Settings to Enable VM Information Sources for Google Compute
Engine
Enable monitoring of GCE instances to consistently enforce
policy for workloads.
Device
VM
Information Sources
Add
The following table describes the settings you need to configure
to enable VM Information Sources for Google Compute Engine instances
on Google Cloud Platform. Enable monitoring of Google Compute Engine
(GCE) instances to allow the firewall (physical or virtual on-premise,
or running in Google Cloud) to retrieve tag, label, and other metadata
about the instances running in a particular Google Cloud zone of
the specified project. For information on the VM-Series on Google
Cloud Platform, refer to the VM-Series Deployment Guide.
Settings
to Enable VM Information Sources for Google Compute Engine | |
---|---|
Name | Enter a name to identify the monitored source
(up to 31 characters). The name is case-sensitive, must be unique,
and can contain only letters, numbers, spaces, hyphens, and underscores. |
Type | Select Google Compute Engine . |
Description | ( Optional ) Add a label to identify
the location or function of the source. |
Enabled | The communication between the firewall and
the configured source is enabled by default. The connection
status between the monitored source and the firewall displays in
the interface as follows:
Clear the Enabled option
to disable communication between the configured source and the firewall. |
Service Authentication Type | Select VM-Series running on GCE or Service
Account.
|
Service Account Credential | ( Only for Service Account ) Upload
the JSON file with the credentials for the service account. This
file allows the firewall to authenticate to the instance and authorizes
access to the metadata.You can create an account on the Google
Cloud console ( IAM & admin Service Accounts |
Project ID | Enter the alphanumeric text string that
uniquely identifies the Google Cloud Project that you want to monitor. |
Zone Name | Enter the zone information as a string of
up to 63 characters in length. For example: us-west1-a . |
Update Interval | Specify the interval (in seconds) at which
the firewall retrieves information from the source (range is 60
to 1,200; default is 60). |
Timeout | The interval (in hours) after which the
connection to the monitored source is closed if the host does not
respond (default is 2). ( Optional ) Enable
timeout when the source is disconnected . When the specified
limit is reached, if the source is inaccessible or does not respond,
the firewall will close the connection to the source. When the source
is disconnected, all the IP addresses and tags that were registered
from this project are removed from the dynamic address group. |
Recommended For You
Recommended Videos
Recommended videos not found.