Mapping Extra Resources
As you've probably looked at the Examples page, you've noticed that the GCP Integration supports some GCP resources, but most of them are documented in the Examples page.
This page will help you understand what kind of GCP resources are supported by the GCP integration and how to map them into Port.
Is the resource supported by the GCP Integration?
The GCP Integration is relying on GCP's Asset Inventory API. That means:
- Does the type of resource I want to injest listed here?
- If Yes, It's supported!
- If not, please contact us, or add the support to the integration yourself
Mapping the resource to Port
After you've found the resource in the Cloud Asset Supported Resources, you can map it to Port by following these steps:
Blueprint
Create a Port blueprint definition for the resource. The blueprint definition is based on the resource API specified per asset type. A few examples:
Subnetwork Blueprint
{
"identifier": "gcpSubnetwork",
"description": "This blueprint represents a GCP subnetwork in our software catalog",
"title": "Subnetwork",
"icon": "GoogleCloud",
"schema": {
"properties": {
"location": {
"title": "Location",
"type": "string"
},
"privateIpGoogleAccess": {
"title": "Private IP Google Access",
"type": "boolean"
},
"internalIpv6Prefix": {
"title": "Internal Ipv6 Prefix",
"type": "string"
},
"externalIpv6Prefix": {
"title": "External Ipv6 Prefix",
"type": "string"
},
"ipCidrRange": {
"title": "IP CIDR Range",
"type": "string"
},
"description": {
"title": "Description",
"type": "string"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"relations": {
"project": {
"target": "gcpProject",
"title": "Project",
"required": false,
"many": false
}
}
}
Firewall Blueprint
{
"identifier": "gcpFirewall",
"description": "This blueprint represents a GCP Firewall in our software catalog",
"title": "Firewall",
"icon": "GoogelCloud",
"schema": {
"properties": {
"location": {
"title": "Location",
"type": "string"
},
"network": {
"title": "Network",
"type": "string"
},
"destinationRanges": {
"title": "Destination Ranges",
"type": "array"
},
"sourceRanges": {
"title": "Source Ranges",
"type": "array"
},
"priority": {
"title": "Priority",
"type": "integer"
},
"allowed": {
"title": "Allowed",
"type": "array"
},
"denied": {
"title": "Denied",
"type": "array"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"relations": {
"project": {
"target": "gcpProject",
"title": "Project",
"required": false,
"many": false
}
}
}
Subnetwork Blueprint
{
"identifier": "gcpSubnetwork",
"description": "This blueprint represents a GCP subnetwork in our software catalog",
"title": "Subnetwork",
"icon": "GoogleCloud",
"schema": {
"properties": {
"location": {
"title": "Location",
"type": "string"
},
"privateIpGoogleAccess": {
"title": "Private IP Google Access",
"type": "boolean"
},
"internalIpv6Prefix": {
"title": "Internal Ipv6 Prefix",
"type": "string"
},
"externalIpv6Prefix": {
"title": "External Ipv6 Prefix",
"type": "string"
},
"ipCidrRange": {
"title": "IP CIDR Range",
"type": "string"
},
"description": {
"title": "Description",
"type": "string"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"relations": {
"project": {
"target": "gcpProject",
"title": "Project",
"required": false,
"many": false
}
}
}
Compute Instance Blueprint
{
"identifier": "gcpComputeInstance",
"description": "This blueprint represents a GCP Compute Instance in our software catalog",
"title": "ComputeInstance",
"icon": "GoogelCloud",
"schema": {
"properties": {
"location": {
"title": "Location",
"type": "string"
},
"machineType": {
"title": "Provisioning State",
"type": "string"
},
"subnetworks": {
"title": "Subnetwork",
"type": "array"
},
"cpuPlatform": {
"title": "CPU Platform",
"type": "string"
},
"selfLink": {
"title": "Self Link",
"type": "string"
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"relations": {
"project": {
"target": "gcpProject",
"title": "Project",
"required": false,
"many": false
}
}
}
}
Integration configuration
Create an integration configuration for the resource. The integration configuration is a YAML file that describes the ETL process to load data into the developer portal.
Mapping Configuration for Autoscaler, Firewall, Subnetwork, Compute Instance
resources:
- kind: compute.googleapis.com/Autoscaler
selector:
query: "true"
port:
entity:
mappings:
identifier: ".id"
title: ".name"
blueprint: '"gcpAutoScaler"'
properties:
location: .location
description: ".description"
minNumReplicas: ".autoscalingPolicy.minNumReplicas"
maxNumReplicas: ".autoscalingPolicy.maxNumReplicas"
recommendedSize: ".recommendedSize"
target: ".target"
relations:
project: ".__project.name"
- kind: compute.googleapis.com/Firewall
selector:
query: "true"
port:
entity:
mappings:
identifier: ".id"
title: ".name"
blueprint: '"gcpFirewall"'
properties:
location: .location
network: ".network"
destinationRanges: ".destinationRanges"
sourceRanges: ".sourceRanges"
priority: ".priority"
allowed: ".allowed"
denied: ".denied"
relations:
project: ".__project.name"
- kind: compute.googleapis.com/Subnetwork
selector:
query: "true"
port:
entity:
mappings:
identifier: ".id"
title: ".name"
blueprint: '"gcpSubnetwork"'
properties:
location: .location
privateIpGoogleAccess: ".privateIpGoogleAccess"
internalIpv6Prefix: ".internalIpv6Prefix"
externalIpv6Prefix: ".externalIpv6Prefix"
ipCidrRange: ".ipCidrRange"
description: ".description"
relations:
project: ".__project.name"
- kind: compute.googleapis.com/Instance
selector:
query: "true"
port:
entity:
mappings:
identifier: ".id"
title: ".name"
blueprint: '"gcpComputeInstance"'
properties:
location: .location
machineType: ".machineType"
subnetworks: ".networkInterfaces[].subnetwork"
cpuPlatform: ".cpuPlatform"
selfLink: ".selfLink"
relations:
project: ".__project.name"
The integration configuration structure
-
The
kindfield describes the GCP resource type to be ingested into Port. Thekindfield should be set to the GCP resource type as it appears in the supported resources guide. e.g. The resource type for theCompute Instanceiscompute.googleapis.com/Instanceresources:
- kind: compute.googleapis.com/Instance
selector:
... -
The
selectorfield describes the GCP resource selection criteria.resources:
- kind: compute.googleapis.com/Instance
selector:
query: "true" # JQ boolean expression. If evaluated to false - this object will be skipped.
port:- The
queryfield is a JQ boolean query, if evaluated tofalse- the resource will be skipped. Example use case - skip syncing resources that are not in a specific region.query: .location == "global"
- The
-
The
portfield describes the Port entity to be created from the GCP resource.resources:
- kind: compute.googleapis.com/Instance
selector:
query: "true" # JQ boolean query. If evaluated to false - skip syncing the object.
port:
entity:
mappings: # Mappings between one GCP object to a Port entity. Each value is a JQ query.
identifier: ".id"
title: ".name"
blueprint: '"gcpComputeInstance"'
properties:
location: .location
machineType: ".machineType"
subnetworks: ".networkInterfaces[].subnetwork"
cpuPlatform: ".cpuPlatform"
selfLink: ".selfLink"
relations:
project: ".__project.name"-
The
entityfield describes the Port entity to be created from the GCP resource.-
The
mappingsfield describes the mapping between the GCP resource and the Port entity.-
The
identifierfield describes the GCP resource identifier. This field is required for all resources.mappings:
identifier: ".id" -
The
titlefield describes the GCP resource title. This field is required for all resources.mappings:
title: ".name" -
The
blueprintfield describes the Port blueprint to be used to create the Port entity. This field is required for all resources.mappings:
blueprint: '"gcpComputeInstance"' -
The
propertiesfield describes the GCP resource properties to be mapped to the Portmappings:
identifier: ".id"
title: ".name"
blueprint: '"gcpComputeInstance"'
properties:
location: .location
machineType: ".machineType"
-
-
-