role, then click Save.

      • Return to the ProsperOps Console and click Validate to confirm permissions have been configured properly.



      • Once organization access is validated, you are ready for a Savings Analysis! 🎊