Configure the Web Query Client Policy for GCP

Using the Client Policy Builder, you can create and modify policies for your LCE Web Query Client. The following steps are performed via the web interface on the LCE server that you configured your LCE Web Query Client to communicate with.

To configure the Web Query Client Policy for GCP:

  1. Using the Client Policy Builder, create a policy for your LCE Web Query Client. This documentation includes a list of valid configuration items for the client policy.

    A Web Query Client policy for GCP (Google Cloud Platform) requires you to add a Google Cloud endpoint to the policy. You must provide the following:

    1. In the Basic pane of the Client Policy Builder, click the button in to add a group.

      The Add a new endpoint group window appears.

    2. Click the Add Google Cloud endpoint button.

      A new Google Cloud endpoint appears.

    3. In the Endpoint name box, enter a name that identifies the endpoint.
    4. Select the Active check box.
    5. In the Query interval box, enter the number of seconds between each query to the Cloud Pub/Sub service.

    6. In the JSON service account key box, enter the entire service account key including the braces.

      For example:

      {

      "type": "service_account",

      "project_id": "blinkum-genovese-011599",

      "private_key_id": "d644c15c7332d29574f0f36ec31659db2e7cdad2",

      "private_key": "-----BEGIN PRIVATE KEY-----\nPmxlQ6i3kz/sO7NtLX2lcRuUAzgHiET99UAlqLWGsF2Msqfb38rtvBfFOmTg+NOQH8BkX8XbhGPN1Ks4xDHxtgKbSvWlUg+Eit3rSp1NuWjSz7YqUuCSgsOwbbRQvXtNKvr2RllbFyyymMpakB6iXT5UnfJqftZa5M6pWlMt2wikmkRQxlmpJTHPmaRr3fyhnYJqM/v\TJL4bjprvuYSqzMiXaWq0\Fo0ND28kB30dAhhao5NM6oykq8\OdYc6v534Y+eQfpkpOCN8qRyTTzyYLh0fKm2vEzO/O2n7+jm31h/zNlLqXf/87HsKE8TwGqw05xii21XlrL3\j8DKrNuYy9UClaxxND/r8ncgK6Cv\AYp1DJ1qLw2aIndYZaN9iXyvVQ5GdpUazj0eHORbibfjMCwP1diOAlnmlXfYMk3hTjT2/+teZtOplDL/4OCzuP\k3foR5\G5aTFKo2+w8N5wmtg5ehvDsmMmvfP2TPxIZia6BPD0uyKdESMOZOfsEgSNSFPoaIUq/qV1IrA7Q2XwtGzWuqDcALJi7x65IxrIivXUrHv379AjgrXW6SnKEFLJ1LtHi9dGBElnI+h3mx+\\z\v0X8d1vJed4tjOMNvWRaAhXhuNouAly7Xt3Eug9OCTX+di9esV7kF++heG/8yQLIQCyeBRMfot4SnDvw7xJ0sKSOKv5MOi8t6HGLsggvFR5R6V6lx3BwqeljYJDNdOYInFYKcI3DUQ8aumNLOJfEi2st9pR2sH6xb7sKSF5odeSkOoAEPqDBoOrTrYdjMUx/uRTfZBRkhKH3zVGqwR8E4HWLYnuy5vr/yEiJ/xjTS1SfVQ+mw2vVq3UdrGhPOyjEljvGAi6FAccIaJV4LkGrEKjYA6vO6n2Gswt4pR\FZ6IQj9CU8D5rUnmuJ9VP3O2ivHWkXWIBZzUZjFI3TWRZWncZXhQ8ySki6cHW7ng06WsQeN2wfP0UHHPCqkeQo1VOL+5e3POgb0izNCdy3a+ffk9XrMZo91MvyqdwPLOunI6cgcoTLlslDgwrbYvcjUAcYG6iI6/CC5o5ws\5CNlIl/JgE1IQlI48815H+q/67GUaywyR2Sfd\c4nRcNRUMJNWjzzntjraAhBy19NmKaEWKitgSFQIf1o9uatXo4s\OcPzL2ejY2bTF+1Sgo1yatsg5UWZjhb0dPabiAWKQJoZmilq7jKJ++o\ayooYOVR1kimXuhiX9RrlKLsRy0vL4KjnY3Rg2UTI5zoPyAdr4VFTsLuZ8\0WMF8/BxcASBhPCu9f4YI9hL3Qnhf4sV2+cMDUR71uv7LXIzhsaz9TDDKRvqyEoRGVo1EiNjClCrF4IPzDRwfRoAD7SegAKt5gLF+XkE5PWrVqYD9iTxj7tK\yyOR9nRRswgsz3MW78hVJXKcvSVh06m\2S55MiSBp/Qm4U9Rjtnpy1SwNc8818A6DKQtUfM/R+rR\Nl9pmMo2yPBNRX+5F0KMKRsvYuDWuhgvXmWIV19I8+Aif4kh9XUpJBQtrHrFD1wRDQ2HNV+vgklewhMOiHmSqTc5oZlNQmOH0+dgKwkkNgc12yu/z5FSOxm\bl0b+fZ54KI3lJa45jJyq3+BMyN0pJ\nIWoSRqSIbyD/TlmGsfGzoQLTrUm1SgLh2RKmaCogdBlsGg6hD2C8Uf\n-----END PRIVATE KEY-----\n",

      "client_email": "eaccount.com",

      "client_id": "404842616201342653591",

      "auth_uri": "https://accounts.google.com/o/oauth2/auth",

      "token_uri": "https://accounts.google.com/o/oauth2/token",

      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",

      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/test-credential-service-acct%40blinkum-genovese-011599.iam.gserviceaccount.com"

      }

    7. In the Subscription box, enter the subscription name. For example, projects/my-project-name/subscriptions/my-subscription-name.

      Note: You can add multiple endpoints to a single group. For example, one group could contain three Google Cloud endpoints. Another group could contain a Salesforce endpoint, an AWS CloudTrail endpoint, and a Google Cloud endpoint.

  2. Assign the policy to the LCE Web Query Client.