Initial setup

Before installing and configuring the connector, you need to provision API hub and create necessary resources within the Google Cloud project:

API Hub provisioning

  1. Create a Google Cloud project: If you don't have one, create a new Google Cloud project using the console or gCloud CLI. Ensure all billing-related setups are configured. For more information, see Create a Google Cloud project.
  2. Provision API Hub: Enable the API hub APIs and follow the provisioning flow using the Google Cloud UI. Enable entitlement and add-ons required for processing metadata/runtime events.

Plugin creation

This step involves setting up a service account and registering your Apigee Edge for Private Cloud organizations with API hub.

  1. Create a service account: Create a new Google Cloud service account within your customer project. This service account will be used by the Apigee API Hub for Private Cloud connector to write API metadata and runtime data to API hub. For more information, see Create service accounts.

Create a plugin instance on API hub

  1. Register Apigee Edge for Private Cloud organizations:

    Register one or more Apigee Edge for Private Cloud organizations on API Hub. Each plugin instance can only support one organization. Therefore, if you need to onboard multiple organizations, you will need to create separate plugin instances for each organization. This can be done via the API Hub UI or by using an API request.

  2. Service account setup:

    During the plugin instance creation, you must provide the service account created in the previous step. The service account will be used by the Apigee API Hub for Private Cloud connector to write API metadata and runtime data to API Hub.

  3. Possible topologies for multiple organizations::
    • Option 1: Separate service accounts per organization: For each organization, create a dedicated service account. Each plugin instance will be linked to its respective service account. In this case, the key impersonation service account will need permissions to generate keys on behalf of each individual service account.
    • Option 2: Single service account for multiple organizations: If you prefer a simpler setup, you can use one service account for all organizations. This method simplifies the configuration, as all organizations will share the same service account. However, this approach means that changes to the service account (such as key rotation) will impact all organizations connected to it.
    • Handling multiple Apigee Edge for Private Cloud instances: If your setup includes multiple Apigee Edge for Private Cloud instances, the same principles apply. For each Apigee Edge for Private Cloud instance, you will need a separate plugin instance for each organization. You can either:
      • Use separate service accounts for each Apigee Edge for Private Cloud instance, or
      • Use a single service account for multiple Apigee Edge for Private Cloud instances, depending on the topology chosen.

Upon successful plugin instance creation:

After creating the plugin instance, you will receive the following key information required to configure the Apigee API Hub for Private Cloud connector:

  • Runtime data pub/sub topic: A pub/sub topic for uploading API runtime (analytics) data.
  • Metadata pub/sub topic: A pub/sub topic for uploading API metadata.
  • Plugin instance ID: A unique identifier for your Apigee Edge for Private Cloud gateway, in the format: projects/PROJECT_ID/locations/LOCATION/plugins/PLUGIN_ID/instances/INSTANCE_ID.