Who can use this feature?
- Available with Data Direct.
- Requires an admin or architect role to configure.
Introduction
Google Cloud Storage is a cloud-based unstructured data storage service that can be used as a data lake for behavioral data. Our Google Cloud Storage integration allows you to send your raw event data directly to Google Cloud Storage.
Enabling the integration (Google)
Before activating the integration in Fullstory, you must ensure you are fully set up in Google Cloud Storage. Please review their setup documentation here before getting started in Fullstory.
Important Note on Data Security: Fullstory should only be granted access to read/write the data that we will be managing as part of this sync. To ensure all sensitive data remains secure, Fullstory strongly recommends creating unique credentials specifically for Fullstory to access. These credentials should not be permitted to access any other customer data in any way.
Create service account
To integrate Data Direct for Google Cloud Storage, create a service account with Google Cloud.
Then, create a private JSON key for the service account. Make a note of it, as you will need it later in order to configure the integration in Fullstory. The private JSON key should be in the following format:
{ "type": "service_account", "project_id": "random-project-12345", "private_key_id": "abcdefg", "private_key": "*****", "client_email": "name@project.iam.gserviceaccount.com", "client_id": "12345678", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/name%40project.iam.gserviceaccount.com" }
Configure service account
Next, you must configure the service account you created previously. The minimum required permissions must include the `storage.objectUser` role.
VPC Service Control setup for Cloud Storage
If you have VPC-SC setup for your Cloud Storage you’ll need to introduce the following ingress and egress rules to enable network connectivity for the DataDirect GCS LoadJob to properly sync to your storage bucket.
Ingress Rules for GCS
- ingressFrom:
identities:
## Service Account you created for this integration
- serviceAccount:serviceAccount@example.com
sources:
## fullstoryapp
- resource: "projects/220087653628"
ingressTo:
operations:
- serviceName: storage.googleapis.com
methodSelectors:
- method: "*"
resources:
## The GCP project number where your files will be stored
- projects/<GCP-project-number>
Egress Rule for GCS
egressTo:
operations:
- serviceName: storage.googleapis.com
methodSelectors:
- method: "*"
resources:
## fullstoryapp
- projects/220087653628
egressFrom:
identities:
## Service Account you created for this integration
- serviceAccount:serviceAccount@example.com
Enabling the integration (Fullstory)
To start syncing, follow the steps below:
- Navigate to Settings > Integrations > Destinations
-
Find the Google Cloud Storage integration and click Install.
-
As shown in the screenshot below, in the menu that appears, add in your Google Service Account Key that you created above.
Note: Please ensure all credentials are correctly entered. If any are incorrectly entered, the integration sync will fail. - When you are ready, click Save at the bottom.
- After saving, you will see data start flowing into your cloud storage after 1 hour.
FAQ
Can you set up more than one Data Destination in your account?
Yes. Repeat setup steps for different destinations as needed.