Home > Get Started > Enable Replication (Private Preview) > Enable Google Cloud Replication
Export to PDFEnable Google Cloud Replication
To enable Google Cloud replication, complete the following steps:
-
To activate the IAM Service Account Credentials API that is required for authenticating and making API calls with service accounts, go to Google Cloud Platform to enable the IAM API. For details, refer to Enable IAM API in Google Cloud Platform.
-
When the IAM API is enabled, create a service account. For details, refer to Create a Service Account in Google Cloud Platform.
-
After creating the service account, obtain credentials for your service account. The credentials are needed for creating the service account profile in AvePoint Online Services. For details, refer to Obtain Credentials for Service Account.
-
Go to AvePoint Online Services to create a service account profile that enables the Replication functionalities. For details, refer to Create a Service Account Profile in AvePoint Online Services.
-
For Kubernetes Engine protection, if you have enabled authorized network, enable the reserved IP address access of Cloud Backup for IaaS + PaaS. For more details on authorized network management, refer to Define the IP addresses that can access the control plane. For details on downloading the reserved IP address, refer to Download a List of Reserved IP Address.
-
After the service account is ready, go to Replication to create policies for your resources. After defining the protection scope and replication schedule in a policy, you can test or run actual failover jobs when required. Note that you can click the Refresh button in the upper-right corner of the service page to retrieve the latest status for the data to protect.
For details on creating a replication policy and operating failover, refer to Replication (Private Preview).
Enable IAM API in Google Cloud Platform
To enable the IAM API, complete the following steps:
-
Go to Google Cloud Platform and select your project from the top project drop-down list.
-
Navigate to APls & Services > Library.
-
In the search bar, enter: Identity and Access Management (IAM) API.
-
Click the result and then click Enable
Create a Service Account in Google Cloud Platform
Follow the steps below to create a service account in Google Cloud Platform:
-
In Google Cloud Platform, navigate to Menu > IAM & Admin > Service Accounts > Create service account.
-
In the Create service account page, enter a name and description for the service account. The description is optional.
-
Click Create and continue.
-
In the Permissions step, grant the following roles to the service account:
-
Cloud KMS Admin
-
Cloud KMS CryptoKey Encrypter/Decrypter
-
Cloud SQL Admin
-
Compute Admin
-
Kubernetes Engine Admin
-
Role Administrator
-
Service Account Admin
-
Service Account User
-
Storage Admin
-
Storage Transfer Admin
-
-
Click Done to finish creating the service account.
Obtain Credentials for Service Account
After creating a service account in GCP, follow the steps below to obtain credentials for your service account:
-
In Google Cloud Platform, navigate to Menu > IAM & Admin > Service Accounts.
-
Select your service account.
-
Click Keys > Add key > Create new key.
-
Select JSON, then click Create. Your new public/private key pair is generated and downloaded to your machine as a new file.
-
Save the downloaded JSON file as credentials.json.
-
Click Close.
-
Open the downloaded file and copy the Private key, and Client email. The copied information will be used to create a service account AvePoint Online Services.
Create a Service Account Profile in AvePoint Online Services
When service account with requirement permissions are created in Google Platform, with the credentials of the account, service account profile can be created in AvePoint Online Services to enable Replication in Cloud Backup for IaaS + PaaS to protect your Google Cloud resources with the service account.
To create the service account, refer to Create a Google Cloud Service Account Profile.