Skip to content

Connect a GCS archive bucket

This guide shows you how to configure a Google Cloud Storage (GCS) bucket to archive your Coralogix telemetry data in the US3 (us-central1) environment. For AWS environments, see Connect an S3 archive bucket.

Note

GCS archiving is currently available for the US3 environment only (us3.coralogix.com, region: us-central1). Contact your Coralogix representative for availability in other environments.

There are two configuration options:

What you need

  • A GCP project with the Cloud Storage API active.
  • Permission to create buckets and manage Identity and Access Management (IAM) policies in your GCP project.

Terraform

1.

Access the GCS archive module in the Coralogix Terraform Registry.

2.

Create the Terraform file with the following variables.
VariableDescription
gcp_regionThe GCP region for the archive buckets. Must match the region associated with your Coralogix account.
coralogix_service_accountThe Coralogix archive service account email. Contact your Coralogix representative to obtain this.
logs_bucket_nameName for the logs/traces archive bucket (leave empty if not needed).
metrics_bucket_nameName for the metrics archive bucket (leave empty if not needed).

Notes:

module "gcs-archive" {
  source = "coralogix/google/coralogix//modules/v2/gcs-archive"

  gcp_region                = "us-central1"
  coralogix_service_account = "coralogix-archive@your-cx-project.iam.gserviceaccount.com"
  logs_bucket_name          = "my-coralogix-logs-archive"
  metrics_bucket_name       = "my-coralogix-metrics-archive"
}
3.

[Optional] Add CMEK encryption to the buckets with logs_kms_key_name and metrics_kms_key_name variables. The module will automatically grant the GCS service agent the required roles/cloudkms.cryptoKeyEncrypterDecrypter role on the Cloud KMS key.

4.

Create the archive buckets by saving the file and running the following commands:

terraform init

terraform apply

Step 1. Create a bucket

In the Google Cloud Console, navigate to Cloud Storage, then Buckets, and create a bucket with the following settings:

1.

Enter a name for your bucket (for example, my-company-cx-logs). Bucket names must be globally unique.

2.

Under Location type, select Region.

Under Region, select us-central1 (Iowa). The bucket region must match your Coralogix domain.

3.

Under Default storage class, keep the default: Standard.

Warning

Do not use Nearline, Coldline, or Archive storage classes. These incur retrieval fees every time Coralogix queries your archive.

4.

Under Access control, leave Uniform selected and keep Enforce public access prevention enabled.

5.

Click Create.

Step 2. Grant bucket permissions to Coralogix

Coralogix needs Storage Object Admin access to write and read archive data. This is a cross-project IAM grant if Coralogix runs in a different GCP project than your bucket — GCP supports this natively.

1.

In the GCP Console, open your bucket and select the Permissions tab.

2.

Click Grant Access.

3.

In the New principals field, enter the Coralogix archive service account for the US3 environment: coralogix-archive-us3@coralogix-prod-saas-service.iam.gserviceaccount.com.

4.

Under Assign roles, select Storage Object Admin (roles/storage.objectAdmin).

5.

Click Save. The bucket is now ready to use.

Step 3. Connect the bucket in Coralogix

1.

In Coralogix, select Data Flow, then click Setup Archive.

2.

Choose from two bucket options: one for logs & traces (CX data) and one for metrics. You cannot use the same bucket for both.

Enter the name of your GCS bucket.

3.

Click Save. This activates your archive storage. Find out more here.

How authentication works

Coralogix authenticates with GCS using GKE Workload Identity through the GCS S3-compatible API. The service account coralogix-archive-us3@coralogix-prod-saas-service.iam.gserviceaccount.com - no keys or credentials are exchanged. Granting this service account access in Step 2 is everything you need to do.

Storage costs

Use Standard storage class to avoid retrieval fees. If you use a different storage class, GCS charges a retrieval fee each time Coralogix reads archive data.

GCS Class A and Class B API operations are also billed to your GCP project. See GCS pricing for details.

Need help? Contact Support.
What's new? Find out here.
LLM? Read llms.txt.
Previous Amazon S3
Next Archive Retention Policy