Google Cloud Storage

Google Cloud Storage provides unified object storage for accessing data over the internet. The data is stored inside a resource called a “bucket.” Each bucket can hold as many objects as you want. Administrators control access to their storage bucket and who can read, write, or delete data objects in that bucket. For more detailed information, visit the Google Cloud Storage website.

Creating a Console Service Account

This is the Google Cloud Storage account that the ProfileUnity Management Console will use.

  1. Log in to your Google Cloud Platform.
  2. Click the (Menu) button in the top-left corner of the screen and select the IAM & Admin menu option.
  3. Go to Service accounts and click the Create service account button.
  4. On the Create service account screen, enter a Service account name and then click Create. For example, profileunity-console.
  5. Select the Grant this service account access to project > Select Role: Storage > Storage Object Admin, click Continue, and then click Done.
  6. Next to the service account that was just created, click Manage keys, click Add Key, and then create new key.
  7. Select JSON for the Key type.
  8. Click Create when done. A JSON file will be downloaded. Keep this file safe; you cannot download this key again. This key file will be used in the ProfileUnity Management Console.

Creating a Client Service Account

This is the Google Cloud Storage account that the ProfileUnity Client will use.

  1. Log in to your Google Cloud Platform.
  2. Click the (Menu) button in the top-left corner of the screen and select the IAM & Admin menu option.
  3. Go to Service accounts and click the Create service account button.
  4. On the Create service account screen, enter a Service account name and then click Create. For example, profileunity-client.
  5. Select the Grant this service account access to project > Select Role: Storage > Storage Object Admin, click Continue, and then click Done.
  6. Next to the service account that was just created, click Manage keys, click Add Key, and then create new key.
  7. Select JSON for the Key type.
  8. Click Create when done. A JSON file will be downloaded.Keep this file safe; you cannot download this key again. This key file will be used in the ProfileUnity Management Console.

Creating a Configuration Bucket

  1. From the Google Cloud Platform, open the Cloud Storage.
  2. Click Create.
  3. On the Create a bucket screen, enter a bucket name. For example, lw-profileunity-configs. All bucket names must be unique. Therefore, the recommended name format is yourcompanyname-bucketuse-bucketfiles where bucketuse is what this particular bucket is being used for (in this case, ProfileUnity) and bucketfiles is the type of files that will be stored here, which in this case is your configuration files. Here are a few additional naming requirements:
    • Bucket names can contain lowercase letters, numbers, dashes, underscores, and dots.
    • Bucket names can only start and end with a number or letter.
    • Names must be between 3 and 63 characters long. Names containing dots can be up to 222 characters long with each dot-separated component being no longer than 63 characters.
    • Names cannot be represented as an IP address.
    • Names cannot begin with the “goog” prefix, contain “google” or contain close misspellings of “google”.
  4. Click Continue.

    Note: The Location Type will depend on your needs, but Multi-region is likely to be best.

  5. Click Continue.
  6. Set the Default storage class to Standard.
  7. Click Create.

Creating a Portability Bucket

  1. From the Google Cloud Platform, open the Cloud Storage Browser under Storage > Browser in the left column.
  2. Click Create bucket.
  3. On the Create a bucket screen, enter a bucket name. For example, lw-profileunity-portability. All bucket names must be unique. Therefore, the recommended name format is yourcompanyname-bucketuse-bucketfiles where bucketuse is what this particular bucket is being used for (in this case, ProfileUnity) and bucketfiles is the type of files that will be stored here, which in this case is your portability files. Here are a few additional naming requirements:
    • Bucket names can contain lowercase letters, numbers, dashes, underscores, and dots.
    • Bucket names can only start and end with a number or letter.
    • Names must be between 3 and 63 characters long. Names containing dots can be up to 222 characters long with each dot-separated component being no longer than 63 characters.
    • Names cannot be represented as an IP address.
    • Names cannot begin with the “goog” prefix, contain “google” or contain close misspellings of “google”.
  4. Set the Default storage class to Regional and select the same location where your desktops are hosted. For more information, refer to the Google article entitled "Storage Classes."
  5. Click Create when done.

Setting Permissions on the Portability Bucket

  1. From your list of buckets, find the ProfileUnity Configuration (“configs”) bucket. Click the (vertical ellipses) button to the right of the bucket name and select Edit access.
  2. Click Add Principal.
  3. Add the ProfileUnity Client account to new principals.
  4. Select role as a Storage Object Viewer.
  5. Click Save when done.

Putting This All Together

After completing all of these instructions to set up your Google Cloud Storage for ProfileUnity, you can install and configure ProfileUnity to make use of your new cloud storage accounts.

When using a cloud storage template, ProfileUnity’s Guided Configuration Wizard prompts you for your ProfileUnity Console service account key and your ProfileUnity Client service account key. Copy and paste the contents of the JSON files that were previously downloaded when you created Google Cloud Storage service accounts.

Note that when ProfileUnity refers to Google Cloud Storage paths, they begin with GS://. Here are some examples where what is in brackets is replaced with the specified storage bucket name:

  • Deployment/Console Path: GS://{config-bucket}/ini

  • Portability/Client Path: GS://{portability-bucket}/%username%

  • FlexApp Packages Path: GS://{config-bucket}/flexapp

  • GPO Settings for INI, ProfileUnity as a Service, Client Settings XML Path:
    GS://{config-bucket}/startup

You can change your ProfileUnity Console or Client credentials at any time by going to the Cloud Storage Settings section of the Administration screen within the ProfileUnity Management Console Administration screen.

For more instructions on how to adjust your Licensing and GPO configuration to utilize cloud storage, refer to the ProfileUnity Installation Guide.