Configuring a Gateway Integration Endpoint - Google Cloud Storage

A gateway integration endpoint (GIEP) allows STEP to communicate with an external storage system. Once a GIEP has been created and Google Cloud Storage has been selected, the configuration settings allow you to identify the location of the required data.

Important: Prior to configuration, dropdown parameters that rely on a property are empty. Hovering over the dropdown or clicking a dropdown displays the required property name to configure. To display the value(s), in the Self-Service UI, select the environment, and on the 'Configuration properties' tab, configure the property for your system. Refer to the Self-Service User Guide for information about setting configuration properties, including the use of the ${CUSTOMER_SECRETS_ROOT} and ${CUSTOMER_CONFIG_ROOT} variables.

Multiple entries can be added to the dropdown parameters using dynamic properties. Each configuration entry must have a unique integer or alpha identifier (indicated by [*]) as described below. When duplicate identifiers exist, only the last value is displayed in the dropdown.

Allow a few minutes for changes made in the Self-Service UI 'Configuration properties' tab to display in the workbench.

Prerequisites

  1. To use the Gateway Integration Endpoint Configuration dialog for Google Cloud Storage, grant the following Google Cloud Storage permissions:

    • storage.buckets.get

    • storage.objects.create

    • storage.objects.delete

    • storage.objects.get

    • storage.objects.getIamPolicy

    • storage.objects.list

    • storage.objects.update

  2. Create a JSON key type file. The connection with Google Cloud Storage uses Application Default Credentials and requires that a JSON file holds the key to be created. For information, refer to the Google Cloud console documentation (https://cloud.google.com/iam/docs/keys-create-delete).

  3. In the Self-Service UI for the environment, upload the key file on the 'Configuration files' tab to use the ${CUSTOMER_SECRETS_ROOT} variable.

  4. Configure the ConnectionKeyPath dropdown parameter using the BlobStorage.Google.Secret.ConnectionKeyPath.[*] property. The syntax for the Value parameter is <connection-string-alias>,<key-file-location>. The alias text is displayed in the dropdown parameter.

    Note: Sensitive configuration values are hidden and denoted with 'Secret.' This means that the actual values are not visible to users or to Stibo Systems, for example, via Admin Portal configuration lists and remote diagnostics.

    In this example, the text added to the Value parameter is 'GCS_Storage1,${CUSTOMER_SECRETS_ROOT}/key1.json' and 'GCS_Storage2,${CUSTOMER_SECRETS_ROOT}/key2.json'.

  5. Configure the Bucket dropdown parameter using the BlobStorage.Google.BucketName.[*] property. For example:

Configuring the Gateway Integration Endpoint

After setting the Google Cloud Storage permissions and configuration property entries to supply values on the dialog, configure the GIEP. If the dropdowns are empty, revisit the 'Configuration properties tab in Self-Service UI to correct the error.

  1. On the Gateway Integration Endpoint Configuration dialog, use the following parameters to specify which external system the GIEP will access.

    • ConnectionKeyPath - Select the desired Google Cloud Storage connection.

    • Bucket - Select the Google Cloud Storage bucket to use.

    • Connection timeout in seconds - Add number of seconds until timeout. If left blank, the driver default is used.

  2. Click Save to complete the configuration.

  3. Enable the endpoint as defined in the Running a Gateway Integration Endpoint topic.

  4. Test the connection from the gateway as follows:

    • On the Gateway Connectivity section, click the Check Connectivity button.

    • In the Check Connectivity dialog, in the Java Script Check Code section, add:

      gateway.checkConnectivity()

    • Click the Check Connectivity button and verify success or make the necessary corrections to connect.

Using the Gateway Integration Endpoint

Configuration of a GIEP is required to set up: