# Installing FileMage Gateway on the Google Cloud Platform
FileMage Gateway is available on the Google Cloud Platform as a virtual machine (VM) image. The VM image contains a fully configured installation of FileMage Gateway ready to be used on the Google Cloud Platform.
When deploying a Linux image, SFTP is running on port 2222.
# Deploying the VM from the marketplace
To quickly set up FileMage Gateway on the Google Cloud Platform, perform the following steps.
- Access the FileMage Gateway page in Google Marketplace and click the Launch button.
- Enter or select appropriate values for Deployment Name, Zone and Machine Type.
- Enter a Administrator email address to be used for the initial administrator account.
After the deployment is complete you will be given a randomly generated one-time use password to complete your initial login.
- Select a Boot disk type and Boot disk size in GB. For most scenarios, you may leave the default minimum. File data is never written to disk. Significant disk space usage comes only from the audit log. On average, each 1 million audit events stored will consume 1gb of disk space.
- Add CIDR restrictions on relevant ports based on your use-case.
|Web Portal||80, 443|
To use SFTP in Linux on port 22
sshd must be reconfigured to use a different port.
Restrict Administrative Ports
It is strongly recommended that you restrict access to the web portal (80, 443) and SSH (22) to trusted IP ranges.
- Click Deploy. Wait a few minutes for the deployment to complete, then copy the auto-generated Administrator password and click on Visit the site. If the site cannot be reached the application may still be starting up.
- Accept the self-signed certificate to proceed, or see Encryption and Certificates for instructions on how to install a signed certificate.
- Enter your Administrator email and Administrator password and click Login.
- You must change the auto-generated password. Enter the Administrator password again and provide a new password, then click Confirm.
# Configuring Permissions
The deployed VM must be associated with a service account which has the following assigned permissions:
storage.objects.create storage.objects.delete storage.objects.get storage.objects.list storage.objects.update storage.objects.create storage.multipartUploads.abort storage.multipartUploads.create storage.multipartUploads.listParts
These permissions can be assigned using the roles
Storage Object Viewer and Storage Object Creator or the role
By default, the VM will be associated with the
Compute Engine default service account.
To grant the instance write access to the Google Cloud Storage API the Storage Cloud API access scope must be set to Read Write.
# Add a Google Cloud Storage Bucket
Congratulations, you are now ready to add buckets and users. Head over to the Endpoints documentation for more information.