As any other cloud service, Google Cloud Platform is easy to set up, make it up and running, and then upscale based on your needs, especially at first when your organization is not that big. Things get a little more complicated as your business grows and requires more and more services and resources. Inevitably, your staff grows as a result, which leads to a greater need to manage your cloud in the right way. In particular, this concerns the policy of rights management, financial cloud management and billing – aspects that are the most common reasons for wasted resources.
In this article, we will turn to the best practices of Google Cloud Resource Management and figure out how to optimize cloud costs.
Basics: how you can organize and adjust your Google Cloud environment
First and foremost, you should organize your Google Cloud hierarchy to make it reflect your organizational structure so that you can manage access and permissions with ease. Don’t treat your cloud structure as something set in stone – it’s completely normal for it to change as your organization changes and expands. On the contrary, you should be wary if your Google Cloud environment stays intact for too long.
Pay special attention to your billing account, which, although it is part of your cloud, has its own separate roles and permissions, and you should grant access to it only to key stakeholders and those who are responsible for FinOps. You might also want to consider providing some level of redundancy in order to ensure fail-safe access to your account.
Cloud billing account roles and access permissions
If we start from the very beginning, let us remind you that the billing account is an entity that helps you organize billing for all the Google services you use and, first and foremost, Google Cloud Platform.
The billing account has its own set of permissions, which allows you to have full control of who can view, or manage, this very account. It is strongly recommended by Google itself to set up more than one admin for it – this will help you avoid any possible account-related issues.
Pro tip: in case you have multiple projects connected to your billing account and want a user to only see the costs for a specific project – or several projects – rather than entire costs for all the projects attached to the billing account, you can give them the project viewer role on each desired project rather than a viewer role on the billing account. For every permission, you can even assign a group to the project viewer role and then add users to that group.
Remember that there are three roles for billing accounts: viewers, users, and admins.
A viewer is the most basic role that only has access to the cost associated with a proper billing account. Users, in turn, can view costs and add projects to the billing account. Finally, admins can do all of the above as well as manage the billing account in its entirety, including assigning permissions, managing export settings, or contacting billing support.
Pro tip: It’s always a good idea to have as few billing accounts (ideally, just one) as possible in a single payment profile – that will help make it way easier to manage them. Having in turn multiple billing accounts can make cost management too complicated.
Here goes the most important thing about permission management – it’s crucial not to overlook the users and permissions policy on your billing account(s) and review it regularly, making sure that your stakeholders and the tech team know who admins are – in case of problems they will need to be contacted for help.
How to manage Google Cloud resources – and why
An indispensable prerequisite to Google Cloud resource management is, once again, permission assignment. You need to assign such important roles as the Organization Administrator and Folder Creator to the right people only – this will ensure that you can configure and then reconfigure the resource hierarchy for your organization, and only engineers with those roles will be admitted to adjusting it. There are several best practices related to permissions, and the most notable are testing permission changes before rolling them out, and using permission groups.
Once you’re finished dealing with permissions, start labeling resources you’re using. In a nutshell, labels are metadata that can be assigned to every resource you’re using and will help you track your cloud costs in detail, breaking them down by source type, application, owner, or any other parameter you’ve set.
If you’ve heard anything about AWS resource tagging policies, then you may assume that you are familiar with the labeling principle too.
Google Cloud cost breakdown: how to “decipher” your Google Cloud invoice and billing reports
First, let’s define the concepts. An invoice is a PDF file that provides some basic information, including the sum you owe, payment terms, payment method, your account ID, etc. Additionally, it contains applied discounts (if any) and payment instructions (usually, it’s either wire transfer or cheque). On the latter pages, you’ll see some high-level cost breakdown by resource or service you’ve utilized.
If you want, however, to dive deep into the details and be able to crunch the numbers, you’ll need to go to the Billing Reports section in your GCP console. The report offers you tons of data, including, for instance, your current monthly costs, how they stack against the previous month, and the forecasted costs. If you have multiple projects associated with this particular billing account, you’ll find cost breakdown by project – you can even fall through each project to see their detailed data. Alternatively, you can see a list of projects in the table located at the bottom of the screen. This table is easily customizable as you can apply multiple filters to it to analyze desired fractions of data. It goes without saying, but still, you can also modify the time range as you like: it can be a week, a month, a quarter, or any other custom period. Another filter, location, comes in handy if you use GCP services across multiple regions and want to get to know how your costs are distributed by geo.
The cost chart itself is full of insights. If you see, for instance, any usual spikes, you can hover over it and see the corresponding project and service right away. Further on, you can investigate it and figure out what was the root cause of it and decide what you can do to avoid this in the future.
How to process and visualize billing data with the help of Google tools
Since in this article we are talking about GCP, a cloud solution from Google, it would be logical to consider using their other tools for working with billing data, especially if it requires an in-depth analysis, and the billing report, despite its flexibility, is not enough.
So, to export data and process it whatsoever, you can use Google BigQuery, and visualize it and create custom dashboards – Google Data Studio.
You might have heard of these tools as they’re widely used by millions of people worldwide. However, if you’re not using them, you’ll have to set them up properly and connect with the GCP console – there are numerous manuals and videos that will help you do that.
Alternative: Hystax OptScale
Google offers a robust tool set to analyze and optimize your GCP cloud bill, which, being paired with BigQuery and Data Studio, ensures convenient cloud cost management.
However, if you want to get complete transparency and full control of cloud costs together with optimization and management capabilities, you might want to opt for a third-party solution, such as Hystax OptScale. It will enable your IT team to keep cloud costs under control, ensure 100% predictability, reduce GCP cloud costs, and ensure proper cloud cost management.
To find out more about its set of features, refer to this page.
💡 Learn how to get GCP costs rightsizing recommendations from Google Cloud’s optimization service tools → https://hystax.com/rightsizing-recommendations-get-gcp-costs-down-with-google-cloud-optimization-services
