Google Cloud Storage

Who can use this feature?
- Available with Data Direct.
- Requires an admin or architect role to configure. 

 

Introduction

Google Cloud Storage is a cloud-based unstructured data storage service that can be used as a data lake for behavioral data. Our Google Cloud Storage integration allows you to send your raw event data directly to Google Cloud Storage.

 

Enabling the integration (Google)

Before activating the integration in Fullstory, you must ensure you are fully set up in Google Cloud Storage. Please review their setup documentation here before getting started in Fullstory.

Important Note on Data Security: Fullstory should only be granted access to read/write the data that we will be managing as part of this sync. To ensure all sensitive data remains secure, Fullstory strongly recommends creating unique credentials specifically for Fullstory to access. These credentials should not be permitted to access any other customer data in any way.

Create service account

To integrate Data Direct for Google Cloud Storage, create a service account with Google Cloud.

Then, create a private JSON key for the service account. Make a note of it, as you will need it later in order to configure the integration in Fullstory. The private JSON key should be in the following format:

{
  "type": "service_account",
  "project_id": "random-project-12345",
  "private_key_id": "abcdefg",
  "private_key": "*****",
  "client_email": "name@project.iam.gserviceaccount.com",
  "client_id": "12345678",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/name%40project.iam.gserviceaccount.com"
}

Configure service account

Next, you must configure the service account you created previously. The minimum required permissions must include the `storage.objectUser` role.

 

VPC Service Control setup for Cloud Storage

If you have VPC-SC setup for your Cloud Storage you’ll need to introduce the following ingress and egress rules to enable network connectivity for the DataDirect GCS LoadJob to properly sync to your storage bucket.

Ingress Rules for GCS

- ingressFrom:
   identities:
## Service Account you created for this integration

     - serviceAccount:serviceAccount@example.com
   sources:
## fullstoryapp
     - resource: "projects/220087653628"
 ingressTo:
   operations:
     - serviceName: storage.googleapis.com
       methodSelectors:
         - method: "*"
   resources:
## The GCP project number where your files will be stored

     - projects/<GCP-project-number>

Egress Rule for GCS

egressTo:
   operations:
     - serviceName: storage.googleapis.com
       methodSelectors:
         - method: "*"
   resources:
## fullstoryapp

     - projects/220087653628
 egressFrom:
   identities:
## Service Account you created for this integration

     - serviceAccount:serviceAccount@example.com

 

Enabling the integration (Fullstory)

To start syncing, follow the steps below:

  1. Navigate to Settings > Integrations > Destinations
  2. Find the Google Cloud Storage integration and click Install.
    Screenshot 2024-09-30 at 10.04.40 AM.png
  3. As shown in the screenshot below, in the menu that appears, add in your Google Service Account Key that you created above.
    Note: Please ensure all credentials are correctly entered. If any are incorrectly entered, the integration sync will fail.Screenshot 2024-09-30 at 10.07.43 AM.png
  4. When you are ready, click Save at the bottom.
  5. After saving, you will see data start flowing into your cloud storage after 1 hour.

FAQ

Can you set up more than one Data Destination in your account?
Yes. Repeat setup steps for different destinations as needed. 

Need to get in touch with us?

The Fullstory Team awaits your every question.

Ask the Community Technical Support