GCP Installation Overview
Setting up CDC agents is an involved process that requires access to the cloud platform and services as well as a degree of familiarity with that platform. The exact method of installation is up to the user. We highly recommend going through this process with your cloud platform administrator. Equally, we recommend using the method of installation you are most familiar with.
Note that Google Cloud resources may come with their own pricing independent of any billing you receive from Matillion.
- Create new resources specifically for CDC use rather than attempt to use existing cloud resources.
- Set up a resource group for your new resources for better organization and billing ease.
- Consult your cloud/network administrator for advice on GCP permissions, roles, access and other considerations such as GCP regions.
- Keep resources in the same Google Cloud region. Note that all resources and services may not be available in all regions; it is recommended you research your desired region in advance.
The installation process is highly dependent on the chosen installation methods and environment.
Below is a checklist of resources required and full guides to setting up each can be found in the below links. A non-templated installation would require all of these steps be completed manually.
- Create a new agent in Data Loader
- Create the following resources in Google Cloud Services:
- Google Project and Service Account
- Google Service account with administrative permissions:
- Google Cloud Storage bucket.
- Google Secret Manager.
- Platform Key (Secret Manager), Secret value (Platform Key is generated on the first agent creation. All subsequent agents will use the same key).
- Database password (Secret Manager) Secret name.
- IAM Policies/Permissions.
- Workload Identity enabled (GKE)
If using a template to aid installation, users should be cognizant of the resources that template is creating and take care to only manually set up the additional resources they require.
See the individual template articles below to understand which resources they include and require.
- GCE-service-account - IAM-roles-binding.tf.