Connect with Google Cloud Storage

Indent uses webhooks to notify your application when an event happens. Webhooks are particularly useful for asynchronous events like when a someone approves an access request, someone's time-based access grant expires, or a suspicious access pattern is identified.

First, you’ll need to create your space:

Then connect to Slack to handle the access requests.

To deploy the Google Cloud Storage connector in your cloud:

curl | \
  tar -xz --strip=2 indent-js-master/examples/gcloud-storage-webhook
cd gcloud-storage-webhook

# Create `.env.yaml` file to have your INDENT_WEBHOOK_SECRET

npm install
GCP_PROJECT=my-project-123 npm run deploy

This will take a minute to run the first time as Google Cloud Functions sets up the resources in the GCP project. You should see an output similar to below:

> @indent/[email protected] deploy /Users/docs/dl/gcloud-storage-webhook
> gcloud functions deploy indent-storage-webhook --env-vars-file .env.yaml --region us-central1 --project=$GCP_PROJECT --runtime=nodejs10 --trigger-http --allow-unauthenticated

Deploying function (may take a while - up to 2 minutes)...done.
availableMemoryMb: 256
entryPoint: indent-storage-webhook
ingressSettings: ALLOW_ALL
  deployment-tool: cli-gcloud
name: projects/my-project-123/locations/us-central1/functions/indent-storage-webhook
runtime: nodejs10
serviceAccountEmail: [email protected]
sourceUploadUrl: <REDACTED>
status: ACTIVE
timeout: 60s
updateTime: '2020-06-06T19:51:43.924Z'
versionId: '13'

You can use an existing bucket, or create a new one, to grant admin acess to the Cloud Funtion you just created for requesting access:

$ gsutil iam ch serviceAccount:<serviceAccountEmail>:objectAdmin gs://your-bucket-example

Once you’ve deployed this webhook, update the URL in your App and you should start to see events flow into your webhook!