How to use Spring Cloud GCP for multiple google projects

Asked 21/6, 2019 at 13:34 Answered 26/9, 2019 at 15:31

For those who knows GCP well, it has some "limitations" about user and permissions control.

The Datastore, for example, doesn't have any way to manage user roles of the database itself and it has only the IAM of the plataform.

Because of that, Google's employees advise their customers to use multiple projects and folders of the GCP to have more control in that. I have seen it for a while.

The question is: How to connect to multiple resources of multiple projects of GCP on Spring Cloud GCP? We have applications that should access Datastore and other resources from different projects and I'm struggling here with that.

Even if Spring Cloud GCP doesn't support for multiple GCP projects, there is any workaround?

Thank you all.

Clymer answered 21/6, 2019 at 13:34 Comment(0)

Your answer should lie inside the "Shared-VPC".

Shared VPC allows an organization to connect resources from multiple projects to a common VPC network, so that they can communicate with each other securely and efficiently using internal IPs from that network.

To use this, all your projects will have to belong to the same "Organization Node," which you probably already have set up above all your projects. You will then set up projects as host projects and service projects. Hosts... well:

A host project contains one or more Shared VPC networks. A Shared VPC Admin must first enable a project as a host project. After that, a Shared VPC Admin can attach one or more service projects to it.

A service project is any project that has been attached to a host project by a Shared VPC Admin. This attachment allows it to participate in Shared VPC. It's a common practice to have multiple service projects operated and administered by different departments or teams in your organization.

Worth noting: projects that are "Service projects" cannot also be hosts. As for how to set one up, that will depend on your specific implementation, but here are some examples and use cases.

Jedidiah answered 21/6, 2019 at 16:48 Comment(1)

Sorry bro, I think you got it wrong... We have no problems with GCP, network and projects. The problem is specific for Spring Cloud GCP. I think the lib only let you connect to a single project for the same resource type (example Datastore). I edited to be more clear. – Clymer 21/6, 2019 at 19:3

You can use low-level client libraries provided for each individual service, to create an instance using builder provided like below for pubsub publishing to a topic with different project id.

ProjectTopicName topicName = ProjectTopicName.of(projectId, topic);
publisher = Publisher.newBuilder(topicName)
                        .setChannelProvider(transportChannelProvider)
                        .setCredentialsProvider(credentialsProvider)
                        .build();

You can then create a bean and autowire this in your app to use it. Although for using spring-cloud-gcp-pubsub with multiple project ids you can refer this answer

Hypodermis answered 26/9, 2019 at 15:31 Comment(0)

Recommended topics

Hot tags