CloudQuery Platform
  • Introduction
    • Welcome to CloudQuery Platform
    • Getting Help
  • Quickstart
    • Creating a New Account
    • Platform Activation
  • Core Concepts
    • Integrations
    • Syncs
    • Filters & Queries
    • SQL Console
    • Reports
  • Integration Guides
    • Setting up an AWS Integration
    • Setting up an AWS Cost and Usage Integration
    • Setting up a GCP Integration
    • Setting up an Azure Integration
    • Setting up a GitHub Integration
    • Setting up a K8s Integration
      • Using AWS EKS
      • Using Azure AKS
      • Using GCP GKE
    • General Integration Setup Guide
    • General Destination Setup Guide
  • Syncs
    • Setting up a Sync
    • Monitoring Sync Status
  • Cloud insights
    • From cloud asset inventory to insights
      • Security-focused queries
      • Compliance-focused queries
      • FinOps-focused queries
  • Production Deployment
    • Enabling Single Sign-on (SSO)
      • Single Sign-On with Google
      • Single Sign-On with Microsoft
      • Single Sign-On with Okta
  • User Management
    • Platform Roles Overview
    • Workspace Roles Overview
  • Advanced Topics
    • Custom Columns
    • Understanding Platform Views
    • Performance Tuning
  • Reference
    • Search & Filter Query Syntax
  • API Reference
  • CLI Docs
  • CloudQuery Hub
Powered by GitBook
On this page
  • Prerequisites
  • Creating K8s integration
  • Optional: Adding permissions to read cluster secrets

Was this helpful?

  1. Integration Guides
  2. Setting up a K8s Integration

Using GCP GKE

PreviousUsing Azure AKSNextGeneral Integration Setup Guide

Last updated 1 month ago

Was this helpful?

CloudQuery Platform currently supports integration with GCP Google Kubernetes Engine (GKE). This guide explains the required GCP account setup and configuration steps needed to enable CloudQuery to access your GKE clusters and run sync.

Prerequisites

First, follow the , to create a service account, also assign Kubernetes Engine Viewer role to the service account. Follow the guide to download the JSON key file, which we will use shortly.

Creating K8s integration

  1. Navigate to Data Pipelines → Integrations in CloudQuery Platform

  2. Click Create Integration and select K8s

Update the YAML configuration with your cluster details:

kind: source
spec:
  name: k8s
  path: cloudquery/k8s
  version: v7.6.0 # latest version of source k8s plugin
  tables:
    - "*"
  spec:
    providers:
      - cluster: <cluster-name>
        gcp:
          authenticate_gcloud: true
          location: <cluster-location>
          project_id: <project-id>
          service_account_key_json: |
            ${SERVICE_ACCOUNT_KEY_JSON}

And add contents of the JSON file downloaded during setup as the secret value for SERVICE_ACCOUNT_KEY_JSON

Replace the <variables> with the correct values from your GCP account and GKE cluster you want to sync.

Optional: Adding permissions to read cluster secrets

By default, the Kubernetes Engine Viewer role will not allow reading cluster secrets, the service account permissions can be modified to read the secrets as well, either by assigning the Kubernetes Engine Admin role, or creating a custom role with container.secrets.list permission.

GCP integration setup guide