This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Agentspace deployment to a new GCP project from scratch - Best practices

Posted Tuesday
dheerajpanyam
Silver 4
Silver 4
Reply posted on --/--/---- --:-- AM

Hello,

  We got onboarded to Agentspace and I am looking to setup licenses , users, cloud foundations setup to be precise.  I remember reading one of the Agent guides that mentions setting up separate IAM groups for connector admins and a separate group for users. I cannot find the guide now. Can someone refer me to the best practices in enabling a GCP project for agentspace deployment starting with setting up IAM roles, security etc?

0 1 87
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
diannemcm
Staff
Reply posted on --/--/---- --:-- AM

Hi @dheerajpanyam.,

Welcome to Google Cloud Community!

Setting up IAM roles and security on Deploying Agentspace:

  • For Project Creation - See Get started with Agentspace Enterprise
  • Enable required Google APIs - To begin using Agentspace Enterprise, the following APIs must be enabled:
    • Vertex AI API
    • Agentspace Enterprise (Discovery Engine) API
    • Cloud Storage API
    • Identity and Access Management API
  • For your guide request on creating and managing Google groups. Set who can view, post, & moderate
  • Access control with IAM - Assign IAM roles to the Google Groups:     
    • Discovery Engine User (roles/discoveryengine.user) - Grants user-level access to Discovery Engine resources
    • Discovery Engine Viewer (roles/discoveryengine.viewer) - Grants read access to all discovery engine resources.
    • Discovery Engine Editor (roles/discoveryengine.editor) - Grants read and write access to all discovery engine resources.
    • Discovery Engine Admin (roles/discoveryengine.admin) - Grants full access to all discoveryengine resources.
  • For Agentspace Enterprise security and compliance - refer to the Agentspace Enterprise security Overview

Agentspace is available on a subscription-license based model: Get licenses for Agentspace Enterprise. Once you purchase the subscription, you/admin can configure users in there and assign them with the licenses to carry out the operations.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.

0 Likes
Top Labels in this Space
Top Solution Authors
View all