Monitor multiple GCP projects

You can push metrics to Dynatrace from multiple GCP projects. For example, you can run dynatrace-gcp-function in a project dedicated to monitoring, and get metrics from production, stage, or development projects.

There are two ways you can set up monitoring for multiple GCP projects: using the gcloud CLI or in the GCP console. See below for instructions.

Prerequisites

To add projects to monitoring using the gcloud CLI

  1. Grant required IAM policies to the IAM service account for your desired projects.

Note: Make sure to replace <your-desired-project-ID> with the ID of your desired project, and <your-GCP-project-ID> with the ID of the project where the IAM service account was created.

gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/monitoring.editor
gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/monitoring.viewer
gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/compute.viewer
gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/cloudsql.viewer
gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/cloudfunctions.viewer
gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/file.viewer
gcloud projects add-iam-policy-binding <your-desired-project-ID> --member="serviceAccount:dynatrace-gcp-function-sa@<your-GCP-project-ID>.iam.gserviceaccount.com" --role=roles/pubsub.viewer
  1. Repeat step 1 for all the other projects you want to monitor.

It takes about a minute for the metrics from the newly configured projects to appear in the Dynatrace web UI.

Note: For GKE deployment, you must restart your Kubernetes container after adding projects to monitoring.