Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED

List all GCP STS-enabled service accounts

GET https://api.ap1.datadoghq.com/api/v2/integration/gcp/accountshttps://api.ap2.datadoghq.com/api/v2/integration/gcp/accountshttps://api.datadoghq.eu/api/v2/integration/gcp/accountshttps://api.ddog-gov.com/api/v2/integration/gcp/accountshttps://api.us2.ddog-gov.com/api/v2/integration/gcp/accountshttps://api.datadoghq.com/api/v2/integration/gcp/accountshttps://api.us3.datadoghq.com/api/v2/integration/gcp/accountshttps://api.us5.datadoghq.com/api/v2/integration/gcp/accounts

Overview

List all GCP STS-enabled service accounts configured in your Datadog account. This endpoint requires the gcp_configuration_read permission.

Response

OK

Object containing all your STS enabled accounts.

Expand All

Field

Type

Description

data

[object]

Array of GCP STS enabled service accounts.

attributes

object

Attributes associated with your service account.

account_tags

[string]

Tags to be associated with GCP metrics and service checks from your account.

automute

boolean

Silence monitors for expected GCE instance shutdowns.

client_email

string

Your service account email address.

cloud_run_revision_filters

[string]

DEPRECATED: List of filters to limit the Cloud Run revisions that are pulled into Datadog by using tags. Only Cloud Run revision resources that apply to specified filters are imported into Datadog. Note: This field is deprecated. Instead, use monitored_resource_configs with type=cloud_run_revision

host_filters

[string]

DEPRECATED: List of filters to limit the VM instances that are pulled into Datadog by using tags. Only VM instance resources that apply to specified filters are imported into Datadog. Note: This field is deprecated. Instead, use monitored_resource_configs with type=gce_instance

is_cspm_enabled

boolean

When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true.

is_global_location_enabled

boolean

When enabled, Datadog collects metrics where location is explicitly stated as "global" or where location information cannot be deduced from GCP labels.

default: true

is_per_project_quota_enabled

boolean

When enabled, Datadog applies the X-Goog-User-Project header, attributing Google Cloud billing and quota usage to the project being monitored rather than the default service account project.

is_resource_change_collection_enabled

boolean

When enabled, Datadog scans for all resource change data in your Google Cloud environment.

is_security_command_center_enabled

boolean

When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account.

metric_namespace_configs

[object]

Configurations for GCP metric namespaces.

disabled

boolean

When disabled, Datadog does not collect metrics that are related to this GCP metric namespace.

filters

[string]

When enabled, Datadog applies these additional filters to limit metric collection. A metric is collected only if it does not match all exclusion filters and matches at least one allow filter.

id

string

The id of the GCP metric namespace.

monitored_resource_configs

[object]

Configurations for GCP monitored resources.

filters

[string]

List of filters to limit the monitored resources that are pulled into Datadog by using tags. Only monitored resources that apply to specified filters are imported into Datadog.

type

enum

The GCP monitored resource type. Only a subset of resource types are supported. Allowed enum values: cloud_function,cloud_run_revision,gce_instance

region_filter_configs

[string]

Configurations for GCP location filtering, such as region, multi-region, or zone. Only monitored resources that match the specified regions are imported into Datadog. By default, Datadog collects from all locations.

resource_collection_enabled

boolean

When enabled, Datadog scans for all resources in your GCP environment.

id

string

Your service account's unique ID.

meta

object

Additional information related to your service account.

accessible_projects

[string]

The current list of projects accessible from your service account.

type

enum

The type of account. Allowed enum values: gcp_service_account

default: gcp_service_account

{
  "data": [
    {
      "attributes": {
        "account_tags": [],
        "automute": false,
        "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com",
        "cloud_run_revision_filters": [
          "$KEY:$VALUE"
        ],
        "host_filters": [
          "$KEY:$VALUE"
        ],
        "is_cspm_enabled": false,
        "is_global_location_enabled": true,
        "is_per_project_quota_enabled": true,
        "is_resource_change_collection_enabled": true,
        "is_security_command_center_enabled": true,
        "metric_namespace_configs": [
          {
            "disabled": true,
            "filters": [
              "snapshot.*",
              "!*_by_region"
            ],
            "id": "pubsub"
          }
        ],
        "monitored_resource_configs": [
          {
            "filters": [
              "$KEY:$VALUE"
            ],
            "type": "gce_instance"
          }
        ],
        "region_filter_configs": [
          "nam4",
          "europe-north1"
        ],
        "resource_collection_enabled": false
      },
      "id": "d291291f-12c2-22g4-j290-123456678897",
      "meta": {
        "accessible_projects": []
      },
      "type": "gcp_service_account"
    }
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/integration/gcp/accounts" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

                
"""
List all GCP STS-enabled service accounts returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = GCPIntegrationApi(api_client)
    response = api_instance.list_gcpsts_accounts()

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"
# List all GCP STS-enabled service accounts returns "OK" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::GCPIntegrationAPI.new
p api_instance.list_gcpsts_accounts()

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"
// List all GCP STS-enabled service accounts returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewGCPIntegrationApi(apiClient)
	resp, r, err := api.ListGCPSTSAccounts(ctx)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `GCPIntegrationApi.ListGCPSTSAccounts`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `GCPIntegrationApi.ListGCPSTSAccounts`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"
// List all GCP STS-enabled service accounts returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.GcpIntegrationApi;
import com.datadog.api.client.v2.model.GCPSTSServiceAccountsResponse;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    GcpIntegrationApi apiInstance = new GcpIntegrationApi(defaultClient);

    try {
      GCPSTSServiceAccountsResponse result = apiInstance.listGCPSTSAccounts();
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling GcpIntegrationApi#listGCPSTSAccounts");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"
// List all GCP STS-enabled service accounts returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_gcp_integration::GCPIntegrationAPI;

#[tokio::main]
async fn main() {
    let configuration = datadog::Configuration::new();
    let api = GCPIntegrationAPI::with_config(configuration);
    let resp = api.list_gcpsts_accounts().await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run
/**
 * List all GCP STS-enabled service accounts returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.GCPIntegrationApi(configuration);

apiInstance
  .listGCPSTSAccounts()
  .then((data: v2.GCPSTSServiceAccountsResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"