Google Cloud Platform (GCP)
GOV.UK uses Google Cloud Platform (GCP) for three main things:
- Static mirrors of GOV.UK (these are hosted in AWS and GCP).
- DNS (DNS for www.gov.uk, service.gov.uk and other domains we manage is mirrored to name servers in AWS Route53 and Google CloudDNS)
- Various data science tasks such as BigQuery
Access to GCP is managed through the GOV.UK GCP access Google Group.
Access to this group is granted manually once permanent Production access is approved and merged to GOV.UK user reviewer repository.
If you should have access but don’t, the Technical 2nd Line team should be able to add you to the Google Group.
Accessing the console
You can login to the GCP console at https://console.cloud.google.com/ using
@digital.cabinet-office.gov.uk email address.
There are four main GCP projects in GOV.UK:
The interesting services are:
- Google Cloud Storage - where the static mirrors are stored
- Google Cloud DNS - where the DNS is configured
Using the CLI
As with AWS, you can access GCP using the command line. The standard GCP command line interface is
You can install
brew install --cask google-cloud-sdk or by following the instructions at google’s installation instructions.
NOTE: By default
gcloud doesn’t put itself on your PATH, so there’s an extra manual step to add it.
Make sure you follow all of the instructions from homebrew’s google-cloud-sdk cask
or google’s installation instructions.
Once you’ve installed
gcloud you can check it’s working using some of these commands:
gcloud help- get help
gcloud auth login- sign in
gcloud config set project govuk-production- select the GOVUK Production project
gcloud dns managed-zones list- list the managed DNS zones
gcloud dns record-sets list --zone alpha-gov-uk- list the DNS record sets for the alpha.gov.uk. zone
If you need to interact with the Cloud Storage (e.g. for the mirrors) from the CLI, you need to install the separate
Support tasks which involve GCP
You may need login to GCP to remove an asset or to emergency publish content using the static mirrors.
You will also need GCP access to update DNS if you need to Fall back to the secondary CDN (AWS CloudFront).