I'm following instructions here to get a list of services in my project from the google monitoring API: https://cloud.google.com/monitoring/service-monitoring/using-api#using-curl
curl --http1.1 --header "Authorization: Bearer ${ACCESS_TOKEN}" https://monitoring.googleapis.com/v3/projects/${PROJECT_ID}/services
I get back results for appEngine and clusterIstio objects within my project, but not for my Cloud Endpoints.
The documentation here suggests that Cloud Endpoints are supported: https://cloud.google.com/monitoring/service-monitoring/using-api#choosing-svcmon-api.
Are there any missing instructions here for maybe enabling the endpoints for monitoring?
You can use the API to create custom SLOs using just about any metrics in your project.
First, create a service using this call:
https://cloud.google.com/monitoring/service-monitoring/using-api#service-create
Then, create SLOs against that service:
https://cloud.google.com/monitoring/service-monitoring/using-api#slo-create
Here's a walkthrough (using an App Engine service, rather than a custom one):
https://medium.com/google-cloud/slos-with-stackdriver-service-monitoring-62f193147b3f
Related
I updated the Firebase SDKs of my Firebase for Web application.
Since the update my application no longer starts and throws the following error:
Any idea what is going on?
Uncaught (in promise)
FirebaseError: Installations: Create Installation request failed with error "403 PERMISSION_DENIED: Requests to this API firebaseinstallations.googleapis.com method google.firebase.installations.v1.FirebaseInstallationsService.CreateInstallation are blocked." (installations/request-failed).
It turns out that new versions of Firebase SDKs depend on a new internal infrastructure service, called FIS (the Firebase Installations Service) for targeting identifiers ("FIDs" or "Instance-IDs").
If you are using API key restrictions for the API keys you use in your application, you will have to extend those restrictions to allow usage with the new Firebase Installations Service at firebaseinstallations.googleapis.com.
To allow your API key in question to be used with the new Firebase Installations API:
go to the Google Cloud Console
choose the relevant project (i.e. the project you use for your application)
open the menu and go to APIs & Services -> Credentials
click Edit API key for the API key in question
scroll down to API restrictions
from the dropdown, choose Firebase Installations API
click Save
wait a couple of minutes for Google servers to update and retry...
Note: If you cannot find the Firebase Installations API in the list of APIs, you might first have to enable the API for your project (to do so click here).
Note: If you are not sure which API key is used in your application, you can check the usage numbers of Firebase Installations API per API key.
Note: Verify your fix by checking if you can see successful 200 requests increasing on the Firebase Installations API request metrics page.
Test if your configuration works with the following CURL command:
api_key=<YOUR_API_KEY>;
project_identifier=<YOUR_PROJECT_ID>;
app_id=<YOUR_FIREBASE_APP_ID_SIMILAR_TO_1:12345678:android:00000aaaaaaaa>;
curl -H "content-type: application/json" -d "{appId: '$app_id', sdkVersion: 't:1'}" https://firebaseinstallations.googleapis.com/v1/projects/$project_identifier/installations/?key=$api_key;
If your API key uses App restrictions you will have to expand your CURL request with the respective HTTP headers identifying your application:
Android: -H "x-android-package: com.rayo.example.app" -H "x-android-cert: 1234567890ABCDEF1234567890ABCDEFAABBCCDD"
iOS: -H "x-ios-bundle-identifier: com.rayo.example.app"
Webapp: -H "Referer: https://www.your.webapp.com/page?p=1"
I'm trying to configure Google Cloud Endpoint in front of Cloud Run. I decided to use the OpenAPI 2.0 standard so I can use Python 3.6.5 as a language to develop my backend.
I followed this guide https://cloud.google.com/endpoints/docs/openapi/get-started-cloud-run.
I've been able to set up a custom domain name for my Cloud Endpoints like api.example.com and I'm able to make API calls to my endpoints.
The only problem is that I can't see any incoming requests and any logs in my Cloud Endpoints console. I can only see them in the Cloud Run console.
How is possible? What am I doing wrong?
I also tried to create enable my Flask app to support another endpoint and I didn't update the openapi.yaml file with the new endpoint. My service is giving me answers if I make API calls to the new endpoints.
How is possible if I didn't update that file?
I'm starting to think that I didn't configure well the Cloud Endpoint and I'm making API calls directly to my Cloud Run service.
My project uses Firebase authentication.
I want to enable the logging of authentication activity for compliance. Google has this feature for its Google Cloud CICP (Cloud Identity for Customers and Partners) (documentation here).
I know that CICP says it's compatible with Firebase authentication, but does this mean it will log my Firebase project's authentication activity if I do enable it? Or will it only log activity from accounts created directly by CICP? Thanks!
For Stackdriver activity logging, it will work for activity across both CICP and Firebase Auth. As you've probably seen from the documentation, the first step is to enable this on your project:
curl -d "{'monitoring':{'requestLogging':{'enabled':true}}}" -H 'Authorization: Bearer [AUTH_TOKEN]' -X PATCH -H 'Content-Type: application/json' https://identitytoolkit.googleapis.com/admin/v2/projects/[PROJECT_ID]/config?updateMask=monitoring.requestLogging.enabled
You can get an AUTH_TOKEN any number of ways, but a simple method is using the Google OAuth Playground and authorizing the Google Identity Toolkit API v3 scopes.
Once you have some activity that's worthy of reviewing, you can check it out directly in StackDriver logs viewer within the "Identity Toolkit Project" resource.
One thing to be aware of is that if you have a large number of users, or really significant activity on your project, you might also want to specify exclusions to minimize cost/traffic/noise. Details are included in the Activity Logging docs you've specified.
I've set up a very simple REST API on top of the awesome endpoints-proto-datastore library, which relies on endpoints v1.0.0 included in Google Cloud Built-in Third-party Libraries.
This API serves data to an Angular 6 app.
I've set up Firebase/Angularfire authentication as well. Now, when I try to authenticate API calls using Firebase following the example in the docs, I can't use the Firebase "issuer" object required as it is not available in endpoints v1.0.0.
Seems the solution is to upgrade endpoints, which I do to v4.3.0 (latest as of today, I've also tried v2, v3).
When I run my app, the API does not accept calls to /_ah/spi anymore:
ValueError: Invalid request path: /_ah/spi/BackendService.getApiConfigs
Any idea what am I doing wrong?
As shown in the migration docs, in the new Endpoints version, you accept requests on /_ah/api instead of /_ah/spi
I'd like to know if it's possible to automate the process of importing swagger files in wso2 api manager. If so how can it be done?
thanks
You write a script to create an API using Publisher's API.
You can add resources, including scopes, as a Swagger payload.
https://docs.wso2.com/display/AM210/Publisher+APIs#PublisherAPIs-AddAPI
curl -X POST -b cookies http://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag -d "action=addAPI&name=PhoneVerification&context=/phoneverify&version=1.0.0&visibility=public&thumbUrl=&description=Verify a phone number&tags=phone,mobile,multimedia&endpointType=nonsecured&tiersCollection=Gold,Bronze&http_checked=http&https_checked=https&resourceCount=0&resourceMethod-0=GET&resourceMethodAuthType-0=Application&resourceMethodThrottlingTier-0=Unlimited&uriTemplate-0=/*&default_version_checked=default_version&bizOwner=xx&bizOwnerMail=xx#ee.com&techOwner=xx&techOwnerMail=ggg#ww.com" -d 'endpoint_config={"production_endpoints":{"url":" http://ws.cdyne.com/phoneverify/phoneverify.asmx","config":null},"endpoint_type":"http "}'
You can write a java/python client or create a script which will include the couple of hits to the APIs mentioned in the publisher api document.
Generate the token using scopes: apim:api_create apim:api_view apim:api_publish
Call the Update swagger definition
Change API-Status to Publish using the Change API Status