Service Consumer Management API 시작하기

이 페이지에서는 Service Consumer Management API 사용을 시작하기 전에 완료해야 하는 단계를 설명합니다. 이미Google Cloud 프로젝트와 관리형 서비스(예: Cloud Endpoints를 사용하여 만든 관리형 서비스)가 있으며, 테넌시 유닛에 대해 잘 이해하고 있는 것으로 가정합니다.

Activating the service

While the Service Consumer Management API helps you to manage the usage of your own managed services, it is also a service itself. Therefore, before you can use it, you must activate the Service Consumer Management API for the Google Cloud project that hosts your managed service. This project is known as a service producer project.

The simplest way to enable the Service Consumer Management API for your service producer project is to use the Google Cloud console. Alternatively, you can enable it from the command line or programmatically. You can find out more in Enabling and Disabling Services.

Setting permissions

After the Service Consumer Management API is enabled for your service producer project, you must create your own service identity and grant it permissions on your resources so that it can create tenant projects in your folders and set up the correct billing account on tenant projects. These actions are executed by a service account owned by the Service Consumer Management API, which is specified in the following format:

service-PROJECT_NUMBER@service-consumer-management.iam.gserviceaccount.com

where PROJECT_NUMBER is the project number for your service producer project that activated the Service Consumer Management service.

The remainder of this guide uses GCM_SA to represent the Service Consumer Management API service account.

You can use the following commands to generate the service identity.

1. Login with your user account.

gcloud auth login

1. Generate the service identity.

gcloud beta services identity create --service=serviceconsumermanagement.googleapis.com --project=PROJECT_ID

Setting folder permissions

1. Ensure that you have a folder for holding your tenant projects: you'll need to have an Organization to create folders within your service producer project. If you don’t have a folder, follow the instructions in Creating and Managing Folders to create one. Your folder will have an integer based FOLDER_ID.

2. On your folder, assign the Project Creator/Deleter role to the Service Consumer Management API service account. Follow the instructions in Configuring Access to Folders to add the Project Creator and Project Deleter role, using GCM_SA as the user.

Setting billing account permissions

1. Ensure that you have a billing account that can be shared for tenant projects. If you don't have a billing account, see Create, Modify, or Close a Billing Account for instructions to create one.

2. Follow the instructions to add the Billing Account User role to GCM_SA.

리소스 요구사항

• Service Consumer Management API는 테넌트 프로젝트를 자동으로 만들기 때문에 할당량이 충분한지를 확인해야 합니다.
• 기본적으로 만들 수 있는 프로젝트 수를 확인하고 해당 한도에 대한 증가를 요청하는 방법을 알아보려면 프로젝트 한도 문서를 참조하세요.